Monday, July 5, 2010

ATM Vendors Threaten Researcher, Stop His Presentation

Via -

In an unexpected turn of events, a presentation about "The Underground Economy" by Italian white hat hacker and security expert Raoul Chiesa at the Hack In The Box conference held last week in Amsterdam, was replaced at the last minute with a presentation on "Side Channel Analysis on Embedded Systems" by Job de Haas.

According to Softpedia, the reason behind this cancellation was the fact that the originally scheduled presentation covers details of various techniques and exploits of vulnerabilities that cyber criminals use to break into ATM machines.

As you can surmise, ATM vendors weren't too happy about that fact and employed legal means to prevent Chiesa from addressing the conference crowd.

Even though this is not the first time that ATM vendors prevented a security researcher to publicly disclose findings about flaws in their devices at a conference, this instance is really surprising, since Chiesa held this same presentation at a couple of security conferences already, and the slides he employed are also available online.

What the vendors hoped to accomplish with this threatening approach is anyone's guess. The organizer of the conference also pointed out that the vendors had plenty of time to patch the vulnerabilities, since they have been notified of them a long time ago.

This unexpected development makes me wonder if Barnaby Jack's previously thwarted demonstration will actually take place at this year's Black Hat USA taking place later this month. Will the ATM vendors try to block that one at the last minute - again?


Note: Raoul Chiesa's slides from Nullcon 2010 Goa (India) were sanitized before publication, hence two slides were removed. At least one of those slides, was related to ATM fraud.

No comments:

Post a Comment