Even the ATM machines were suspect at this year's Defcon conference, where hackers play intrusion games at the bleeding edge of computer security.
With some of the world's best digital break-in artists pecking away at their laptops, sending e-mails or answering cellphones could also be risky.
Defcon is a no-man's land where customary adversaries -- federal agents against digital mavericks -- are supposed to share ideas about making the Internet a safer place. But it's really a showcase for flexing hacker muscle.
This year's hot topics included a demonstration of just how easy it may be to attack supposedly foolproof biometric safeguards, which determine a person's identity by scanning such things as thumb prints, irises and voice patterns.
Banks, supermarkets and even some airports have begun to rely on such systems, but a security analyst who goes by the name Zamboni challenged hackers to bypass biometrics by attacking their backend systems networks. "Attack it like you would Microsoft or Linux," he advised.
An annual highlight is the "Meet the Feds" panel, which this year included representatives from the FBI, NSA and the Treasury and Defense departments.
Radio frequency identification (RFID) tags that send wireless signals and are used to track a growing list of items including animals and US military shipments -- also came under scrutiny.
A group of twentysomethings from Southern California climbed onto the hotel roof to show that RFID tags could be read from as far as 21 meters. That's important because the tags have been proposed for such things as US passports, and critics have raised fears that kidnappers could use RFID readers to pick traveling US citizens out of a crowd.
RFID companies had said the signals didn't reach more than 6m, said John Hering, one of the founders of Flexilis, the company that conducted the experiment.
Also on hand at the conference was Robert Morris, former chief scientist for the National Security Agency (NSA), to lecture on the vulnerabilities of bank ATMs, which he predicted would become the next "pot of gold" for hackers.
Morris said thieves have been able to dupe people out of their bank cards and passwords by changing the software in old ATM machines bought off eBay for as little as US$1,000 and placing the machines out in public venues.
RSS