Las Vegas Sun

November 24, 2017

Currently: 62° — Complete forecast

Platform security a hot topic at this week’s hacker conference


Steve Marcus

Glenn Wilkenson, left, of SensPost, an information security company, demonstrates a technique for collecting unique, identifiable information from mobile devices during the Black Hat USA 2014 hacker conference at the Mandalay Bay Convention Center Aug. 6, 2014.

With over 12,000 expected participants from more than 100 countries at this week’s Black Hat Briefings convention, one of the world’s premier hacker conferences is anticipating record numbers for its 19th year in Las Vegas.

Focused on platform security, which includes the likes of iCloud, GoogleDrive and WordPress, the annual hacker show features information security expert Dan Kaminsky as its keynote speaker and 270 exhibitors, said show General Manager Steve Wylie. This year’s show — which began Saturday and ends Thursday — includes speeches on automobile hacking, drone attacks and even the federal government’s digital security policy.

But Wylie warned that show-goers and visitors to Las Vegas should be wary that some of the world’s most prolific hackers will be practicing their craft here.

“Really the whole world is becoming a more hostile digital environment, from a security standpoint,” Wylie said. “People should always be up-to-date on their security patches.”

The Black Hat official spoke with the Sun last week about the show’s continued Las Vegas tenure, staying digitally safe and this year’s keynote speaker.

Of all the places Black Hat could go, why do you keep coming back to Las Vegas?

Really it comes down to serving the needs of the information and information security communities. We coordinate with Jeff Moss and DEF CON, so our attendees can really maximize the week while we’re there in Vegas. People have started to refer to it as an information security summer camp, and we’re honored to be a part of that.

The two are scheduled together on purpose — we’re more of a business and education conference, and certainly DEF CON is more of a community gathering.

What’s new at this year’s show?

This year we were really thrilled to get a record number of submissions for researchers to speak at the conference. We also have new ways to take over ATMs, and another exhibit on medical devices and their weaknesses. But I would say as a theme we saw a lot of submissions come in related to platform security this year, and our program really reflects that. We saw more submissions than ever in vulnerabilities and defenses in top operating systems, virtual machines, cloud platforms, so that was definitely a major theme.

How can Las Vegans protect their digital devices this week?

I tend to focus on things I think are just good common practices for all, and at any time. Some of this is more obvious, but surprisingly not as well adopted that things like making sure all of your devices are fully patched before you arrive in Vegas, making sure you’re using strong passwords on all of your devices and using backdrop wherever you can. You should also change your passwords after leaving the event and then obviously don’t leave your device out of site for a moment. You just never know what you might be exposed to at that time.

What do you mean by having a fully patched device?

Just you making sure you run all of the latest security patches on your operating system, making sure your iPhone, let’s say, is updated and current with the latest IOS. Those things will go a long way in fending off security vulnerabilities.

What else should people know about this year’s briefings?

Our keynote speaker Dan Kaminsky really brings an interesting perspective because he has such a unique understanding of the internet technology’s underpinnings. He is going to address the future of the internet itself, and the important role that this community, the information security community, plays in its longevity.

Join the Discussion:

Check this out for a full explanation of our conversion to the LiveFyre commenting system and instructions on how to sign up for an account.

Full comments policy