There is a certain mystique about the Black Hat conference in Las Vegas that it’s a place where bad things are talked about openly
and things that we once thought were secure get thrown out the window.
It’s a perception that is well founded and one that I expect will be further
reinforced at this week’s event.
Without a doubt the most highly anticipated vulnerability that will be
publicly discussed at the event is a vulnerability in
Apple’s iPhone. That particular presentation, however, isn’t scheduled
until the last day of Black Hat. In the last time slot.
There is a lot of other stuff in between, including some new takes on things
first discussed at last year’s show.
Last year Cisco Network Access Control (NAC) was proven fallible; this year at least two different security researchers will
be presenting additional findings on how to bypass NAC.
In a presentation
titled NACATTACK, security researchers Dror-John Roecher and Michael Thumann
are going to release a tool that may well be able to help get around
“We do not wish to simply release a tool; we want the audience to understand
how Cisco NAC works, why it is not as secure as Cisco wants us to believe
and which mitigations exist,” the Black Hat abstract for the NACATTACK
One of the other highlights of 2006 was Joanna Rutkowska’s landmark presentation on how to attack Windows
Vista with a virtualized rootkit. Rutkowska is back this year with more of
the same on virtualization-based malware. She also plans to reveal new,
practical methods for compromising the Vista x64 kernel on the fly.
Rutkowska is also the subject of another presentation titled, “Don’t Tell
Joanna, The Virtualized Rootkit Is Dead” where researchers from Matasano
Security will attempt to prove that the virtualized rootkit approach can be
Web services will also be violated in a talk titled, “Attacking Web Service
Security: Message Oriented Madness, XML Worms and Web Service Security
Sanity.” C++ developers won’t be safe, either, as IBM ISS researchers are set
to discuss how to break C++ applications.
According to the session abstract,
the researchers claim that this presentation will include a discussion of bug
classes that have yet to be discussed or exploited in a public forum.
Join the crowd.
Speaking of crowds, it might be a good idea to stay off the streets for a
few days, too. One of the more esoteric sessions is titled, “Injecting
RDS-TMC Traffic Information Signals a.k.a. How to freak out your Satellite
“We’ll discover the obscure (but scary!) messages that can be broadcast (and
that are not usually seen over legitimate RDS-TMC traffic), the limits of
standard SatNav systems when flooded with unusual messages and the role that
RDS-TMC injection/jamming can play in social engineering attempts (hitmen in
the audience will love this!),” the session abstract states.