Hello. How ’bout that ride in? I guess that’s why they call it Sin City. [1] BlackHat this year passed in a blur. In retrospect staying in Vegas for only 3 nights was probably a bad idea. (This is especially obvious when you consider that the round trip involves about 60 hours of travelling time) I got in and mostly hid in my room working on the talk. I did the talk, and promptly hid in my room feeling sick …
Tag: research
July in information security means Vegas heat, dark t-shirts and “BlackHat“. Over the year there have been many new infosec conferences, but BlackHat remains the premier event for the infosec community. In a few minutes, i’ll start the >24hour journey towards the insanity^2 (Vegas is crazy, and the injection of the Defcon crew just dials up the crazy-meter). My talk this year turns me into infosec historian: “Memory Corruption Attacks: The (almost) Complete History… Buffer Overflows, Stack Smashes and Memory …
A while back i thought it would be nice if we had an authoritative source of memory corruption attacks (and mitigations) in a single document. I resisted mainly because: It seemed like a lot of drudgery for something we have been able to do well without, It steers towards the word “taxonomy” [1] I was a little lazy. [1] Dave Aitel has posited that “people who thing (sic) of things as “Taxonomies” are always headed in the opposite direction from …
It doesn’t matter how many conferences you present at, or how much you hate LasVegas, around this time of the year those are very happy, welcome words. I’ll pop more details on the talk here in a few days (especially since I’m hoping to co-opt some of you). Interestingly enough, despite almost a decade of Blackhat/Defcon’s, it’s the first time I’ll be free to take a training class. I’m pretty stoked! /mh …