BlackHat Picks, Day 1

CEng's picture
By Chris Eng July 28, 2008

Well, it's almost BlackHat time. Here are my picks so far for Day 1. As you can see, I still haven't narrowed it down completely. 11:15-12:30 Option 1: Dan Kaminsky, "DNS Goodness". On one hand, the DNS vulnerability is already public; on the other hand, the talk will probably still be interesting even if the 0day hype is missing. Option 2: Nate Lawson, "Highway to Hell: Hacking Toll Systems". My... READ MORE

Yes! Now I Can Attend Nate Lawson's Talk at BlackHat!

CEng's picture
By Chris Eng July 21, 2008

By now, you probably know that details of the DNS vulnerability have leaked. Halvar Flake speculated on DailyDave and the momentum built from there, despite the fact that his guess was short on a few key details. I don't need to rehash the full technical details here; by now, they are easy enough to find with a couple Google searches. When Slashdot picks up the story, it's hardly a secret any... READ MORE

Missing the Point

CEng's picture
By Chris Eng July 21, 2008  | 4

A co-worker passed along this snapshot taken at the Karsten Nohl, Jake Appelbaum, and Dino Dai Zovi talk at HOPE this past weekend. The context, of course, is that the overzealous Debian developer who accidentally crippled OpenSSL back in 2006 said he did so because valgrind reported uninitialized memory use. Click through for the full-size version. So automated software review is dangerous now... READ MORE

What Dan's DNS Checker Doesn't Do

CEng's picture
By Chris Eng July 10, 2008  | 6

Despite what various commenters around the blogosphere think (I've read a few but can't find the links now), Dan Kaminsky's online "Check My Dns" utility doesn't: Poison anybody's DNS cache Expose how the actual exploit works   What it does is check whether your ISP's DNS server is patched. Plain and simple. It looks for one thing -- source port randomization. This does not give away the... READ MORE

DNS Vulnerability Survives Scrutiny of Peer Review

CEng's picture
By Chris Eng July 9, 2008

The security community is cynical. So much so, that most of the chatter that's taken place over the past 24-36 hours has suggested that Kaminsky's DNS vulnerability was little more than a publicity stunt and that his BlackHat presentation would be an over-hyped rehash of prior art. Granted, one has to suspend disbelief to even consider that something monumental would be discovered in DNS -- that'... READ MORE

No, I Don't Know the Answer to the Big DNS Secret

CEng's picture
By Chris Eng July 9, 2008  | 5

Rich Mogull's executive overview of Dan Kaminsky's latest DNS vulnerability fluffed a few feathers yesterday: The good news is that due to the nature of this problem, it is extremely difficult to determine the vulnerability merely by analyzing the patches; a common technique malicious individuals use to figure out security weaknesses. The typical response I heard was "what do you mean, it can't... READ MORE

Minimizing the Attack Surface, Part 2

CEng's picture
By Chris Eng July 7, 2008

I'm finally getting around to finishing my post on minimizing attack surfaces. Here's Part 1, in case you missed it. First, a quick clarification. I noticed that some of the readers who commented on that first post wanted to talk about improving security through the use of various development methodologies or coding frameworks. Those are interesting tangents (and ones that I may write about in... READ MORE

The Government's Top Hackers?

CEng's picture
By Chris Eng July 1, 2008 3

Popular Mechanics recently published an article about the NSA Red Team, which caught my interest, having been a part of that organization for a short stint back in early 2000. The article does a decent job of describing the Red Team's charter, which is essentially to attack DOD targets in an attempt to simulate real adversaries, not unlike a consultant running a pen test against a corporation... READ MORE

Selling 0day Exploit Code

cwysopal's picture
By Chris Wysopal June 30, 2008

We all know it happens, but it is rarely exposed as clearly as Adam Pennenberg did in his article for Fast Company, The Black Market Code Industry. It turns out that this 0day seller was an HP employee: According to the consultant who snared Marester, his quarry's skills appear quite sophisticated. His wares, if they performed as advertised, could help a hacker take down machines running that... READ MORE

DWR 2.0.5 Fixes XSS Vulnerability

CEng's picture
By Chris Eng June 29, 2008

DWR 2.0.5 addresses an XSS vulnerability that is likely to be exploitable in most 2.0.4 installations. If your web application uses DWR's Ajax implementation, download and install this update now! As an aside, I've been a fan of DWR for a while now, not only because of its ease of integration but also because it was the first Ajax framework to offer built-in CSRF protection. You could tell that... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu