Click For Photo: https://techcrunch.com/wp-content/uploads/2019/08/doom-eternal-1.jpg?w=711
Every year the great and good (and bad) of the hacker/information-security world descend on Las Vegas for a week of conferences, in which many present their latest discoveries, and every year I try to itemize the most interesting (according to me) Black Hat talks for TechCrunch. Do not assume I attended all or even most of these. There are far too many for anyone to attend. But hopefully they’ll give you a sense of the state of the art.
First, though, let me just note that this post title is intended as sardonic. Yes, there is a lot of sloppy software out there, and yes, a lot of smart people keep finding holes, bugs, exploits, and design flaws even in good software, but we are not actually all doomed, and the belief that we are, and that anything connected to the Internet can be and probably has been hacked — an attitude which I like to call “security nihilism” — is spectacularly counterproductive.
Truth - Lot - Security - Tech - Companies
In truth there is a lot of extremely good security out there, especially amid the big tech companies, and it keeps getting better, as the market for 0-days (previously undiscovered exploits) indicates. Most (though certainly not all) of the exploits below have already been reported and fixed, and patches have been rolled out. That said, much of the world has a lot of work to do to catch up with, say, Apple and Google’s security teams. Without further ado, the best-sounding talks of 2019:
Liveness Detection Hacking, from Tencent’s Xuanwu Security Lab, discusses how to trick “liveness” detectors for face or voice ID (or, perhaps, cryptocurrency KYC) by injecting fake video or audio streams, or, better yet, ordinary glasses with ordinary tape attached, which, best of all, they have named X-glasses.
Modules - Baidu - Security
All the 4G Modules Could Be Hacked, from Baidu’s Security...
Wake Up To Breaking News!