I am on the plane killing time and just thought I would put together some thoughts going through my mind as I transition from DefCon mentality to SES.
First of all if any of you don’t know what DefCon is you should check it out. Basically its a world class hacker convention every year in Las Vegas. Its also something that is taken extremely seriously in the security world. Every networking player is here and every branch of government that has anything to do with computer security is represented. Department of Justice, Homeland Security, Department of Defense, CIA, FBI… Defcon is no joke.
Another thing about Defcon – its been kicked out of every hotel its ever been held at. I guess bad things happen when the world’s best hackers come together. I talked to one of the pit bosses at the Riviera Casino (conference host) and he said they had 3 separate meetings with law enforcement agencies about what has happened with previous defcons and how to protect themselves from hackers at this one. He said they implemented a separate IDS just to look for suspicious activity on the network (he didn’t actually say IDS but rather a “computer on the network to watch for hacker activity- I take that to mean an IDS).
I kept thinking about how totally different this is then a search engine conference. At Defcon you see all these people running around with shirts that proudly say “Blackhat” and also say “Death to white hats”.
I am new to the SES and Pubcon conference so like the first time I ever went I fired up ethereal to see what was going on the open wifi. Within seconds I had recorded over 400 passwords for smtp, aim, msn and various web form data and it was not like from stupid newbie users. It was from Google employees and Yahoo and Microsoft. Also I had aim conversations recorded. I of course deleted the data right away.
Then At SES in NYC 6 months later I was telling David Naylor about this. He was kind of surprised so I said here I will show you. We sat down on the open WIFI at New York SES and recorded 10 minutes worth of traffic. In that time there was so much unencrypted data captured on my computer that it auto-shut off cause my laptop only had FORTY GIGS OF FREE SPACE AVAILABLE… funny eh? Again I deleted everyone’s info I had captured right away.
Now check this out – at defcon they have this “wall of sheep” where they actually post in real time peoples passwords and info that were to stupid not to use a encrypted web session to there mail and web.
Well I am about to land in San Jose and I look forward to seeing you all there and I am sure they will have free internet but please keep security in mind when your using the shared public wifi at the conference. Remember everyone can see what your doing. Esp. if a lame out of date h4×0r like me can.
P.S. This is not a knock on SES or Pubcon open wifi what so ever. You are responsible for your security on the internet. This is the same thing as if you jump on a public hotspot or a hotel room wifi.
- Comment Likes 
- Comment Dislikes
October 19, 2008 at 6:50 pm
The hacker is amazing in terms of what he is in the modern digital format. There really has never been a person in history that can come and go so freely while still having access to so much vital information.
October 19, 2008 at 6:21 am
you are a real conference and expo guy.
March 23, 2008 at 11:50 pm
bad things are bound to happen when the top hackers in the world come together. government agencies must and should take them seriously
March 17, 2008 at 8:40 pm
Connecting to a VPN, your company’s or your own, first would pretty much take care most of the issues mentioned above.
Disabling your internet aware apps to automatically login/sign-in once a connection is available would also be a good idea.
March 11, 2008 at 5:33 pm
Public Wifi connections are starting to get dangerous everyday. One of your simple mistake can cause a hacked mail account, which will give you pretty much of headache.
February 2, 2008 at 5:55 pm
This is not good. E-mailing with so much security issues is too dangerous.
January 25, 2008 at 1:12 pm
First time visiting your blog and the first time hearing anything about this. I am glad for both.
January 21, 2008 at 5:05 am
the dumbass system admins that manage those unsecured email system should be killed
January 21, 2008 at 5:02 am
just be careful. don’t login unless u know the web session is secure. also, take a look around. if you see shoe there on his laptop… he might be capturing wifi traffic.
January 21, 2008 at 4:58 am
don’t enable file sharing
January 21, 2008 at 4:54 am
look for the padlock icon in the corner of your browser. if you dont see the icon, then the web session is not encrypted
January 21, 2008 at 4:53 am
it’s not as easy as it sounds to grab passwords. most web sessions are encrypted. u can probably learn more on wikipedia
December 27, 2007 at 9:04 am
I will go next year if my finance allows
December 20, 2007 at 11:54 am
That defcon thing sounds awesome! I want to go.
December 17, 2007 at 7:11 pm
the wall of sheep/shame should be put into all conferences IMHO
passing plaintext passwords (normally to access email systems) should be KILL’d
the only comment I have is that now more and more Wifi providers traffic shape the SSL connections so the speed slow’s down
regards
John Jones
http://www.johnjones.me.uk
December 13, 2007 at 2:33 am
I still don’t dare to use wifi. To many people get it and don’t think about the risks.
December 10, 2007 at 7:16 am
Pipbiz Software for optimizing your P C.
Have you ever had The feeling your P C has given up, getting old,getting slower. It happens to all us HUMANS
But there really is no need for it to Happen to your computer. Inexpensive software to optimize your P C, Making it feel like new again. All TRY BEFORE BUY down loadable. All the best names in optimization software.
Give your P C a boost, and cheer your self up too!!
Pipbiz offers Optimization Software
December 10, 2007 at 7:15 am
http://www.optimize-pc.pipbiz.com
October 17, 2007 at 12:15 pm
Great post, I think I’m going to be attending the next one. I missed this years too bad
October 17, 2007 at 12:14 pm
Well thats true, but theirs alot of great information you can get from going to these conferences, not to mention the goodies
October 17, 2007 at 12:14 pm
Hah, after reading that…He actually does!
September 19, 2007 at 1:29 am
For the folks who could not make it and also for you (since you couldn’t possibly see all sessions yourself either, unless you are able to split yourself up into 5 shoemoneys hehe)…
I posted ALL!! 125 session and panel video recordings from DefCon 15 up on the web and as a little bonus did I throw in a link to download the CD-Rom ISOs from the last five DefCons with tools, PDFs and PowerPoints on it as well.
Enjoy!
September 9, 2007 at 7:41 am
“It was from Google employees and Yahoo and Microsoft.”
hehe
Most of the time there’s little you can do – if the site you’re visiting doesn’t use SSL, you’ve no choice but to either deal with plaintext details being sent, or not login. This isn’t usually an issue at home (since you’re the only one on your network – or so you should be) but in something like a conference with a shared connection it’s obviously a problem!!
September 7, 2006 at 1:14 pm
Any time you install any kind of wireless device make sure you have all the security settings correct, this includes but not limited to, changing the SSID, master password, master login name, enabling WEP or WAP, using MAC filter, along with a good software firewall.
August 10, 2006 at 9:58 am
I didn’t know you were coming to DefCon. You should have dropped me a line, I would have introduced you to some people you’d probably like to know. Next time.
August 10, 2006 at 8:53 am
Yeah! Funny. Thanks!
August 10, 2006 at 6:49 am
Defcon and SES… those are the two conferences I most wish to attend.
Good comments on the security issues – they are issues which are generally not taken serioiusly enough among the webmaster community. Having done some security ‘research’ in the last couple of years, I cannot stress how much information is transmitted open to anyone, especially in this day and age of wifi communications.
To the anon with the comment about script kiddies, well, why not? If the work has already been done, I don’t see the problem with taking advantage of it. I write some scripts myself, although I don’t often make them publicly available. Also, most professional security analysts use tools and scripts themselves – why always reinvent the wheel?
Also, the fact that many ‘hackers’ are no more than script kiddies in no way minimizes the danger, as you seem to imply by the way you write them off. Many hackers do it for personal interest, and community prestige and esteem. Most script kiddies do it because they are immature and destructive. Generally, if they get ahold of your data, script kiddies are more likely to act destructively with it than an honest-to-goodness hacker.
At any rate, good job bringing this issue up Shoe – people definately need to be more aware of this at conferences. There is alot to lose!
August 9, 2006 at 7:57 pm
Script kiddies and their toys..
blah.
August 8, 2006 at 6:44 pm
Shared hosting is the same thing. It scares me to think of all the passwords that are accessable. Most hosting accounts are wide open to intrusion.
August 7, 2006 at 7:18 pm
You look very drunk in your defcon pics.
August 7, 2006 at 4:33 pm
To the vast array of people wondering how to protect them selves on a public network.
here’s a few google links that I think will assist you.
ssh tunneling information running a ssh server on windows ssh key authentication
Personally I use a ssh tunnel when ever I’m away from the home connection.
August 7, 2006 at 3:36 pm
Haha, Naylor mentioned that story on his radio show recently but wouldn’t name the h4×0r d00d who showed him that, I had a feeling it was you!
August 7, 2006 at 1:48 pm
hah!
August 7, 2006 at 10:33 am
So how can you protect yourself on a public WiFi network?
August 7, 2006 at 10:33 am
you travel places man!! nice..
August 7, 2006 at 5:21 am
would be nice to know how to protect urself over wifi
August 7, 2006 at 4:04 am
I don’t get the 40gig of traffic in 10 mins bit – even if you got the full throughput of 54g then wouldn’t it take like 1.5 hours to transfer that much?
August 7, 2006 at 3:32 am
yes please do tell about the best way to protect a wifi connection from problems like this, is that some kind of software i need to be safe? thanks shoe
August 7, 2006 at 3:08 am
Just make sure you use ssl for your email and important web pages.
Beeing a SES conference I wouldn’t expect that everyone knows how to setup a secure tunnel back to their main machines. Probably the wifi providers could implements some security messures about this.
August 7, 2006 at 2:32 am
shamu – shhh
August 7, 2006 at 1:16 am
Shoemoney you have an interesting life. I would love to travel like you do. I am not much into security, but I do get around in unix and linux. Is pubcon open to the public? Funny how SES had so many insecure notebooks… Good thing to know when I go to Chicago!
August 6, 2006 at 8:11 pm
Haha, interesting post – sounds like fun!
August 6, 2006 at 8:10 pm
What is the best way to ensure your connection is encrypted when you are using public wifi?
August 6, 2006 at 7:32 pm
Wow, I never knew how easy it was to grab people’s passwords and information over WIFI. You said something about “encrypted web session” is there a place where a newbie like myself could go to start learning about protecting my information?
November 17, 2008 at 8:35 pm
If you do a search for “The Broken” The first episode of their website goes into detail about WiFi security. Its as awesome as it is scary.