Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Database
    • Networking

    Black Hat, Back with the Hackers

    Written by

    Lisa Vaas
    Published February 21, 2007
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Whats in store for Black Hat Feb. 28-March 1?

      Weve got digital forensics—will Jim Christy, forensics expert to the DOD, challenge attendees to break the encryption of the hardware encryption chip used by Vista? Maybe—stay tuned, because he tells me theres definitely going to be some kind of challenge!

      Then weve got new and better ways to snap your favorite database into itty-bitty pieces, including NGSS David Litchfield presenting on Advanced Oracle Attack Techniques.

      David tells me were going to be hearing about new Oracle attacks that didnt even make it to his most recent book, “The Oracle Hackers Handbook.” That includes such sins as advanced PL SQL injection, exploitation, cursor snarfing, defeating virtual private databases and indirect privilege escalation.

      For all you data seepage fans, theres Errata, with CEO Robert Graham set to show use of a tool theyve cooked up to pick up all the supposedly trivial data youre seeping wirelessly or even wiredly—along with how it can be used for corporate espionage and other fun hobbies.

      Meanwhile, Dr. Jose Nazario, Senior Security Engineer at Arbor Networks, is going to share lessons learned from trailing botnet attacks. All this and more, more, more!

      But before we delve into the details I shamelessly weaseled out of presenters, heres the conference lineup you can see for yourself. Now, this isnt the big Vegas Black Hat in July—this is the smaller DC one (Arlington, Va., actually), focused on government and enterprise issues.

      That means weve moved away from pure Vista, pure rich-sponsor Microsoft, back to the basics: hardware/sub-OS, enterprise impact, software security and binary analysis, and forensics (thats what Jim Christys doing, with the opening keynote, “Cyber Crime and the Power of Digital Forensics.“

      You might remember that the last big Black Hat was pre-Vista, and it was more or less pure Vista.

      This time around well see much fewer pure Vista sessions, one exception being Symantec Research Scientist Ollie Whitehouses two-part session on GS (a compiler option introduced in Visual Studio 2002, used in some binaries in Windows Vista 32-bit as a defensive mechanism) and ASLR (Address Space Layout Randomization) in Vista.

      The second section deals with ASLR implementation in Vista, about which Symantec promises “some surprising results.” That sounds a bit too tantalizing to pass up, so stay tuned to Security Watch to hear what those surprising results might be.

      I chatted with Jim Christy—the director of Futures Exploration for the Defense Cyber Crime Center, responsible for the research and development and test and evaluation of forensic and investigative tools for the DOD Law Enforcement and Counterintelligence organizations—about his keynote.

      His presentation will be similar to his last Black Hat presentation, as he tries to get across how ubiquitous digital forensics are today, as well as how desperately we need law enforcement professionals trained in the techniques of digital forensics—techniques that are now recognized and regulated internationally.

      Hes also after the private sector to come up with better tools to struggle through the oceans of data people like him encounter during investigations into child porn, phishing, computer intrusion and just about any flavor of crime nowadays.

      That gets us back to his challenges. And back to Vista. During his last presentation, Christy threw out this challenge to the audience: Come up with a way to read data over a CD thats been physically broken into pieces. To date, the center has received solutions from 11 teams. This year hell throw out another challenge. He hasnt figured out what that will be yet, but Vista and hard drive encryption could be the theme.

      “Vista is a major challenge for security purposes,” he told me. “Now, it matches your data to the motherboard on the computer. Theres a chip on board that will do hardware encryption. For law enforcement, it will change how we do forensics. If a hard drive is encrypted and we get a dead box … it will remain dead unless you have the key to get into it. … Were being told by government agencies and Microsoft that you cant break the encryption. Obviously, thats going to be one of our challenges. We want somebody to break that puppy for us.”

      Errata CEO Graham, for his part, is looking to drill into some enterprise skulls how seemingly trivial information can be used quite satisfactorily by hackers. This is data seepage were talking about: the exposure of data that seems innocent. That differs from data leakage: i.e., sensitive information that companies know they dont want to have stray away.

      A recent example of data seepage is how reporters found out about the Iraq war before it happened. Namely, they managed to extract information about the rate of pizza delivery from workers at pizza shops near the Pentagon. Lots of intense meetings, lots of pizzas.

      An example of digital data seepage closer to enterprises hearts would be this scenario: Your CEO is in the airport lounge. She was previously logged in to the companys network. When she sits down for a drink, her chatty laptop starts looking for access points so that it can reconnect.

      A hacker with the right tools could find out where shes been, physically, by looking at the access points shes trying to connect to. An eavesdropper could map the corporate network and within moments build up a complete picture of who this person is by monitoring the wireless network, Graham told me.

      The answer? It isnt a question of a silver-bullet security product, nor is it a question of user behavior modification. The problem is that activities such as reconnects are happening automatically, Graham said, with users being unaware of whats happening.

      “Its more a tradeoff,” Graham told me. “You have the ease of use of the laptop, with things happening automatically, versus making the laptop harder to use.”

      Graham will be demonstrating how the data eavesdropping can be done, and hell be showing just how much eavesdroppers can find out.

      Next Page: More presenters.

      More Presenters

      What else? Mandiant Founder Kevin Mandia is going to present on how to survive the grind of ongoing incidents without losing your sanity or your budget.

      Renowned security researcher Joanna Rutkowska, for her part, is presenting on “Beyond the CPU: Defeating Hardware Based RAM Acquisition Tools.“

      Rutkowska last year became the Black Hat lightning rod when she demonstrated a prototype of the Blue Pill—an example of “Stealth by Design” malware that uses virutalization/hypervisor techniques to take over a system without leaving any trail whatsoever—i.e., undetectable malware. This Black Hat star will be a big draw for sure.

      “Bypassing NAC,” presented by Ofir Arkin, CTO of Insightix, is a must-attend to my mind, given the continuing question of the flawed security of NACs (network access controls). Arkin promises to present flaws associated with each and every NAC solution presented.

      “These flaws allow the complete bypass of each and every network access control mechanism currently offered on the market,” his session description reads.

      Stay tuned: The conference runs Wednesday and Thursday, and well be there reporting on as much of this as we can cram in.

      See something on the schedule you think is a must-attend? Let me know what and why at [email protected]. eWEEK Senior Editor Lisa Vaas has written about technology since 1997.

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.

      Lisa Vaas
      Lisa Vaas
      Lisa Vaas is News Editor/Operations for eWEEK.com and also serves as editor of the Database topic center. She has focused on customer relationship management technology, IT salaries and careers, effects of the H1-B visa on the technology workforce, wireless technology, security, and, most recently, databases and the technologies that touch upon them. Her articles have appeared in eWEEK's print edition, on eWEEK.com, and in the startup IT magazine PC Connection.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×