Black Hat 2008 promises to be big

Controversial speakers and the addition of the "wall of sheep" from Defcon should make for a hot time in Las Vegas this year.

Robert Vamosi Former Editor
As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.
Robert Vamosi
2 min read

LAS VEGAS--Black Hat 2008 is bigger, and some might say better. Occupying most of the third and fourth floors of the convention hall at Caesars Palace, the conference started on Saturday with two- and four-day training sessions that continue through Tuesday.

The "public" part of Black Hat runs Wednesday and Thursday and features speakers in 15 separate tracks. One of the tracks will consist of Turbo talks of 20 minutes each. After those, there will an opportunity for the audience to talk with some of the speakers in a another room.

Wednesday starts with a bang with Billy Rios and Nitesh Dhanjani reprising their Black Hat DC talk "Bad Sushi." Then high expectations are running high as Dan Kaminsky reveals more about his DNS vulnerability. Petko Petkov will be talking on Client-side security and Joe Stewart talking on the protocols and encryption of the Storm worm. Brian Chess and Jacob West will host the second annual Iron Chef Black Hat. Tom Stracener and Robert Hansen will present on vulnerabilities with Google Gadgets and Bruce Potter will talk about malware detection using network flow analysis. Then Jim Christy returns with the annual Meet the Feds panel with Federal agents from various agencies.

Events continue into the evening with the annual Hacker Court, a mock trial on some topical issue. At the same time there will be a presentation on recommendations for the 44th Presidency around cybersecurity.

Thursday starts with Shawn Moyer and Nathan Hamiel presenting Satan is on my Friends List, a talk about social networking evil. Then Billy Hoffman on Circumventing Automated JavaScript Analysis Tools. Lukas Grunwald on Federal Trojans. Karsten Nohl on MiFare hacking. Jeremiah Grossman and Arian Evans on making money on the Web, the Black Hat way. And Rob Carter and others will talk on a hybrid file format that combines GIF images with Java Archive Sets. Calling these files GIFARs, the speakers say this intersection of Javascript with images could pose a difficult problem in the near future. Christopher Tarnovsky will talk on exploiting Secure Smartcards and Microcontrollers.

Preceding the talks on both Wednesday and Thursday will be a keynote. On Wednesday, Ian Angell, Professor of Information Systems, London School of Economics, will talk on "Complexity in Computer Security--a Risky Business". On Thursday, Rod Beckström, director of the National Cyber Security Center (NCSC) will talk on "Natural Security."

So far the only controversy concerns Apple. Last week one researcher announced he would not present his talk on the Apple FileVault, then it was announced that a second talk on security practices at Apple was also withdrawn by the panel moderator.

For the first time, Black Hat 2008 will borrow the "Wall of Sheep," a display of unprotected wireless networks sniffed at the conference, from it's sister conference, Defcon, which begins on Friday at the Riveria, just up the street.

Click here for full coverage of Black Hat 2008.