Zone-h is in Las Vegas attending  Defcon 14 , the annual meeting of hackers and security researchers and we are providing daily coverage for our readers. Getting off nearly 2 hours late, today started off with a good presentation by Agent Thomas Grasso on the US government fight on organized cybercrime. Mr Grasso described the organizational structure of various groops, from old school warez traders, and how their structures were the basis on which todays cybercrimals are organized and function in a la-costra-nostra [ mafia ] fashion in structure.

From credit cards and spam to specialized devices as ATM skimmers, organized crime has a strong foothold and structure much like any other multi billion dollar business. Mr Grasso outlined profit estimates averaging $67billion US a year from illicit cybercrime. You can read more at the NCTFA web site...

In the Trusted computing spot [ is it SATAN? ], Bruce Potter spoke about something called TPM, which is basically a hardware component that provides a trust relationship with applicable software, via  a unique key in the hardware, such as boot loaders and intranet applications. A USB loadable image may be had from http://tpm.shmoo.com. While there are a few caveats, such as TPM hardware failure, not much software has implemented or has implementation for TPM yet. Much info can be found at  trustedcomputinggroup.org .  

Chris Paget of IoActive presented something that is of international interest, and that is the US-VISIT  program run by the US Immigration Service. Ever fill out one of those green I-94 forms on the airplane on an international trip...? guess what... the form has an embedded RFID tag in it. Chris provides many interesting insights into the program and the technology that supports it. Apart from this RFID tag, when you are being processed, you are photographed and fingerprints are taken. All the while you are waiting, background checks are being run through the various criminal records  systems.

This information is then converted into data and placed into a high-res 2D Aztek Code format. Mr Paget showed how using a simple scanner and software, this data can be read and his research seems to indicate that a simple non secure encoding scheme is used along with a possible daily code used across all systems, potentially opening up the possibility to decode all encodings done on any given day. Apart from the technological aspects of this program, Mr Paget points out that the wording of the form you sign essentally gives up your rights to any appeal you might need to defend yourself [ and if you don't sign the form you cannot enter the United States ].As well as this he stated that US and many foreign passports contain RFID tags that can be read from distances as far as 10 meters. 

Zone-h also had the opportunity to "Meet the Fed", where representatives from various law enforcement branches answer questions for the event goers. Represented were the FBI, DoD, Marines and IRS, along with USCert the Postal Office and a former NSA agent. In this Q&A session the "Feds" spoke about such things as recruiting of conference atendees, and working more closely with hackers to help the cybercrime fight. The panel stated that counter-terrorism is the number one fight today. Expressing advances in interjurisdictional relationships like ISACS [ industry-led information sharing and analysis centers ] has helped raise the bar for cybercrime criminals to be successful in their activities.Stay tuned for more day to day coverage from Defcon 14

                                                                                                                                          HEY DONNIE... WATCH OUT FOR THE FEDS!

Comments Index (Total Messages: 1)

Take care!! Written by Guest on 2006-08-06 02:25:01

Powered by a Zone-H(ified) version of AkoComment 3.0!