Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security

Wired Reports On Korea's First Hacker Con 40

evanwired writes "Quinn Norton offers a great first-hand account of the first South Korean Hacker con. Marked by conservative dress and polite conversation, the group was nevertheless still very much concerned with the shortcomings of computer security." From the article: "A police crackdown three years ago left South Korea's hacking community broken and fragmented. One of the conference's more animated speakers, 'Xpl017Elz,' complained that many of Korea's best and brightest hackers wound up emigrating to more receptive environments with better pay for security researchers. But he also demonstrated a large and difficult divide between how the hacker communities behave in Korea and the United States. Xpl017Elz's presentation focused on four (of a reported seven) attacks he developed against Red Hat's Fedora Core using ExecShield. He demonstrated privilege escalation, where a logged-in user can become root and take over the machine, and remote code execution, wherein an external attacker can gain root without a login."
This discussion has been archived. No new comments can be posted.

Wired Reports On Korea's First Hacker Con

Comments Filter:
  • The police are going after all those Starcraft/WoW hackers. They need do something more productive with their lives. Maybe hacking Minesweeper on Windows Vista?
  • Anyone else notice the only picture thumbnail that worked in the article was the one with RMS?
    • Re: (Score:3, Funny)

      by winkydink ( 650484 ) *
      Um, perhaps you have your "all Stallman, all the time" filter on? All the thumbs work for me.
      • ok, now the first 2 work but the third one and on don't work ... they must be having intermittent problems or something
  • by glen ( 19095 ) on Friday November 17, 2006 @03:24PM (#16889536)
    Did he get confused when someone explained to him what a secure password is and you shouldn't use your name?
    • Re: (Score:2, Insightful)

      by jovius ( 974690 )
      What's the problem with having a secure name then ?
    • Re: (Score:2, Funny)

      by hclyff ( 925743 )
      Yeah, I wonder what were his parents smoking, giving him a name like this...
  • "It's not democracy." I'm from the US, what is this 'democracy' you speak of?
  • "Hi, we're going to just cut-paste from the article like we always do except we have the reading comprehension of an american highschool football player and can't even pick paragraphs that make sense."

    Every day I'm reminded why I adblock and don't subscribe here. I can get URL Cut & Paste on IRC. And it's realtime.

  • That insecure? What the hell?
  • Not the first... Not even the first publicized one.

    Not really a dupe article, hrm... maybe Wired writers can't read Korean ;)
  • "In Korea, only old people go to Cons."
  • by gessel ( 310103 ) * on Friday November 17, 2006 @04:45PM (#16890612) Homepage
    Trust Wired to get it wrong. The magic of subjective journalism. It is ironic that another /. article describes how the blogosphere is becoming recognized as unreliable.

    I was a speaker there in August 2000 at the First WorldWide Top Hackers Conference 'IS2K' [blackrosetech.com] in Seoul Korea at the Millennium Hotel [hilton.com]. We spoke for several days and even got to meet Kim Hyong-O [blackrosetech.com], the Member of the National Assembly.
  • Ragnarok Online-Con, where execs talk about how they got their user/ Credit card database hacked.
  • Xpl017Elz's presentation focused on four (of a reported seven) attacks he developed against Red Hat's Fedora Core using ExecShield.

    So, does this attack actually use ExecShield to gain elevated privileges, or do the attacks succeed despite ExecShield ?

    According to Redhat:

    It is important to note that ExecShield can only reduce the risk and impact of buffer overflow type security issues. The presence of these technologies should never be seen as a substitute for applying security updates provided by the oper

<< WAIT >>

Working...