Edition: Global  
One News Page
“Probably the fastest-access news portal in the world”
> >

‘Silicon Valley’ Fact Check: Can You Hack a Major Tech Conference? Renowned Programmer Weighs In

The Wrap Monday, 19 June 2017
‘Silicon Valley’ Fact Check: Can You Hack a Major Tech Conference? Renowned Programmer Weighs InWarning: “Silicon Valley” spoilers ensue. 

In the latest episode of HBO’s “Silicon Valley” (aptly titled “Hooli-Con”), the guys sought to covertly grab attendee data at Hooli’s annual tech convention. Beyond the moral boundaries being crossed — which Jared did not want to step over — Richard, Dinesh and Gilfoyle had a colossal challenge on their hands: setting up rogue wifi “pineapples” around the convention in order to have users login to their system and allow the Pied Piper team to pull information.

It’s an entertaining storyline, though it seems pretty inconceivable a small team of engineers could hack a major tech conference as did the gang in this season’s penultimate episode.

*Also Read:* 'Silicon Valley' Fact Check: Are 'Blood Boys' a Thing?

But it’s not completely out of the question, according to software guru Jeff Atwood — co-founder of Stack Overflow, a programming community with more than seven million members.

“It is partially credible, as people would connect to the local malicious wifi and you could serve them ‘fake’ versions of sites,” said Atwood in an interview with TheWrap. “However! It is almost completely mitigated by HSTS [HTTP Strict Transport Security] which any large site would definitely already be using.”

In layman’s terms: If Apple or Google were lazy enough to use a vulnerable internet connection for its attendees, it would create an opening for hackers to funnel users towards their wifi. Of course, this is rarely the case.

*Also Read:* New 'Silicon Valley' App Tells You if You're Eating a Hot Dog or Not

There is one sticking point for the “Silicon Valley” crew in this scenario, though. To have attendees skip over their hack, it would “require that either the user has visited this URL before, or the URL is already big enough to be on the HSTS browser preload list,” according to Atwood.

Atwood laid out three ways a “small window of attack” could be pulled off like the “Silicon Valley” maneuver:

1. If it is a new HTTPS URL the user has not visited before, and it is not on the HSTS preload list.

*Also Read:* 'Silicon Valley' Fact Check: Could Shazam for Food Really Get Funded?

2. If that URL is not HTTPS (very implausible, because every credible big site uses HTTPS these days).
3. The URL is HTTPS but the app or website is not using HSTS preload. Sort of plausible, but a BIG security oversight for a company of any major size!
Got all that? In reality, a data breach that could enable a “Silicon Valley”-style attack is more likely to come from a small startup rather than a tech giant like Facebook (or the fictional Hooli). It’d also help if the hypothetical company’s security team turned a blind eye to the perpetrators — just as Hooli’s team did in the latest episode of HBO’s comedy series.
*Related stories from TheWrap:*

'Silicon Valley' Fact Check: Is Jack Barker Based on Steve Ballmer? (Video)

'Silicon Valley' Star Zach Woods Talks T.J. Miller's 'Sad' Exit, Jared's Secret Friends

Where Does TJ Miller's 'Silicon Valley' Exit Leave the Show — and HBO?
0
shares
Share on
Facebook
Share on
Twitter
Post on 
Reddit
Share by
Email
 
Source: WSJLive - < > Embed

News video: How Asia Tech Titans Are Gaining Ground on U.S. Rivals

How Asia Tech Titans Are Gaining Ground on U.S. Rivals 01:41

At this year's D.Live Asia conference, The Wall Street Journal's Yun-Hee Kim and Rolfe Winkler talk about how Asia's largest tech companies rely on hundreds of millions of consumers to get a leg up on their Silicon Valley competitors.

You Might Like


Recent related news

The Thought Leadership Conference and Exhibition, the AI Expo North America is Set to Arrive in Silicon Valley at the End of the Month

The thought leadership conference and exhibition, the AI Expo North America is set to arrive in Silicon Valley at the end of the month (29-30 Nov) and will bring...
FinanzNachrichten.de - Markets

LinkedIn co-founder Reid Hoffman wants more, and faster, culture change in Silicon Valley

LinkedIn co-founder Reid Hoffman hopes to speed up Silicon Valley’s culture shift. “[Change will] happen through multiple steps,” Hoffman said Wednesday in...
bizjournals - Business

Former Uber board member and VC Bill Gurley says it’s time for Silicon Valley’s unicorns to ‘grow up’ and get profitable

Former Uber board member and VC Bill Gurley says it’s time for Silicon Valley’s unicorns to ‘grow up’ and get profitable
· *Tech venture capitalist Bill Gurley thinks Silicon Valley 'unicorns' are growing up and realizing they need to be profitable.* · *But he also said that...
Business Insider - BusinessAlso reported by •bizjournals

The Crunchies, where Silicon Valley went to be celebrated and skewered, is ending

Is there still a place for awards shows in Silicon Valley? TechCrunch apparently doesn’t think so. The tech news site, now owned by Verizon Communications...
bizjournals - Business

Faurecia opens new tech centre in Silicon Valley

Faurecia has opened a new technical centre in Silicon Valley to strengthen its relationships with automakers, startups, universities and companies in the...
Just-Auto - AutomotiveAlso reported by •bizjournals

Chronicler of Silicon Valley's tech history talks about its new challenges

Leslie Berlin, a historian at Stanford University, talks about why the 1970s were key to creating what Silicon Valley is today and why she thinks it will endure.
bizjournals - Business


Other recent news in US

DANICA PATRICK: Nascar star to quit full-time racingOHIO SUPREME COURT Judge Bill O'Neill brags of sex conquests
Human HEAD TRANSPLANT Surgeon Says Trial Run Is a SuccessOHIO SUPREME Court justice says he's been intimate with '50 very attractive females'
C.E.O. of PUERTO RICO Power Authority ResignsJamal Murray, Gary Harris propel DENVER NUGGETS to blowout win over New Orleans Pelicans
NFL reviewing allegations JAMEIS WINSTON groped Uber driverNEW JERSEY will sue billionaire drug company CEO over opioids
4-Alarm Fire Rages In HAMILTON HEIGHTSYear-Round Alpensia Resort To Host Main Events At Pyeongchang 2018 Winter Games In SOUTH KOREA

Twitter

Environmentally friendly: One News Page is hosted on servers powered solely by renewable energy
© 2017 One News Page Ltd. All Rights Reserved.  |  About us  |  Disclaimer  |  Press Room  |  Terms & Conditions  |  Privacy Policy  |  Content Accreditation
 RSS  |  News for my Website  |  Free news search widget  |  Help  |  Contact us  |  DMCA / Content Removal
How are we doing? Send us your feedback  |   LIKE us on Facebook   FOLLOW us on Twitter   FIND us on Google+