Some folks have wildly wrong ideas about what goes on at hacker conventions, but in general, they are an opportunity for security researchers (hackers) to share what they have learned, with other security researchers (hackers).
The researchers (hackers)? They do it because they enjoy teasing apart how things work, understanding the implications, interactions and potential hazards they embody.
An example of this is the security exploit that was briefed at BlackHat this year by Cody Brocious. After you’ve read the synopsis at the link above, here’s a good explanation of the exploit. Now, consider the following media reports:
- Forbes – Security Flaw In Common Keycard Locks Exploited In String Of Hotel Room Break-Ins
- BBC – Hotel burglars suspected of exploiting lock security bug
- SiliconANGLE – Hotel Burglars Exploit Key Card Locks, But Who’s Gonna Pay To Fix Them?
This leads to the obvious questions:
- Were these break-ins attributable to the briefing at BlackHat?
- Were these break-ins attributable to other, independently discovered implementations of the same exploit?
- Were there break-ins using this exploit before the BlackHat briefing?
- Were earlier break-ins not recognized, before this exploit was exposed, and perhaps blamed on hotel staff?
So, what do you think? Answer our poll question, and feel free to comment.
- Meet Cody Brocious, The Hacker Who Cracked Four Million Hotel Room Locks (Video Q&A) (forbes.com)
- Solving Hotel Lock Hack (foxnews.com)
- Hackers’ New Target: Hotel Room Locks (newser.com)
- [News] Hotel room break-ins blamed on hacked locks (pcworld.in)
- List of Ethical Hacker Conferences & computer security conferences (ehackingnews.com)
- Five Ways To Keep Your Stuff (And Self) Safe From Hotel Lock Hackers (forbes.com)
- Hack attack: Now your pacemaker is vulnerable (wnd.com)