Inside Black Hat: Day 2 at the Security Conference
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

Inside Black Hat: Day 2 at the Security Conference

Written By
Brian Prince
Brian Prince
Jul 30, 2010
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

LAS VEGAS-Day two of briefings at the Black Hat security conference produced some interesting moments here in Las Vegas. The day began with a keynote from former National Security Agency (NSA) Director Ret. Gen. Michael Hayden, and included everything from mobile security to weaknesses in HTTPS.

Without further ado, here are some highlights from the final day of this edition of Black Hat.

Former NSA Chief Talks Cyber-war:

Hayden, who also served as director for the Central Intelligence Agency (CIA), highlighted the complexities of cyber-war and the need for the United States to get more involved with other nations in conversations about fighting cyber-attacks.

Weaknesses in HTTPS:

Researchers Josh Sokol and Robert “RSnake” Hansen talked about 24 vulnerabilities in HTTPS that could be used via man-in-the-middle attacks to potentially hijack browser sessions. While Hansen told members of the media “the world is not crashing,” he also said fixing the issue would require changes to SSL protection, such as additional junk code that would make it take longer for an attacker to take advantage of the issue. The duo also recommended better tab isolation and sandboxing as solutions.

App Genome Project:

Researchers from Lookout Mobile Security highlighted some of the dangers emerging due to the explosive growth of mobile applications. Urging users to be vigilant about the apps they are downloading, Lookout noted suspicious wallpaper applications in the Google Android marketplace from a developer known as “jackeey,wallpaper” (who has since reportedly changed his name to “callmejack” since the research was released) that pulled several pieces of data and transmitted them to a remote server. The data included the device’s phone number, subscriber identifier and the current voicemail number on the phone.

Router Risks:

Researcher Craig Heffner demonstrated how many consumer routers could be exploited through DNS rebinding to gain access to the router’s internal-facing administrative interface. According to eSecurity Planet, Heffner, who works with security consultancy firm Seismic, urged users to change their firewall rules to prevent an external IP from rebinding with internal ones, and to disable the http admin interface of their routers if possible.
Brian Prince
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information