Three rogue journalists were ejected from the Black Hat security conference after being accused of connecting monitoring tools to the press room computer network and sniffing reporters' passwords. The reporters worked for French-based Global Security Magazine, a Black Hat media sponsor. According to screenshots posted here, the …
And there's the rub ...
I always enjoy Dan Goodin's articles, and now that Black Hat's on, it's like Christmas at El Reg ...
Back on topic:
Three days to set up a VPN (or indeed any encrypted secure communication or storage) is a problem! If it's going to achieve significant use, it needs to be a five minute operation - about where the frustration limit is for most users these days.
Of course, compatibility is also vital, both for end points to connect to and paths to transmit through.
"educate the public"
Ye. My arse. They wanted to show off about how l33t they were. How much public notice dose Blackhat get? Outside the tec/security comunity, who know these dangers all to well, Im guessing non.
Do on to you as you do on to others, nothing wrong with what the Journalists did it's all in line with the event, so what are they whining about? The Journalists shouldn't be tried under the laws, hope they slate the Black Hat events.
3 days to configure OpenVPN
How did you manage that?
I like the idea of OpenVPN, especially as a possible replacement for the proprietary Cisco VPN Client especially on Linux....
... But three days to configure? I hope it took so long because some tecchie at the Reg was being a buffoon....
Paris would get the VPN config done in less than three days, surely?
Why the need to kick them out ?
I mean, they could have just been warned, publicly - guys, no funny business on the press room network - and that's it...
Why kick them out of an event for doing something in the spirit of the event, just not on the right network ?
re: "educate the public"
Well I would agree this wouldn't educate the public except how incompetent even Black Hat conference organisers are and journalists of *tech publications* are about security.
If the conference can't stop someone just surfing details off their network that should be unavailable to the snooper, then the **** Black Hat **** conference is not about security. Probably just a way to get an international jollie.
And knowing that is damn useful to the public.
No, they absolutely should have been kicked out. If there is to be consensual network penetration, it is essential that the boundaries for that consensual activity are respected. Taking the activity outside the agreed zone fundamentally undermines the safeguards, and changes the activity from valuable "lab work" to something illegal.
Re: Bad Form
You in health and safety by any chance, Dunstan? Your phraseology would indicate it...
3 days to set up a VPN...
I'm just guessing, but could it be that most of the time was spend setting up the server side of things? You know, the thingi-mah-jig (technical term) on the receiving end back at Vulture Central?
Science bloke, because so few people know how to properly configure a thingi-mah-jig these days.
Pot, Kettle, Blackhat... and @Mark Re: Bad Form
@Mark: Actually, I think he works in S-M, from his phraseology.... shame the journos didn't have a "safe word".
And yeh, you know? I don't think they should have thrown 'em out, I think they should have made 'em give an impropmptu talk on their findings.
RE: Bad Form
I figure that the conference is called "Black Hat", so stuff like this should be expected. I don't think the organisers should have kicked the guys out since what they did was presumably in the spirit of the event.
Whether they get charged or not depends on the police, I guess, and if they do - tough.
Re: Pot, Kettle, Blackhat... and @Mark Re: Bad Form
Isn't that tautology?
H&S == S&M
DHCP server ? Meh!
Why go to all that trouble when as any fule kno, by far the easiest way to sniff traffic on a wired ethernet switch is to have at it with a shed load of wonky arp packets ? *
Hell, if you can spoof the gateway's MAC to FF:FF:FF:FF:FF:FF (or often times, just set the I/G bit high) you don't even have to forward the packets. You can only see the outbound traffic, but that's enough for capturing passwords in the clear)
Bit noisy mind.
Shit, maybe they just couldn't figure out the massively outdated dependencies to get dsniff to compile, journos eh ?
What a terrible shock it must have been to the BlackHat attendees and organisers to discover that not everyone plays by the rules or accepts the boundaries laid down for them by others.
OTOH bouncing them was the right thing to do, the last thing the BH organisers need is people committing actual crimes. It's the perfect excuse for the event to be shut down by the numerous law enforcement personnel lurking around the place.
* Yes yes, there's ways to spot and mitigate this, but you have to reckon that any network configures thusly would also have noticed a fraudulent DHCP server.
Why all the Fuss?
This is Black Hat, after all.... But I suppose it should be possible to set
up the "off limits" parts of the network to deal with unauthorized devices
connecting. Go ahead.. Use that username and password on that
postit note on the monitor and see what happens.
Security by booby trap works better than security by obscurity.
Dont stick the postit note on the monitor
All my important ones are in an old issue of Private Eye, underneath some old print-outs in the bottom draw of my desk. Page 72, "Eye Say" section.
blackhat infered the wired network was safe. They were wrong, hence they are but hurt and kicked out the reporters. They should have secured their physical network. Why would you allow DHCP... from a client port? Hell they should have the reporters use an internal (to black hat) VPN with assigned usernames/passwords, MAC address filtering, port assignment etc. If you're going to break all the security(black hatters), you should be held to work within the crap-pile you've created.
Don't think for a minute that the presenters at BH don't sniff, test and send non-standard packets to public computers! Dear god, even BH has an EULA now....
Sounds more like a scam similar to that DGS use routinely in their home country !
Hackers Hacked..Who would have guessed?
Hackers that expect others to play by (the) rules.
Does'nt sound like that was in the spirit of the event!
Perhaps they should have served worms at break!
- Apple winks at parents: C'mon, get your kid a tweaked Macbook Pro
- SOULLESS machine-intelligence ROBOT cars to hit Blighty in 2015
- NASA boffin: RIDDLE of huge BULGE FOUND ON MOON is SOLVED
- BuzzGasm! Thirteen Astonishing True Facts You Never Knew About SCREWS
- China in MONOPOLY PROBE into Microsoft: Do not pass GO, do not collect 200 yuan