It's time for the yearly BlackHat picks. Without further ado, here's where you'll have a good chance of finding me next week. Of course, you know what they say about the best laid schemes -- there is no way I will actually make it to all of these, but as of now, this is what's caught my interest:

Day 1

  • John McDonald & Chris Valasek: Practical Windows XP/2003 Heap Exploitation
  • Andrea Barisani & Daniele Bianco: Sniff keystrokes with Lasers /Voltmeters
  • Mark Dowd, Ryan Smith & David Dewey: The Language of Trust
  • Thomas Ptacek, David Goldsmith & Jeremy Rauch: Hacking Capitalism '09
  • Pwnie Awards

Day 2

  • Zane Lackey & Luis Miras: Attacking SMS
  • Jeremiah Grossman & Trey Ford: Mo' Money Mo' Problems
  • Joe Grand, Jacob Appelbaum & Chris Tarnovsky: "Smart" Parking Meter Implementations, Globalism, and You
  • Jesse Burns: Exploratory Android Surgery
  • Vincenzo Iozzo & Charlie Miller: Post Exploitation Bliss - Loading Meterpreter on a Factory iPhone

Chris Wysopal, Tyler Shields, and I will all be around next week so if you're interested in learning more about Veracode or just catching up in the hallway track, shoot over an email or a tweet.

In the comments: Which talks are you excited about?

Veracode Security Guides
Data Security Resources

About Chris Eng

Chris Eng, vice president of research, is responsible for integrating security expertise into Veracode’s technology. In addition to helping define and prioritize the security feature set of the Veracode service, he consults frequently with customers to discuss and advance their application security initiatives. With over 15 years of experience in application security, Chris brings a wealth of practical expertise to Veracode.

Comments (2)

Tyler Shields | July 27, 2009 11:49 am

Chris Eng generally has mediocre taste when it comes to choosing speakers at Blakhat, so in that vein I post the "better" talks to go see. (he'll probably sack me with tons of work when he sees this post.. meh oh well).

Wed 10:00. OK, Chris got this one right. John M & Chris V will be fantastic
Wed 11:15. Lazers and Voltmeters?! Jeesh do you work for the NSA or something? Go see Dino talk about state of the art MacOSX Rootkits. I've spoken with Dino recently, and this will be a killer talk.
Wed 13:45. Toss up here. .NET Rootkits or take a brake from nerd land and go to Analyzing Security Research in the Media. Or possibly continue eating more food?!
Wed 15:15. DUH!?! Mark Dowd for the win. It looks like Chris actually got two right this year.
Wed 16:45. Capitalism is played.. check out ring -3 rootkits. Not sure what to expect here, but could be decent.
Wed 18:00. PWNIES!!!

Thu 10:00. Must see SMS breaking and hacking. Luis and Zane never disappoint. Score another point for Chris!
Thu 11:15. SADE: Injecting agents in to VM guest OS. Matt Conover has been hacking since he was like 4 years old. Go check this talk out.
Thu 13:45. DQ and LL talk about Crayons, or coloring, or paint by number? Not sure, but I'm interested in anything that will make RE quicker and less painful.
Thu 15:45. Burns on Android. Playing a game of operation with Android sounds like fun to me. Ding ding.. we have another match.
Thu 16:45. Probably check out the TitanEngine talk (or go drink early.. it's party time).

OK. So you didn't do half bad this year Chris. And besides.. I'm sure I'll end up totally throwing this plan out the window come Wed morning anyhow! See you all in the land of lost wages!

CEng | July 27, 2009 11:53 am

Hmm, somebody likes rootkits. :P

Please Post Your Comments & Reviews

Your email address will not be published. Required fields are marked *

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.