The 2012 Black Hat conference is kicking off in Las Vegas, and this year's session will see Apple presenting for the first time, as well as a reunion of some of the team behind the first briefings 15 years ago. Black Hat, and the associated DefCon sessions which follows it, is probably the largest collection of hardcore computer …
do not use : Wi-Fi or other radio connections, ATM machines.
shield : RFID-equipped cards and passports
When the world's "largest collection of hardcore security experts" is given warnings like that, what chance have the great unwashed got? The proverbial man on the street can't function without these things any more, but as the Black Hat organisers say, even if you're an expert at defending yourself, these technolgies we all depend on are flaky in the extreme.
Consumers, be they organisations or individuals, pay for convenient, expedient and fashionable solutions. They do not pay for security. It has no value for them until after they've paid, by which time the vendor is no longer bothered.
There's also an element of risk-to-reward tradeoffs here.
You might consider wearing body armour if you were working in some of the more... exciting areas of iraq or afghanistan, but it isn't really worth the weight, discomfort or expense to do the same if you were in, say, Knightsbridge.
Most of us do not spend much time in close proximity to a large concentration of capable hackers, so we need not tinfoil ourselves up to the nines.
Got to be a cover name
"...the delightfully named Dallas De Atley, manager of the platform security team at Apple, will deliver a talk on iOS security."
That has to be a cover name, can't be real.
>"Redmond's problems with security make Apple's [...] look like a mere flea bite"
No, they don't, not to anyone with a memory of history. What all of Apple's recent security failings should make clear to anyone who understands computer security is that Apple are now repeating all the mistakes Microsoft made years ago, having failed to learn anything from them but having inherited their position as a corrupt monopoly. How could anyone make a mistake as stupid as Microsoft did in the original LanMan protocol where they hashed each 7-byte part of the password separately, thereby reducing the difficulty from 2^(14*8) to 2^(7*8)*2 == 2^(7*8+1)? Oh wait, Apple just did that too! Only fifteen years later!
>"Already someone has sent out a bogus password reset email to some attendees"
Any chance you can get your colleague to fix that broken story you linked to there?