gulfnews.com

Advanced Search | Mobile version | ePaper edition

Home
- Hot topics: Prayer timings | Eid | Global Village | UAE National Day | Haj | Mumbai Attacks | Swine Flu | Dubai Metro
News
- UAE | Oman | Bahrain | Qatar | Kuwait | Yemen | Saudi Arabia | Region | World
Business
- Aviation | Construction | Markets | Oil & Gas | Property | Technology | Tourism | Your Money
Sport
- Basketball | Cricket | Football | Golf | Horse Racing | Motorsport | Rugby | Sailing | Tennis | Other sports
Life
- Food | Motoring | Travel | Gadgets & Tech | Beauty & Fashion | Home & Interiors | People | Health | Education
Entertainment
- Books | Celebrity | Film & Cinema | Gaming | Internet | Music | Television | Visual arts
Guides
- Ask The Law | Dining out | Events Calendar | Upload an event | Resident Guide | Tourist Guide | Prayer timings | Weather
Opinions
- Cartoons | City Talk | Columnists | Editorials | Letters | Off the Cuff | Your say | Speak Your Mind
Video
- Arts & Entertainment | Business | Life & Style | Motoring | News | Sport | Technology | Travel
Pictures
- Upload a picture | Arts & Entertainment | Business | Life & Style | News | Motoring | Sport | Travel | Your pictures | General
In Focus
- Mumbai Attacks | Race To Dubai | Global Agenda Summit | Germany | Dubai Metro | Swine Flu | Breast Cancer
Classifieds
Properties
Wheels
Jobs

Business | Technology

Hackers show off latest techniques

Want to break into the computer network in an ultra-secure building? Ship a hacked iPhone there to a nonexistent employee and hope the device sits in the mailroom, scanning for nearby wireless connections.

AP
Published: 00:02 August 10, 2008

Las Vegas: Want to break into the computer network in an ultra-secure building? Ship a hacked iPhone there to a nonexistent employee and hope the device sits in the mailroom, scanning for nearby wireless connections.

How about stealing someone's computer passwords? Forget trying to fool the person into downloading a malicious program that logs keystrokes. A tiny microphone hidden near the keyboard could do the same thing, since each keystroke emits slightly different sounds that can be used to reconstruct the words the target is typing.

Hackers at the DefCon conference in Las Vegas were demonstrating these and other novel techniques for infiltrating facilities on Friday. Their talks served as a reminder of the danger of physical attacks as a way to breach hard-to-crack computer networks.

It's an area once defined by Dumpster diving and crude social-engineering ruses, like phony phone calls, that are probably easier to detect or avoid.

As technology gets cheaper and more powerful, from cell phones that act as computers to minuscule digital bugging devices, it's enabling a new wave of clever attacks that, if pulled off properly, can be as effective and less risky for thieves than traditional computer-intrusion tactics.

"The technology is becoming easier and cheaper and anybody can do it. And at the same time there's more incentive now to do it," said Eric Schmiedl, a lock-picking expert and undergraduate at the Massachusetts Institute of Technology.

Consider Apple's iPhone, a gadget whose processing horsepower and cellular and wireless internet connections make it an ideal double agent.

Experiment

Robert Graham and David Maynor, co-founders of Atlanta-based Errata Security, showed off an experiment in which they modified an iPhone and sent it to a client company that wanted to test the security of its internal wireless network.

Graham and Maynor programmed the phone to check in with their computers over the cellular network. Once inside the target company and connected, a program they had written scanned the wireless network for security holes.

They didn't find any, but the exercise demonstrated an inexpensive way to perform penetration testing and the danger of unexpected devices being used in attacks.