Tangled Web Blog

Black Hat - Preparing for the Sessions

This year's Black Hat conference is considered to be the most popular to date, and tomorrow marks the first of two days of speaking sessions.

For those of you who participated in the Black Hat Challenge, you are aware that there are many sessions to choose from, and little time to see them all.

One of the most anticipated sessions is the Barnaby Jack ATM scams, which was mentioned in yesterday’s post.

But beyond ATM scams, there is a trend we’re seeing in sessions: mobile security. As I mentioned yesterday, IDC forecasted that the number of mobile workers will exceed one billion by the end of 2010. From a corporate perspective, enterprise network can be open to a number of vulnerabilities stemming from the use of a mobile device. From a consumer perspective, people can fall victim to various malware triggered by bugs in the device. For example, one of the anticipated Black Hat sessions will illustrate to attendees that the A5/1 encryption algorithm used by carriers such as T-Mobile and AT&T is weak and can be easily broken, something spies and security geeks alike have known for some time.

Jeff Moss, founder of Black Hat, explained that for many people, seeing is believing; unless people can literally see what’s possible when it comes to security threats and attacks, they won’t believe it. This specifically applies to corporate decision makers as they need to [visually] understand what is technically possible before they can make informed decisions regarding security.

But what it comes down to is this: no one can predict what the big news will be from Black Hat since there is always a wildcard, as Bob McMillan notes. With so many sessions in the queue and such an array of personalities in the same space, you can never quite tell what the news will be.