Black Hat conference impressions

Black Hat USA is one of the biggest conferences dedicated to computer security. This year, the conference is even bigger than last year, with an estimated 5000+ delegates from all over the world and nine parallel tracks covering wide range of topics, ranging from Voice Services Security to Policy, Management and the Law.

It is therefore not surprising that SophosLabs is also there. Peter (from our Sydney lab) and I were closely watching presentations related to malware, reverse engineering and some new research areas addressed by researchers investigating offensive aspect of computer and network security. It is always interesting to compare our experiences with the experiences of presenters and other colleagues from the anti-malware industry.

For me, both days had their themes. I spent the first day watching excellent presentations dedicated to computer virtualization (morning) and exploitation of the operating system kernels (afternoon). The second day’s themes were reverse engineering (morning) and exploitation techniques (afternoon). The details of the iPhone vulnerability I wrote about earlier were disclosed in a good but short talk given by Charlie Miller of Independent Security Evaluators. In the mean time Apple has patched the vulnerability and the patch will be deployed to iPhone users next time they synchronise their devices.

I am off now for the start of Defcon. Defcon is more of an underground conference so I may have to switch on my “covert operations mode” and take off my Sophos t-shirt. Nevertheless, some of the speakers I missed at Black Hat conference are also presenting at Defcon and there are several malware related talks that should be interesting.

More details on the most interesting presentations from both conferences later when I gather all thoughts and beat the jetlag.