Hackers and G-men to descend on Las Vegas

Other pranks have included dye that, in different years, has turned hotel pools purple, orange and blue. A large "wall of sheep" displays names and partial passwords sniffed from unsecured computers that connected to wireless networks.

A few years ago someone disguised a wireless network to look like the one officially sanctioned by Defcon. When unwitting attendees connected to the rogue network, their Web pages were appended with vulgar images.

"An awful lot of what you will see is people gleefully poking holes in things," said Jon Callas, a longtime attendee and chief technology officer of encryption software maker PGP Corp. "It's a cross between a computer security conference and a punk rock concert."

Although some of the events clearly cross the line into illegality and good taste — past pranks have included pouring cement into toilets, setting off smoke bombs and stealing hotel satellite dishes — the conferences have been known to expose weaknesses in products made by some of the world's most powerful companies.

At last year's Black Hat, Cisco Systems Inc. tried to stop researcher Michael Lynn from speaking about a vulnerability that he said could let hackers virtually shut down the Internet.

Cisco managed to get pages documenting the flaw torn out of all 2,000 conference binders, but ultimately the biggest maker of Internet routing and switching equipment was unable to squelch Lynn's talk.

The tension between hacker activism and corporate interests may generate more friction this year as two researchers demonstrate ways to hijack some of the most popular brands of laptop computers by exploiting a flaw in their wireless connections.

A third researcher plans to demonstrate software that can drop undetectable programs for snooping into computers running Windows Vista, the next generation of Microsoft's operating system.

But there are signs that technology companies may be getting more comfortable discussing the security of their flagship products. Microsoft scheduled a day of talks for Thursday on new approaches to hardening its products; it also wants feedback from participants.

And a Cisco executive is scheduled to sit in on a panel that includes people who have criticized the company in the past.

Adam Laurie, chief security officer of Thebunker.com, a U.K.-based site for storing sensitive information, said past conferences are partly to thank for the growing willingness of Microsoft and Cisco in disclosing potential weaknesses in their key products.

"We are having this stuff forced upon us, and you can't choose not to have it," said Laurie, who goes by "Major Malfunction." "If they don't do it properly, that puts me at risk."

MORE FROM SECURITY

Security Section Front

Facebook hit by ‘Control Your Info’ intruder Twitter phishing ploy goes for ‘Direct Messages’ Red Tape: Your chance to spy on Google Hacking ring caught in $9 million fraud Tagged.com settles with states in invite fight Framed for child porn — by a PC virus Beijing puts foot down on ‘Oba Mao’ T-shirts Spain: Internet-related child porn on the rise Google providing better view of personal data EU agrees on new Internet user rights Security Section Front   Add Security headlines to your news reader: