BLACK HAT 2020: THE SCARIEST THINGS WE SAW
PC Magazine|September 2020
BLACK HAT 2020: THE SCARIEST THINGS WE SAW
Every year, hackers and researchers flock to Las Vegas for the Black Hat security conference to see and share the latest in security research. This year, though, everyone had to stay at home because of COVID-19—but there was still plenty to be worried about at this year’s conference.
MAX EDDY, NEIL J. RUBENKING

WORK FROM BLACK HAT FROM HOME

The ongoing COVID-19 pandemic in the US knocked a lot of security conferences offline—or rather, it knocked them to online-only. This year, both Black Hat and DEF CON (along with HOPE 2020 and others) used live and prerecorded video coupled with chat platforms. It worked surprisingly well and could be a pattern for other gatherings to follow. That said, the experience lacked the fun of an in-person event, and it’s hard to make time for a video session when you also have to walk the dog. Hopefully, 2021 will be a kinder year for everyone.

TRACK THE TRACKERS

It’s been known for a long time that law enforcement (and others!) use devices to track cell phones in real time, and in some cases even intercept data from those devices. Sometimes called IMSI catchers, such devices work by impersonating cell towers to trick mobile devices into connecting. At Black Hat, the EFF showed off Crocodile Hunter, a tool that identifies suspicious cell towers in real-time. The researchers also put forth a bold suggestion to stop their worst uses altogether: Apple and Google should make use of the poorly secured 2G spectrum optional.

SATELLITES SPEW SECRETS ACROSS SEAS

Spying on a Wi-Fi network is tricky, because you need to be fairly close to your target. Not so with satellite internet, which sprays some of its users’ data across whole continents. This information is often not encrypted, can be intercepted with very cheap equipment, and can be extremely valuable. And a VPN isn’t likely to help, because of special speed tweaks employed by the satellite ISPs. James Pavur, a PhD Student at Oxford University, showed how his team was able to intercept reams of data from satellite broadband providers using home television equipment and some custom software. Fortunately, Pavur’s team has begun developing an encryption tool called QPEP that lets individual customers protect their data.

CORONAVIRUS COULD SICKEN THE 2020 ELECTION

articleRead

You can read up to 3 premium stories before you subscribe to Magzter GOLD

Log in, if you are already a subscriber

GoldLogo

Get unlimited access to thousands of curated premium stories, newspapers and 5,000+ magazines

READ THE ENTIRE ISSUE

September 2020