Viva las Vegas?

July in information security means Vegas heat, dark t-shirts and "BlackHat". Over the year there have been many new infosec conferences, but BlackHat remains the premier event for the infosec community.

In a few minutes, i'll start the >24hour journey towards the insanity^2 (Vegas is crazy, and the injection of the Defcon crew just dials up the crazy-meter).

My talk this year turns me into infosec historian:

"Memory Corruption Attacks: The (almost) Complete History...

Buffer Overflows, Stack Smashes and Memory Corruption Attacks have been the info sec headline stealers for the better part of 3 decades. Sadly, poor record keeping (and dismal regard for attribution of prior research) has resulted in huge gaps in our "hacker folklore". It has also resulted in several re-inventions of the wheel.

This talk traces the history of memory corruption attacks and defenses, from the Morris Worm of 1988 to the awesome Pointer Inference work published by Blazakis in 2010. We will demonstrate with code samples, live demo's (and pretty pictures) the progression of these attacks, how they work, when they first came to light, and the mitigations that have been developed and deployed to thwart them."

I'll post the slides and paper here when the conference is over, but if you are in Vegas, say hi... (or pop by to throw something at us during the 'hackcup')