Computer and ATM security
- BELOW IS FROM A HACKER CONVENTION:
The Internet has become "crime ridden slums," said Phil Zimmermann, a
well-known cryptographer who spoke at the conference. Hackers and the
computer security experts who make a living on tripping up systems
say security would be better if people were less lazy.
To make their point, they pilfered Internet passwords from convention
Anyone naive enough to access the Internet through the hotel's
unsecured wireless system could see their name and part of their
passwords scrolling across a huge public screen.
It was dubbed the "The Wall of Sheep."
Among the exposed sheep were an engineer from Cisco Systems Inc.,
multiple employees from Apple Computer Inc.. and a Harvard professor.
An annual highlight of the conference is the "Meet the Feds" panel,
which this year included representatives from the FBI, NSA, and the
Treasury and Defense departments. Morris and other panel members said
they would love to hire the "best and brightest" hackers but
cautioned that the offer wouldn't be extended to lawbreakers.
Some federal agents were indeed taking careful notes, though, when
researcher Michael Lynn set the tone for the conference by
publicizing earlier in the week a vulnerability in Cisco routers that
he said could allow hackers to virtually shut down the Internet.
Lynn and other researchers at Internet Security Systems had
discovered a way of exploiting a Cisco software vulnerability in
order to seize control of a router. That flaw was patched in April,
but Lynn showed that Cisco hadn't quite finished the repair job--that
the same technique could be used to exploit other vulnerabilities in
Many at the conference praised Lynn.
"We're never going to secure the Net if we don't air and criticize
vulnerabilities," said David Cowan, a managing partner at venture
capital firm Bessemer Venture Partners.
And the vulnerabilities are plenty.
During his session on ATM machines, Morris said thieves have been
able to dupe people out of their bank cards and passwords by changing
the software in old ATM machines bought off eBay for as little as
$1,000 and placing the machines out in public venues.