Black Hat USA 2016 kicked off in Las Vegas on July 30. While the event is open to anyone who wants to attend, not everyone interested in learning from some of the world’s foremost security experts will be able to make the trip out to Nevada.
Luckily, a cadre of reporters will descend upon the hacking-centric festivities to provide up-to-the-minute coverage of the presentations, and Black Hat USA has in the past made the materials presented on-stage available for online viewing.
It’s sure to be a big event this year. People care more about security than they used to, important people are presenting, and a whole bunch of Mr. Robot fans probably want to see if hacking in real life is really as exciting as it is in the show.
Here are the top five things to look for from this year’s Black Hat USA conference:
5. Using role-playing games to teach people about security
Explaining complex security issues to people is never easy. It’s often viewed as someone else’s problem, but it’s actually everyone’s problem. Airbus’ Tiphaine Romand Latapie plans to give a talk called “Dungeons Dragons and Security” to explain how a role-playing game could help explain these issues.
4. Bypassing protections in so-called “next-gen” ATMs
Earlier this month a Taiwanese bank was taken for $2 million, and it has no idea how its ATMs were tricked into spitting out that much cash. Rapid7’s Weston Hecker plans to explain how even next-gen ATMs aren’t safe from dedicated hackers.
3. How to push back against law enforcement requests
Crypto Policy Project attorneys Jennifer Granick and Riana Pfefferkorn want people to know how to respond to law enforcement assistance requests, which can be used to force companies to help the government spy on their users. How well this message is internalized could mean the difference between a company giving the government easy access to your data and it fighting for your privacy.
2. Learning how Airbnb poses a real security risk
Airbnb causes all kinds of problems but many of its users probably haven’t thought about the implications it has for their security. Atlassian’s Jeremy Galloway will explain how travelers “are now more vulnerable than ever to network-based attacks targeted at stealing personal information or outright pwnage” thanks to Airbnb.
1. Going behind the scenes of iOS security
This could be the most important presentation of the weekend. Apple’s head of security engineering and architecture, Ivan Krstic, plans to go behind the scenes of iOS security following the brouhaha earlier this year over the FBI breaking into an iPhone 5c when Apple refused to help it.
While this isn’t the first time Apple’s had a presence at Black Hat USA, it is surprising to see Krstic appearing in such a public forum. Earlier this year I was speaking with the chief executive of a mobile security company, and when he told me about Krstic appearing at one of the company’s events, he flat-out refused to so much as mention Krstic’s name, let alone explain what he was there to discuss.
There’s always the chance that Krstic won’t reveal anything new, but anyone curious about how one of the world’s most popular operating systems is secured ought to keep a look out for news from the briefing. It’s sure to be educational.