AOH :: IS1233.HTM

No/Low/High-Tech Hacking: It All Matters




No/Low/High-Tech Hacking: It All Matters
No/Low/High-Tech Hacking: It All Matters



  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--1457021584-152689862-1223621194=:22134
Content-Type: TEXT/PLAIN; CHARSET=UTF-8
Content-Transfer-Encoding: QUOTED-PRINTABLE
Content-ID:  

http://www.internetnews.com/commentary/article.php/3776876/ 

By Sean Michael Kerner
internetnews.com
October 9, 2008

COMMENTARY: I spent a few days this week at the SecTor conference in 
Toronto, an event that isn't quite the Black Hat of the North (though 
maybe we could call it the Black Toque of the North). What made this 
event interesting for me is the mix of technology approaches discussed, 
ranging from no-tech hacking to the super-powerful, software-based 
methods.

Listening in to the various presentations, I came to a conclusion that 
may well be obvious, but still needs to repeated. Whether no-, low- or 
high-tech, all methods of hacking need to be part of enterprise security 
efforts. Furthermore, it's unacceptable to simply think that hacking is 
just an offensive approach to security. As the old adage goes, the best 
defense is a good offense.

At the no-tech end of the scale, there is Johnny Long, who not 
coincidentally is the author of a book titled "No-Tech Hacking." At 
InfoSec, Long repeated a presentation he gave in 2007 at Black Hat Las 
Vegas, humorously detailing how, using the power of observation and the 
naivet=C3=A9 of others, he could profile people and gain access to supposedly 
secure buildings.

"We have a tendency to get so into the technology of the industry, 
that's all we can see," Long told the SecTor audience. "Solutions can be 
complex, but hackers need to be clever and they don't need to have tech. 
Bad guys can break your stuff without using technology."

[...]


--1457021584-152689862-1223621194=:22134
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

__________________________________________________      
Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
http://conference.hackinthebox.org/hitbsecconf2008kl/ 
--1457021584-152689862-1223621194=:22134--

Site design & layout copyright © 1986-2014 CodeGods