http://www.fastcompany.com/blog/kit-eaton/technomix/defcon-computer-security-conference-scary-all-sorts-reasons By Kit Eaton Fast Company August 3, 2009 Computer security is a famously murky world that tends to generate alarmist headlines--like the ones about Apple's vulnerabilities from last week. Defcon 2009 has just finished, and lived up to this reputation in many, surprising, ways. We've rounded up some of the best worst most interesting bits of news. Closing Down the FAA Righter Kunkel, a computer security expert and pilot who spoke at the conference, delivered some very scary news to the FAA--and, indeed, to nervous fliers the world over. According to Kunkel, the FAA's network is extremely at risk from a denial of service attack. And, unlike some computer network vulnerabilities which require devious coding and clever implementations, it seems that gaining access to the FAA's is terrifyingly simple. Assume you're a hacker with malicious intent, you first have to get fake ID, and use that to get a flying-fitness medical certificate. With this, you'd obtain a student pilot's certificate number, and thus gain access to the FAA's flight plan submission system (a legal requirement for flights within the U.S.). Then, since you're now a trusted member, you issue such a deluge of fake flight plans that the system is overloaded and no longer working. Kunkel held back some of the details, of course--he has no wish to bring down the system and endanger lives. Instead, he hopes that the exploits he revealed that could serious damage flying operations in the country will get the FAA to perk up its network security. [...] __________________________ Subscribe to InfoSec News http://www.infosecnews.orgReceived on Mon Aug 03 2009 - 22:09:54 PDT
This archive was generated by hypermail 2.2.0 : Mon Aug 03 2009 - 22:21:51 PDT