http://www.tgdaily.com/content/view/38834/108/ By Humphrey Cheung Security - TGDaily.com August 11, 2008 Las Vegas (NV) - Smartphones are great for texting and surfing the web, but many of those applications have absolutely no security according to security researchers at the recently completed Defcon computer security conference. Volunteers at the Wall of Sheep told TG Daily that mobile application developers are emphasizing usability over security. They add that many secure desktop applications become unsecure when ported over to the smartphone environment. The Wall of Sheep team has 10 core people and approximately two to three times as many "floaters", curious people who drop in to help out. Using open source tools like ettercap, Wireshark and the BackTrack distribution, the team sniffs network traffic and posts login information (partially obscured) on a projector for all to see. Team members told us that many new volunteers often start laughing and "cracking up" when they capture their first passwords. "They think we're running complicated tools, but it's really easy," team member "Cedox" told us. Perhaps the most embarrassing "ownage" was Mr. Joseph Simon who had his credit card and other personal identifying information captured by the team. The posting of login information isn't done with malicious intent and is meant to improve security awareness amongst the attendees and the team will remove login names upon request. At least ten people took advantage of that "service" at Defcon. In fact, so many people asked to be de-listed that team members fashioned up a crude table-top sign advertising the fact. [...] __________________________________________________ Visit Defcon Pics - Defcon Memory Repository http://www.defconpics.orgReceived on Tue Aug 12 2008 - 12:24:37 PDT
This archive was generated by hypermail 2.2.0 : Tue Aug 12 2008 - 12:38:19 PDT