Slashdot Mirror

← Back to Stories (view on slashdot.org)

Reporters At Black Hat Get Bounced For Hacking

Posted by Soulskill on from the no-brownie-points-for-you dept.

rickb928 and several others have written to inform us that three reporters for the French publication "Global Security Magazine" were booted out of the Black Hat convention for uncovering the login information of other reporters. Quoting the AP: "The separate, wired Internet connections set up for reporters are supposed to be off-limits to hacking and the Wall of Sheep. Even so reporters who didn't take the extra step and log onto the Internet through an additional secure connection like a virtual private network, risked having their data exposed to colleagues sitting just feet away. It didn't appear to be a complicated hack. The network was working properly, but it wasn't set up to shield each journalist's computer from one another."

5 of 128 comments (clear)

  1. I guess by Korbeau · · Score: 5, Interesting

    nobody plays Uplink enough these days.

  2. It's happened at Usenix by argent · · Score: 3, Interesting

    One Usenix there was an announcement that everyone who had used Kerberos to log in from the terminal room needed to set up new keys. Another finished with a paper on what someone had sniffed on the Wifi LAN.

    So it's no bloody surprise it's happened at Black Hat. Not that the guys who did it were justified, and they're lucky they were just booted out, but anyone who doesn't use encrypted VPNs or encrypted tunnels at ANY technical conference is asking for trouble.

  3. Re:Many low cost switches... by LostCluster · · Score: 4, Interesting

    We're all taught in network design class that a switch unlike a hub doesn't send traffic that's not yours to you, then learn in security class that it's easy to turn a switch into a hub.

  4. Two people... by Eggplant62 · · Score: 4, Interesting

    ... are seated in a noisy restaurant, yelling back and forth to each other from one side of the table to the other. I'm sitting 3 tables away and can hear them.

    Am I hacking??

  5. Re:Many low cost switches... by CrazedWalrus · · Score: 4, Interesting

    I don't understand this very well, so someone who does please chime in.

    Switches use your ethernet card's MAC address (not IP) to know how to route ethernet frames on across the switch. It knows that MAC AB:CD:EF:etc is on port 1, and 12:34:56:etc is on port 2. Because you can daisy chain switches, it actually has to remember a many MACs to 1 port sort of mapping.

    Switches can only remember a finite number of MAC addresses, so if you overflow the memory of the switch with bogus MAC addresses, it fails over to hub mode and just broadcasts all the packets to all the ports. It's not pretty, and would cause the network to get slower, but at least it would continue to work.

    As I can't see hubs being used at a Black Hat conference, I'd guess this is the sort of thing the reporters did. I'm sure there's a name for it... probably "ARP Cache Smashing" or something, but I don't know it.

    Anyway, if someone can give a better explanation, I'd be grateful.