Advertisement

U of C prof to talk at hacker haven Def Con

University of Calgary computer security expert Tom Keenan is presenting at the annual hacker conference.

If you're going to Def Con — the hacker convention in Las Vegas this weekend — don't take your electronics.

That's what University of Calgary professor Tom Keenan told the Eyeopener's Holly Preston this morning.

Listen to the full interview:

"I know somebody whose employee took a cellphone to Def Con last year and the boss looked at the phone and said 'that phone has got to go' and he dropped it in a pitcher of water," says Keenan.

The computer security expert will be attending — he's giving a talk titled Torturing Open Government Systems for Fun, Profit and Time Travel — and says there will be a lot of people showing off their skills, namely doing what you're not supposed to be able to do.

"I checked out one of them and it was a guy who had figured out a way to modify a phone charger. So if he offers to give you a charge on your phone, he's also going to infect your phone and then he takes it over and he can control it," says Keenan.

"One guy is showing a home-automation system hack. So you know, people have these thermostats they can set remotely, turn on your hot tub from your iPad. He's found a way to take over these networks and basically he controls your home even when you're not there."

Keenan says many of the hacks could potentially cause serious real-world problems, including a man who could affect transit cards commonly used in Europe.

"He showed how you can buy a card for one day and and modify it so you never have to pay again," says Keenan.

The hackers do not actually want people to exploit these weaknesses, though, said Keenan. Instead they want to show the vulnerabilities so they can be fixed.

The convention attracts many different kinds of people, including a 12-year-old girl who is showing how to crack video games to an older gentleman who surprised Keenan with his ability.

"He pulls out a high-security lock that the U.S. government uses on things like nuclear reactors, which is guaranteed to be pick-proof and in about 40 seconds he had picked it."

He says he is also learning to be very skeptical of technology.

"I've cleaned out my wallet so I'll have no credit cards with PINs on them or chips on them," he says.

As for the legality, Keenan says there's good and bad.

"There are people who make money from this and steal credit card numbers online, and they definitely deserve to go to jail, but people here usually stop short of that," he said.

The problem is that once the information is out there's no control of what people will do with it.

"There are bloggers here that are reporting every vulnerability the minute somebody announces it. There are suspicious looking people, I don't want to name specific countries, but they come, and they take a lot of notes, and they take a lot of pictures but they never say anything and you know they're sending this information overseas to people who can use it, " he says.

And Keenan doesn't see any end in sight for the gathering.

"We're up to Def Con 21 and there will be like Def Con 41, because this is going to keep going."