Skip to main content


BlueHat Security Briefings: Fall 2010 Sessions

BlueHat v10: A Security Odyssey, October 14-15 at the Microsoft corporate headquarters

The primary objective of the BlueHat Conference Series is to build bridges between Microsoft developers and executives, key security program partners, and members of the security research community while educating the greater Microsoft population on security threats and mitigations.

This year's conference builds upon the momentum of past events by showcasing how individual strategies can intersect to offer substantial benefits and positive-sum outcomes. We are looking to demystify global and regional security threats, and to create channels for productive information exchange on common threats that affect all the players of the security ecosystem.

BlueHat v10 again brings leading external security researchers to campus to present timely and lively presentations that showcase ongoing research, state-of-the-art hacking tools and techniques, and emerging security threats. Our main themes for BlueHat v10 focus on predators of the security ecosystem, next-generation infrastructure, risks associated with mobile technologies, and the web browser landscape.

Day 1: Thursday, October 14th – BlueHat v10 General Sessions

Morning Block: Predators of the Security Ecosystem

 Opening RemarksColonel Sebastian M. Convertino II, Commander, 318thInformation Operations Group, Lackland Air Force Base
 Cyber[Crime/War] – Connecting the DotsIan (Iftach) Amit, VP Business Development, Security Art
 From Russia With…An Insight on Intelligence Analysis of Eastern Hacker CultureFyodor Yarochkin, Security Analyst, Armorize Technologies
 Behind the Curtain of 2nd Tuesdays: Challenges in Software Security ResponseDustin Childs, Security Program Manager 2, MSRC, Microsoft
 Nine Trends Affecting the Future of ExploitationJohn Lambert, Senior Director, Microsoft


Afternoon Block: Next Generation

 The Unified Theory of DNS SecurityDan Kaminsky, Chief Scientist, Recursion Ventures 
Blue Screen of Death is DeadMatthieu Suiche, Security Researcher, MoonSols
Everybody Be Cool This Is a ROPperyVincenzo Iozzo, Reverse Engineer, Zynamics GmbH; Tim Kornau, Developer & Researcher, Zynamics GmbH;  Ralf-Philipp Weinmann, University of Luxembourg
Enhanced Mitigation Experience Toolkit 2.0Fermin J. Serna, Software Security Engineer, Microsoft; Andrew Roths, Senior Security Development Lead, Microsoft
Defensive Cloud Application DevelopmentGrant Bugher, Security Program Manager, Microsoft

Day 2: Friday, October 15th – BlueHat v10 General Sessions

Morning Block: Risks Associated to Mobile Technologies

 Opening RemarksMike Howard, Principal Security Program Manager, Microsoft
 Windows Phone 7 Security TalkGeir Olsen, Senior Program Manager, Microsoft 
 A Brief History of Attacks Against iOS and AndroidCharlie Miller, Principal Analyst, Independent Security Evaluators
 A Framework for Automated Architecture-Independent Gadget SearchThomas Dullien (Halvar Flake), CEO and Head of Research, Zynamics GmbH; Tim Kornau, Developer & Researcher, Zynamics GmbH; Ralf-Philipp Weinmann, University of Luxembourg


Afternoon Block: The Web Browser Landscape

 Browser Hacks, Design Flaws, & Opt-In SecurityJeremiah Grossman, Founder & CTO, WhiteHat Security
 The Mixed Blessing of Browser SecurityRobert “RSnake” Hansen, Founder & CEO, SecTheory
 How Bing Protects ItselfBrian Christian, Senior Development Lead, Microsoft; Mike Andrews, Senior Security Lead, Microsoft
 BlueHat Lightning Talks


Session Videos

Nine Trends Affecting the Future of ExploitationNine Trends Affecting the Future of Exploitation

John Lambert talks about nine trends that will affect exploitation over the next decade.  A number of technological, social, and environmental trends will change the world of exploitation as we've known it in the 2000s. This has lessons alike for defense, attack, and customers in the middle.

John Lambert
Senior Director, Microsoft

Behind the Curtain of Second Tuesdays: Challenges in Software Security Response

This presentation discloses some of the challenges seen by the Microsoft Security Resource Center (MSRC) in addressing modern vulnerabilities. As SDL weeded out the simple buffer overflow, vulnerabilities have become more complex in nature and thus more challenging to address. The goal of this presentation is to provide insight into Microsoft's techniques and processes in responding to these challenges and to provide lessons learned to other organizations in similar situations.

Dustin Childs
Senior Security Program Manager, Microsoft

Cyber[Crime/War] – Connecting the Dots

In this talk we explore the uncharted waters between CyberCrime and CyberWarfare, while mapping out the key players (mostly on the state side) and how past events can be linked to the use of syndicated CyberCrime organizations when carrying out attacks on the opposition.

Ian (Iftach) Amit
Managing Partner, Security & Innovation

Enhanced Mitigation Experience Toolkit 2.0

In August 2010 we released the new version of EMET with brand new mitigations and a new user interface experience. Two new mitigations are included in this version: Mandatory ASLR (breaking current ROP exploits relying on DLLs located at predictable addresses) and Export Address Table filtering (EAF) (breaking virtually the big majority of shellcodes from running). EMET is not bulletproof but will break a lot of the bad guys' tools and exploits. EMET makes it possible for f.i. to have SEHOP on an XP machine.

Fermin J. Serna
Software Security Engineer, Microsoft

Andrew Roths
Senior Security The Development Lead, Microsoft

Everybody Be Cool This Is a ROPpery

Return-oriented programming is one of the most advanced attack techniques available today. This talk presents algorithms that allow an attacker to search for and compose gadgets regardless of the underlying architecture using the REIL meta language. We show a return-oriented compiler for the ARM architecture as a proof-of-concept implementation of the algorithms developed and discuss applications for the iPhone iOS platform.

Vincenzo Iozzo
Reverse Engineer
, Zynamics GmbH
Tim Kornau
Developer & Researcher
, Zynamics GmbH
Ralf-Philipp Weinmann
University of Luxembourg

Browser Hacks, Design Flaws, & Opt-In Security

There are a number of design flaws that plague browsers, and the challenge in fixing them tends to be the unwillingness to "break the Web." This puts security designers in the position of making security opt-in choices, and few if any developers and users do because they don't know the real risks. Time to explore these issues in a bit deeper context to see what might be done.

Jeremiah Grossman
Founder & CTO, WhiteHat Security