Black Hat 'supersizes' in Las Vegas

Taking up more space at Caesar's Palace is no gamble for the security confab as it tackles topics from the Vista x64 kernel to digital forensics for the feds.

Robert Vamosi Former Editor
As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.
Robert Vamosi
4 min read
LAS VEGAS-- The 11th annual Black Hat security conference will occupy more space at Caesar's Palace this year in order to accommodate more people, more topics, and, of course, more controversy.

The conference kicked off over the weekend, starting with four days of topic-specific training, before concluding Wednesday and Thursday with two days of public sessions.

If past conferences are any guide, expect the overall total attendance to be more than last year. With that in mind, Black Hat is expanding its footprint within the Caesar's Palace resort here.

But count out at least one prospective attendee. On Sunday, Thomas Dullien, CEO of the German company Sabre Security, reported in his personal blog that he had been denied entry to the U.S. for reasons having to do with H-1B visa regulations. He says that U.S. Customs officials detained him over material he was carrying to Black Hat in order to teach what was billed as an "intense course encompassing binary analysis, reverse engineering and bug finding."

A larger conference means not one but two keynote addresses. One is from Richard Clarke, President Bush's former special adviser on cyberspace security. Clarke, whose 2002 Black Hat keynote speech stated that software vendors and Internet providers must share the blame for malicious software, is now with Good Harbor Security. This year, he will talk about those "who seek truth through science, even when the powerful try to suppress it." The other keynote speaker will be Tony Sager, vulnerability chief of the National Security Agency, who will talk about creating government security standards while working with commercial vendors.

Unlike last year, when Microsoft hosted an entire series of sessions focusing on the yet-to-be released Windows Vista platform, there will be no similar tracks offered this year. Returning tracks include sessions on voice services security, forensics, hardware, zero-day attacks and zero-day defenses. New tracks include operating system kernels, application security, reverse engineering, fuzzing and the testing of application security.

But it's the individual sessions that could get heated.

Several presenters are familiar to Black Hat attendees and not without controversy. Neal Krawetz is returning to tackle image forensics, showing how to peel back the layers to find less-than-obvious manipulation; Dan Kaminsky is presenting his annual Black Ops survey; and Phil Zimmerman is returning to talk once again about his vision of a secure telephone for the Internet, called the Z Phone.

Meanwhile, Jeremiah Grossman will talk more about "Hacking Intranet Websites from the Outside (Take 2)--Fun with and without JavaScript malware", and Billy Hoffman will team with Brian Sullivan to discuss "Ajax-ulation," a talk about building a secure Ajax-laden Travel Web site.

The talk "Breaking Forensics" is already controversial. iSec researchers Chris Palmer, Tim Newsham and Alex Stamos have stated they've found up to six vulnerabilities within Guidance Software EnCase, a digital forensics program used primarily by government and law enforcement, prompting swift denials from the company.

Also controversial is Joanna Rutkowska, whose presentation last year drew a standing ovation from the crowd. This time, Rutkowska is appearing alongside Alexander Tereshkin to talk about methods for compromising the Vista x64 kernel. Luis Miras will reprise a talk he gave this past spring at CanSecWest on hacking peripheral devices such as mice and pointers.

In the evening, there will a mock hacker trial presided over by a real judge, and a talk by security researcher Johnny Long titled "No-tech Hacking"--and that's all just within the first day.

On Thursday, there will be only one keynote speaker, Bruce Schneier, who will talk about the psychology of security. Then David Maynor, who last year presented an Apple wireless flaw, will return with "tips your security vendor doesn't want you to know." Mozilla's Window Snyder and Mike Shaver will introduce new tools to fuzz browsers as well as talk about the security features expected in Firefox 3 due later this fall.

Also, Hoffman will give a second talk along with John Terrill on the possibility of a Web-based Ajax-enabled worm and how antivirus companies might cope with it; Gregg Hoagland will give a talk about reverse engineering; Adam Laurie will talk about RFID vulnerabilities; Gadi Evron will discuss the supposed cyberwar in Estonia; and retired Special Agent Jim Christy will host a regular feature called "Meet the Feds."

At the end of the second day, F-Secure's Mikko Hypponen will talk about mobile phone vulnerabilities. Meanwhile, Brian Chess and Jacob West will have some fun with something they're calling "Iron Chef Black Hat," a session where two different methods of vulnerability testing will be used to try to discover the "secret ingredient" nestled within in an open-source application.

All Black Hat events are being held here at Caesar's Palace. A sister conference, Defcon 15, will run Friday through Sunday at the Riviera Hotel, also in Las Vegas.