Microsoft, hackers team up on scavenger hunt
Here's a look back at this year's 'Limo Races'--a Blue Hat tradition pairing Microsoft's bug hunters with outside researchers on a costumed contest in Seattle.
For many of the security researchers who trek to Microsoft's twice-yearly Blue Hat conference, one of the big highlights doesn't happen until after the event itself ends. The Limo Races--a scavenger hunt through Seattle that teams Microsoft security folks with outside researchers--have become a Blue Hat tradition.
Blue Hat itself, and the Limo Races, are part of a broad effort by Microsoft to forge closer relationships with the security community. The role of those relationships in Microsoft's security strategy is the topic of Day 2 of my special report: "Securing Microsoft: A long road." Monday, I wrote about how Microsoft's security practices have evolved over the years. Wednesday, I'll take a look at the emerging threats that could challenge all the work that the company has done.
Although I did get to go to Blue Hat in September, I didn't get a chance to take part in the Limo Races--my flight was leaving before the races started. I did ask several people to let me know what happened.
"The 'race' began near Pioneer Square and was in high gear from the start," said Microsoft's Andrew Cushman. "It was surreal to see the elite security professionals from the around the world--conference organizers, reverse engineers, code auditors, and penetration testers--wearing costumes and gathered together to socialize, talk shop, compare techniques, do a little trash talking, and vie for bragging rights for the next six months."
Cushman was in a limo with Black Hat founder Jeff Moss and IOActive's Dan Kaminsky, among others. By day, Cushman argues for ethical and responsible handling of security issues. By night, though, he's a ruthless competitor.
"Kaminsky and I tried to steal other teams' clues and instruction paper," Cushman said. "Kaminsky nearly tackled competitors and used sticks and plastic knives to pop other teams' balloons."
Once in their limo, the group headed to Seattle's Capitol Hill neighborhood in search of a buzz cut, and a Mexican restaurant serving tequila. The latter proved easier than the former.
None of the crew was looking to get a buzz cut. Moss stated he'd just gotten a haircut and was not up for being shorn again. He donned a long, blond dreadlock wig to drive that message home. Cushman wasn't about to let a pair of clippers attack his curly locks, but he thought perhaps Kaminsky might be worn down after a couple shots of Patron. In the end, it mattered not. "There were tattoo parlors still open on Capitol Hill, but nary a barber to be found."
Kaminsky learned another lesson from the Limo Races--a pie in the face can be a painful experience. When the task of getting a pie in the face was thrown at his team, Kaminsky said he "gleefully" accepted the challenge. He even picked the pie that was to hit him.
There was only one problem. Kaminsky picked an unthawed pie. Those don't make the kind of pleasant squish made famous by the Three Stooges. If you want to see the pie-throwing in action, check out the video posted to MySpace. (Warning: it does have one swear word at the end.)
"Next time, I'll...uh...pick one that *isn't* frozen :)" Kaminsky said in a posting alongside the video.