http://blog.tenablesecurity.com/2008/08/hacker-court-20.html By Carole Fennelly August 21, 2008 Another Black Hat conference for the record books! It.s traditional for me to have a panic attack on the eve of Black Hat, trying to pull the Hacker Court team together to work on our presentation ("Hack MyFace") and swearing I'm never doing this again. This year was even worse: the defendant, Simple Nomad, and the judge, Richard Salgado, both had to cancel at the last minute. We still had to work out evidence details (as Simple Nomad once pointed out, it would be easier to actually hack into a system than generate fake evidence) and now had to find replacement players. Richard Salgado noted that "anyone can be a judge", but who could fill Simple Nomad's stylish boots? Fortunately, fellow NMRC member and Hacker Court veteran, Weasel, came to the rescue to play "Simpl Gnomad", complete with bathrobe, and sunglasses. Hacker Court co-founder, Jonathan Klein, stepped in as a very intimidating Judge. This case hinged on the fact that the defendant , responding to a journalist's inquiry, used a zero-day exploit to hack into a presumed social networking site, "MyFace" with the encouragement of the site's owner, Mudge, who was really a Secret Service Agent investigating social networking exploits. The site was actually a Virtual Machine (VM) on a server that housed other case VMs (agency budget cut-backs). The defendant not only compromised the security of the "MyFace" site but also broke out of "MyFace" and obtained information about sensitive on-going investigations. [...] __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/Received on Thu Aug 21 2008 - 22:07:25 PDT
This archive was generated by hypermail 2.2.0 : Thu Aug 21 2008 - 22:16:12 PDT