Feeds

Black Hat draws world hacking gang – and Apple – to Sin City

New faces, and a few old ones

Secure remote control for conventional and virtual desktops

Black Hat 2012 The 2012 Black Hat conference is kicking off in Las Vegas, and this year's session will see Apple presenting for the first time, as well as a reunion of some of the team behind the first briefings 15 years ago.

Black Hat, and the associated DefCon sessions which follows it, is probably the largest collection of hardcore computer security experts on the planet, and features the latest updates on hacking opportunities and serious vulnerabilities. Nearly 10,000 people are expected to attend and share or use the knowledge gleaned to protect – or crack – systems.

While Apple has had security staff among the attendees for many years, the company has never actually made a presentation until this year. The recent spate of attacks on its products, however, appears to have engendered a new awareness that it can't go it alone – and so the delightfully named Dallas De Atley, manager of the platform security team at Apple, will deliver a talk on iOS security.

Microsoft recognized the importance of Black Hat relatively early, and has been sending staff since the late 1990s, although Redmond's problems with security make Apple's recent public failings look like a mere flea bite by comparison. A session on Windows 8 vulnerabilities is scheduled that should prove both enlightening and worrying for Redmond – given we're getting close to the launch of the new OS.

There's also a reunion of some of the first Black Hat attendees. Jeff Moss, who started the conference before selling it, will join a panel with security guru Bruce Schneier, Adam Shostack, Marcus Ranum, and Jennifer Granick. The talk, entitled "Smashing the future for fun and profit", will look at how things have developed in the last decade and a half, as well as considering what the next hot targets will be.

Another regular, Dan Kaminsky, will also be addressing the crowds on the latest naughtiness he's proved possible. Kaminsky, who was instrumental in proving the need for and implementing DNSSEC as well as fixing SSL, is fast becoming one of the regulars at the show after deciding to go totally legitimate because, as he told us in 2010, he "didn't want his mother to have to visit him in prison."

While Black Hat is always informative, it also engenders a certain level of risk. Already someone has sent out a bogus password reset email to some attendees, and cracking the organizers is something many of the more mischievous attendees try – and anyone attending the show, including your Reg reporter, is considered fair game.

This year the organizers have warned attendees to avoid using Wi-Fi or other radio connections in the conference venue, steer clear of ATM machines (after a bogus one was set up near the venue in 2009), shield RFID-equipped cards and passports, and advises that all passwords are changed after the show.

"Wear a tinfoil hat," the advisory email states. "OK, kidding about this one ... although I do see one every show." ®

New hybrid storage solutions

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.