Hackers, defenders target security, iPhones, and more

Computer security wizards are gathering to share insights about threats ranging from cyber warfare to hacking Apple iPhones or MySpace Web site profile pages.

Hackers, defenders target security, iPhones, and more
Computer security wizards are gathering to share insights about threats ranging from cyber warfare to hacking Apple iPhones or MySpace Web site profile pages.

Briefings that begin Wednesday at the 11th annual Black Hat conference in Las Vegas include the potential to crack into Microsoft's new Vista operating system and the Apple Leopard operating system due out in October.

Black Hat organizers promise 20 new vulnerabilities in popular computer software will be unveiled along with an equal number of "tools," ways to launch attacks that take advantage of flaws in programs.

"If researchers are talking about something, that gives you a glimpse into what the future holds," Black Hat founder Jeff Moss said Monday.

"A lot of companies and governments want to know what direction things are moving in and get ready for it."

While "Black Hat" in computer parlance refers to someone who hacks into systems, the conferees largely wear the white hats of security professionals and government officials.

US National Security Agency chief of vulnerability analysis Tony Sager will give an opening speech and federal "cyber cops" will lead a forum on threats.

"A lot of things will be discussed at Black Hat," Moss said, citing "the changing nature of botnets and spam armies, and how cyber warfare has been evolving during the past five years."

"Botnets" are legions of computers controlled by hackers that have infected them with malicious code, usually without owner knowledge.

Infected computers become "zombies," which hackers enlist in "spam armies" for online attacks.

Gadi Evron, a US "security evangelist," will discuss the massive online attacks on Estonia earlier this year in what is referred to at the gathering as "the first Internet war."

Evron was part of a team that helped in the aftermath of the attacks.

"As we saw in Estonia, cyber warfare is more sophisticated and coordinated," Moss said.

Black Hat seminars include a way to mine data and gain unrestricted access to pages on social networking Web sites such as MySpace and Flickr, according to organizers.

Researchers will detail vulnerabilities in Apple's iPhones, including a flaw in Safari Web browsing software that opens the door to slipping malicious code into the devices.

"People will pay attention to iPhone for a while because it is an interesting new platform," Moss said.

"It is such a small percentage of the market compared to Windows that it seems people are doing it to make names for themselves."

Hot topics include ways to "weaponize media files" by embedding video or music downloads with software that lets hackers spy on users or take over their machines.

Similar themes are expected at an infamous gathering of hackers referred to as DefCon that starts in Las Vegas Friday after Black Hat ends.

DefCon draws renegade software geniuses. The annual gathering is marking its 15th year and features hacking games, lock picking, and alcohol-infused socializing along with seminars.

"If Black Hat is the university then DefCon is the frat party," said Moss, the founder of both events.

AFP
Last Mod: 31 Temmuz 2007, 19:43
Add Comment