This completely fake ATM, equipped to skim debit cards, was discovered in the Riviera Hotel Casino right outside the hotel's security office. Conveniently, it also happened to be right out of the line of sight of surveillance cameras.

Whether the kiosk was merely a DefCon prank or a serious and malicious attempt to steal bank account information is unknown. But not having been suckered myself, I'll admit that the ATM prop is at least a little funny. And if there were a little man inside just nabbing people's debit cards, it would have been even funnier. [Wired via CrunchGear]

You have to hand it to the guy behind this DefCon 17's winning badge hack. He really wanted one of those black über badges and figured out how to get it, one way or the other. While it may look like one of those tacky Mickey's Christmas Parade hats sold at Disney, the pulsing series of LEDs embedded in the bill of the cap confuses facial recognition systems. We'll never know whether his design would've truly allowed the guy to sneak into the room where the badges are stored or not, but it's quite an achievement to make a cat burglar's dream toy out of these badges:

While this kills that old 100% accuracy claim regarding facial recognition,there aren't any details about how the hack is meant to thwart facial recognition systems. Does it have to do with how 3D images are analyzed? Does anyone have any insight? Specs? Cookies of your choice to whoever satisfies my curiosity on this topic. [Wired]

Moss, also known as Dark Tangent, founded both the DefCon and Black Hat hacker conferences in addition to legit security work—most notably at Ernst and Young, one of those giant corporations that provides auditors, attorneys, brokers, designers, and lots more to other companies. He's a sort of godfather of hackers, a pioneer who uses his underground skills in mostly above-ground ways.

As the Obama administration has been placing a heavier focus on cybersecurity, it's an extremely smart move to ask one of the world's foremost professional hackers to assist on the Department of Homeland Security Advisory Council. He's got enough expertise to really be able to offer some help, but he's also not a dangerous hacker—one analyst called him "as corporate as hiring someone out of Microsoft," meaning that for the hacking world, Moss is hardly a loose cannon. But that's exactly why it's also a smart political choice. Picking a hacker seems like an edgy choice, but Moss is a guy who's worked for Fortune 500 companies, not someone who's working in his basement to bring down the power grid.

We're looking forward to seeing cybersecurity finally advance, and this kind of guy is just what we need to get ourselves back on track. [CNET]

A Cisco fiber switch (top) handles all of the traffic on the 20 megabit internet link, and the whole thing runs behind an OpenBSD firewall. Around 40 Aruba AP-70 access points distribute the network, which are basically only radios hooked to AC power; they receive all configuration info from the main network system to prevent WAP takeovers:

The whole thing sits behind this padlocked chain fence, which is manned by a 24/7 armed security guard.

Hit up Threat Level for the full set, including a portrait of Tomoe the German Shepherd, the Goons' last line of defense. [Threat Level photos by Dave Bullock via /.]

The researchers took a photograph of a Medeco key, printed the image onto a label and used the label as a cut-out guide for reshaping the plastic of the credit card. Voila; State secrets here we come! Any credit card plastic could be used to create a simulated key, they said.

The Medeco M3 key does have an extra feature that is supposed to add security – a step protrusion on one side of the key that helps moves the Medeco lock's slider. But the same crew that created this easy hack proved last year that all you needed to do was insert the end of a bent paper clip into lock, pushing back the slider and rendering the feature toothless. Considering Medeco locks are three to four times more expensive than conventional ones, maybe the company should jump on this problem stat. [Wired - Photo Credit: Dave Bullock]

My favorite moment: a heckler says, "You must feel like Lindsey Lohan right now."

My second favorite moment: the geek giggling at the end.

[via boingboing]

I should point out that the badge that was hacked was actually my press badge, and that uber badge shown is Joe Grand's (badge designer) personal badge. Those black badges are given away as prizes for various defcon activities and provide the recipient with a lifetime free pass to defcon.

DefCon staff lured her to a large hall telling her that the Spot the Fed contest was in session and that she could get a picture of an undercover federal agent at the contest. When she sat down, Jeff Moss, DefCon's founder, announced that they were changing the game. Instead of Spot the Fed, they were going to play Spot the Undercover Reporter and then announced, "And there's one in here right now." Madigan, realizing she'd been had, jumped from her seat and bolted out the door with reporters carrying cameras chasing after her through the parking lot and to her car.

Madigan was last seen being chased by two dozen reporters hoping to interview her. Press eating the press. [Wired, gorgeous photos via Dave Bullock]