Security and the Media

• Daily News (pg2) - Hacking threat to companies – Aug 2
• Business Report - World Cup could be a whole new ball game for cyber criminals – Aug 2
• Tribune (pg 9) –- To be safe turn off your Bluetooth (online title)/When Bluetooth bites (print title) – Aug 5
• LigwalagwalaFM - Radio Interview re Bluetooth - Aug 6
• Weekend Witness (pg 5) –- Bluetooth cell crime hits online malls – Aug 8
• The Star (pg 16) – Your mobile office could ring the right note for hackers – Aug 13
• The Times Is Facebook a Safe Read? Aug 15

Apart from blowing my own horn. What I found interesting about this, is that the majority of the articles were about the bluetooth demo. Frankly, the bluetooth stuff is less of a worry. As long as you don't accept connections from strangers you are fairly safe. However, the web architecture is pretty broken. This point was nicely driven home at this year's Blackhat.

In my XSS proxy demo, I showed how an attacker could compromise the corporate intranet and even used an internet banking application as an example. I'm not sure what more I could have done, but for some reason the articles all focused on the bluetooth (barring the last one, but I'm not sure if that was related to the original talk's content). To be honest, I'm not really sure why this was the case. It could be that the journalists wanted to deal with something they understood and could explain better or it could be that more people in SA have phones than use the internet, and they wanted to appeal to a wider audience. Either way, I worry if the average person actually has any clue where their vulnerability lies. Couple this with the fact that we generally don't know what the bad guys are doing (the threat) and the average person is probably not in a good place to make very many informed risk decisions (relating to technology).