Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Hacker Court at Black Hat!

Hacker Court is once again returning to the Black Hat Briefings! For our seventh Black Hat presentation, we will be conducting a mock court trial focused on the issues of entrapment, journalist privilege and wiretapping, titled "Hack MyFace."

What is "Hacker Court?"

Hacker Court is a loose organization of attorneys, security professionals and hackers with the goal of demonstrating the dynamics, frustrations and complexity of computer crime trials.

Teaching Points
The Hacker Court mock trials endeavor to teach a technical audience the reality of computer crime trials.
Before joining Tenable, I was a free-lance security consultant and developed a particular interest in computer crime cases after personal experience in dealing with an intrusion. I thought I knew a lot about the process, but it wasn’t until I actually worked on a case with the Federal Defender’s Office in NY that I realized just how naïve I was on how the legal system really worked. The defendant was even more naïve and honestly thought that a “jury of his peers” meant that people like Simple Nomad, Jericho and Rain Forest Puppy would serve on the jury. After all - his “peers” were hackers!

Since then, I’ve been involved in other cases and these are a few of the major lessons I’ve learned:
1.Defendants lie, even to their own defense team
2.Admissibility of evidence is up to the judge, not the technology or its merit
3.A jurist with an infosec background would be disqualified from serving on a computer crime case
4.Defense experts cannot talk about the case no matter how much the defendant smears them to his friends
5.There are no “Matlock” moments
6.The trial is all about the attorneys’ performances
7.Technical evidence is boring, especially to the jury
8.A case will most likely not be prosecuted unless there is a 95 chance of a conviction. Corollary: if you go to trial, you're probably going down.
9.Cross examination of witnesses is brutal
10.The trial may take place years after the crime

The most important (and scary) lesson I learned is that the case will be won or lost by the side that makes their story compelling and interesting. Technical details are neither.

How it's Done
The Hacker Court mock trials demonstrate these points by enacting a courtroom environment where the audience is the jury. There is no pre-set outcome and we take great pains to make the sure the deck is pretty evenly stacked (which differs from most trials where the prosecution usually wins). Although we work out the facts of the case ahead of time, much of the testimony from witnesses is ad-libbed, often with amusing results.

Hacker Court differs from an actual trial in that we streamline the process and have some fun with it. An actual trial can take weeks - we have 2 hours, which normally wouldn’t cover the opening remarks. Most trials are also extremely boring, despite what you may see on TV. We take many liberties to make it fun, which no judge in his right mind would tolerate in an actual trial. For example, our 2004 presentation “Pirates of the Potomac: The Curse of the Bl4ck Perl” featured Simple Nomad as “Captain Jack Hack” (aka “Cracker Jack”), a hacker accused of “war-sailing” up the Potomac.

This Year's Case
This year’s presentation will once again feature Simple Nomad as the defendant, a “l33t” hacker who frequently posts to a blog run by a journalist who investigates cases of identity theft and exposure of personal information. Nomad claims to have a zero-day exploit that will work on any social networking site and is goaded by another blog poster to prove it by exploiting a social networking site called “MyFace.”

A more complete case summary, along with Speaker bios, may be found at the Black Hat site.


Both sides will argue their case on August 6, 2008 at the Palace 1 ballroom during the Gala Reception of Black Hat. Who will win? That's for the audience to decide! So if you’re coming to Black Hat, grab some food and drink from the Gala and join us in the Palace 1 ballroom!

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, email, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.