Skip to main content
July 28, 2008

BlackHat Picks, Day 1

Well, it's almost BlackHat time. Here are my picks so far for Day 1. As you can see, I still haven't narrowed it down completely.

11:15-12:30 Option 1: Dan Kaminsky, "DNS Goodness". On one hand, the DNS vulnerability is already public; on the other hand, the talk will probably still be interesting even if the 0day hype is missing. Option 2: Nate Lawson, "Highway to Hell: Hacking Toll Systems". My formal education and early work was in Electrical Engineering, so I'm always interested in hardware talks. I haven't touched a soldering iron in years so I have to live vicariously through people like Nate.

13:45-15:00 Option 1: Chris Hoff, "The Four Horsemen of the Virtualization Security Apocalypse". I haven't been paying enough attention to virtualization security and I think this talk will be quite informative. Option 2: Danny Quist and Colin Ames, "Temporal Reverse Engineering". Sounds like an interesting approach.

15:15-16:30 Option 1: Hovav Shacham, "Return-Oriented Programming: Exploits Without Code Injection". The topic sounds pretty straightforward conceptually but it will be interesting to see the implementation. Option 2: Tom Stracener and Robert Hansen, "Xploiting Google Gadgets: Gmalware and Beyond". Not expecting any huge revelations on this one but it's likely to be entertaining.

18:00-19:00 The Pwnie Awards. Turnout last year was kind of slim, but I bet the room will be full this year as it's been publicized more.

Day 2 picks coming soon!

FREE Security Tutorials from Veracode

Flash Security SettingsSQL Injection TutorialCyber ThreatsMobile Security ThreatsCRLF Injection

Veracode Security Solutions

Binary AnalysisApplication TestingSoftware Security

Veracode Data Security Resources

Data LeaksSecure DataData Breach

Related Content

Chris Eng, Chief Research Officer, is responsible for integrating security expertise into Veracode’s technology. In addition to helping define and prioritize the security feature set of the Veracode service, he consults frequently with customers to discuss and advance their application security initiatives. With over 15 years of experience in application security, Chris brings a wealth of practical expertise to Veracode.

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.