LAS VEGAS -- Reporters covering the Black Hat Security Conference this week were allegedly hacked by three French reporters. The three reporters are believed to have sniffed a private network that other reporters at the conference were using -- an apparent violation of the federal wiretap statute.
A Black Hat spokeswoman explained that the three reporters gathered log-in data for reporters in the Black Hat press room and tried to convince organizers of the Wall of Sheep to post the data publicly. The Wall of Sheep is a traditional feature at the DefCon hacker conference (which begins tomorrow in Las Vegas) but was launched at Black Hat for the first time this year.
The Wall of Sheep is designed to shame conference attendees who don't connect to the internet using secure methods. The Wall of Sheep organizers sniff the wireless network to grab log-in information that's sent in the clear, then display it in redacted form on a wall for everyone to see. (See image at right of Wall of Sheep organizers next to the Wall of Sheep display.) But the private wired network, which reporters at the conference use, is supposed to be off limits for the Black Hat shame game.
Kurt Opsahl, a senior staff attorney with the Electronic Frontier Foundation who was operating a clinic at the conference to advise attendees on computer security legal matters, said given the facts that are currently known, the sniffing would be considered illegal under federal law, which requires one party in a communication to be aware that monitoring is occurring.
Although the wireless network at Black Hat is known to be a hostile network and people who use it expect it to be scanned by hackers, Opsahl said reporters in the press room have an expectation of secure communication on the private network that conference organizers set up especially for them to use.
"It's designed to be a safe harbor within a fairly stormy sea," Opsahl said.
He added that it's important to provide a safe network for reporters to communicate securely with their home offices because many reporters covering the conference may not know how to secure their communications on their own.
The Black Hat spokeswoman said the three reporters didn't try to hide how they obtained the information and were honest with the Wall of Sheep administrators about where they collected it. The spokeswoman said the Wall of Sheep organizers refused to post the information.
The three French reporters have been identified as Mauro Israel, Marc Brami, and Dominique Jouniot. Israel and Brami registered with the conference as reporters for Global Security Magazine, a magazine which is one of the conference's media sponsors (media sponsors give the conference free advertising in their publications). The spokeswoman said that Brami has been covering the conference for his publication for a number of years. Journalists who saw the French reporters in the press room identified all three as males of middle age.
The spokeswoman said the reporters, when questioned about their activity, said they wanted to educate reporters to surf more securely. They told her that many reporters covering the Beijing Olympics aren't aware of the measures they need to take to secure their communications. They wanted to use the U.S. Black Hat security reporters as an example.
Efforts to contact the three -- who have been kicked out of the conference -- were unsuccessful.
Photo: Dave Bullock (eecue)/Wired.com
See also:
