As the years move on, I am astonished at how many IT professionals continue to have their head in the sand when they comment on how using wireless is secure and how Windows XP is better then the latest version of Windows. As we move to the cloud for more and more services, I am also seeing a disconnect about just how safe it is to access these systems from almost anywhere.
The desire for anywhere, anytime access is important. But you have to balance that with ensuring that information assurance is maintained. When you access sensitive company resources from your local coffee shop, are you sure you are doing it safely?
I am not one to normally go out and demo how bad it is out there. For that, you can watch your favorite screencasts on YouTube where 12 yr old kids show how easy it really is to hack over top a death metal music bed or the latest rave music. However, I have made an exception for Harry and the team at SMBNation and will conduct a progressively more detailed hack live on stage in Vegas. With permission from the conference organizers and the conference center, I will take over the wireless network and do some more sinister attacks to demonstrate just how easy it is.
So if you are interested in learning just how easy this really is, and more importantly learn how to defend against it... I highly recommend you come check out my session. "GS2 102: hack the Biz - Exploring the insecurities of small business". I promise you will learn something. And may actually have some fun in the process.
This will NOT be recorded, or performed again. You have to be there to see this in action.
Hope to see you there.
NOTE: Although I will be conducting a live attack, I will NOT be explaining step by step how to do it. For that, those who stay till the end and talk to me in the halls will get some pointers on how to learn more.
Looking forward to it!
Posted by: PDF Suite | October 19, 2010 at 06:56 PM
Dana:
I was in attendance for your Hack the Biz presentation. I wanted to say thank you for the most practical and real world demonstration on network insecurity I have seen. It was incredibly uncomfortable to watch you work, as throughout your demo, I found myself going over in my head some of our clients' network configurations--and realizing just how insecure they are. I'm not sure how else to praise the presentation you offered, except to tell you I have already begun network audits at two of our customers' sites to see where I have been failing to provide the best security available. So a very sincere thank you, for enlightening me on such an important subject.
Posted by: Geoff | October 26, 2010 at 01:35 AM
Thanks for the kind words Geoff. That is EXACTLY the reason I decided to do the presentation. To hear you are reviewing your current client implementations, I have reached my goal.
Thanks for attending the session. I am happy to hear it made you uncomfortable, and more importantly, happy to see you take action as soon as you got back from Vegas. Good on ya!!
Posted by: Dana Epp | October 26, 2010 at 09:02 AM