Deb Shinder reports on two of the sessions from Black Hat 2011 -- insecure default settings in Mac OS X and Dan Kaminsky on online payment systems, including BitCoin.
The first day of BlackHat was a long and hectic one, and the biggest dilemma for anyone in attendance was choosing between all the interesting sessions that were going on at the same time.
Windows and Mac OS X
As I mentioned in this week's Microsoft InSights blog, this year's conference shows an ever-widening diversity of operating system focus. Whereas Windows vulnerabilities were once center stage, this year we have talks about hacking Mac iOS, Android, Google Chrome, etc. One of the first talks to kick off the morning was titled "Macs in the age of the APT," presented by Alex Stamos, Aaron Grattafiori, and Tom Daniels. APT, of course, stands for Advanced Persistent Threat. The talk compared Mac OS X to Windows and concluded that the default settings in OS X can allow easier hacking, and it's time for businesses that use Macs to get just as serious about security on those systems as they are with their Windows machines.
Dan Kaminsky on BitCoin and N00ter
Another interesting presentation came right after lunch in the form of Dan Kaminsky's "Black Ops of TCP/IP." Expectations were high, given Kaminsky's well-known revelations several years back about the vulnerability of DNS, on which the Internet relies for name resolution. The ongoing results of that crusade were evident at this year's conference, with founder Jeff Moss discussing the importance of DNSSec and signing your zones in his opening remarks on Wednesday.
This time, Kaminsky demonstrated the dangers of using online payment systems, in particular BitCoin, and showed how details of a transaction can be revealed with available tools. He also talked about the security -- or, rather the lack thereof -- of the typical home router/firewall, and showed how hackers can open up ports remotely using the Universal Plug and Play (UPnP) service. Finally, he talked about net neutrality and his new tool, N00ter, that detects and reports on violations of net neutrality rules.Related reading: