Edition: Global  
One News Page
“Probably the fastest-access news portal in the world”
> >

‘Silicon Valley’ Fact Check: Can You Hack a Major Tech Conference? Renowned Programmer Weighs In

The Wrap Steve BallmerSteve Ballmer
Monday, 19 June 2017 ()

‘Silicon Valley’ Fact Check: Can You Hack a Major Tech Conference? Renowned Programmer Weighs InWarning: “Silicon Valley” spoilers ensue. 

In the latest episode of HBO’s “Silicon Valley” (aptly titled “Hooli-Con”), the guys sought to covertly grab attendee data at Hooli’s annual tech convention. Beyond the moral boundaries being crossed — which Jared did not want to step over — Richard, Dinesh and Gilfoyle had a colossal challenge on their hands: setting up rogue wifi “pineapples” around the convention in order to have users login to their system and allow the Pied Piper team to pull information.

It’s an entertaining storyline, though it seems pretty inconceivable a small team of engineers could hack a major tech conference as did the gang in this season’s penultimate episode.

*Also Read:* 'Silicon Valley' Fact Check: Are 'Blood Boys' a Thing?

But it’s not completely out of the question, according to software guru Jeff Atwood — co-founder of Stack Overflow, a programming community with more than seven million members.

“It is partially credible, as people would connect to the local malicious wifi and you could serve them ‘fake’ versions of sites,” said Atwood in an interview with TheWrap. “However! It is almost completely mitigated by HSTS [HTTP Strict Transport Security] which any large site would definitely already be using.”

In layman’s terms: If Apple or Google were lazy enough to use a vulnerable internet connection for its attendees, it would create an opening for hackers to funnel users towards their wifi. Of course, this is rarely the case.

*Also Read:* New 'Silicon Valley' App Tells You if You're Eating a Hot Dog or Not

There is one sticking point for the “Silicon Valley” crew in this scenario, though. To have attendees skip over their hack, it would “require that either the user has visited this URL before, or the URL is already big enough to be on the HSTS browser preload list,” according to Atwood.

Atwood laid out three ways a “small window of attack” could be pulled off like the “Silicon Valley” maneuver:

1. If it is a new HTTPS URL the user has not visited before, and it is not on the HSTS preload list.

*Also Read:* 'Silicon Valley' Fact Check: Could Shazam for Food Really Get Funded?

2. If that URL is not HTTPS (very implausible, because every credible big site uses HTTPS these days).
3. The URL is HTTPS but the app or website is not using HSTS preload. Sort of plausible, but a BIG security oversight for a company of any major size!
Got all that? In reality, a data breach that could enable a “Silicon Valley”-style attack is more likely to come from a small startup rather than a tech giant like Facebook (or the fictional Hooli). It’d also help if the hypothetical company’s security team turned a blind eye to the perpetrators — just as Hooli’s team did in the latest episode of HBO’s comedy series.
*Related stories from TheWrap:*

'Silicon Valley' Fact Check: Is Jack Barker Based on Steve Ballmer? (Video)

'Silicon Valley' Star Zach Woods Talks T.J. Miller's 'Sad' Exit, Jared's Secret Friends

Where Does TJ Miller's 'Silicon Valley' Exit Leave the Show — and HBO?
0
shares
Share on
Facebook
Share on
Twitter
Post on 
Reddit
Share by
Email
 
Source: Cheddar Inc. - < > Embed

News video: Hope King- Kalanick's Departure a "Healthy Cleanse" for Silicon Valley

Hope King- Kalanick's Departure a "Healthy Cleanse" for Silicon Valley 01:39

Uber set a tone for how the rest of Silicon Valley operates, King says. With his resignation, King expects culture to change at other tech firms. Google and Tesla were up on this news.

Recent related news

‘Silicon Valley’ Fact Check: Is Jack Barker Based on Steve Ballmer? (Video)

‘Silicon Valley’ Fact Check: Is Jack Barker Based on Steve Ballmer? (Video)
To quote the zen teaching of my friend (and LA radio legend) Vic “The Brick” Jacobs: enlightenment can happen in a moment. And in the penultimate episode...
The Wrap - US

HBO’s Silicon Valley is now a show about the destructive hubris of the tech industry

HBO’s Silicon Valley is now a show about the destructive hubris of the tech industry
Silicon Valley is Mike Judge and Alec Berg’s biting comedy about the American tech industry, now in its fourth season. Every week, we’ll be taking one idea,...
The Verge - TechnologyAlso reported by •Wall Street JournalBusiness InsiderL.A. TimesRaw StoryCNNMoney

Patti Payne's Cool Pads: Silicon Valley tech leader lists $6.16M Seward Park waterfront estate

A Seward Park waterfront estate belonging to a Silicon Valley-based tech leader is on the market for $6.16 million. Brokers Wendy Lister and Kathryn Lister with...
bizjournals - Business

Silicon Valley's acquisition targets aren't just in tech anymore

For once, the target of an extravagant tech industry acquisition wasn’t a small start-up unfamiliar outside of Silicon Valley, but a household name. Few...
L.A. Times - TechnologyAlso reported by •Raw Story

Tech firm TapInfluence bids farewell to Denver, moves headquarters to Silicon Valley

Reversing the trend of many tech companies, TapInfluence is leaving Colorado to be closer to its Silicon Valley partners and the tech talent it needs. An...
Denver Post - USAlso reported by •Business Insider

Exclusive: Study.com offers free bachelor's degrees to non-techies in Silicon Valley

Study.com has been offering free bachelor degrees to working Mountain View residents since last fall, and starting this month, the company is opening the program...
bizjournals - Business


You Might Like


Other recent news in US

SERENA WILLIAMS Shuts Down John McEnroe for Comparing Her to Male PlayersThree CHICAGO cops indicted in cover-up of Laquan McDonald shooting
LAQUAN MCDONALD case: 3 Chicago police officers indictedSenate HEALTH CARE vote delayed; Google gets record fine (10 things to know for Wednesday)
Reporter vents fury at WHITE HOUSE over 'fake news' claimsCNN Producer Says Trump-RUSSIA Story ‘Mostly Bulls— Right Now’ in Leaked Undercover Video
JOHN MCENROE Refuses To Apologize For Serena Williams CommentsNew Island Forms Off NORTH CAROLINA Coast
EMMETT TILL Mississippi civil rights memorial defaced again'Run hide fight': Possible shooter at Redstone Arsenal in ALABAMA

Twitter

Environmentally friendly: One News Page is hosted on servers powered solely by renewable energy
© 2017 One News Page Ltd. All Rights Reserved.  |  About us  |  Disclaimer  |  Press Room  |  Terms & Conditions  |  Privacy Policy  |  Content Accreditation
 RSS  |  News for my Website  |  Free news search widget  |  Help  |  Contact us  |  DMCA / Content Removal
How are we doing? Send us your feedback  |   LIKE us on Facebook   FOLLOW us on Twitter   FIND us on Google+