
Welcome to Black Hat, where the attendees are the threat - psim1
https://www.wsj.com/articles/welcome-to-black-hat-where-the-attendees-are-the-threat-11565343002?mod=rsswn
======
jedberg
Out of curiosity, does anyone know the statute of limitations on "computer
hacking" crimes? When can people start telling their fun BlackHat/DefCon
stories?

~~~
elliekelly
The short answer: It depends. But it's usually five years. The DOJ manual on
prosecuting computer crimes[1] is in an interesting document to browse.

The long answer: It depends on the crime & sometimes the victim. There's a
pretty good summary of all Federal Crimes (including many that can't be
committed with a computer, at least not yet) starting on page 20 of this
report.[2] Sometimes the statute of limitations doesn't begin to countdown
until the crime is discovered or until the victim turns 18. Serious crimes,
like espionage or terrorism, don't typically have any statute of limitations.

[1] [PDF] [https://www.justice.gov/sites/default/files/criminal-
ccips/l...](https://www.justice.gov/sites/default/files/criminal-
ccips/legacy/2015/01/14/ccmanual.pdf)

[2] [PDF]
[https://fas.org/sgp/crs/misc/RL31253.pdf](https://fas.org/sgp/crs/misc/RL31253.pdf)

------
ropiwqefjnpoa
Someone should go in with fresh install of 2009 Windows 7 and see how long it
lasts.

~~~
emptyparadise
I want to see a full on security by obscurity run. Get something just new
enough to be able to talk to public Wi-Fi, but alien enough to not be Windows
or Unix of any kind.

------
RichardHeart
The attendees are the cure. Vulnerabilities are the threat.

------
RichardHeart
I believe the threat are vulnerable systems. Black Hats/penetration
testers/white hats/etc. find the problems. Developers/admins/ are the cure.

sickness, T-cell, white blood cell analogy

------
jugbee
Here you go guys, no extensions needed:
[https://pastebin.com/kV7hRm53](https://pastebin.com/kV7hRm53)

~~~
yummypaint
Thank you. You should consider automating this, it would be a great service to
the community

~~~
ProAm
Or pay for journalism you'd like to read? It's one of the things that makes
sense to pay for.

~~~
adonnjohn
The rules of the forum you're reading this on literally say that workarounds
are fine for paid content.

~~~
kpU8efre7r
Isn't copying a page and making it available to others copyright infringement
unless given permission by the copyright holders?

Where in the guidelines is that ok?

~~~
adonnjohn
[https://news.ycombinator.com/item?id=10178989](https://news.ycombinator.com/item?id=10178989)
the topic of paywalled content and the ethos of it is viewed as off topic as a
general rule.

------
calvano915
After much digging, a Chrome extension that overcame the paywall:
[https://github.com/nextgens/anti-paywall](https://github.com/nextgens/anti-
paywall)

For this extension, I selected for it to only load on-demand (Setting: "This
can read and change site data", Option: "When you click the extension"). Enjoy
:)

~~~
tobib
Is it me or have they removed the add-ons from Chrome's/Firefox's market?

~~~
calvano915
It appears so for both the addons shared. 'Tis partly why I mentioned
restricting the addon to only access on click vs. all sites.

------
rocketpastsix
is there a non-paywall version? Outline wont read it either.

~~~
psim1
Guest pass link: [https://www.wsj.com/articles/welcome-to-black-hat-where-
the-...](https://www.wsj.com/articles/welcome-to-black-hat-where-the-
attendees-are-the-
threat-11565343002?shareToken=stfaa72b20389e4669a58d4c75c81ba9a7)

Mods, please update original.

~~~
bsmith0
That link doesn't work either

~~~
cyberfart
Yes, it did work only for a short duration.

------
cr0sh
Ok - haven't read the article, paywall, etc - but from what I've heard
elsewhere, the tagline should be "...are the Feds"

Maybe that's more a joke than anything - but it wouldn't surprise me to find
out that the Fed to Blackhat ratio wasn't something huge, and those actual BH
attendees were either other researchers who go to "be cool" (or legitimately
present research), or were major "n00bs" who don't understand what they are
trying to get into, and will likely end up in the Feds hands in short order.

Or maybe all of them are faking it?

It just seems like - if you were a real BH worth your salt - a conference of
any sort where you effectively are advertising your creds would be avoided. If
you went at all, you'd want to do it under the radar. At which point you might
as well go to DefCon, Hope or something.

Its an interesting scene nonetheless - which maybe is why there are any
attendees at all; maybe the whole thing is just one giant form of cosplay LARP
- and the people who participate are really BH's and LEO's? Like some kind of
weird meta-thing going on...?

~~~
roblabla
Did you watch any of the BlackHat talks? We're very much talking about
cybersecurity professionals - there's no faking that level of expertise. And
just like any cybersecurity conference, there are people from all sides coming
- likely both on the offensive and defensive sides. And yeah, of course the
feds are there: cybersecurity is also part of their job.

~~~
Avery3R
The only people that call the field "cybersecurity" are the feds, and people
trying to make money from the feds.

~~~
95014_refugee
I wish that were (still) the case, because listening to someone talking about
"cyber"-anything makes me feel like a 5-year-old.

Sadly the term has stuck, and making fun of it these days has reduced to just
maturity/age-signalling.

