|
|
|
|
|
|
|
|
|
|
|
| . |  |
. |
|
|
|
 By Glenn CHAPMAN Las Vegas (AFP) Aug 8, 2015
There was some bridge-building, but a real rift remained on Saturday between US spy agencies and the world's most infamous hacker gathering. Scandalous revelations about sweeping online snooping by intelligence agents caused fury in the Def Con hacker community two years ago. That led founder Jeff Moss to call for a "cooling off period" during which "feds" avoided coming near the annual conference in Las Vegas. The chill has given way to uneasy detente in which the door could be open to US spy or law enforcement agencies to take part in panels or presentations, if they are ready to be honest about what is going on and face hostile questioning by wary hackers. "They could come back and explain themselves, but nobody has had the guts to do that yet," Moss told AFP. "I would say that we are in a 'trust, but verify' stage. If it is a national security thing, they need to have a real good story and be ready for hard questions." Deputy Secretary of Homeland Security Alejandro Mayorkas braved Def Con on Friday to give a presentation centered on the need to work together to fight cyber threats - a theme hit often by government agencies welcomed here prior to cyber spying scandals triggered by one-time intelligence contractor Edward Snowden and former US Army soldier Bradley Manning. - Whiskey and back doors - Mayorkas accepted the traditional shot of whiskey given to first-time Def Con speakers, but sidestepped a hacker's request that he take a stand against building "back doors" for intelligence agencies to slip into encryption used to scramble email or other data traversing the Internet. "I can not say 'yes' and I can not say 'no'," Mayorkas said, noting that it was the only time during his talk that the audience applauded. "I know what the problem is, and I don't know what the solution is." The problem, he maintained, was tapping into digital communications that could expose threats by terrorists or others. Moss said Mayorkas made the Def Con stage because DHS hasn't been implicated in leaks about online spying. He noted that at last year's Def Con, the Federal Trade Commission gave a presentation about zapping annoying 'robo-calls' and there was no drama. The DHS also runs the Computer Emergency Readiness Team (CERT) that alerts companies to cyber threats. The US Department of Defense research agency DARPA, which was involved in the creation of the Internet, is at Def Con to talk about a Cyber Grand Challenge that will pit computers against one another in a hacker version of the game Capture the Flag. The final round of the Challenge will take place next year at Def Con, which has long had teams of human hackers playing the game, and boasts nearly $4 million in prize money. - Booting spies - "If the FBI or the NSA or the CIA wanted to try to give a speech, I think there would be some problems," Moss said. "If other agencies want to come and try to repair relations, I counsel them to really think through how they are going to repair trust." Moss had little doubt that members of intelligence groups from a variety of countries were at Def Con for either work or personal reasons, paying the $230 cash entry fee and walking in no questions asked. "They are still here; you can see them," Moss said. "For a while, it was growing to be kind of cool to have them in the community, but they were never really open about what was going on." He said Def Con volunteers working as "goons" at the conference have booted out agents of foreign intelligence groups secretly recording goings on at the gathering. "They have backpacks with small holes cut in them and they walk around recording everything," Moss said. "If we find them, we kick them out."
Tesla courts hackers to defend high-tech cars It was the second year in a row the California-based company was at the world's largest gathering of hackers in Las Vegas, and came on the heels of a massive recall of Fiat Chrysler Automobiles vehicles to patch a flaw that could let them be remotely commandeered. "Hackers are a crowd that is really important to us," Tesla's Khobi Brooklyn told AFP while Def Con attendees took turns inside a black Model S sedan parked inside a casino convention area. "It is a community that we want to be part of, and collaborate with, as well as recruit from." Tesla recruiters were on hand, along with members of the California-based company's security team. Tesla cars are highly computerized. New features as well as software updates are pushed out to vehicles over wireless Internet connections. "They are not messing with our software," Brooklyn said with only a hint of hesitation. She knew of no cyber attacks aimed at Tesla cars, at Def Con or anywhere else. Tesla has worked with Lookout Mobile Security to find and patch software vulnerabilities in sedans, according to Brooklyn. - Data centers on wheels - Lookout co-founder and chief technology officer Kevin Mahaffey and Marc Rogers of CloudFlare online security firm took part in a Def Con presentation on Tesla software defense flaws that were discovered and then shared with the company. They referred to Tesla sedans as data centers on wheels, and urged great care when trying to hack vehicles that could be racing along at 100 mph (160 km) or so. "As cars become more connected, we need to think about them a lot more like smartphones where you are constantly testing and improving products to make they as secure as you can," Brooklyn said. Fiat Chrysler Automobiles issued a safety recall for 1.4 million US cars and trucks last month after hackers demonstrated that they could remotely control their systems while they are in operation. The recall came after cybersecurity experts Charlie Miller and Chris Valasek remotely commandeered a Jeep Cherokee, made by Chrysler, to demonstrate the vulnerability of the vehicles' electronic systems. Miller and Valasek presented details of the hack at a Def Con session on Saturday. The recall involves a broad range of Dodge, Jeep, Ram and Chrysler cars and trucks produced between 2013 and 2015 that have radios vulnerable to hacking.
Related Links Cyberwar - Internet Security News - Systems and Policy Issues
|
|
| ||||||||||||||||||||
| The content herein, unless otherwise known to be public domain, are Copyright 1995-2014 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. Privacy Statement All images and articles appearing on Space Media Network have been edited or digitally altered in some way. Any requests to remove copyright material will be acted upon in a timely and appropriate manner. Any attempt to extort money from Space Media Network will be ignored and reported to Australian Law Enforcement Agencies as a potential case of financial fraud involving the use of a telephonic carriage device or postal service. |
del.icio.us
Digg
Reddit
Google
