Forgot your password?
typodupeerror
Image

Ask Slashdot: Favorite Thing Out of This Year's Black Hat? 41

Posted by samzenpus
from the best-of-the-best dept.
Nerval's Lobster writes "This year's Black Hat conference wasn't just about the NSA director defending his agency's surveillance practices (and getting a bit heckled in the process). Other topics included hacking iOS devices via a modified charging station, eavesdropping on smartphones via compromised femtocells, demonstrating a password-security testing tools that leverage AWS (and 9TB of rainbow tables) to crush weak passwords, and compromising RFID tags with impunity. What was your favorite news out of Black Hat?"
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Favorite Thing Out of This Year's Black Hat?

Comments Filter:
  • by Sean (422) on Thursday August 01, 2013 @08:18PM (#44452665)

    http://blockwatch.ioactive.com:8888/ [ioactive.com]

    It's pretty alpha, and you will need to use IE to install it. This tool compares software in memory against known signatures, allowing you to confirm what's running on the system is really what you think it is. It works with HyperV and VMWare.

    It's free. Thanks IO Active!

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      HTTP server on non-standard port with (probably) proprietary freeware that requires IE to work. Sounds genuine to me!

      • by Sean (422)

        Fair point, but it's not like getting something from port 80 or 443 really assures safety.

        Like I said it's really alpha. I would not run it on any important VMs anyway.

    • by Sean (422)

      Oh, and make sure you have .NET 4.5 installed. The installer choked on me the first time because I didn't have it. You install it on your host system, and it connects to VMs of your choosing to analyze them.

    • That sounds like tripwire [tripwire.org] to me.

      Plus, that link doesn't lead to information about blockwatch, but instead immediately tries to download a file. Not very friendly.

      • by Sean (422)

        It's like tripwire, except it works on code in memory. It has an online database where hashes of known code are stored in various sizes... so the client will hash 4k and ask the server if this is known. If so, move on we know what it is. If not, split it into 2 blocks of 2k. Can we positively identify that? Anything not identified continues to be split into smaller and smaller pieces.

        The software understands how processes are laid out so it's not going to hash your user data as that can't possibly provide a

  • Just curious, why is the conference even called "Blackhat"?

    According to Wiki (a very reasonable defintion): "A "black hat" hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain" (Moore, 2005). Black hat hackers form the stereotypical, illegal hacking groups often portrayed in popular culture, and are "the epitome of all that the public fears in a computer criminal". Black hat hackers break into secure networks to destroy data or make the network unusa

    • by Antique Geekmeister (740220) on Thursday August 01, 2013 @08:34PM (#44452759)

      The NSA is not a law enforcement agency. They're an intelligence agency: they have little jurisdiction to charge US citizens for domestic crimes, or authority to arrest foreign nationsals for crimes overseas. That would be the task of the FBI for various federal crimes, the Secret Service for certain types of fiscal crimes including wire fraud, or local police for state or local crimes. And I'm afraid the NSA doesn't like to share responsibility for such arrests, because monitoring US communications is actually against their charter. They do it anyway with various very poor excuses, but they'd hardly pursue arrests on that basis.

      Also, a lot of the activity is below any reasonable threshold of when a prosecutor would be bothered to file charges.

      • by icebike (68054)

        You go out of your way to make a Distinction without a Difference.
        Who puts the cuffs on you hardly matters.

        If you believe the nonsense about their charter you deserve the delusions under which you so evidently labor.

        • Then understand that that they do not arrest people for the same rason they do not sign US treaties or sign bills into law. It's not their job to arrest people, even if they cooperate with and provide intelligence for the people who do and are in some ways responsible for such arrests or for what treaties get signed or what laws get passed informing the people who'd do such tasks.

          I was careful to answer the question from aNonnyMouseCowered, not to say the NSA is innocent of wrongdoing or of providing leads

        • It matters because it's important to have a basic understanding of our government and how it works. The average person's knowledge about law enforcement and intelligence comes from Hollywood movies and television. Hence, most news and dialogue around topics like NSA surveillance read like tabloid news and prevents having an accurate, rational discussion about what's going on.
    • by blahblahwoofwoof (2287010) on Thursday August 01, 2013 @09:28PM (#44453049)

      At this point, it's just branding. There was a time when Black Hat was correctly titled, but that train has long since left the station.

      • by TWiTfan (2887093) on Friday August 02, 2013 @08:40AM (#44455229)

        When the head of the NSA--an agency absolutely notorious for lying to the American people, subverting the U.S. Constitution, and generally screwing over every freedom we the people have--can address the conference and not be immediately and universally booed the fuck offstage, you know you're not dealing with the same crowd that used to be there.

    • by blueg3 (192743)

      The NSA doesn't (can't) arrest people.

      Now as to why the FBI doesn't arrest the attendees, it's because none of them have outstanding arrest warrants. (Well, presumably not. At DEFCON, you don't give them your name or your credit card and it's so crowded, you couldn't find anyone anyway.) Turns out calling yourself a hacker isn't grounds for arrest.

    • Just curious, why is the conference even called "Blackhat"?

      Because they want to sound edgy, and the name DEFCON was already taken.

      So instead of attending shouldn't the NSA be arresting the participants? Not that I actually favor such an act, but that appears to be the "legal" thing to do.

      No, you can't arrest someone without evidence. Going to a conference, even one designed for criminals, is not a "legal" thing to do. That's why you can't arrest someone for being in a gang. Freedom of assembly is protected by the constitution.

    • by Anonymous Coward

      The deeper problem is that very few of anyone in the security industry is actually a "hacker" in the (not quite, the one right after "maker of furniture with an axe") original sense of "being creative with technology", specifically to the point that people will go "I didn't know it could do that!?!".

      People needing epithets like "ethical", "black hat", "white hat", "green hat" to their "hacker" are not hackers. The first buffer overflow or SQL injection probably was a hack, but the 9000th, not so much. And t

    • by Suferick (2438038)

      I think you will find there is a certain amount of irony in the name.

      You know irony - like goldy and bronzy, but made of iron.

  • by Anonymous Coward

    Hearing about the Snowden "hero or villain" vote, and that it was nearly 50/50. That tells you all you need to know about "Black Hat".

  • by Anonymous Coward
    A healthy 35 year old inexplicably dies when he's about to reveal a deadly vulnerability in pacemakers. In his words, the vulnerability allowed the knowledgeable to be able to kill anyone having a pacemaker within 20 feet of the attacker. Was it a horrible coincidence? Hopefully it wasn't pure evil, plain and simple; someone finding the solution too expensive to implement or a sinister organisation wanting to retain their secret weapon.
  • I'll take that with a grain of salt. Thank you.
    • by MrMickS (568778)

      Its it just me or does the idea of using an online cloud based service provided by a third party to test the strength of your password database sound like a bad idea?

  • Yet another editor that doesn't know how to post "Ask Slashdot" questions in the "Ask Slashdot" topic. For $deity's sake, is it really that hard to do? This topic exists for a reason. Use it.
  • I love to play Blackhat Bingo.

    Will the presenter die, commit suicide, leave the country, or just appear on a no-fly-list?

    Ahh, hacking was so much more fun before they were all terrorists..

    </sarcasm>

  • by MadCow-ard (330423) on Friday August 02, 2013 @04:08AM (#44454447)
    There are hundreds of free-for-download Access Control software packages which will read the serial number from a RFID card. You don't need to go through the trouble of building a new package. The hard part is that most good AC systems don't use the serial from a smart card, they use one of the sectors on the chip. This is usually locked with a PKI method of encryption and thus much harder to break. He mentioned HID, which uses their own proprietary PKI (such as Legic does), but there are many standards such as DESFire which are open and manage access to the chip sectors. What the article is really talking about is normal 125MHz prox cards which are not secure and yes, widely used in the USA but not in Europe. The real way to crack even the HID encryption is to get behind the reader and capture the Wigand (text) output from the reader which does the encryption handshake for you. Watch out for tampers, but its not hard in any interior space, just look in the false ceiling for the controller and tap in where the cables enter it. Much easier then all this non-sense.
  • I liked the pigeons best and the rabbit is still pretty cool.

  • by dsinc (319470) on Friday August 02, 2013 @07:50AM (#44455047) Journal
    http://breachattack.com/ [breachattack.com]
  • Easily one of the best technical talks I have ever seen; how timing attacks can be used to break the same origin policy and read the contents of a frame. This talk included demo's of an attacker site loading up a target site in a frame and reading the contents to grab the CSRF token. It was awesome. http://contextis.co.uk/files/Browser_Timing_Attacks.pdf [contextis.co.uk]

Optimism is the content of small men in high places. -- F. Scott Fitzgerald, "The Crack Up"

Working...