Will Black Hat Take the Green and Go Yellow?

By Larry Seltzer  |  Posted 2006-07-31 Print this article Print

Opinion: It's better to have Microsoft at Black Hat than not to. It's not like everyone else isn't blowing their own horn.

With all the concern over Microsofts track at Black Hat youd think it was being held in Redmond, not Las Vegas. I wont be at Black Hat, although I wish I could. Its the most interesting and useful security show of the year, but I have other obligations.
If I were there I would probably attend some of the Microsoft sessions (among them ISA Ninjitsu:Designing, Building, and Maintaining Enterprise Firewall and DMZ Topologies with Microsoft ISA Server 2004, Microsoft Security Fundamentals: Engineering, Response and Outreach, Case Study: The Secure Development Lifecycle and Internet Explorer 7, and Finding and Preventing Cross-Site Request Forgery) but its true that they seem more oriented toward the defensive side of security rather than the attack side.

So be it. Well see if people show up and how they rate those sessions on those forms you get at the end. Maybe Microsoft can give out donuts at their sessions. I find that always gets people into a meeting.

Compare those to some of the other sessions from non-Microsoft people: New Attack to RFID-Systems and their Middleware and Backends, Oracle Rootkits 2.0: The Next Generation, Hacking, Hollywood Style, and Hacking World of Warcraft: An Exercise in Advanced Rootkit Design. Its true, you wont find Microsoft presenting anything like this, and who can be surprised?

Its not like all of these attack sessions have serious credibility. Consider one of the higher-profile ones, Joanna Rutkowskas Subverting Vista Kernel for Fun and Profit. While this comes across in preview as a flaw in Win64, in fact it appears to be a flaw in AMD hardware. A good Black Hat presentation, to be sure, but not the blockbuster its sold as.

VM rootkits: the next big threat? Click here to read more.

And Microsoft isnt alone in providing "wholesome" security programming for the conference. There are plenty of others on topics unrelated to Windows. There has always been some of this at Black Hat. It is the attack stuff that made them famous, and perhaps theres more "mainstream" content lately. But looking back at the archives of the 2004 show (can you believe they leave this stuff up? Thats great) I see sessions on "Securing Solaris and Locking Down Linux," "Internal Security Threats: Identification and Prevention," and "The Evolution of Incident Response."

So what if Microsoft isnt dropping its pants and showing all its flaws? Isnt it good for security professionals to have technical briefings from vendors delineating their strategies? If you dont want to go to these sessions, bring your own donuts and go to another one.

Black Hat may be riding high in the grand scheme of things, but its not a great era these days for trade shows. The technological trends that made Comdex obsolete will eventually catch up with even the cooler, more specialized shows. If I were running this show, Id get whatever I could out of it while I could.

And if I were running Black Hat I would also do whatever I could to make the industry know I wasnt the enemy. Black Hat has a history of presentations that get companies pissed off. You never know when someones going to cross the line and get the government involved. Its respectability or trouble for Black Hat. Im not worried for them.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. He can be reached at larryseltzer@ziffdavis.com. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel