Hacker Con Round-Up | Jupiter@Nite | 8.02.10

Hacker Con Round-Up | Jupiter@Nite | 8.02.10

Tonight on Jupiter@Nite, the boys go BLACK (hat) and review the latest news to surface from Hacker Cons around the world! We’ll show you the latest antics from Black Hat and DEFCON, where security protocols are run through the wringers. Are your cell phone call safe? Did your wallpaper app steal your Android information?

Tune in to find the glorious details!

Tonight’s Show Notes:

Black Hat Conference background:

     A computer security conference that has a unique blend of gov’t officials, corporate IT leaders and hackers in attendance.

     Black Hat was founded in 1997

     Ran in Las Vegas from Jul 24th to the 29th

     Made famous by the antics of their hacker attendees.

     Past conquests:  Local wireless services, hotel billing services, and even the lobby ATM.

     Also famous for exposing faults in popular software.  Sometimes without the prior knowledge of the software’s developers.  Most commonly browsers and operating systems.



Mozilla finds security flaw in Black Hat’s pay-per-view Video Stream

     The stream cost $395 per head for viewing. Ouch.

     Ironic, since Mozilla has been a frequent target of Black Hat’s many ‘whistle blowing’ presentations re: browser security flaws.

     Sources indicate that the Mozilla foundation immediately notified Black Hat about the error, rather than holding onto the information to announce at a later date, as a deliberate “we’re more respectful than you” type of gesture.


Some other Black Hat demos:


Hacked ATM spews cash, sings a jaunty tune, and displays “Jackpot” on the screen.

     All hacked remotely, and demonstrated live.


This $1,500 system can hack into your cell phone calls

     Pretends to be a cell tower, so can even receive encrypted calls.

     Only 2G GSM calls

     “Encrypted calls are not protected from interception because the rogue tower can simply turn it off. Although the GSM specifications say that a phone should pop up a warning when it connects to a station that does not have encryption, SIM cards disable that setting so that alerts are not displayed.”


Hacking pre-paid parking meters


Android wallpaper app steals millions of subscriber’s personal info

     Watch for apps by “jackeey,wallpaper” and “IceskYsl@1sters!”

     Watch for apps that request access to “android.permission.READ_PHONE_STATE” which grants the application access to APIs to access the device’s phone #, subscriber ID, and more.

     UPDATE:  Details of which data was potentially stolen.


Help Crowd Source Jupiter@Nite (and other JB shows) News:


              Sign up for Google Reader

              Sign up for Google Buzz (Optional.. But the best way for everyone to discuss topics)

              Subscribe to the Jupiter”@”Nite Google Reader Bundle

              The Linux Action Show Bundle

              LOTSO Bundle



Question? Comments? Contact us here!