Everybody else is posting their picks for the talks they want to attend at Blackhat USA 2008. I’m not going, but Chris Gates, of the excellent carnal0wnage blog, and I have decided to post our picks as part of an armchair “Blackhat Fantasy League”. This’ll serve as a nice reference for myself when audio/video of the conference is released too.
(Edit: Chris just posted his picks. There’s a nice web security flavor to his choices)
It really is a shame that I won’t be able to go, since our good friend Yousif Yalda promised to “beat me down” there. Assuming I could make it to each talk, between all the beatings, here’s where I’d like to be:
Day 1 – 10:00 – 11:00
Fyodor Vaskovich – Track: The Network
This is going to be outstanding. I always enjoy hearing Fyodor talk about nmap internals and tricks used to get more speed out of it.
Day 1 – 11:15 – 12:30
Dan Kaminsky – DNS Goodness
Pretty obvious choice here. I feel sorry for the other speakers on during this time slot.
Day 1 – 13:45 – 16:30
Lots of folks – Iron Chef Fuzzing Challenge
Jacob West, Charlie Miller, Geoff Morrison, Jacob Honoroff, Sean Fay, Brian Chess finding vulnerabilities, Iron Chef style. The Cisco shellcode/backdoor talk almost beats this out, but I had a lot of fun listening to the last Iron Chef challenge.
Day 1 – 16:45 – 18:00
Val Smith, Colin Ames – MetaPost-Exploitation
I’m on a Metasploit kick right now
Day 1 – 18:00 -
The Pwnie Awards
Day 2 – 10:00 – 11:00
Felix Lindner – Developments in Cisco IOS Forensics
I haven’t gotten my hands dirty with the guts of IOS, so I think I would enjoy this.
Day 2 – 11:15 – 12:30
Eric Filiol – Passive and Active Leakage of Secret Data from Non-Networked Computer
The description on the Blackhat site is kind of vague, but it sounds fascinating
Day 2 – 13:45 – 16:30 (?)
Lukas Grunwald – Hacking and Injecting Federal Trojans
Law enforcement injecting trojans into software downloads… neat… (this one is scheduled back to back with itself, so I don’t know if it’s a continuation or what?)
Day 2 – 16:45 – 18:00
Patrick McGregor – Braving the Cold : New Methods for Preventing Cold Boot Attacks on Encryption Keys
Having written msramdmp, I definitely have an interest in talks on cold-boot memory attacks