By Elinor Mills
August 4, 2009
At a hacker conference no one is safe.
When I first went to Defcon in 1995, the halls were mobbed with
teenagers and attendees seemed more concerned with freeing Kevin Mitnick
and seeing strippers than hacking each others' computers.
Jump forward to Defcon 17 this year, which was held over the weekend in
Las Vegas, things certainly have changed. The attendees are older and
wiser and employed, most of the feds aren't in stealth mode, and even
the most savvy of hackers is justifiably paranoid.
"Welcome to the hacker world," said Defcon founder Jeff Moss.
The evolving demographic of Defcon attendees shows that the hacker
community, like all of us, is aging. But it's also a reflection of how
the threat landscape has changed. Web site defacements have given way to
much more serious risks like financial fraud and unaddressed critical
infrastructure weaknesses. It's a cornucopia of phishing e-mails,
cross-site scripting attacks that poke holes in trusted Web sites, and
criminals harvesting credit card numbers and selling them on the
underground equivalent of eBay with guarantees of service and support.
Defcon and Black Hat, the pricier and more corporate sister confab held
the two days preceding Defcon ($120 for Defcon registration versus
$1,395 to $2,095 for phased registration at Black Hat), offer a forum
for researchers to share information about vulnerabilities they find in
software, hardware and systems.
Targeted this year were everything from the iPhone and surveillance
video feeds to e-parking meters and security underlying the Domain Name
Subscribe to InfoSec News