What We're Watching As World's Big Hackers Meet In Las Vegas
This week the world of tech will turn its attention to Las Vegas, where two separate conferences dedicated to hacking and security are about to get underway. Each year during the height of summer, thousands of security researchers, hacktivists, black hats, white hats and feds descend on Vegas for Black Hat and Def Con. Here are a few stories and trends we're keeping an eye on:
Gen. Keith B. Alexander Speaks
The organizers of Def Con asked feds to consider staying away from the conference this year in the aftermath of revelations of the NSA's extensive phone and data surveillance option.
But the organizers of Black Hat had asked Gen. Keith B. Alexander to speak months before the details of the NSA surveillance programs were leaked by Edward Snowden. And that speech is going ahead.
There's actually a long tradition of feds coming to both of these events, overtly and covertly. Not only do they try to keep tabs on what this community is up to, but these conferences have become a hotbed of recruiting for military intelligence, three-letter agencies and other feds.
This speech should be particularly interesting as it will be the first chance for Alexander to publicly respond to a growing chorus of voices in Washington, D.C., that are calling for legislation to rein in the NSA surveillance programs and bring more transparency to the Foreign Intelligence Surveillance Court.
And Alexander is going to have to deliver it to a skeptical, possibly hostile and technically sophisticated audience.
Barnaby Jack was one of the good guys. He spent his professional life hacking products, not for personal gain but instead to pressure companies to make them safer.
He became famous for hacking into ATMs and getting these machines to spew out piles of cash. The hack became known as jackpotting.
Jack was reportedly found dead in his apartment, and although foul play isn't suspected the cause of death is being investigated by the San Francisco medical examiner.
The hacking community is tightknit, and the announcement has been difficult for many of Jack's friends and colleagues. He was well-liked and widely considered to be a brilliant researcher.
Jack had been scheduled to deliver a talk on Aug. 1 at Black Hat on newly discovered vulnerabilities in pacemakers. He had discovered a mobile attack that allowed him to alter their function from 30 yards away, in what he described as a potentially lethal attack. Last year, Jack demonstrated it was possible to remotely attack a insulin pump manufactured by Medtronic. That research led Medtronic to make changes in the product that made it more secure.
Hacking The 'Internet Of Things'
As more and more devices are connected to the Interne, more and more things can be hacked. This year at Def Con and Black Hat researchers will be showing off attacks that let them take over everything from cars to toys to smart TVs to embedded control devices used on oil platforms.
Researchers and hackers say they worry that as nontech industries start building embedded computers and Internet-connected technologies into their products, they are overlooking security. Hopefully, they say, some of the hacks unveiled this year will be a wake-up call.
In previous years researchers like Don Bailey and Mat Solnik and others demonstrated it was possible to hack into a car remotely. This year Charlie Miller and Chris Valsek hacked into a Toyota Prius and Ford Escape. The two researchers received funding from DARPA to see whether they could take control of the embedded computers that are now ubiquitous in modern cars. They did.
Here you can see them showing off what they were able to do to Forbes writer Andy Greenberg.
Copyright 2020 NPR. To see more, visit https://www.npr.org.