Last weekend saw me once again attending the annual Defcon computer security conference in Las Vegas. The conference's 8,000 or so attendees, who came from all around the globe, were made up of the normal groups of hackers, crackers, feds and wannabes. As usual, almost every three- or four-letter U.S. federal agency was represented, along with all branches of the military and major computer-oriented corporations. Once again, I found myself surrounded by the smartest computer people in the world.
I came away from the conference with many stories to tell, and I will devote the next three or four of the newspaper columns that I write to tell them.
This week, I'll explain how the Defcon Wall of Sheep busted my e-mail account. Yes, you read that right, I got hacked, though it's not as bad as it sounds; I did it on purpose, eyes wide open.
Defcon provides a number of wireless networks for use by conference attendees. These are open, unsecured wireless networks that do not require a password or "key" to use, just like the wireless networks that you will find at IHOP or La Baguette. Anyone within range can connect to these networks, and connect they do, surfing Web sites and engaging in one of Defcon's most risky activities: checking e-mail. The working phrase is "caveat emptor," for the Defcon wireless networks are widely regarded as among the most hostile in the world.
One of the giant rooms used by Defcon has a number of tables setup at one end. The tables are filled with computers and other interesting pieces of electronic gear. On one of the tables sits a projector connected to a computer, which displays a huge screen on one of the walls. This is the Wall of Sheep, on which appear the user names, partially obscured passwords and type of Internet activity of people who get busted. Wall of Sheep volunteers are constantly monitoring and analyzing activity, or "traffic," on the wireless networks. They are, in their own words, "looking for evidence of users logging into e-mail, Web sites, or other network services without the protection of encryption. Those we find get put on the Wall of Sheep as a good-natured reminder that a malicious person could do the same thing we did... with far less friendly consequences."
I visited the Wall of Sheep area and asked if I could do a test of their system. I discussed what I wanted to do with a helpful fellow who told me to go ahead, if I dared. I retrieved my laptop computer from my hotel room, returned to the Wall of Sheep area and engaged in one of Defcon's most dangerous activities: I checked my e-mail using the default security settings in Microsoft Outlook.
The helpful fellow told me that it would take some time to analyze all of the network traffic that they were monitoring, and that I should return after an hour or so to check the results. I left the area, and went to a security seminar.
Later, I returned to the Wall of Sheep to see if I had been caught. User name after password after activity type slowly scrolled up and down the projection on the wall. "Holy ****," I cried out, after a minute or two of viewing. "There I am." I started laughing.
Sure enough, there was my e-mail address (same as my user name) and the first three characters of my password, with the rest of the password obscured. The helpful fellow who I'd met before was still there. He looked up at me with a sly, all-knowing grin. "Would you like to be removed from the Wall of Sheep?" he asked. "Yes sir, please, if wouldn't mind," I replied. A few keystrokes later, my entry on the Wall of Sheep was obscured enough to where you couldn't tell what it had said before.
We then had a nice discussion about e-mail security, which ended with him saying, "You know, our group isn't going to do anything with what we find, other than project it on a wall. However, there are a lot of scary people at Defcon who are analyzing the same traffic that we are, and they won't hesitate to use your user name and password to mess with your life. If you can, you might want to call someone at a remote location and have that person change your password. That is, if it's not too late."
Gulp. I returned to my hotel room, called my daughter back in Oklahoma, had her login to my hosting account (which, fortunately, uses a different password than my e-mail) and change my e-mail password. God was smiling on me, or maybe, laughing at me. No, He was laughing with me, not at me; yeah, sure, that was it. Somehow, I had stayed one step ahead of the bad guys, just barely.
Next week, I'll explain why I ended up on the Defcon Wall of Sheep, and how you can better secure your e-mail connections.
Dave Moore has been repairing computers in Norman since 1984, when he borrowed $1,200 to buy a Commodore 64 system. He can be reached at 919-9901 or www.davemoorecomputers.com.
Local Business
August 16, 2008
Busted by Defcon's Wall of Sheep
- Local Business
-
-
Review: Apple's iPad not just a bigger iPod Touch
SAN FRANCISCO -- After just an hour with an iPad, I came away with a preliminary verdict: Despite some flaws, this is one slick device.
Steve Jobs intrigued me in his slow, showman-like presentation Wednesday when he said the $499-and-up iPad is "so much more intimate than a laptop and so much more capable than a smart phone. -
People in business
Allyson Crank has been named employee of the month at First State Bank's Noble location.
Crank, loan operations assistant/loan teller since June 2008, joined the bank's staff in 2007. A Noble High School graduate, she studied mathematics while attending the University of Oklahoma. -
Norman lawyer goes to the doghouse with beef jerky
Norman lawyer and small business owner Dave Stockwell has been making private label beef jerky for years.
He started off in his garage, but his passion for smoking and curing round steak has led to the occupation of a commercial facility in the Oklahoma City metro area. - Moore passes $2M tax rebate for Target The City of Moore's Economic Development Authority voted unanimously Monday evening to approve a sales tax rebate to Target Corporation, who wants to build a 135,000-square-foot retail store on SW 19th Street west of Fritts Boulevard in Moore.
-
Me? An idiot? Finance titles to raise your IQ
Once you get past the hesitancy of buying a book written for dummies or idiots, you can get some very practical information out of the titles in these series.
Penguin Publishers, provider of The Complete Idiot's Guide series, has dozens of business and personal finance titles. - Claim your e-mail privacy Have you ever read a message on a postcard that was not addressed to you? It was right there, in the open, so, how could it have been avoided? Maybe, at least once in your life, you've held an envelope up to the light, hoping to read its contents.
-
County real estate
Real estate sales of $100,000 and above, as recorded by the office of Cleveland County Clerk, Tammy Howard.
Feb. 8-12
Lot 7, Block 5, Briarwood Creek, $165,000. Buyer, Jason and Lorie Wenger. Seller, Scott and Dawn Hubbard. - Chamber of Commerce, Norman NEXT to co-host candidate forum Feb. 24 The Norman Chamber of Commerce Get Out The Vote Committee and Norman NEXT, Norman's young professionals organization, have announced plans to co-host a candidate forum for the mayoral and city council candidates.
- People in business Michael Mohr, owner of Mohr Construction LLC, has completed the required EPA certified training class in the Renovation, Repair and Painting rules that go into effect April, 2010, dealing with lead base paint removal and handling in buildings built prior to 1978.
-
People in business
DeBee Gilchrist recently announced that Blaine M. Peterson, Norman, has been named a shareholder of the firm.
Peterson's practice encompasses a broad range of business matters, including tax planning and controversies, comprehensive estate planning and business valuation. - More Local Business Headlines
-
Review: Apple's iPad not just a bigger iPod Touch
SAN FRANCISCO -- After just an hour with an iPad, I came away with a preliminary verdict: Despite some flaws, this is one slick device.
Johnson: Don't Blame Islam or UK Policy
Raw: 80-Year-Old Climbs Mount Everest
Wash. State Man Arrested Following Ricin Scare
Chain-Reaction School Bus Crash Injures About 50
Raw: Scuffles in London After Hacking Death
Texas Students Coach Teachers on Fitness
New Forecasting Tool Eyed for Hurricane Season
Meet MJ, the Bike Riding Tabby Cat
Britain Attack Believed Linked to Radical Islam
Raw: Kevin Durant Tours Moore After $1M Pledge
Man Shot While Questioned in Boston Probe
Weiner Launches Bid to Become NYC Mayor
Okla. Teens Get Video of Deadly Tornado Overhead
School Storm Protection Spotty in Tornado Zones
9-year-old Tornado Victim Loved Family, Singing
Moore Native Toby Keith Tours Tornado Damage
Oklahoma Survivors, Heroes Survey Damage
Raw: Aftermath of Deadly Attack in London
Paperless Scanner, Vision of the Future
