back to article Rogue reporters kicked out of conference for network snooping

Three rogue journalists were ejected from the Black Hat security conference after being accused of connecting monitoring tools to the press room computer network and sniffing reporters' passwords. The reporters worked for French-based Global Security Magazine, a Black Hat media sponsor. According to screenshots posted here, …


This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    And there's the rub ...

    I always enjoy Dan Goodin's articles, and now that Black Hat's on, it's like Christmas at El Reg ...

    Back on topic:

    Three days to set up a VPN (or indeed any encrypted secure communication or storage) is a problem! If it's going to achieve significant use, it needs to be a five minute operation - about where the frustration limit is for most users these days.

    Of course, compatibility is also vital, both for end points to connect to and paths to transmit through.

  2. Paul

    "educate the public"

    Ye. My arse. They wanted to show off about how l33t they were. How much public notice dose Blackhat get? Outside the tec/security comunity, who know these dangers all to well, Im guessing non.

  3. Gary


    Do on to you as you do on to others, nothing wrong with what the Journalists did it's all in line with the event, so what are they whining about? The Journalists shouldn't be tried under the laws, hope they slate the Black Hat events.

  4. Anonymous Coward
    Anonymous Coward

    3 days to configure OpenVPN

    How did you manage that?

  5. Colin Morris
    Paris Hilton

    3 days?

    I like the idea of OpenVPN, especially as a possible replacement for the proprietary Cisco VPN Client especially on Linux....

    ... But three days to configure? I hope it took so long because some tecchie at the Reg was being a buffoon....

    Paris would get the VPN config done in less than three days, surely?

  6. Marius Poenar

    Why the need to kick them out ?

    I mean, they could have just been warned, publicly - guys, no funny business on the press room network - and that's it...

    Why kick them out of an event for doing something in the spirit of the event, just not on the right network ?

  7. Mark

    re: "educate the public"

    Well I would agree this wouldn't educate the public except how incompetent even Black Hat conference organisers are and journalists of *tech publications* are about security.

    If the conference can't stop someone just surfing details off their network that should be unavailable to the snooper, then the **** Black Hat **** conference is not about security. Probably just a way to get an international jollie.

    And knowing that is damn useful to the public.

  8. Dunstan Vavasour

    Bad Form

    No, they absolutely should have been kicked out. If there is to be consensual network penetration, it is essential that the boundaries for that consensual activity are respected. Taking the activity outside the agreed zone fundamentally undermines the safeguards, and changes the activity from valuable "lab work" to something illegal.

  9. Mark

    Re: Bad Form

    You in health and safety by any chance, Dunstan? Your phraseology would indicate it...

  10. Anonymous Coward

    3 days to set up a VPN...

    I'm just guessing, but could it be that most of the time was spend setting up the server side of things? You know, the thingi-mah-jig (technical term) on the receiving end back at Vulture Central?

    Science bloke, because so few people know how to properly configure a thingi-mah-jig these days.

  11. Anonymous Coward

    Pot, Kettle, Blackhat... and @Mark Re: Bad Form

    @Mark: Actually, I think he works in S-M, from his phraseology.... shame the journos didn't have a "safe word".

    And yeh, you know? I don't think they should have thrown 'em out, I think they should have made 'em give an impropmptu talk on their findings.

  12. Adam Connelly

    RE: Bad Form

    I figure that the conference is called "Black Hat", so stuff like this should be expected. I don't think the organisers should have kicked the guys out since what they did was presumably in the spirit of the event.

    Whether they get charged or not depends on the police, I guess, and if they do - tough.

  13. Mark

    Re: Pot, Kettle, Blackhat... and @Mark Re: Bad Form

    Isn't that tautology?

    H&S == S&M


  14. The Other Steve

    DHCP server ? Meh!

    Why go to all that trouble when as any fule kno, by far the easiest way to sniff traffic on a wired ethernet switch is to have at it with a shed load of wonky arp packets ? *

    Hell, if you can spoof the gateway's MAC to FF:FF:FF:FF:FF:FF (or often times, just set the I/G bit high) you don't even have to forward the packets. You can only see the outbound traffic, but that's enough for capturing passwords in the clear)

    Bit noisy mind.

    Shit, maybe they just couldn't figure out the massively outdated dependencies to get dsniff to compile, journos eh ?

    What a terrible shock it must have been to the BlackHat attendees and organisers to discover that not everyone plays by the rules or accepts the boundaries laid down for them by others.

    OTOH bouncing them was the right thing to do, the last thing the BH organisers need is people committing actual crimes. It's the perfect excuse for the event to be shut down by the numerous law enforcement personnel lurking around the place.

    * Yes yes, there's ways to spot and mitigate this, but you have to reckon that any network configures thusly would also have noticed a fraudulent DHCP server.

  15. John Uhercik
    Black Helicopters

    Why all the Fuss?

    This is Black Hat, after all.... But I suppose it should be possible to set

    up the "off limits" parts of the network to deal with unauthorized devices

    connecting. Go ahead.. Use that username and password on that

    postit note on the monitor and see what happens.

    Security by booby trap works better than security by obscurity.

  16. Anonymous Coward
    Anonymous Coward

    Dont stick the postit note on the monitor

    All my important ones are in an old issue of Private Eye, underneath some old print-outs in the bottom draw of my desk. Page 72, "Eye Say" section.

  17. Bounty


    blackhat infered the wired network was safe. They were wrong, hence they are but hurt and kicked out the reporters. They should have secured their physical network. Why would you allow DHCP... from a client port? Hell they should have the reporters use an internal (to black hat) VPN with assigned usernames/passwords, MAC address filtering, port assignment etc. If you're going to break all the security(black hatters), you should be held to work within the crap-pile you've created.

    Don't think for a minute that the presenters at BH don't sniff, test and send non-standard packets to public computers! Dear god, even BH has an EULA now....

  18. heystoopid
    Paris Hilton


    Sounds more like a scam similar to that DGS use routinely in their home country !

  19. rick buck
    IT Angle

    Hackers Hacked..Who would have guessed?

    Hackers that expect others to play by (the) rules.

    Does'nt sound like that was in the spirit of the event!

    Perhaps they should have served worms at break!

This topic is closed for new posts.

Other stories you might like