Dailydave mailing list archives
Re: "So now we have two large organizations using what I like to call a 'two time pad'"
From: Halvar Flake <halvar () gmx de>
Date: Tue, 3 Aug 2004 07:38:06 +0200
Hey Dave, d> Advanced Return Address Discovery using Context-Aware Machine Code Emulation I unfortunately didn't see this talk yet, and haven't read the slides either. I will definitely have to do that. d> I did catch this talk, and it wasn't exactly the same as all the d> previous talks Halvar has given, although, of course, it was similar. He d> demoed his binary navigator, and explained how he used it to analyze the d> PCT vulnerability. Also, he announced that you can get a licensed copy d> of it through such mighty software houses as....Immunity! Slight correction: The finished SABRE BinDiff was presented (which is available through mighty software houses such as Immunity and Blackhat), and the unfinished SABRE BinNavi (which is not yet available, but this might change in a few months). If anyone is interested in the details of how the BinDiff works, I published a paper in the DIMVA Conference Procedings (LNI), which is available at http://www.sabre-security.com/files/dimva_paper2.pdf. Bob Morris Sr. seemed to like the concept, and it is hard to describe how proud I am about that :-) d> I think the era of free vulnerability information is definately waning. d> Few conference speakers are giving away really new knowledge. It is true that there is few new bugs being given out at conventions, but does that really matter ? At a conference, you might discuss new recipes for cooking fish, or building better dragnets to catch fish, or just the general health benefits of having a lot of fish. You do not go to a conference to buy the salmon you'll eat tonight. Cheers, Halvar -- Mit freundlichen GrĂ¼ssen Halvar Flake mailto:halvar () gmx de _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- "So now we have two large organizations using what I like to call a 'two time pad'" dave (Aug 02)
- Re: "So now we have two large organizations using what I like to call a 'two time pad'" Halvar Flake (Aug 02)
- Re: "So now we have two large organizations using what I like to call a 'two time pad'" H D Moore (Aug 03)