Network News

X My Profile
View More Activity

Scary Advice for the Vegas Trip

I thought I was being sufficiently paranoid as I went about planning my trip out to Las Vegas next week for the back-to-back Black Hat and DefCon hacker conferences, but now I'm just plain spooked. Ever since I started telling people I was going I've been getting all kinds of advice and quite a few safety and security warnings.

I had a lengthy conversation yesterday with Jack Holleran, formerly head of the National Security Agency's National Computer Security Center. Holleran is now retired and helping to organize the two conferences along with Jeff Moss and countless others. He had a little advice about how not to go about accessing the Internet in Vegas while the two conferences are going on.

Mainly, Holleran advised me not to use the Internet service at the hotel where DefCon is being held this year. Apparently, the "bad" hackers there (yes, there are probably more "good" or helpful hackers than evil ones) and the young miscreants who invariably show up at this conference usually manage to take complete control of the hotel's network. "The whole system is going to be hacked. It always is," Holleran said.

Okay, noted. But then I got the following e-mail from a loyal reader:

Brian,

Saw your article on Security Fix that you are off to Vegas.  I am envious.  Please do share your experience with us: those who cannot attend for many of the same reasons married dads can't do much of anything.  I have read many articles on the "happenings" at DefCon and have only one note of warning: Don't use a personal credit card at the hotel at all, and maybe even within a 100-mile radius.

Have fun....

That caught my attention.  I guess I'm off to get some traveler's checks before catching my flight.

Got any more advice for my trip to Black Hat and DefCon?  Use the comments area below to share.

By Brian Krebs  |  July 22, 2005; 5:05 PM ET
Categories:  From the Bunker  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Security Fix Is Heading to Vegas
Next: Flaw in Winamp Media Player Fixed

Comments

This may be too late for your trip...I just read your entry.

I've been to similar conferences, and would advise:
- remove anything personal from your computer. In fact, if possible, build a new system, fully patched, fully virus-protected, fully spy-ware protected.
- Don't put anything personal on the system. Store everything on a USB drive (encrypted is better), and keep the USB drive on your person at all time.
- consider using a VMWARE partition for use while connected to the hotel system, or to any wireless system.
- assume that you are going to be hacked...or at least, attempted to be hacked.
- physical security is a must. Use a cable lock on your laptop.
- harden laptop with power-on passwords (strong), and encrypt your data folders.
- no personal stuff. If you need to check your ATM balance, use an ATM. But don't use a third-party ATM (they might belong to a hacker). Look out for card skimmers attached to ATMs.
- bet red, and ride it.

Good luck....Rick H.

Posted by: Rick | July 24, 2005 11:53 PM | Report abuse

Good advice below.. I'd also consider not using your real name other than for check in, and would be very quiet about your check-in procedures. That's where your the most likely to have to use a bus. card etc.
I apologize this is too late.

Posted by: Conchubor | July 27, 2005 4:00 PM | Report abuse

Good site

Posted by: Dublin Accommodation | March 22, 2006 10:51 AM | Report abuse

Dont forget to protect your machine from XSS exploits and rogue yahoo security agents. I prefer latex protection vs lambskin for my laptop and network connection.

Posted by: n3td3v | August 3, 2006 10:40 AM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company