Black Hat bans reporters over network hack
Published: 08 Aug 2008 12:02 BST
Three journalists for a French security magazine were kicked out of the Black Hat security conference in Las Vegas after they allegedly sniffed the press room computer network on Thursday.
The journalists work for Global Security Mag, which was a media sponsor of the event. Two of the men, Dominique Jouniot and Mauro Israel, could not be reached for comment.
The third, Marc Brami, director of the magazine, later told ZDNet.co.uk's sister site, CNET News.com, that he blamed Israel for the incident, which Brami described as "a joke". Brami said he did not know what Israel was up to until it was too late.
"It was a big mistake," Brami said via telephone. "[Israel] said it was a joke and that he didn't think it was important."
Organisers required the men to leave the conference, confiscated their badges, and barred them from Defcon, a sister security conference that runs over the weekend, and from all future events, a Black Hat representative said.
Asked to comment on his ban from the events over the incident, Brami said: "It's not good for my magazine, but also it is not so good for Black Hat... maybe they lost a good supporter. For us, it was like a joke."
The men were seen huddled over a table in the two press rooms for much of the day and took their computer to the Wall of Sheep (a project that monitors wireless network activity), asking them to display the alleged usernames and passwords of journalists.
The Wall of Sheep organisers refused to do that, saying they do not monitor the traffic of the press room. A reporter from TG Daily was standing nearby, took a photo of the screenshot, and wrote a short article about it.
CNET News.com was listed as one of the alleged victims, but the username and password displayed were inaccurate. A journalist from eWeek, on the other hand, confirmed that the username and password he used had been exposed.
Read this
Protect your mobile devices in any location
Forget the recent hype about about Chinese hackers — users and organisations should be securing mobile systems as a matter of course, so follow these tips to find out how
Asked why they allegedly sniffed the press-room network and attempted to embarrass other journalists, the French journalists said they wanted to educate the public about the privacy dangers of using public internet connections, the Black Hat representative said. They cited journalists working in China covering the Olympics, she added.
A security expert who works for Black Hat speculated that the men may have re-routed a protocol in the network switch and redirected the traffic through their machine in a classic man-in-the-middle attack.
Unlike the Wi-Fi network that the Wall of Sheep is monitoring, the closed, local area network the press room uses is considered a safe zone at the event, said Kurt Opsahl, a senior staff attorney at the Electronic Frontier Foundation.
While he couldn't comment on the legalities of the situation without knowing the specifics, Opsahl said it sounded like it could have been a violation of the federal wiretap statute.
"As a general rule, capturing the content of communications without the consent of any of the parties is illegal," he said.
"It's important to have press come here and be able to communicate securely with their home offices," Opsahl added. "It's just not good manners to try and crack into the press network."
Credit: Black Hat expels reporters in network snooping from CNET News
Did you find this article useful?
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
