DefCon in Las Vegas is probably the biggest event hackers and even non hackers have been waiting for. Although there were fewer people in this year’s DefCon (around 6,000, my estimate), the presentations, contests, and parties still raked in a huge number of attendees.
The DefCon attendees believe that cybercriminals will likely be doing more of the same in the near future. Some techniques highlighted were:
- That Internet browsers will continue to be the easiest platform to exploit, regardless of which browser a user uses. Cross-site scripting (XSS) and cross-site request forgery (CSRF) will continue to makes hackers’ lives easier. In the same context, I got an insight into anonymous browsing tunneled over XSS (XAB) wherein one or many Web browsers can be used for traceless data transfer. In the future, encryption and possible computer chaining were predicted for XAB.
- The use of Metasploit as a software as a service (SaaS) was dubbed a good practice. We are, in fact, seeing a trend (with Zeus and Ilomo) that malware can be updated via the Internet. I found it amazing that a lawyer talked about hackerspaces and their legal bases. It seems that hackers are already one step ahead in protecting themselves even before laws against hacking are instituted by governments.
- Last but not least, I found that defeating Secure Sockets Layer (SSL) technology and stealing certificates seemed a very easy task for hackers, in fact, it is already an automated task in stealing credit card numbers and identities.
Attacking datacenters was suggested as a new topic for next year’s DefCon. Datacenters can be attacked or exploited either physically (through lock picking) or digitally (hacking Hadoop, one of the most used database systems). I did not hear anything about distributed denial of service (DDOS) attacks on datacenters as this would only probably make sense in cases of blackmailing their customers.
The fact that there was no secure OS was again reiterated. This was proven by the presentation on “Runtime Kernel Patching on Mac OS X,” from which I gathered:
Runtime kernel patching has been around for almost 10 years and is a technique frequently used by various rootkits to subvert the kernels used in many modern OSs.
This technique does not require any type of kernel modules or extensions and will allow you to hide various things like processes, files, folders, and network connections by modifying the kernel’s memory directly. It will also allow you to place various backdoors in the kernel for privilege escalation.
DefCon originated in 1993. It was a meant to be a party for the members of “Platinum Net,” a Fido protocol-based hacking network out of Canada. At present, it has become one of the oldest-running and largest hacker conventions around. This year’s DefCon was held at the Riviera Hotel and Casino in Las Vegas from 30 July–02 August.