Canadian Security Magazine

Computing conference outlines hacks on cars, sniper rifles, payment devices

By Bree Fowler for The Associated Press   

News Data Security

The dream of a free and open Internet is slowly being killed by overregulation, censorship and bad laws that don't stop the right people, a top computer crime defence lawyer says.

The annual Black Hat computer security conference in Las Vegas kicked off Wednesday with a keynote address from Jennifer Granick, director of Civil Liberties at the Stanford Center for Internet and Society. Granick said that while the Internet needs to be reasonably safe in order to be functional, it’s no longer the revolutionary place it was 20 years ago.

No one is murdering the dream of an open Internet, she said, but it’s withering away because no one is prioritizing its protection. On top of that, new Internet users are coming from countries whose citizens aren’t protected by a Bill of Rights or a First Amendment.

“Should we be worrying about another terrorist attack in New York, or about journalists and human rights advocates being able to do their jobs?” she asked.

Granick also railed against the federal Computer Fraud and Abuse Act, which carries sentences of up to 10 years in prison for a first-time offence. It does nothing to prosecute countries like China that launch state-sponsored attacks against the U.S. government and major companies, along with other dangerous hackers based overseas, she said. But, she added, it often hits small-time American hackers with unfairly harsh prison sentences.


In a separate briefing later Wednesday, Leonard Bailey of the Department of Justice’s Computer Crime and Intellectual Property section, said that in most cases, prosecutions of computer crimes are very “reasonable” and not “prosecutors gone wild.”

“But all it takes is one flogging in the public square and there’s a chilling effect,” he says. “So, we have to try to get this right.”

A slew of hackers and information security professionals took the stage at Black Hat later on Wednesday.

One of the most popular talks featured Charlie Miller and Chris Valasek, who gained fame recently by hacking into and taking control of a Jeep Cherokee, prompting Fiat Chrysler to recall 1.4 million vehicles to fix the problem.

In a light-hearted talk in a packed ballroom that was often interrupted by applause, the pair detailed how they spent a year hacking into the Jeep, before ultimately infiltrating it through the cellular connection in its radio and then connecting to its controls.

Wednesday’s later talks were set to include sessions on the cloning of contactless payment devices such as Apple Pay and Google Wallet, along with the hacking of gas pumps, new research on the prevalence of Internet scams and the hacking of Square Inc.’s mobile credit card-reading devices.

The conference continues on Thursday with sessions featuring the hacking of an Internet-connected sniper rifle, a look at ransomware and a discussion of the hidden risks of biometric identification.

Print this page


Stories continue below


Leave a Reply

Your email address will not be published. Required fields are marked *