This week in Washington, DC, many of computer security’s best and brightest minds have gathered to present research and to offer training on the latest attack techniques and network defenses. Patterned after the popular Black Hat Briefings held in Las Vegas every summer, Black Hat Federal is gaining popularity–especially with security professionals in and around the DC beltway. But even though GBM readers are probably more interested in CES than the Black Hat conferences, there’s a wealth of information for anyone that’s even slightly interested in computer security.
A quick browse of the Black Hat web site reveals an archive section loaded with informative white papers and presentations from previous Black Hat conferences. In the archives, you’ll find the presentations, notes, and tools from previous Black Hat speakers (names like Halvar Flake, Dave Aitel, FX, Johnny Long, and the Grugg). You’ll also recognize some of these topics from previous GottaBeSecure articles (topics like data seepage, WiFi security, and active hacking techniques). To attend Black Hat live in person typically costs around $1500, but you can download these previous presentations for free. This week’s presentations haven’t been posted, but there are a few that look to be of interest to GBM readers: Bad Sushi – Beating Phishers at Their Own Game, Biometric and Token-Based Access Control Systems (this will not be your typical sales pitch…), and Cracking GSM.
Finally, it will be interesting to see whether anyone gets sued, threatened, or arrested at this years conference. Previous security conferences have brought out corporate lawyers trying to hide their product’s vulnerabilities and at least one arrest for violating the Digital Millennium Copyright Act (DCMA). Let’s hope this week’s Black Hat Federal conference has less drama and more useful information to help people protect their systems from the real black hat hackers of the world.