Aug 11 2008

Who trusts any network at Black Hat?

Published by at 7:31 pm under Blogging,Hacking,Simple Security

I almost felt a little silly at Black Hat and Defcon using my 3G card, even in the press room. But it turned out I had the right instinct: some ignorant psuedo-journalists decided they’d spend some time sniffing the network in the press room and tried to get the folks hosting the Wall of Sheep to include the journalists traffic on the Wall of Sheep. Not a good move, since the folks they went to just turned around and told the organizers of Black Hat. The guys doing the sniffing were summarily kicked out of Black Hat and told to never bother applying for a press pass to the event again.

I call them psuedo-journalists because these guys apparently weren’t really journalists and weren’t really bloggers either. Instead they exist in a role somewhere between the two, sometimes blogging and sometimes writing pieces for serious magazines. I guess that places me in a very similar position, since I blog prolifically and occasionally write articles myself. One of the big differences between me and them is that I realize I’m acting as a bridge between the two communities and that what I do could have long term repercussions in how bloggers are treated at events like this in the future.

My friend Michael Farnum points out that any journalists who are whining about this violation of the sancrosanct network in the press room are fools who should know that all networks need to be considered hostile. Well, that may not quite be the words he used, but I know Michael well enough to suspect that might be how he really feels. And he’s right to a certain degree, especially at Black Hat and Defcon. You usually have no way of knowing who’s listening on the network and need to act accordingly. When you’re sitting on a network that’s sometimes called the ‘most hostile network on earth’ you have no excuse for not taking the necessary precautions in the necessary to keep you safe. This probably isn’t the first time someone’s been sniffing on the journalist’s network, just the first time it’s been one of our own doing it.

I no longer feel like a paranoid for limiting my use of the press room at Black Hat. I only visited the room once myself and never connected to the network. I used the network in the press room at Defcon a couple of times to upload podcasts and read my daily dose of online comics, but didn’t do any serious activities on it. Though now that I’m thinking back and reviewing Libsyn’s site, I’ve realized that the site doesn’t use https by default and needs to be forced into a secure mode. At least the site actually works using https. And I think I’ll be changing that password anyways now that I’m reflecting on it a bit more.

All networks are hostile, something security professionals and journalists who follow security professionals can’t afford to forget. It’s only a little bit of egg on the face of some journalists, but it can be a lot more if you’re not careful. We tend to forget that it’s not just other people that get hacked, sometimes it’s us as well.

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

One Response to “Who trusts any network at Black Hat?”

  1. Aaron Guhlon 12 Aug 2008 at 6:32 am

    I agree completely. I was at a security event in Rochester, NY several years ago and decided to tether my cell phone to my laptop for internet. The speeds were atrocious and I just felt darn right silly with the whole set up. But later I felt totally reassured when a few of the event administrators kicked out a man for trying to poison a few nodes on the network.

%d bloggers like this: