Las Vegas, NV. Black Hat 2010 – The Tech Herald is in Las Vegas this week, covering one of the largest security gatherings of the summer. Here is a recap of day two.
One of the first things to note about day two is that the mood is a little sluggish.
This could be that most of the attendees are paying for the previous evening, given the number of parties (Thanks WhiteHat, Cenzic, and Rapid7!) that were held. Another reason for the lag might be a wind down to prep for Defcon, which is sure to be just as busy. In truth, the line to get Defcon badges seemed to stretch the entire length of the top floor, and that is no small feat. (One has to wonder who missed lunch waiting in line.)
Keynotes and HR Drives
The day started off with a keynote address from Retired General Michael Hayden, the former director of the NSA. His address, compared to the one given Wednesday morning by the DHS' Jane Lute, was actually filled with valuable insight and information. The take away from his talk is that there is a strong need to clearly define what cyber-war is.
On top of that, there is the defense angle that the military has to address, which is at its base a seemingly hopeless task. Cyber-warfare is a new domain for the government, and while the military can deal with threats that come from land, sea, or even space, there is nothing inherent when it comes to using practiced and proven strategy to defend from cyber attacks.
The good news is that there is rapid adaption, and those charged with defense are learning. There is also a visible recruitment effort underway at Black Hat, led by the FBI. The FBI is looking for those with a wide range of skills to apply for forensics spots within the agency, as well as Intel Analysts, Special Agents, and IT Specialists.
When we talked to the FBI about the effort, they said that their presence at Black Hat was only the second time they had done this, as they were at RSA this year as well.
There are plans, tentative ones at the moment, but plans nevertheless, to look towards the private sector and recruit top talent. One of the places they plan to scout are the InfoSec gatherings, both large and small. However, the tone of the conversation seemed to point to the fact that it is mostly the neutral or corporate InfoSec gatherings that were the top target.
Android users targeted by malicious wallpaper
Lookout, a company that focuses on mobile security, showed off some research that included the discovery of wallpaper applications that were siphoning off information and sending it to a collection point in China. The wallpapers, which are found under various names, were downloaded at least one million times, but upward estimates place the count close to four million.
The wallpapers offered images from NASA or Linux, and came from two developers “jackeey,wallpaper” and “IceskYsl@1sters!”. One name has changed to “callmejack” since Lookout released their research to the public. Google is aware of the issues and is looking into things.
More information is here.
Day Two had a great talks from RSnake and Josh Sokol that centered on SSL and TLS flaws, as well as the SSL data report from Qualys. We'll follow-up with more detail in a second update.