It's that time of year again.
Veracode's security research team and our Chief Scientist will be at the Vegas cons in force this year engaging in the usual roguery.
Here's where to see us speaking:
- Christien Rioux, "Lessons of Binary Analysis", BlackHat, July 26, 10:15am
- Zach Lanier and Andrew Reiter, "Mapping and Evolution of Android Permissions", BlackHat, July 26, 2:15pm
- Chris Lytle, "Puzzle Competitions and You", B-Sides Las Vegas, July 25, 4pm
We'll also have a booth (#229) for the first time. Here's when you can stop by and speak with members of the research team, assuming you don't bump into them in the hallway first.
Chris Wysopal (@WeldPond), Christien Rioux (@dildog), and I (@chriseng) will also be floating around.
Finally, I asked everyone to look at the BlackHat schedule this year and pick out the one or two talks that looked most promising to them. Here are some recommendations:
- "How Many Bricks Does It Take to Crack a Microcell?" (2 votes). Comments: "I am interested in Microcell devices for their linking cellular networks and IP networks and for the fact I use one!" "I second the micorocell talk –- this field is extremely underresearched."
- "Clonewise -– Automated Package Clone Detection". Comments: "This is going to be incorporated to a number of OS projects in different ways. Silvio has a great history of binary analysis, stemming from his ELF work, and this is definitely one not to be missed."
- "Scaling Up Baseband Attacks: More (Unexpected) Attack Surface" (2 votes).
- "Libinjection: A C library for SQLi Detection and Generation Through Lexical Analysis of Real World Attacks". Comments: "Although there’s been some nifty research in mitigation and prevention of SQL injection at the language/compiler/API level, there’s been a strong tendency for people to publish a PoC and let it languish. The description appears to be aimed straight at app developers, which is great."
- "PRNG: Pwning Random Number Generators (in PHP applications)". Comments: "Barely-good-enough (or worse) PRNGs are at the core of virtually every session-generation mechanism. It’s one thing for everyone to say, 'stop using weak randomness!', but there’s been a lack of practical attacks in this space (aside from the old LCG attacks – we know rand() is bad. What about truncated arc4random in practice?)."
- "iOS Kernel Heap Armageddon Revisited".
- "iOS Application Security Assessment and Automation: Introducing SIRA".
- "Advanced ARM Exploitation".
- "Hardware Backdooring is Practical".
- Neal Stephenson keynote. Comments: "Sure it’s not technical, but I’m a tremendous fan of his writing and I’d love to hear his thoughts as they pertain to the security space."