Profile of David BerlindChief Content Officer, UBM TechWeb
News & Commentary Posts: 186
Articles by David Berlind
posted in July 2009
With one bombshell already having been dropped at the BlackHat Conference (that most implementations of SSL are configured to give up everything including logins, credit cards, etc.), researchers dropped another one today when they demonstrated how the SMS infrastructures of GSM-flavored operators such as AT&T and T-Mobile are hackable to the point that cell phones can be hacked and their users can be tri
iSEC Partners partner (and Black Hat researcher) Alex Stamos says there's really no such thing as cloud computing. According to him, it's just a trendy name to take your money. Regardless of what you want to call it though, the vulnerabilities inherent to it are very real. That was Stamos' message in a briefing he gave this morning at the Black Hat conference in Las Vegas. Among the highlights of my podcast interview with him; Salesforce gets a gold star and Windows-based virtual machines are ar
Though it's not the bombshell that was dropped by Moxie Marlinspike, another researcher is here at BlackHat briefing attendees on how he cracked the Social Security Administration's code for creating social security numbers and how governments and organizations must respond now that SSNs are not secure in their commonly used contexts as passwords and identifiers (includes podcast interview).
No edition of the Black Hat conference would be complete without a few security bombshells; The ones where attendees learn that a huge swath of their digital security -- previously thought to be totally secure -- is little more than a house of cards that, thanks to some Black Hat researcher, just came tumbling down. Here in Las Vegas, Moxie Marlinspike is one of those researchers and he's here demonstrating how SSL is that house of cards. Think your implementation of SSL is secure? Think again.
Today is the first day of the infamous Black Hat Briefings taking place at the Black Hat Conference in Las Vegas and most of what the attendees will hear today is being presented publicly for the first time by the various researchers in the building. Today, for example, is the day that many researchers reveal their discoveries and exploits but in some cases, they hold back on the tools or details needed to replicate their research until the impacted vendors and organizations have an opportunity
"What I'm about to teach you could land you in jail and destroy your life and family if you choose to use it for nefarious purposes." These words and others like them have been repeated many times in the nearly 50 security classes being given during the training portion of Black Hat, now onto its fourth day in Las Vegas. The "classrooms" here at Caesar's Palace are filled with everyone from self-proclaimed hackers (their badges say so) to digital forensics s
When it comes to open sourced content management platforms and their creators, there's no question about the celebrity status that WordPress and its young founder Matt Mullenweg have ascended to. If offered an opportunity to interview Mullenweg about some news, I'd undoubtedly jump on it. But when I was offered the chance to do the same with Dries Buytaert, my initial response was "Dries who?" Once I realized "Dries, the creator of Drupal," I didn't hesitate (podcast below).