August 7, 2006
Black Hat Conference Yields Hacked ePassports, Vista Security Breaks
The Black Hat Conference took place in Las Vegas last week. This is where security experts, law enforcement agents, and hackers good and bad get together to talk about computer security. Microsoft showed off security features in Vista and challenged anyone to crack security. Polish researcher Joanna Rutkowska demonstrated a breach with an unsigned driver. The good news is the hack requires a user to click through security warnings to install the insecure driver. The installation then takes place with administrative privileges. The bad news is that with so many warnings that could pop up, a user may develop click fatigue and just let the malware slip right on through. Reactions to Microsoft's focus on security were still positive in spite of this demonstration.
The German ePassport was hacked as well. German security expert showed how he could clone the RFID chip in his passport to create a second copy. The data remained encrypted but would still be recognized by a reader as a legitimate passport. There were other reports of individuals cracking the encryption and altering the data contained on a chip. I guess it's back to the drawing board on that one.
August 7, 2006 | Permalink
TrackBack URL for this entry:
Listed below are links to weblogs that reference Black Hat Conference Yields Hacked ePassports, Vista Security Breaks: