Having worked in IT for many years and having had to clean up mail servers at organizations that had been used to relay spam and file servers that had been conscripted to be used as repositories for contraband movie files, I know what can happen when you leave your systems vulnerable. So when we added wireless access to our home network, I made sure the SID wasn’t broadcast and I turned on MAC address filtering as well as using an encryption key. I make sure to use secure passwords by making up a sentence, taking the first letter of each word and then changing some letters to capitals, symbols and numbers (i.e. “Mary had a little lamb whose fleece was white as snow” becomes a password of mha11Wfww@s). However, that’s nothing compared to the level of security consciousness of the folks here at SecTor.
You’ll notice in the picture above from the conference that no one has a laptop open. What kind of IT conference has an audience where no one has a computer open? One where half the audience could hack into your system the minute you open the lid!
Seriously though, it has been an interesting conference so far. I sat in on Brad ‘Renderman’ Haines’ presentation on “Wireless Security – What Were They Thinking?” and learned that I never want to connect to a wireless network again ever, anywhere. Really – he went through a number of different weaknesses and ways to attack a computer or device using wireless, bluetooth or an RFID tag. Some vulnerabilities are due to the way the device is configured but some are inherent in the way the technology has been implemented. I don’t think I’ll ever use my ESSO Speedpass with their RFID technology again without first looking over my shoulder to see who might be near by.