Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Microsoft Has a Big Date Set with Black Hat Hackers



 By: Ryan Naraine
2006-06-13
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
The software maker will use the upcoming Black Hat security conference to show off some of the key security features and functionality being fitted into Vista.

Microsofts Windows Vista has a date with some of the worlds smartest hackers.

The software maker will use the spotlight of the Black Hat security conference in August to show off some of the key security features and functionality being fitted into Vista.

Microsofts appearance on the Black Hat stage is a first on many fronts. Microsoft will be the first software vendor to present an entire Black Hat Briefing track on a pre-release product. It is also the first time a representative from Redmond Wash., will make an official presentation at the controversial hacker confab.

According to Microsoft program manager Stephen Toulouse, the idea is to provide "deeply technical presentations" on Vista security to the hacking community. "We submitted several presentations to the Black Hat event organizers and, based on the technical merit and interest to the audience, they were accepted," Toulouse said.

In total, the day-long track will include five presentations from Microsoft security engineers and Toulouse said researchers and architects from Redmond will also be actively participating in the event. "We want to make sure were gathering as much feedback as we can, so that Windows Vista succeeds as the most secure version of Windows ever released," he added.

Resource Library:

The sessions will include a talk by John Lambert, group manager in Microsofts Security Engineering and Communications Group on the security engineering process behind Windows Vista.

Lambert is expected to hold up Vista as the first end-to-end major operating system release in the Trustworthy Computing era from Microsoft. His talk will cover how the Vista engineering process is different from Windows XP and details from what is described as the "largest-commercial-pentest-in-the-world."

Lambert plans to give Black Hat researchers a sneak peek at some of the new mitigations in Vista that combat memory overwrite vulnerabilities.

Wi-Fi in Vista will also come under the microscope when Noel Anderson, group manager in Microsofts wireless networking group, talks about the way the operating system will handle support for 802.11 wireless technologies.

Anderson is expected to outline the new UI experience and updated Wi-Fi default behaviors in Vista and information on a new software stack that is designed to be more secure, more open and extensible. He is expected to describe the various components of the stack and show developers how to create code to modify and extend the client.

Anderson will also outline the different ways Microsoft tests Wi-Fi in the new operating system.

Also on the Black Hat agenda is a talk by Abolade Gbadegesin, an architect in Microsofts Windows Networking and Device Technologies Division, on the way Microsoft rearchitected and rewrote the TCP/IP stack in Vista.

Adrian Marinescu, a lead developer in the Windows Kernel group will outline the enhancements made in Vistas heap manager to show how the OS has been hardened to thwart certain types of heap usage attacks.

Microsoft previously fitted technology into Windows Server 2003 and Windows XP SP2 to reduce the reliability of heap usage attacks, but Marinescu plans to talk about how the heap manager in Vista pushes the innovation much further in that area. His talk will describe the challenges the company faced and the technical details of the changes coming in Vista.

Microsofts oft-criticized Internet Explorer browser will also get Black Hat billing this year when IE program manager Tony Chor discusses the security engineering methodology that is being applied to the new IE 7. Chor is expected to detail key vulnerabilities and attacks this methodology revealed, as well as how the new version of IE will mitigate those threats.

Also on tap is a talk by Andrew Cushman, director of Microsofts Security Response, Engineering and Outreach Team, on the way the company has changed its internal processes to deal with the changing security landscape.

Microsoft wont be alone shining the spotlight on Vistas security. Joanna Rutkowska, a renowned researcher specializing in rootkits, plans to talk about the stealthy malware threats can still be inserted into the latest Vista Beta 2 kernel (x64 edition).

Rutkowska is expected to show how to bypass the Vista policy for allowing only digitally signed code to be loaded into the kernel.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.



  Reader Comments: Microsoft Has a Big Date Set with Black Hat Hackers
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Ryan Naraine
 


x}ks㶲*Q3皢H푦dKIJ|,Lj I)H6~bvKZc2;ؖnt7F; I Ӟc,,J1[D{{}.P|gS 5rѩe軫F]̩kkH|Nშ :':D.Qs: j99צԗoO~e0-:AI6)6N0o Pl:x 3~bA2xFaYHl6XARN`^o<{e6( |@ɠi!ZdI#}9ef42MYnT\BX-UR~/^ߙi/M7;7zs/BEQB\t.s$(xmI5M-u^?ESs^_wD_"0QYTţy|/ Z@ >g`8xkQ2Z-_ KZPb٥v'Y̮gf V҄ gE)ԑYa[~6t.˫Cnl,aZUU 2Z*]鬙&ȏN}|qݽhEڝOݓYᳳa ɗV }k!-zb M u4}GuIɽGf?~Yo]~<>$Yn_g90dio,Y\H.)żM||Y|ěy#0ri4(?-9X@/@ש#a7tBmҌj 9B%yȝ7!hr Ce)#8?3̓IhJq䰉c<ذ 1"%̛ߨҁye ,}PEtBAͨ8 . If([΀/3A.r)i"  6=aL+^*,-j\GכUsNVWt];3eя0-px=mvZÏW6\/} xX18,]evr`\Զ7jG_)CR/JGg-dj`qaeJݠmayw/@ tis#|>7ƚm'!|Аd mxZ.33IXn`h`;Nh>[׏ <]X K1pA}xs껍Z=H}mP`95$զCM_́-s#08wwɭ 5y05ݻci`y1&բ !Tg ,Zz][ X.{s6Gv66-0 zRP|'sZ( 7^bxbA2 4.gP)AH =k 99~ ޑvR.%rP.o=!ԑtLR.ߗKh3aGe-n^ $ d6g2+IMiG]-&D7r"e.G 7Kᙖ6FlY*T^#&t&S7a z{@ZWgiK0w?a!1s WQ'6s?;\ύn;A 떒t0fXfZ1k.`FaǺ@dMfB7 ƙH|B3< I8͜;luVs]ˤF|`*,qrdžfXi8oÕ=5q TfЬ||=厬m/&](LuΩJJ&k:HX3j-yspm ֌O\XbʁZO%XScX`Dn Lzb4sm/n$)aV|\uLg˦zkfTؽ/ 7r@]֥P M2LZ1D4$B]`}.eG?W0Zԓ696pĞ}nP rQ j3#SV+a5sV@@@7h ,؂rir1>:NXS \OL \v 6*'l|0ː ;sm C5,v&Ԕfj:Y[^|'+gб殩ˋppY]4<~1'l2^u:Cd= 0͉V*a0؋TMa?x;HySI_)!I)D ȸla,ri L*gXsM>QȚ@POK)i/ s M~N1 hPU*1 "I85/V SG?_G z]1UF=3 $h@jS4e2fM4_0-8SJD%xT,* KkMf٧䩯1ۉh0@q_8Rd"X @ 4~<>BO$BRhg[QZnsC z/naRI?I L!2€ ݧ=1g匬,~5  dUkbS{jEQգRVq~W`^pOxO?"5TGd/pF8ݙz#h? f4k8SMw \j}G>Nf-h'(0v *BC2By^ yh+\rRj͔ Q=83 ~e7ufv9Aخ crAmqW;'PV:LΓu O#%c:Ye:w@ݐkUQl~4z7fy@L t@zcx؝HMZN7HYT9֊k[S GťR cn7 3Z`zž.n(jVTKkm7xEW‡v1wር546M|8ڳ"ZJ qv Ty9kY%f+aEnM4==Z\c7o2\$t#,\/ wms40ѻMklޥ0͜96@yZWI۠j"lγ>AqHlڃOR4SO8n7= BRӳ$R+@ekrฦmN7oE)ZxhR̚,ZBW}X`"-ٸ1u)&!j|l'$oy݊5g@Zf2U-U"m-Ͻ \X  5r &R j>"Gwiŏ[o(5rnΠ3G~T>UKK}b*ŪR.$~UroUrO,ش/6"h ނ-cz e|R/̖M%4e3/쌹-9BXQ#r޽H^K΃ Gw"y!KrBë<'Uxi)qڎ7M,#LkCuWidL-ҿjw8`R4c5ɅHg fmDu8cVyy_aZXȬe`|]L($0‘=`=` vwpyN .PdBAnpkz!N)0FE_TJi)W4f'uSxZ) 5[E_ɫ}KiV T t6~hOW+0waAdakF+9mO~@Hyw ?w8/g`IB^2 7?xKP -M?uS4 jGYkNEm{-~=`rr(SJ&M'i. [5Kb9-RJ<:<ad:nX$yYIzJ,STeD$SQSKFI39uޞ-u=Ym ybXýK3%އƗHΖf̗4.נݓy8V#["|)-&GX!*VjRZz]UHN~D!6OY=ta^CrWR~]ȩRW%}ݟfzH4S `/#9ʼSs,`GW ./#vG6cNȣ&k{?ȔKA/g]s6̴ͥE{wmhG(V#w9c99Xa8:ʳ/q1~,?4fڈbiEHZi]|&_ |0$?[Э> ?y{dNo&<)sǣAl֜j59obJf7v6,`4tͥoV<i?{޽Ҿ2CWq k:i)`*9$ThH~ݍe_"+2NIȅ^t;>ri ,FJfzӼ2hAdalOoC]hj_sTxB`o~<Ϥ ]ek*)w}ﰧ}VZtC.qB &d/.%e j OKt1ڮ/=اH? BĬhg:h덫y '|ȞF8^XCxxg,dF9a}30[ɱ=Ιd<J;lݭnM M A;"J [4 2UCnK_&1iE0pDVa? W^M·⎭zgQ$g |o(o'򽥎x5) kNW&/6o).w?.i{\naa0^oލ="s(ı߂KCƧsӆUe[ɟRnڅZ/}P?%tI=eǓo\nȇ&aD?Lk7_5}xx`-,i4RRɇ68:, ׈r{zYlC !XӹOzXi;/BnАRߥ4tpne*J!&"_/\bUFCo>WD>:pX$Dzm߂ e5E>,0?>މח31dB1m 4sj,}Qɛls76,Ѓl` ҕ[c2c㱮RsN.%;3 n-vPRs5,>E',6N19par~d2dV6f9XML 9wY  0.a6U85ymXibDZx~?EZأweZN&csVbQQhwܫRۏj/Y*$b0Zfyמ嵉 1\ ZN Z7gԮhpYlޠx{?ȮyO-F:]}]#~^4f7Jj [{07ilJiT!a2㻲*RQ8 YX_<Ͳ@o_.4n/l'Sgҩ݁()%F)繠w!/P B% *P B%RD"{IIZȔJ!DSZ`]~ HJm]C/ŐBJcJmq H:ӂm S _< +QhpV$,pmQTR JAXJ\TVJm+| zl-Ex+[!-VBVN~y>VX94jݵZږ}KOg_cECfQh;hy|o.YF WTVu{ODP&[4AD5A&0` ̺b&YHҥm9R 62h*{ ?ggK@ KRQ)giS_/LG<D \Zdn_ vW$1)[SG&*d109 /jԶtNBG/OԴ{VןmJaLqm i8c!Xab9Bמx~1S*Zw2@' : )ca4K"9Ti>dMR~c/_3GJ3oooou|q^ދ܉WJJ}% f&D#P3Ղ]vS lxR4E_Q!6p66x3~8R,Ox[o>o>o>ׯ窔s63*)eY ;Y`l;.m=,ͤ 9f??$w&  ]:i @Fɰ3]|Hu3M (5jApœmnPK{X7ٖC3Ǒ}CmVǫYu45C#@U럿sC$e̞"hTSOq/"']Pjϖ0J1)KkpF@@<"6nw(bJ%Џ0wM YQgL@/sdHB{0| qD`h 0D! W#O$B͝o|WY'܃{h áͷ+x4bFUj9 sˮY; ϖs\ܿqkj5p_qB!/qGonxȈ7f,Ad53h~wLl46f2]^Iɽ=/G P|F0-c ٰxQ|i ȪVF;t%/۬R$P3W#1CNmlfi؂_ FRˬ҄$I1Ʊ3"*Ιh֖8PUa^D+opSA$plGN$(cX ~===xj|}P.[˜zpҸ{K)q,Aqr]JL_"|͉R ; g"m:w^aci7t 16)t|3lS;%@$ꦆ/H𫛨4DJ=lqw=Uh%!mF6(qq~ix*=>NE.U+pS CR,6$Ae؃5T?0*м~#n+j(5 tUH8AH=ʹX&A%s`iu/Ř OCcPy-r9GL\|u1( EL^daLGp=S-~2Șh MQ HxD~50&N;!"Lmanj9F$1Lq/WNy ֭o_|`}(|w/  T6CĊ1gGi>'_@1Rl˿I6K_ET&}fA=bAa~L#[C 1MFs ^DҜ3,0A5A"\2ݣq7]Afp͒w\j:rtԨ b8+M5?3X,ȏKlݜ(8c%<ؘ$P!%h$bcx=9`1A2_7=}c?ݙ2{x#bwT IhR tT(9CȮ KD8_]z#]٠YQ^*_eӄ^I+\QY / IjL WuK1k50 }a3br4fcٺv^^=˂eзeЧ22Oы />A3(?(#彌rߋȐ Cg>~~Kx2+   !0m.1>ArS~~2w Y{ _g wɹN2!(oeYNo\8\8_YWAa uqQ^ }V)@yJ ,c/3\)d{9;[?[t/OBX\Jzp+W^vim4viA {}yK/#ymoR: A)Q. 3l?V\[[,Oнۺ{'ϊ'NW4CﹲKd^ WsU}ӉzZ=Ś/JYy<q sjžȾ6w-4(c#h6 .Ñp[y?|K2xY0@ۓ{ݯ\pmঠϻL^-QીOW=}bexvY^][j7m1O9y}³23wّGh5OKWX -Jbġ${{iVj?f4h9x~fOvHu>l}谇b(O4q29wYu8% HMԳpNza箨%ghWCtJ {4"ޔA>Ҍn@ 9w1*%U-)UTj%wwrDaӃ""Cή5JA.$`rXRKUrF(RB4|O۴W)]74Csc<{+4wаY-}"z5~L@NMD6"ݽ/cZA6of)3^8ռD<gM~ o2P e +?o9Xj-/#RQ1+\Y#_pov1R  {{[1g7ډ:Gĕq8Sk,#ӄwY!D˸fz4}z<8~3mJN)tIb|3s7dFLdp!gB-Kt!^PaD˦U$B`u jϗ0n%c$Q.#Erly0%62wHP,皩V}ܣ (luy5o2ɔ4s . " n+QBfLZDAnx&Qg1̐(JI´kL!SFOi3A am o5F3FЯ"9ţ:aё(YH=Ոqe@(we6Lm (~%.,wb9 ^\ؓZg.t1kN϶{3_;upqgF]?"d`ڦc53vǘԣDa`/Fx\(D6?%ix&b5b P|_|nڋ{/!f39L&dʗ[l,Ǝ$z 6o෿_ɡ=Gw#郧rSl+.Ġ/3>g'4WBMxXum& cӄ2~, {+2‡_i w/ EݙcE^c-x{p_a{Ï,?hPxUE'0X$=Cf KǓ,h :/%X~ [#rF331F#qy] YV8[T"?6bNm% 1o)%&Vk*/':Oe;BI<ŗ5_xelm೤c*3S2m-)e'>r}7{,ݤd/+2b%vm=HYUҎ_@Bo H, 7A)W|B,kl`B`tլ`&sˠvSl]@_v\4R*4$NS xSEzV?ĵ  Laz:SAW (|x@NlM9\c :۳|?Oe Lwt<^<@ߦ `ܘ}lI5cO9B/7Qg~ r@c]Tng`wDl .3.OY% hWa)*e71KLP`Ol3!gw6G}dȱ(l}j.͜GԋO0xeҵ@ɬnq[?[ m-1k$~El=fu+Wrcdk{f:eP:eX l'!R%k+Wei$ցi .)>n)ZF#,ci ԭ<P@ac.vz]nNQa#=QaW7n MywL \7o]eAP1W)?&Il}ralX ^|޹+o3Љe{0^Op2$82#" $8zIW{{a0&iE㨤t`C v_Ή~ph;?҈>A wVǰ?BLN Ro3pRaL (b[и%hw2b5ʧ=M~p a\YGlx7ygb9 ~g!tu?Jzfk`ggANXvQJe