Information Security News mailing list archives
Re: Hacking Black Hat
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 7 Sep 2006 01:27:06 -0500 (CDT)
Forwarded from: Jeff Moss <jmoss (at) blackhat.com> At 11:07 PM 9/5/2006, you wrote:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9003000 By Ira Winkler September 05, 2006 Computerworld
Snip
Unfortunately, the Black Hat conference's review process for evaluating new hacks doesn't seem to match the stringency of its paperwork requirements for nonhacking sessions. With such a flaw in the system, faked Black Hat demos are all but inevitable. Maybe we should give these would-be hackers credit: They might not have hacked Apple or Cisco, but they did hack Black Hat.
Ira, Sorry to rain on your pre-conceived notions, but we sent a reviewer, Dominique Brezinski, to evaluate their talk. Dominique got a private version of the talk where the exploit(s) were demonstrated live. We put more effort into validating their presentation, not less. If the demonstration could have been done live without the chance of people capturing the packet stream and the exploit getting out 5 minutes after the demo, it would have. Can you imagine those headlines? Black Hat put the researchers in contact with Apple and hosted a meeting with the Cisco security people who were at the conference. Why do you think it was faked? You were not even there. You could always have called me to check your facts, though. Jeff Moss _________________________________ HITBSecConf2006 - Malaysia The largest network security event in Asia 32 internationally renowned speakers 7 tracks of hands-on technical training sessions. Register now: http://conference.hitb.org/hitbsecconf2006kl/
Current thread:
- Hacking Black Hat InfoSec News (Sep 05)
- <Possible follow-ups>
- Re: Hacking Black Hat InfoSec News (Sep 06)
- Re: Hacking Black Hat InfoSec News (Sep 06)
- Re: Hacking Black Hat InfoSec News (Sep 08)