Around 15,000 hackers and security experts descended on Las Vegas for the twenty-first annual DefCon last week to discuss the latest and greatest exploits and vulnerabilities targeting seemingly anything and everything.
Sure, computers can be hacked. But what about telephones,
televisions and even digital cameras? At DefCon, hackers learn
how to wage attacks on just about everything and, just as
importantly, how to prevent them.
“There was a session on how to hack into those self-driving
cars. People hacking into ATMS, hacking into pacemakers, hacking
into refrigerators. I don’t think there’s a limit to what some of
these, with the creativity and the skills they have, I don’t
think there’s any limit to what they can reverse engineers,”
said Vince in the Bay, a podcaster and convicted cyber-criminal
who attended his first DefCon this year.
But it’s not just breaking into boring systems and servers at
DefCon, either. Zoz is an Australian computer scientist whose
life revolves around robots. Sometimes he builds them, but at
DefCon he discusses ways to break them. If there’s a system that
can be tinkered or toyed with, at DefCon they’ll do it.
“This year I came to give a talk about hacking driverless
vehicles, because I’m really into autonomous robots, I’m involved
in autonomous robot competitions, and I felt like now we are on
the cusp of shared use acceptance of driverless vehicles on the
road, shared airspace with UAVs, and so it’s time to think about
adversarial relationships and how we make these systems
bulletproof,” Zoz told RT.
Zoz has been at DefCon as either an attendee or presenter going
back to the 1990s, and this year a few thousand people packed a
conference room to watch him show how drones and driverless cars
alike can be compromised with just a couple of tricks. Like
almost everyone at DefCon, though, Zoz says he hacks for good –
not for bad.
“The people here at DefCon are my people. They are people who
are curious and want to learn. They come here to find out how
things work and how they can use it best and make it sometimes
make things do things that they weren’t supposed to do in a good
way often, to improvise and adapt, and to learn from each other
and show off what they’ve done. So this is primarily a
conference where people come to learn things and to engage in
their curiosity, so that’s what I like about it so much. Because
if you have something that you’re interested in, chances are
there are people here who are going to be interested in it too,”
he said.
In addition to hacking household appliances, UAVs and all sorts
of other electronic gizmos and gadgets, security experts of all
levels come to DefCon to discuss exploits and vulnerabilities for
everything imaginable.
John Draper, also known as Captain Crunch, started compromising
computer systems in the 1960s when he used a homemade device
called a blue-box to make free phone calls around the world
“The real reason behind my experimenting around with the
system was to learn the system and understand how it works, much
like today with how people are breaking into computers,”
Draper told ABC News’ Sam Donaldson some 30 years ago.
Draper went on to show a few guys named Steve and Steve how to
hack phones too, and eventually they moved on to make millions,
then billions, off of their own endeavors. But while you won’t
find the CEO of Apple Computers walking around DefCon in
100-degree heat, Draper still shows up to discuss his sordid
past, where his sheer curiosity kept him usually close to
trouble. He says he never wanted to hack for harm, though, and
relied on hacks and exploits to explore systems that were still
in their infancy–and to have a little fun.
“Back in the mid-70s, we found this number by accident, an 800
number, because we were scanning for numbers, and it went into
the White House. It was the White House/CIA crisis hotline
number,” Draper told RT.
“So we sat on that White House line for a while and learned
that President Nixon’s name was Olympus, so a couple weeks later
I wrote down that and we were at a party and so we called the
White House number and we asked for Olympus. And a person who
sure the hell sounded like Nixon came on the line and we said,
‘Sir, we have a national crisis on our hands. Sir, we are out of
toilet paper.’ And we hung up! So we were the first people to
prank Nixon!”
Of course, hacking phone lines and prank calling the president
are child’s play compared to compromising drones and exploiting
holes in household appliances. In one DefCon presentation,
attendees learned how to hack hi-tech toys made for toddlers; in
another, digital cameras. Perhaps the scariest hack of all,
however, is one being done by Uncle Sam that’s compromising our
personal conversations.
Chris Soghoian is the Principal Technologist and Senior Policy
Analyst at the ACLU’s Speech, Privacy and Technology Project, and
he spoke a number of times at DefCon this year about issues that
aren’t of interest to only hackers. Civil libertarians like
Soghoian have long assumed the government was getting
communications from anyone they wanted, but only recent
revelations made by NSA leaked Edward Snowden have uncovered the
tip of that iceberg. Now, Soghoian says, he hopes people start to
speak up.
“They’ve been doing this for a while, but they’ve kept it
under wraps. And I think it’s time that we have public debate
about whether law enforcement agencies should be in this
business, whether we want local cops or the FBI to have the
capability to hack into any computer, anyone’s smart phone. If
cybersecurity is a national concern–which I think it should
be–then I don’t really think these tools should be floating
around. I think we should be prioritizing cybersecurity, and it’s
just not a debate we’ve had,” Sogoihan said.
But just weeks after Snowden gave the world a glimpse at what the
government is actually doing, that discussion is one that might
finally be on the verge of making it mainstream.
Republished from: RT