Showing posts from July, 2010

Viva las Vegas?

July in information security means Vegas heat, dark t-shirts and " BlackHat ". Over the year there have been many new infosec conferences, but BlackHat remains the premier event for the infosec community. In a few minutes, i'll start the >24hour journey towards the insanity^2 (Vegas is crazy, and the injection of the Defcon crew just dials up the crazy-meter). My talk this year turns me into infosec historian: " Memory Corruption Attacks: The (almost) Complete History... Buffer Overflows, Stack Smashes and Memory Corruption Attacks have been the info sec headline stealers for the better part of 3 decades. Sadly, poor record keeping (and dismal regard for attribution of prior research) has resulted in huge gaps in our "hacker folklore". It has also resulted in several re-inventions of the wheel. This talk traces the history of memory corruption attacks and defenses, from the Morris Worm of 1988 to the awesome Pointer Inference work published by Bla