Dan Griffin's Blog

Comments on security, PKI, smart cards, cryptography, and entrepreneurship.

This year having been my first visit to either BlackHat or DefCon, I must say I was disappointed by the former. After all, BlackHat is so much more expensive than DefCon. I was also surprised (although shouldn’t have been, in retrospect) to find that many of the speakers simply repeat their presentations at both. That said, the professional networking opportunities at BlackHat were first-rate, and I ran into some colleagues that I hadn’t seen in a while.

The best presentation of the whole lot was given by Dark Tangent (aka Jeff Moss, organizer of both Cons) at DefCon - http://defcon.org/html/defcon-15/dc-15-speakers.html#DT. Entitled Ciscogate (do a web search for that term and you’ll find various accounts of the story), he recounted the saga of two years ago wherein BlackHat, Cisco, and ISS were involved in a legal battle over responsible disclosure of a flaw in IOS. And this all went down during the time that Jeff was actively courting buyers for BlackHat (CMP, the eventual buyer, must not have been too scared). Anyway, Dark Tangent is a heck of a speaker - very entertaining - and I hope to catch him again.

The second-best presentation of the week was also at DefCon: Ben Kurtz (http://defcon.org/html/defcon-15/dc-15-speakers.html#Kurtz) presented a fuzzer called Funk (http://sourceforge.net/projects/funk/), implemented in the Scheme programming language! Actually, the Wikipedia entry for the underlying Scheme implementation used by Funk - called Chicken <http://en.wikipedia.org/wiki/Chicken_(Scheme_implementation)> - does at least a partial job of explaining why any talk involving that language is bound to be cool.

However, I subsequently learned that I actually missed what was probably best fuzzing presentation of the week. At BlackHat, Pedram Amini (http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Amini) presented the Sulley fuzzing framework. More info is available here - http://www.fuzzing.org/2007/08/02/sulley-fuzzing-framework-release/. I can’t write about it in detail, since I didn’t see the talk and the tool only got posted a day or two ago, but it’s apparently quite advanced.

 

Permalink |

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment