What is Digg?80 Comments
- p3ngwin, on 08/08/2008, -8/+122just because it's a conference about security, doesn't mean a free-for-all to break laws and go ape-*****.
these are actually very skilled people that want to address security concerns and have some fun doing it. none of it illegal.
for people to think they can get invited and change the plan is to invite chaos and be counterproductive.
these people are breaking rules and manners laid out by the organizers and don't understand the movement. - Origin415, on 08/08/2008, -1/+107A bad place to use unencrypted connections...
- SillyRabbits, on 08/08/2008, -2/+63Doesn't really seem to be a tricky case to me. There were two networks at the conference, one that everybody was using and everybody was aware it was fair game to monitoring/hacking etc., and then there was a 2nd network that was exclusively used for the press that everybody was aware was supposed to be off limits to that sort of activity. Everybody was aware of the rules. What they did wasn't any sort of elegant hack - they just completely ignored the rules everybody was asked to follow. I think banning them for life was exactly the right response. I doubt you will see a repeat in future.
- tdlrali, on 08/08/2008, -22/+65This is a tricky case - it's a hacker conference, so the organizers should not be able to point fingers at anyone for hacking. At the same time, the reporters should've used their common sense to realize that sniffing on a network that is off-limits to sniffing probably isn't a good idea.
The best resolution to this would've been to warn the reporters, inform them of the rule, and watch them closely from that point. If they are caught again, they deserve to be thrown out.
At any rate, this is bad publicity for the "hackers" - they're usually the ones whining about being treated unreasonably or not being tolerated, but now they're doing the same thing they are accusing others of. - xero69, on 08/08/2008, -2/+30These 3 can look forward to their identities being deleted or stolen thanks to making a spectacle of themselves.
- captmorgan555, on 08/08/2008, -1/+26Everyone knows the rules. Sounds like these guys were looking for easy targets.
- inactive, on 08/09/2008, -2/+27Just because you can doesn't mean you should.
- PeterNorton, on 08/08/2008, -0/+16There is a Kindergarden everywhere.
- rakous, on 08/09/2008, -0/+15With Great Power Comes Great Responsibility
- Skooma714, on 08/09/2008, -1/+16Doing any kind of network intrusion around people who specialise in it is not a good idea. They are probably way better than you at it.
- drakia, on 08/09/2008, -0/+13Alright, since it seems nobody read the ***** article, the three reporters were capturing packets on a SECURE network designated for safe use by the press. Not all press members are going to be tech savvy enough to use secure tunnels and all that *****, which is why they have their own network. The three reporters were being asshats, going against the rules they very well knew existed, since they had attended the conference previously to report on it.
- Taedirk, on 08/09/2008, -1/+12Did they /surrender/ to authorities?
- haikuFU, on 08/09/2008, -4/+14Exactly. What type of person goes to a hacking conference and doesn't use SSL or a VPN to get into their stuff? I sniff every network I join, and there is a ton of crap flying across it.
- f3l1x, on 08/09/2008, -15/+24This is retarded. Black hat is nothing like it was. There used to be a large screen at this place called the wall of shame that dynamically listed users stupid enough to use unencrypted channels on the networks there. And spot the fed is now is nothing today, its find a REAL hacker that's hard; no, impossible. Now they are a bunch of pussy hypocrites. This is why I don't go anymore, its not cool at all and its just a bunch of stuffy _masturbating monkeys_. aka one big ***** money-pit self-loving joke. Start calling this BS symposium "white hat con". (not that there is anything wrong with white hats, but don't call it black hat if your gonna puss out.)
Then again, if those reporters were 1337, they wouldn't have gotten nailed. So maybe they deserved it, just like Kevin. There's people out there way smarter and more accomplished, we just cant put a name on them because they are too good to get their asses caught. If you know a black hat's real name, (s)he's no good. (caveat: Hollywood) - asforme, on 08/09/2008, -0/+9According to the article, they still have the wall of shame, but they want press coverage so they made a special safe network for the press that was off limits.
These guys got caught because they brought the info so that it could be posted on the wall of shame, then they found out the press was off limits and were banned. - captmorgan555, on 08/08/2008, -4/+13You do not have the correct definition of hacking. Hackers are people who are interested in finding out how things work, make them work better and/or make stuff do things they were not created to do. Hackers call the people who do the illegal stuff crackers or script kiddies (among others).
See the first few lines on Wikipedia to see what i mean:
http://en.wikipedia.org/wiki/Hacker - dclaw, on 08/09/2008, -8/+16HAHAHA are you people serious?
At Defcon, which is within the same thread of the hacker spectrum. They have a WALL OF SHEEP, where the logins of people stupid enough to access private/corporate emails, ssh logins, and other credentials is a celebrated feature of the whole convention. Legal or not, if you are stupid enough to access anything from a hacker convention uncencrypted, that is your fault. Better to learn here than in any much less protected venue, where potential hackers could ream your company for thousands of dollars due to your uncencrypted chats and emails with company personnel. Aren't you supposed to be working anyway, not at one of the world's largest hacker conventions???? - inactive, on 08/11/2008, -0/+7Eh, we still have Defcon, at least.
- drakia, on 08/09/2008, -0/+6Holy *****, did you not RTFA? It was a press room, where there was a secure connection FOR THE PRESS, the network was off limits to people trying to grab passwords for the 'Wall of Sheep' which they also had this year. The three reporters were asshats who disobeyed the rules for the press attending, and as such, were removed from the conference for life.
- schroeder, on 08/09/2008, -0/+5@MarkusX
Hackers who find vulnerabilities and share them help those holes to be fixed. The right thing to do once a vuln is found is to tell the people responsible for the hole so it can be fixed. If that fails it is shared with everyone so these people are pushed to fix the problem. Better for everyone to know about a hole in a system than for a few undetected people exploiting it. It's not about feeling safer. You should never feel safe on a network. It's better to be aware that there may be an issue so people won't be to lax about their security on a system.
Hackers at black hat see that a door is open, find out why or how the door has been opened, then tell you your door is open. But it's more like the gate of a gated community. They are telling everyone who lives there that it's open and that they might want to do something about it. - DyceFreak, on 08/09/2008, -2/+6It is a "Black Hat" security conference though... do you know the definition of a Black Hat hacker? :P
- sysop073, on 08/09/2008, -0/+3Did *anybody* read the article? These guys captured passwords specifically for the wall of sheep, it says it right in the article. They got in trouble when they talked to the wall of sheep people because the press network is off-limits to hacking. These conventions want press coverage and they don't want the press to live in fear of using a computer
- enantiodromia, on 08/09/2008, -0/+3Black Hat != DefCon
- VyPR, on 08/09/2008, -1/+4Moral of the story: Don't ***** where you eat.
- Sofi4n, on 08/09/2008, -0/+3For once French people manage to appear on the tech savvy scene... and they ***** have to get busted.
- drakia, on 08/09/2008, -2/+5The network was secure, and set up specifically for the reporters. Reporters tend not to be the most computer savvy people out there, hence their own secure network.
- RadiatedAnt, on 08/09/2008, -0/+2The ironing is delicious...
- Aero347, on 08/09/2008, -1/+3Proof that the convention is in fact, simply hosted by White hat posers attempting to use the l33tsauce they happen to suck up to defend their networks with. Hell, my company would pay to send me out there..
- inactive, on 08/09/2008, -2/+4DEFCON is an all out rape/ hacker fest
Best not to take anything like a cellphone, laptop or any other electrical device within 10 miles of the conference. - Drahkar, on 08/09/2008, -0/+2You have to understand that this isn't DEFCON. This conference is for a hard core group of freestyle hackers who work on legitimate topics. If these reporters wanted an enviroment more geared towards 'Hack the World' then they should have gone to DEFCON.
- sysop073, on 08/09/2008, -0/+2There's been one for like a decade, and DEFCON before that
- Shrubber, on 08/09/2008, -0/+2This is the digital equivalent to smacking someone in the face in a game of dodgeball when they're standing in the "safe zone." For example, to point out one parallel, in both cases the very idea of a safe zone in such a situation is laughable.
- crzdmn, on 08/09/2008, -1/+3Just because he does doesn't mean he abuses it.
- inactive, on 08/11/2008, -0/+2Either way can be done without detection. I can become STP root and become their router. To counter my own statement, one could even see SSL traffic in the clear real time. It can cause errors but most people happily accept them and move on. Ettercap is one simple tool for this.
- DyceFreak, on 08/09/2008, -0/+1opti you dont get it
Black Hat is an orginization geared towards network security
while Black Hat Hackers are hackers with malicious intent..
get it? - MarkusX, on 08/09/2008, -3/+4@captmorgan555:
I did in fact NOT confuse hackers with crackers.
Your definition doesn't mean that a hacker doesn't commit a crime before he alerts the company whose network he just cracked or misused.
If I left open the front door of my house, that doesn't mean that everybody is allowed to come in.
I might just let some air in my house, or I'm about to transport a couch or maybe I just want to hear the birds sing and my windows don't open. I actually doesn't concern anybody.
But if you come in unasked, it's still a crime. "Breaking and entering" doesn't need actual "breaking" to become illegal.
I'm just being technical here.
I do think that the hackers' effort to make our network-world safer is honorable.
On the other side, bringing up new threats every day, even if it's done in the name of security, makes everybody "feel" unsafer instead of safer.
I would prefer to live in a courteous world, where people respect other people's privacy no matter if their network is open like a barn-door. But that is probably never gonna happen, so we just have to live with a constant feeling of fear, because as long as people develop new things there are going to be new security holes. It's just never gonna end. That's the sad thing. - ConAmoreEFuoco, on 08/09/2008, -0/+1Reminds me of when Pee Wee Herman got arrested...
- HeyChris, on 08/09/2008, -0/+1Way to butcher a good song.
- k3y5rmy1if3, on 08/09/2008, -0/+1Oh please, thats like the equivalent of...damn. Uh....someone please reply with clever puns.
- gpw11, on 08/09/2008, -0/+1"his is why I don't go anymore, its not cool at all and its just a bunch of stuffy _masturbating monkeys_. aka one big ***** money-pit self-loving joke."
Its not cool at all ....anymore? - eddie72, on 08/09/2008, -0/+1Irony wins the day.
- ironiridis, on 08/09/2008, -0/+1You're doing it wrong.
- captmorgan555, on 08/11/2008, -0/+1@Joey69
Good job quoting only the portions of an article that suit your point you fkin tool. See i can do it too:
"Hacker (computer security), someone who breaks computer and network security, a cracker"
Last word reads? - Ahnteis, on 08/09/2008, -0/+1Well, if hack the news network at the Black Hat conference, you get banned for life. So you have to decide if that's worth a laugh.
- Cytranic, on 08/09/2008, -2/+3I doubt it was a hub. More then likely someone did some ARP attacks, and the network guys compared the MAC addresses for the gateway. Once they found the mismatching MAC address, they traced that back to the computer. This is how they were caught, you cant detect someone sniffing on a hub.
Any doubt, Port Security would have solved this issue by locking MAC address to the physical port. Any attempts to rewrite the ARP table would have resulted in a block of the port. This would take 1 min to implement, so it seems they wanted to catch someone. - FolkTheory, on 08/09/2008, -0/+1actually its written in the us legal code.
- RadiatedAnt, on 08/09/2008, -1/+2Hacking and cracking don't mix.
- cipals15, on 08/09/2008, -0/+1They should be awarded. I have sniffed and found 12 passwords from an internet shop and it is an accomplishment. I used them but never modified them. One was an online gamers account and i am glad to play with it for awhile.
Anyway, its a hacker's convention so they should have expected it from the first place. When im on a hacker convention, i will use pen or paper or my mind. They can't hack my mind unless they have super powers. - inactive, on 08/09/2008, -1/+1 A security context, a hacker is someone involved in computer security/insecurity, specializing in the discovery of exploits in systems (for exploitation or prevention),
or in obtaining or preventing "UNAUTHORIZED ACCESS" to systems through skills, tactics and detailed knowledge
Owned yourself..
GG THX BAI -
Show 51 - 80 of 80 discussions
Digg is coming to a city (and computer) near you! Check out all the details on our 
© Digg Inc. 2009
— Content created and posted by Digg users is