Microsoft BlueHat Security Briefings: Spring 2007 Sessions and Interviews

Web application security is the new security frontier. Firewalls, IDSs, and IPSs have become all but commodities. Today's threats completely circumvent the whole concept of network security and attack Web sites, web browsers, and the victims themselves. Many modern threats don't damage Web sites at all, but they can have drastically bad effects on users and corporate perception. Phishing, cross-site scripting, cross-site request forgeries and dozens of technologies tied together greatly increase the threat landscape. This talk will do a deep dive into the technical aspects of the threat, while keeping a steady eye on the consumer issues that drive large-scale website design.

Robert "RSnake" Hansen
ha.ckers.org

Robert "RSnake" Hansen (CISSP) is the Chief Executive Officer of SecTheory. SecTheory is a web application and network security consulting firm. Robert has been working with web application security since the mid 90’s, beginning his career in banner click fraud detection at ValueClick. Robert has worked for Cable & Wireless heading up managed security services, and at eBay as Sr. Global Product Manager of Trust and Safety, focusing on anti-phishing, anti-cross-site scripting, and anti-virus strategies. Robert also sits on the technical advisory board of ClickForensics and contributes to the security strategy of several startup companies. Before SecTheory, Robert’s career fluctuated from Sr. Security Architect to Director of Product Management for a publicly traded Real Estate company, giving him a great breath of knowledge of the entire security landscape. Robert now focuses on upcoming threats, detection circumvention and next generation security theory. Robert is probably best known for founding the web application security lab at ha.ckers.org and is more popularly known as “Rsnake.” Robert is a member of WASC, IACSP, and ISSA, and contributed to the OWASP 2.0 guide.

Listen to a podcast interview with Robert "RSnake" Hansen.

Ever read a story about a remote code execution vulnerability in an AV vendor and think that it’s ironic? Ever hear about a virus that removes signatures designed to catch it from an AV vendor and think, “how does that work”? Ever see a report that the latest operating systems licensing scheme has been broken, or that a DRM scheme to prevent copying movies or games has succumbed to a hacker's disassemble, and think “I wonder how they figured that out”?

Security tools are increasingly becoming the target of attackers because they are the most accessible software in an environment and because they are often the first thing malicious code will hit in their ingress attempts into an environment. This session discusses how a hacker will analyze, test, break, and evade these types of security tools. These techniques don’t apply to just security tools, but to licensing and DRM protection schemes as well.

David Maynor
Erratasec

David Maynor is a founder of Errata Security and serves as the Chief Technical Officer. Mr. Maynor is responsible for day-to-day technical decisions of Errata Security and also employs a strong background in reverse engineering and exploit development to produce Hacker Eye View reports. He has previously been the Senior Researcher for Secureworks and a research engineer with the ISS Xforce R&D team, where his primary responsibilities included reverse engineering high risk applications, researching new evasion techniques for security tools, and researching new threats before they became widespread. Before ISS, Maynor spent three years at Georgia Institute of Technology (GaTech), the last two years as an application developer in the information security group to help make the sheer size and magnitude of security incidents on campus manageable.

Robert Graham
Erratasec

Robert Graham is a long time security visionary. He created Black ICE, the first popular personal firewall, in 1998. In 1999 he invented "intrusion prevention systems" with the Network ICE "Guard." From 2001 to 2006, he was the Chief Scientist at Internet Security Systems. He is now the co-founder and CEO of Errata Security, Inc.

Mobile devices have become a valuable attack target: they store sensitive information, perform financial transactions, and gain privileged access to network resources. New features and increased wireless network connectivity are exposing a wide and continually growing attack surface that is vulnerable to a host of emerging mobile security threats such as malware, social engineering, protocol control flow vulnerabilities, and memory corruption flaws. This talk will examine the security problems unique to mobile devices, explore how hackers are attacking these devices, and investigate several vulnerabilities affecting currently-shipping Windows Mobile products.

Kevin Mahaffey
Flexilis

Kevin Mahaffey is the CTO of Flexilis where he drives security research in emerging fields and develops mobile device protection technology. He has previously spoken at Blackhat and DefCon on security topics ranging from RFID and Bluetooth security to commercial surveillance. Kevin has studied Electrical Engineering at the University of Southern California.

John Hering
Flexilis

John Hering, co-founder of Flexilis, mobile security, specializes in mobile security research and development with a focus on intelligence and emerging threats. Past projects include the "BlueSniper" project, which resulted in a world-record-setting attack of a Bluetooth-enabled mobile device from a distance of over 1.12 miles. John has studied Policy, Planning, and Development at the University of Southern California and has extensive experience with information security, policy, and wireless communications technologies.

The worst way to keep a secret is to copy it a million times and hand it out to everyone. Unfortunately, this technique is the foundation of many security systems. In this talk, practicing hackers will provide examples of how security systems in consumer devices have been foiled, and will present some material on how silicon-based security systems could be defeated.

bunnie Huang
bunniestudios

Andrew "bunnie" Huang is a nocturnal hacker and the hardware lead at Chumby Industries; his responsibilities include the architecture, design and production of the chumby's electronics, as well as writing drivers for and maintaining the Linux kernel on the chumby. With a PhD in EE from MIT, he has completed several major projects, ranging from hacking the Xbox (and writing the eponymous book), to designing the world's first fully-integrated photonic-silicon chips running at 10 Gbps with Luxtera, Inc., to building some of the first prototype hardware for silicon nanowire device research with Caltech. bunnie has also participated in the design of 802.11b/Bluetooth transceivers (with Mobilian), graphics chips (with SGI), digital cinema CODECs (with Qualcomm), and autonomous robotic submarines (with MIT ORCA/AUVSI). He is also responsible for the un-design of many security systems, with an appetite for the challenge of digesting silicon-based hardware security; his work on security is done through his private LLC, bunniestudios. bunnie is also a contributing writer for MAKE magazine and a member of their technical advisory board.

Listen to a podcast interview with bunnie.

This talk discusses the underground economy, the engine that fuels and is fueled by the online crime and abuse we all endure. Examples of the trades, transactions, and society that comprise the underground economy, in addition to discussing statistics on the level and location of activity will be provided.

Rob Thomas
Team Cymru

Rob Thomas is the founder and CEO for Team Cymru, an Internet security think tank focused on the "who" and "why" of online crime and abuse. Rob has previously held senior technical positions at companies such as Motorola, Nortel, and Cisco. Rob is a former vice-chair of FIRST, a former member of the NANOG Program Committee, a member of the UltraDNS/Neustar Technical Advisory Board, and an ISC Fellow.