- Shawn Moyer/Nathan Hamiel talk was first and probably best at BH. I don't think most people got it. I'm not sure I even 100% got it.
- Thanks to the DEFCON goons who got me into the BH speakers party. Maybe next year I will be there for real.
- WhiteHat dinner was excellent! Good people over there.
- Mandiant training was good. A little more "find malware in Windows boxes" than I'd have liked, but overall a very valuable experience.
- HackProv! (Did you know that Chicago plays "Big Buddha" differently than Boston? They use swears.)
- Badges by December. Seriously badge fail.
- My favorite moment of the whole trip was making an analog iPhone amplifier out of a plastic cup and Seventeen magazine at the Riv bar at like 3am.
- Also, some dude was like "I don't think you guys like the same music as me" but it turns out his iPod was loaded up with 90's industrial and we were all like "sup man"
- Honestly by the time DEFCON rolled around I was pretty much talked out, I only ended up going to a very small number of talks. "The Psychology of Security Unusability" was excellent but much too rushed
Thursday, August 27, 2009
Blackhat/DEFCON
Ok, I'm apparently not going to get around to a full recap of Blackhat/DEFCON, so here's some bullet points.
Friday, August 14, 2009
XSS-ing the user agent. Is there a point?
Still haven't gotten around to recapping the rest of BlackHat/DEFCON. It's still on the list. In the meantime...
I've been seeing a lot of this lately:
User-Agent: <script>window.location='http://somewhere'</script> (compatible; MSIE 7.0; ...etc etc)
I'm not sure if this is attacking a specific vulnerability, or just trolling for unknown XSS vulnerabilities. Doesn't seem like the most subtle way to do it in either case. Anyone know?
I've been seeing a lot of this lately:
User-Agent: <script>window.location='http://somewhere'</script> (compatible; MSIE 7.0; ...etc etc)
I'm not sure if this is attacking a specific vulnerability, or just trolling for unknown XSS vulnerabilities. Doesn't seem like the most subtle way to do it in either case. Anyone know?
Tuesday, August 4, 2009
Post BlackHat/DEFCON
Unfortunately the blogging failed closed after Blackhat Part 1, as the network got a little too dangerous to start throwing my Blogger credentials across it.
I have a ton to write about, and it's going to take me several posts. In the meantime, DEFCON BEES
I have a ton to write about, and it's going to take me several posts. In the meantime, DEFCON BEES
Subscribe to:
Posts (Atom)
