[ISN] Qld cops denounce 'ethical hacking'

From: InfoSec News <alerts_at_private>
Date: Wed, 18 May 2011 03:48:34 -0500 (CDT)

By Stilgherrian
May 18th, 2011 

Police have spoken out strongly against so-called "ethical hacking" in 
the wake of yesterday's demonstration of a Facebook privacy hack at the 
BSides Australia conference being held in parallel to the AusCERT 2011 
information security conference. The incident has already seen a 
journalist arrested and his iPad seized.

"I think cultures have built up where hacking, in the past, has been a 
part of a competition, and you have black hat conferences around the 
world. The technical reality is that on those occasions crimes may well 
have been committed," said Detective Superintendent Brian Hay, head of 
the Fraud and Corporate Crime Group of the Queensland Police Service.

"It's probably quite sad, really, that we may have people out there that 
think it's their right to just go in, and it's a game, and it's not 
serious. The reality is, the online environment is now an extension of 
our real community, and if we go into that environment we have 
responsibilities to behave in a certain manner and not break the laws, 
just as we would walking down the street of our local neighbourhood."

In yesterday's demonstration, Christian Heinrich had shown how he 
obtained from Facebook photographs of security contractor Chris Gatford 
and his family, including a child. His technique used a brute-force 
attack to guess the URLs of privacy-protected images stored on 
Facebook's content distribution network.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Wed May 18 2011 - 01:48:34 PDT

This archive was generated by hypermail 2.2.0 : Wed May 18 2011 - 02:01:06 PDT