Edition: United States  
One News Page
“Probably the fastest-access news portal in the world”
> >

‘Silicon Valley’ Fact Check: Can You Hack a Major Tech Conference? Renowned Programmer Weighs In

The Wrap Steve BallmerSteve Ballmer
Monday, 19 June 2017 ()

‘Silicon Valley’ Fact Check: Can You Hack a Major Tech Conference? Renowned Programmer Weighs InWarning: “Silicon Valley” spoilers ensue. 

In the latest episode of HBO’s “Silicon Valley” (aptly titled “Hooli-Con”), the guys sought to covertly grab attendee data at Hooli’s annual tech convention. Beyond the moral boundaries being crossed — which Jared did not want to step over — Richard, Dinesh and Gilfoyle had a colossal challenge on their hands: setting up rogue wifi “pineapples” around the convention in order to have users login to their system and allow the Pied Piper team to pull information.

It’s an entertaining storyline, though it seems pretty inconceivable a small team of engineers could hack a major tech conference as did the gang in this season’s penultimate episode.

*Also Read:* 'Silicon Valley' Fact Check: Are 'Blood Boys' a Thing?

But it’s not completely out of the question, according to software guru Jeff Atwood — co-founder of Stack Overflow, a programming community with more than seven million members.

“It is partially credible, as people would connect to the local malicious wifi and you could serve them ‘fake’ versions of sites,” said Atwood in an interview with TheWrap. “However! It is almost completely mitigated by HSTS [HTTP Strict Transport Security] which any large site would definitely already be using.”

In layman’s terms: If Apple or Google were lazy enough to use a vulnerable internet connection for its attendees, it would create an opening for hackers to funnel users towards their wifi. Of course, this is rarely the case.

*Also Read:* New 'Silicon Valley' App Tells You if You're Eating a Hot Dog or Not

There is one sticking point for the “Silicon Valley” crew in this scenario, though. To have attendees skip over their hack, it would “require that either the user has visited this URL before, or the URL is already big enough to be on the HSTS browser preload list,” according to Atwood.

Atwood laid out three ways a “small window of attack” could be pulled off like the “Silicon Valley” maneuver:

1. If it is a new HTTPS URL the user has not visited before, and it is not on the HSTS preload list.

*Also Read:* 'Silicon Valley' Fact Check: Could Shazam for Food Really Get Funded?

2. If that URL is not HTTPS (very implausible, because every credible big site uses HTTPS these days).
3. The URL is HTTPS but the app or website is not using HSTS preload. Sort of plausible, but a BIG security oversight for a company of any major size!
Got all that? In reality, a data breach that could enable a “Silicon Valley”-style attack is more likely to come from a small startup rather than a tech giant like Facebook (or the fictional Hooli). It’d also help if the hypothetical company’s security team turned a blind eye to the perpetrators — just as Hooli’s team did in the latest episode of HBO’s comedy series.
*Related stories from TheWrap:*

'Silicon Valley' Fact Check: Is Jack Barker Based on Steve Ballmer? (Video)

'Silicon Valley' Star Zach Woods Talks T.J. Miller's 'Sad' Exit, Jared's Secret Friends

Where Does TJ Miller's 'Silicon Valley' Exit Leave the Show — and HBO?
0
shares
Share on
Facebook
Share on
Twitter
Post on 
Reddit
Share by
Email
 
Source: KREX - < > Embed

News video: Grand Silicon Valley Video Project

Grand Silicon Valley Video Project

In an effort to bring more tech businesses to the Grand Valley, the Grand Junction Economic Partnership presents its latest video project, "Grand Silicon Valley."

Recent related news

‘Silicon Valley’ Fact Check: Is Jack Barker Based on Steve Ballmer? (Video)

‘Silicon Valley’ Fact Check: Is Jack Barker Based on Steve Ballmer? (Video)
To quote the zen teaching of my friend (and LA radio legend) Vic “The Brick” Jacobs: enlightenment can happen in a moment. And in the penultimate episode...
The Wrap - US

Silicon Valley, White House Tackle Troubled Government Tech

When Silicon Valley executives arrived at the White House Monday to talk about modernizing federal computer systems, there was plenty of common interest at...
Wall Street Journal - US

Is video really the future of VR?

You probably don't have a virtual reality headset. In that case, you might be wondering why "VR" has been the buzzword for "hot, new, possibly-a-fad tech" the...
Mashable - Internet

Silicon Valley's acquisition targets aren't just in tech anymore

For once, the target of an extravagant tech industry acquisition wasn’t a small start-up unfamiliar outside of Silicon Valley, but a household name. Few...
L.A. Times - AmericasAlso reported by •Raw Story

Despite Silicon Beach, Los Angeles is merely America's 18th top tech city, report finds

Los Angeles is home to hot tech firms such as Snap Inc. and Tinder, but Silicon Beach still has a long way to go to rival the tech industries of Silicon Valley...
L.A. Times - Technology

Patti Payne's Cool Pads: Silicon Valley tech leader lists $6.16M Seward Park waterfront estate

A Seward Park waterfront estate belonging to a Silicon Valley-based tech leader is on the market for $6.16 million. Brokers Wendy Lister and Kathryn Lister with...
bizjournals - Business

12 modest but insanely expensive homes for sale in Silicon Valley

12 modest but insanely expensive homes for sale in Silicon Valley
In Silicon Valley, the more suburban area south of San Francisco, house-hunters find a confluence of a mild climate, a strong economy with high-paying jobs, and...
Business Insider - TechnologyAlso reported by •bizjournals

Silicon Valley investor steps aside from his firm after sex harassment allegations

Silicon Valley investor Justin Caldbeck said Friday he is taking an indefinite leave of absence from his venture capital fund after he was accused of sexually...
CNNMoney - Business


You Might Like


Other recent news in US

Caleb Gilbert's stellar performance and other key numbers from LSU's College WORLD SERIES winWho will LSU play in the COLLEGE WORLD SERIES championship round: TCU or Florida? Live updates
Texas Mother Charged in Deaths of Toddlers Left in HOT CARDeath toll climbs in PAKISTAN oil tanker explosion
Our senators must protect MEDICAID for Louisianians: Editorial200 PEOPLE displaced after fire ravages DC apartment building
TREASURY SECRETARY Steven Mnuchin weds Scottish actress in discreet weddingIssues With Anxiety Sideline Blue Jays Closer ROBERTO OSUNA
Raw: TALLEST BUILDING in Western US Opens in LACBS2 EXCLUSIVE: Babylon Town Employee Under Fire For Derogatory FACEBOOK Post Says He Was Hacked

Twitter

Environmentally friendly: One News Page is hosted on servers powered solely by renewable energy
© 2017 One News Page Ltd. All Rights Reserved.  |  About us  |  Disclaimer  |  Press Room  |  Terms & Conditions  |  Privacy Policy  |  Content Accreditation
 RSS  |  News for my Website  |  Free news search widget  |  Help  |  Contact us  |  DMCA / Content Removal
How are we doing? Send us your feedback  |   LIKE us on Facebook   FOLLOW us on Twitter   FIND us on Google+