The annual security fest featured thrills and chills as the pros did their best to make everyone feel afraid
Breaking in: Security experts do their best
Government and corporate security professionals descend on Caesar's Palace in Las Vegas this week for the annual exchange of information on the latest attacks and suggestions for defenses. In its 15th year, the Black Hat security conference has become an important mecca for the information security community.
As is the conference's tradition, speakers showed off how they could make or prove almost anything insecure, upping the ante for both black-hat and white-hat hackers with their exploits. Some offered encouragement that the good guys could even win.
Henry: Private sector must strike back on network defense
Private-sector defenses are failing, and defenders need to gather intelligence and be more proactive, former FBI Executive Assistant Director Shawn Henry told attendees during the opening keynote. "I'm not talking about hacking back," said Henry, who now heads up the services subsidiary of security startup CrowdStrike. "We can be proactive on the network and make it difficult for the attacker."
Moss: "I fear Google more than I fear the government"
A panel of five security experts debated the balance of security and privacy. From left to right, Black Hat founder and ICANN chief security officer Jeff Moss, Adam Shostack of Microsoft, Jennifer Granick of Stanford Law School, Bruce Schneier of BT, and Marcus Ranum of Tenable Security. "I fear Google more than I fear the government," Moss said.
Stephenson: Could online game wars turn into real ones?
Writer Neal Stephenson -- best know for "Snow Crash" and "Neuromance" -- talked about technology and his latest book, "Reamde." The book takes place in the near future when conflicts in an online game spill over into the real world.
Apple: Hey, iOS is secure, and here's why
Apple surprised the security community by publishing a security white paper in May and sending a speaker to talk about the security architecture of the iOS mobile operating system. Apple has used pervasive sandboxing, reduced privileges, and implemented a great deal of code signing and data encryption to protect its platform, says Dallas De Atley, manager of the platform security team at Apple.
Flynn: Sorry, but intrusion detection doesn't work
Intrusion detection systems have largely failed the companies that use them, Facebook security engineer John "Four" Flynn told reporters during a press conference.