Re: "So now we have two large organizations using what I like to call a 'two time pad'"

[Halvar Flake <halvar () gmx de>]

Hey Dave,

d> Advanced Return Address Discovery using Context-Aware Machine Code Emulation

I unfortunately didn't see this talk yet, and haven't read the slides
either. I will definitely have to do that.

d> I did catch this talk, and it wasn't exactly the same as all the 
d> previous talks Halvar has given, although, of course, it was similar. He 
d> demoed his binary navigator, and explained how he used it to analyze the 
d> PCT vulnerability. Also, he announced that you can get a licensed copy 
d> of it through such mighty software houses as....Immunity!

Slight correction: The finished SABRE BinDiff was presented (which is
available through mighty software houses such as Immunity and
Blackhat),
and the unfinished SABRE BinNavi (which is not yet available, but this
might change in a few months). If anyone is interested in the details
of how the BinDiff works, I published a paper in the DIMVA Conference
Procedings (LNI), which is available at
 http://www.sabre-security.com/files/dimva_paper2.pdf.

Bob Morris Sr. seemed to like the concept, and it is hard to describe how proud
I am about that :-)

d> I think the era of free vulnerability information is definately waning.
d> Few conference speakers are giving away really new knowledge.

It is true that there is few new bugs being given out at conventions,
but does that really matter ? At a conference, you might discuss new
recipes for cooking fish, or building better dragnets to catch fish,
or just the general health benefits of having a lot of fish. You do
not go to a conference to buy the salmon you'll eat tonight.

Cheers,
Halvar






-- 
Mit freundlichen Grüssen
Halvar Flake                            mailto:halvar () gmx de

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave