by Staff Writers
Las Vegas (AFP) July 28, 2012
A custom mobile phone network came to life in the middle of Def Con as hackers showed off their technology skills in tribute to the infamous gathering's elite "ninjas."
A Def Con team bought a telecom company van and configured a "Ninja Tel" cellular phone network to pay homage to longtime hackers who have kept the spirit of the event alive and, admittedly, just to do something "over the top."
"People don't realize how much hacking has changed," said Def Con veteran Dan Kaminsky, known for discovering a perilous Internet bug that bears his name.
"This used to be a sub-culture of people who bonded over their fascination with technology," he continued. "Now, hacking has gone mainstream.
"A mom hacks her kid's grade at school and Rupert Murdoch gets called out for hacking."
The Ninja Tel team built 650 handsets powered by Google-backed Android software tailored to synch with the exclusive Ninja Tel network.
The smartphones were handed out as "badges" to members of the Def Con community whose hacker accomplishments or whose legacies in the 20-year-old annual gathering have earned them "ninja" status.
"The ninjas represent a group of phenomenally intelligent people who share a common interest and passion," said John Hering, head of Lookout Mobile security startup and part of the team behind Ninja Tel.
"They are a center point for the community at Def Con; it is a very special thing."
Ninja Tel mobile phones only work within range of the van, which is parked in the middle of the Def Con event that continues through Sunday in the Rio Hotel and Casino in Las Vegas.
Contact numbers for anyone with a Ninja Tel phone are automatically listed in handsets, which also allow callers to playfully battle one another with virtual karate moves in a spin on the child's game Rock, Paper, Scissor.
Ninja Tel has a geek "Easter egg" -- the woman who was the original voice for recorded AT&T information messages during landline days of decades gone by did the voice-overs for the hacker network.
"It really is a throwback to a more simplistic era of telephony," Hering said. "It looks like the Yellow Pages, but it is a really sophisticated Android operating system."
Ninja Tel phones could also be used to signal vending machines scattered about Def Con to pop out free beer or soda using wireless technology at close range.
"We've made it hackable from the ground up," Hering said of the handsets.
"You can build your own apps and customize the device to do some more interesting things."
The team at Ninja Tel declined to reveal how much was spent on the project, which was pulled off with the backing of Facebook, Zynga, Qualcomm, and Lookout.
"It's a pretty ambitious project to build your own Telco, effectively, and your own device from scratch," Hering said.
The hacker mobile network came as the sun set on a Def Con tradition, the exclusive annual party hosted by Ninja Networks.
Ninja Networks is rooted in the original hackers whose time at Def Con dates back decades to when it was an intimate assembly of technology renegades.
Kaminsky smiled at the notion of Ninja Tel, seeing it as hackers "social engineering" major companies into buying them a mobile phone network.
"There are many definitions of the word 'hacking,' " Kaminsky said. "This is hacking on a corporate scale."
Def Con hackers reach for digital wallets
Smartphones at the heart of modern lifestyles are becoming top targets for cyber attacks, according to security specialists and hackers who flocked to Las Vegas this week for back-to-back Def Con and Black Hat conferences.
"We are entering a post-PC (personal computer) exploitation world," said researcher Stephen Ridley of Xipiter, where his team uncovered that the same types of attacks that plague desktop computers can be turned on mobile gadgets.
"I think phones are going to be the only thing people are interested in popping in the next five years or so," he concluded, saying hacker attention is shifting to the always-on, personal data rich devices in people's pockets.
Along with contact information for friends and logs of activities such as Internet surfing, smartphones typically have location-sensing capabilities that track where they have been.
Using smartphones as "wallets" will be common within a decade, largely replacing cash and credit cards, according to a Pew Research survey released in April.
Sixty-five percent of "technology stakeholders and critics" who responded to an opt-in poll by Pew Research and Elon University Imagining the Internet Center agreed that handheld gadgets would be a mainstream way to pay by the year 2020.
"What is in your wallet now? Identification, payment, and personal items," Google chief economist Hal Varian was quoted as saying in a survey response. "All this will easily fit in your mobile device and will inevitably do so."
Google last year launched a "Wallet" service that lets sophisticated Android-powered mobile phones be used to "tap and pay" for purchases at shops.
Blackwing Intelligence security researcher Eddie Lee showed Def Con attendees how to how to use an Android-powered smartphone to pick up the data from a credit card and then used the swiped information for digital wallet purchases.
"You can start spending on someone's credit card; basically you can use it the way you use Google Wallet," Lee said while demonstrating his technique for a packed room of hackers.
"We've know for a long time you can skim RFID credit cards," he said. "This lets you abuse that information and spend on those cards. Maybe this will give the credit card companies an incentive to fix the things in my wallet."
He theorized the tactic could work on other cards, such as those for metro system fares or building access.
Accuvant computer security firm consultant and former National Security Agency analyst Charlie Miller showed Def Con attendees a way to slip into smartphones by getting a sensor close enough to read signals from NFC chips.
In some cases, it is even possible to take over control of a phone via NFC -- stealing photos and contact lists, and sending text messages or make phone calls, according to Miller's presentation.
"You're supposed to be paying for stuff and scanning movie posters with your smartphone, but be aware that this is another way that bad guys can attack your phone," Miller told AFP.
He showed that if he could briefly get an antennae device easily concealed in a sticker near enough to a phone at an opportune moment, it can open a virtual door that a hacker could slip in through.
He contended it would be simple to discreetly affix an innocuous-looking sticker near a digital wallet touchpad at a store checkout counter and then linger nearby and hack phones of buyers.
"It will pair with my machine and I can control the phone," Miller said.
"A bad guy can use that moment of talking to your phone to steal data," he continued. "NFC is cool, convenient and fun; I'm just trying to say let's pay attention to the security implications."
NFC or RFID technology used to share data with nearby sensors is used in smartphones, credit cards, and even passports.
Cyberwar - Internet Security News - Systems and Policy Issues
Comment on this article via your Facebook, Yahoo, AOL, Hotmail login.
Cyber defenders urged to go on the offense
Las Vegas (AFP) July 25, 2012
Computer security champions on Wednesday were urged to hunt down and eliminate hackers, spies, terrorists and other online evildoers to prevent devastating Internet Age attacks. The first day of briefings at a prestigious Black Hat computer security gathering here opened with a former FBI cyber crime unit chief calling for a shift from defense to offense when it comes to protecting networks. ... read more
|The content herein, unless otherwise known to be public domain, are Copyright 1995-2012 - Space Media Network. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA Portal Reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. Advertising does not imply endorsement,agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. Privacy Statement|