Lock picking might seem ridiculously old-fashioned at a cybersecurity gathering — but learning it can actually help people protect machines from digital threats.
As security improves to block remote attacks over the internet, hackers look for ways to deliver malicious software physically instead — for instance, by breaking into a company’s data centers. Like cracking a digital system, picking locks involves solving puzzles, along with a certain amount of finesse and skill.
And for the good guys, knowing how to pick locks is important for learning how to defend against it.
The recent Def Con security conference in Las Vegas had one section devoted to hands-on lock picking . Getting a seat was tough. At times, the tables looked like knitting circles, with participants at various skill levels looking intense as they used tiny rakes and tension bars to pop open a variety of practice door and padlocks.
Tools were shared. Experts offered advice. Shouts of joy erupted when someone finally cracked a tough lock. Locks and tools also proved to be popular souvenirs, with a conference store nearby doing brisk business.
A PUZZLING BADGE
You can’t host a gathering for creative people who love to tinker and just give them the same, old plastic badge hanging from a lanyard. Def Con’s electronic badges are both cool to look at and full of puzzles to decipher.
Last’s year’s badge was a fully mastered, playable, 7-inch vinyl record. This year’s badges were shaped like a skull, and LED lights in their eyes and mouth seem to light up at random.
The badge itself, powered by a 3-volt battery in its chin, features a mini processor and buttons that look like the controller for an old-school video gaming system. Attendees quickly discovered they can set off a light show by using the buttons to enter the “Konami Code,” a video game cheat code dating back to the 1980s.
The back has other secret codes and patterns for attendees to decipher.
RISE OF THE MACHINES
Def Con kicked off with the finals of the Cyber Grand Challenge, which was billed as the world’s first all-machine hacking tournament.
Seven teams created computers to automatically hunt for software bugs and fix them in real time before significant damage could be done. Spectators watched on the big screen as sportscaster-like commentators described the action. Mayhem, built by a startup with roots at Carnegie Mellon University, took the $2 million prize for catching and fixing the most bugs.
The competition was sponsored by the Defense Advanced Research Projects Agency, or DARPA, the military’s research arm that created the internet in the 1960s.
Most security conferences focus on encryption, firewalls and the digital side of security. Def Con has those topics, too, but takes pride in blending in the physical side as well.
Crowds packed ballrooms to see how one hacker channeled his inner MacGyver to create a bionic hand out of a deconstructed Keurig coffee maker. Unofficial evening parties offered lessons on how to escape from handcuffs.
It’s like a summer camp for mischievously gifted and talented kids after they grow up.
Filed Under: Industry regulations, Cybersecurity