[ISN] Defcon 12's Fear and Hacking in Vegas

InfoSec News isn at c4i.org
Fri Aug 6 08:18:02 EDT 2004


By Humphrey Cheung 
August 2, 2004 

The 12th annual Defcon hacker convention was held at the Alexis Park
Hotel in Las Vegas Nevada. For three days, hackers exchanged ideas,
presented new and sometimes scary information and partied hard. More
than a hundred speakers gave dozens of talks on computer security,
hacking and privacy issues.

For a mere $80 attendees received access to the talks, contests and
the after-hours parties. In this article we will cover some of the
more interesting contests and give you an overall feel for the
convention so that you can decide whether you want to attend next
year. Three download videos are included.

Wall Of Sheep

The Wall of Sheep is a projector screen that displays captured
usernames and passwords. The Wall, which originally was named as the
Wall of Shame, is a time-honored tradition at Defcon where a loose
knit group of people continuously sniffs the network for any plaintext
usernames and passwords on the wired and wireless networks. Since this
is a hacker convention, attendees using the Defcon network should
protect their logins by using VPN, SSH or other encryption technology.  
Some attendees apparently didn't get the message.

In the first few years, the usernames and passwords were written on
paper plates and then taped to the wall. As the number of passwords
found grew, a better solution had to be found. A computer security
engineer, named "Riverside", wrote the Wall of Sheep software from
scratch. He also was one of the original people who started the Wall.  
The usernames and passwords cycle up and down so people can see all
the information gathered since the start of the convention. In
addition only the first three characters of the password are shown in
order to protect the privacy of the user.

Riverside said that some people have been so ignorant in using the
wireless at Defcon. He gave several examples of people who had their
passwords intercepted, who then tried to change their passwords on the
same insecure network, only to have the information intercepted again!  
Riverside examines all the new attacks at Defcon and then implements a
defense at his daytime job.

About 200-500 passwords are found every year at Defcon. The typical
passwords are email, FTP and other login passwords.

This year, someone was dumb enough to email their tax returns in .PDF
format at the convention. This traffic was immediately intercepted and
the above humorous message was displayed on the projector. Also
another person was emailing people asking how to get a fake ID. This
was also intercepted and displayed. I have blacked out some
identifying information to protect the users' privacy. [an error
occurred while processing this directive]

As Riverside explains, "The Wall has shown people the importance of
using encryption, not just at Defcon but in all network traffic. I
have had security experts who have attended Black Hat, SANS and other
conventions thank me for showing them how vulnerable their traffic


More information about the ISN mailing list