At Black Hat USA 2012 held in Las Vegas last week, a variety of interesting perspectives emerged, ranging from security issues with NFC to the usual slew of hackings, plus some pontificating on the event itself. Here is a round-up of takeaways from this year’s show. Also, let us know your favorite development, presentation, news from this year’s show in the comments.
“I agree with [Mike Rothman] Black Hat sits at a crossroads. The audience is changing, the content is changing, and the world around it is changing. But while Mike (and he isn’t alone) thinks the conference needs to focus more on researchers or directors and executives, I think the real opportunity is for Black Hat to return to its roots and serve first and foremost as a conduit to bring (mostly) hard-core offensive research to defensive security professionals and executives.
This is no easy task. The only way to pull it off is to continue to appeal to both those generating offensive research and the defenders. And to do so with intense technological depth that is also translated into terms mere humans can understand and use to make security decisions, without watering it down. To focus on the research first, not the ‘scene,’ but to do so in a way that is both respectful and appealing to the community that has sustained it for so long. Even to include vendors (on the show floor) but without having them fill their booths with marketeers instead of engineers.” – Full article by Rich Mogull, founder of Securosis
Charlie Miller was the first person to ever hack and iPhone. He was also the first the hack a G1 Android device. Last week at the 2012 Black Hat Briefings conference he culminated nine months of research during a presentation explaining how he was able to exploit Near Field Communications (NFC) to compromise two Android-based Nokia 9 and Nexus S Samsung smartphones. – Summary of full article by Michael Mimoso, SearchSecurity
A Black Hat volunteer accidentally sent a password reset email to 7,5000 attendees. The email was originally thought to be a phishing attempt. Citing an abundance of Murphy’s Law jokes, Black Hat organizers released a statement including a quote from Robert J Hanlon: “Never attribute to malice that which is adequately explained by stupidity.” – Summary of full article by Antone Gonsalves, ComputerWorld