Black Hat Cometh; You Afraid?
There is a certain mystique about the Black Hat conference in Las Vegas that it's a place where bad things are talked about openly and things that we once thought were secure get thrown out the window.
It's a perception that is well founded and one that I expect will be further reinforced at this week's event.
Without a doubt the most highly anticipated vulnerability that will be publicly discussed at the event is a vulnerability in Apple's iPhone. That particular presentation, however, isn't scheduled until the last day of Black Hat. In the last time slot.
There is a lot of other stuff in between, including some new takes on things first discussed at last year's show.
Last year Cisco Network Access Control (NAC) was proven fallible; this year at least two different security researchers will be presenting additional findings on how to bypass NAC.
In a presentation titled NACATTACK, security researchers Dror-John Roecher and Michael Thumann are going to release a tool that may well be able to help get around NAC.
"We do not wish to simply release a tool; we want the audience to understand how Cisco NAC works, why it is not as secure as Cisco wants us to believe and which mitigations exist," the Black Hat abstract for the NACATTACK session states.
One of the other highlights of 2006 was Joanna Rutkowska's landmark presentation on how to attack Windows Vista with a virtualized rootkit. Rutkowska is back this year with more of the same on virtualization-based malware. She also plans to reveal new, practical methods for compromising the Vista x64 kernel on the fly.
Rutkowska is also the subject of another presentation titled, "Don't Tell Joanna, The Virtualized Rootkit Is Dead" where researchers from Matasano Security will attempt to prove that the virtualized rootkit approach can be detected.
Web services will also be violated in a talk titled, "Attacking Web Service Security: Message Oriented Madness, XML Worms and Web Service Security Sanity." C++ developers won't be safe, either, as IBM ISS researchers are set to discuss how to break C++ applications.
According to the session abstract, the researchers claim that this presentation will include a discussion of bug classes that have yet to be discussed or exploited in a public forum.
Join the crowd.
Speaking of crowds, it might be a good idea to stay off the streets for a few days, too. One of the more esoteric sessions is titled, "Injecting RDS-TMC Traffic Information Signals a.k.a. How to freak out your Satellite Navigation."
"We'll discover the obscure (but scary!) messages that can be broadcast (and that are not usually seen over legitimate RDS-TMC traffic), the limits of standard SatNav systems when flooded with unusual messages and the role that RDS-TMC injection/jamming can play in social engineering attempts (hitmen in the audience will love this!)," the session abstract states.