French journalists steal passwords at security conference, get kicked out

vegashack

Three French journalists were kicked out of the Black Hat security conference in Las Vegas yesterday. They were caught sniffing the press room’s Wi-Fi network.

The journalists were from the magazine Global Security, and said they’re hacking was merely a “joke.” They were able to obtain login information from several journalists, including one from eWeek.

I only mention this because it is so, so easy to steal information over a Wi-Fi network, secured or not. (Don’t bother using WEP, since it can be cracked in about 10 minutes with the proper tools. WPA is still somewhat of a pain to crack) Any kid can compile a copy of ettercap—before you know it, he’s reading your Facebook messages, your Gmail (SSL, what’s that?), and can do legitimate damage to your good name if he were so inclined.

That the French journalists didn’t think that sending a bunch of ARP requests over the network wouldn’t be noticed at a security conference borders on the ridiculous. Any IT guy worth a damn would notice it right away.