Monday, August 4, 2008

Big security week

This week is the Black Hat Briefings, one of the biggest Internet Security conferences. Usually the good exploits come out late in the week, so stay tuned.

There's already Big News on the impending implosion of Al Gore's Intarwebz thingie:
The software industry already has a poor reputation for delivering software that doesn't work or contains security holes. Imagine how bad things will get in a world where people pick up vulnerabilities and hacks by connecting to dynamic web sites and "mashing up" applications.
Software full of bugs? Lousy security? Say it ain't so!

And we already have our first security controversy! Well done, all!
Apple Inc. has pulled its security engineering team out of a planned public discussion on the company's security practices, which had been set for next week's Black Hat security conference in Las Vegas. The panel would have been a first for Apple, but the company pulled out of the discussion at the last minute. ....
.... Almost every year, much of the drama leading up to and during Black Hat seems to revolve around talks that are canceled or censored at the last minute for various legal reasons ... these kinds of reversals have a funny way of stoking the curiosity of the hacker community, already an inquisitive bunch by nature.
Inquisitive by nature? Boy, Howdy - I'd say so:
Using hardware capable of reading data from the radio frequency identification (RFID) chip embedded in the cover of an e-passport, Lukas Grunwald, a security researcher with DN-Systems in Germany, showed that he could copy the data from a European passport and write the data back to a smart card. The threat: A forged passport could embedded a smart chip that mimicked the RFID chip in the latest e-passports.
This was from Black Hat a couple years ago, when I took #1 son. The deal was that he had to read The Cuckoo's Egg - best book on Internet Security for the non-security geek.

In the meantime, it's security-geek party time in Vegas. Sexy Hacking said they might put in an appearance. Good thing they weren't there when I took #1 son ...

No comments: