Announcing BlueHat v10: A Security Odyssey

  • Article

BlueHat v10 is on the horizon and I’m happy to be able to announce the lineup. This year we’ll be hosting our annual conference on October 13-15 at the Microsoft campus here in Redmond and, with the success of last year’s con, we’re working overtime to make it the most robust, top-notch BlueHat yet. As always, we'll interlace talks from internal and external security subject matter experts. This year our themes include fuzzing, predators of the security ecosystem, next-generation infrastructure, risks associated with mobile technologies, and the web browser landscape.

We start this year with the BlueHat Executive Sessions on October 13, which offer condensed versions of select presentations delivered in a deeply technical style to Microsoft vice presidents, general managers, senior managers and chief security advisors. In conjunction with these Executive Sessions, this year we’re hosting the BlueHat Fuzzing Summit, a full day of content focusing on fuzzing tools and methods presented for and by our fuzzing SMEs. The following two days, October 14-15, feature the BlueHat General Sessions for our larger Microsoft IT pro and developer populations. As with each BlueHat in Redmond, our primary goal is to educate our own Microsoft residents to better understand how to build more secure products. The more we know about the realities of the security ecosystem, the better we can assess our own security realities.

As with past BlueHats, for which we’ve archived select content and provided access to the masses online, BlueHat v10 will keep this information sharing alive and well for those who cannot attend in person. We will also be providing the usual anecdotes and blog posts from current and past BlueHat speakers for your viewing pleasure, so keep an eye out on the BlueHat and EcoStrat Blogs for future updates!

Here’s a brief overview of the general sessions, which we’re calling BlueHat v10: A Security Odyssey. Full details will be available on the BlueHat TechNet site within the week.

October 14, 2010

Morning Block: Predators of the Security Ecosystem

Blasting us off on our security odyssey, Colonel Sebastian M. Convertino IIwill dive into the topic of computer and information security and discuss his role developing the full spectrum of the Air Force’s cyber warfare capabilities . BlueHat Alumni Ian Amit will then lead us on a cyberspace walk through CyberCrime and CyberWarfare and map out the key players amongst each in Cyber[Crime|War] - connecting the dots. The Cold War may be over, but Fyodor Yarochkin will show us how many secrets cyber-Sputnik sees in From Russia with…an insight on intelligence analysis of Eastern hacker culture. After we tune our mission control systems to listen across the many sub-cyberspace frequencies for threats, we'll shift gears and hear from our very own "Houston" who responds when "we have a problem." MSRC's Dustin Childs will do a deep-space dive into some actual MSRC case studies in Behind the Curtain of 2nd Tuesdays: Challenges in Software Security Response. In Nine Trends Affecting the Future of Exploitation, John Lambert will close out the track with the exploitation trends that will shape attacks, and therefore defense, over the next decade, showing us what we as a security species must do to evolve, survive, and thrive. We are only dipping our toes at the shore of a cosmic security ocean, and the water looks inviting…

Afternoon Block: Next Generation

Our Next Generation track kicks off with cyber-cosmonaut Dan Kaminsky, who will give us a peek into his Unified Theory of DNS Security. In another galaxy, not so far, far away, Matthieu Suiche will then introduce his MoonSols Windows Memory Toolkit in The Blue screen of death is dead. Matthieu will demonstrate how to get a crash dump of a running VM without causing a reboot or BSOD, a far cry from the blunt tools of security eons past. Vincenzo Iozzo, Tim Kornau, and Ralf-Philipp Weinmann will reprise their Black Hat USA talk, Everybody be cool this is a ROPpery, and show us how return-oriented programming, an advanced exploitation technique, is used to bypass most of our platform mitigations. That is, until Fermin J. Serna and Andrew Roths assure us that "our shields are indeed still up, Captain!" with the Enhanced Mitigation Experience Toolkit talk, showing how EMET's new features can actually defeat current attacks, such as ROP. Closing our Next Generation track, Grant Bugher will tour the upper stratosphere in Defensive Cloud Application Development, which will address the dual-sided coin of attacking cloud-based systems and security engineering for cloud application deployments. By the time this track wraps up, you will have mastered those anti-gravity boots required for high altitudes!

October 15, 2010

Morning Block: Risks Associated with Mobile Technologies

Having thoroughly recovered from your mind being blown by the incomprehensible vastness of space and "the cloud" from Day 1, we will then take you from the infinite to the infinitesimal in our last block covering mobile technologies. While technology hasn't quite gotten home computers down to atomic sizes, our current mobile technologies are putting more and more powerful machines into smaller and smaller packages. These micro machines puncture any semblance we ever had of a "perimeter," and they contain some of our most sensitive information. Mike Howard, first mate of the starship SDL, leads us through the perilous asteroid belt of mobile security in his keynote talk. Our own Geir Olsen will go deep on the key challenges that the mobile security model tackles and how its provisions work together in practice to enable trustworthy mobile computing in the Windows Phone 7 Security talk. Charlie Miller will be our mobile security Carl Sagan, guiding us deeper in our exploration of mobile security space by addressing what makes mobile exploit payloads unique in A Brief History of Attacks against iOS and Android. Next up, the out-of-this-orbit trio of Thomas "Halvar Flake" Dullien, Tim Kornau, and Ralf-Philipp Weinmann will converse with us in the language of the universe –mathematics – to demonstrate a framework of algorithms capable of locating a Turing-complete gadget set in A Framework for Automated Architecture-Independent Gadget Search.

Afternoon Block: The Web Browser Landscape

The browser is a lens through which we view the Web, and in many cases, the cloud. Pointing out where our lens is as warped as the first Hubble mirror, renowned Web security expert Jeremiah Grossman will demonstrate how browsers can be broken and used maliciously in Browser Hacks, Design Flaws, & Opt-In Security. Robert "RSnake" Hansen will remind us of our primitive human traits (of ingenuity and adaptability) by challenging us to design secure browsers for a hostile world (despite complex browser, OS, and network interoperability requirements) in The mixed blessing of browser security. Microsoft's own Mike Andrews and Brian Christian will then close out the block and give us an insiders' perspective on how we are evolving ever further to protect the search experience in Bing through malicious traffic detection in How Bing Protects Itself. What happens when Bing gets so intelligent it can tell the difference between a real user and an attack? You will have to see it to find out.

Looking forward to blast off as always,

- Celene

*Postings are provided "AS IS," with no warranties, and conferring no rights.*