Dailydave mailing list archives
CyberSyScan 2013 - The Speakers!
From: Ben Nagy <ben () iagu net>
Date: Fri, 1 Feb 2013 10:18:10 +0700
Ladieeeees aaaand Gentlemen! Having sold out everything in which I believed and signed up to "death by one hundred and forty codepoints", I take an unholy amount of pleasure in sitting down comfortably, with a few decent Belgian beers in order to inform you, at some considerable length, of the cyber-wonders in store at the upcoming cybersecurity cyberconference, the one and only CyberSyScan CyberSingapore! Cybers got you down? Worried that someone else is putting the 'APT' in your apt- get? Think you're the only one reading your Inbox? You need a SyScan! - Ten world-class experts presenting cutting edge RESEARCH - Rock solid lineitems for your outstanding TRAINING budget - Cyber-earthshaking KEYNOTES - A permanently OPEN CYBERBAR - Secure coding COMPETITIONS with CASH PRIZES - Professional LIGHTNING TALKS - "Karaoke" LIGHTNING TALKS (point and laugh!) - An OPEN BAR First things first. The Keynote. After skiving off for a few years, the one and only Dave "I REALLY LOVE ANTS" Aitel is back with us in Singapore. To my mind, a lot of "thought leaders" in "cyber" are actually just people who can mostly write in complete sentences and know how to manage their press hookups. True thinkers, however, are the ones with whom you initially disagree, sometimes violently, sometimes in an overwhelming majority until suddenly, one day, you realise that they were right all along. Despite his slightly creepy obsession with formicidae, Dave is one of those thinkers, and if you don't get up early to make into the Keynote you are definitely going to regret it. I haven't actually got his title to hand, which means that, according to the rules, I get to make it up. (It might be about something else entirely) KEYNOTE: Dave Aitel - What's At Stake? - Everything Buffy The Vampire Slayer Taught Me About Cyberwar And now, without further ado, ( my scurrilous slander of ) - the illustrious SPEAKERS of SyScan Singapore 2013! Alex Ionescu ( @aionescu ) - Hotpatching the Hotpatcher: Stealth File-less DLL Injection There are people who know about Windows Internals. Then, there are slightly scary people who just know TOO MUCH about Windows Internals. After that, there are terrifying lunatics who know SO MUCH about Windows Internals that they write a WHOLE KERNEL from scratch for a bizarre stunt-OS that is binary compatible with Windows - presumably after a drunk bet got waaay out of hand. And then there's Alex. This talk, however, looks like solid gold awesome for kernel post- exploitation and is bound to have "certain people" drooling. "Hop-a-Long" Halvar Flake ( @halvarflake ) - Checking the Boundaries of Static Analysis Halvar needs no introduction... but I'm going to give him one just to be irritating. A mathematician at heart, Halvar really wants nothing more in life than for things to work just as they should, and for there to be cake afterwards. However, having not revolutionised mathematics by the age of 20, he wisely decided to turn his hand to revolutionising reverse engineering instead. Since then, he has spent years eviscerating software, building tools that sucked less than all the existing ones and relentlessly pointing out all of the areas where our approaches just aren't working. I pine for a softer, kinder world where formal methods solved everything, other people's software didn't suck so damn much, and gentle giants like Halvar would be free to read poetry and eat their cake in peace. :( Georg Wicherski ( @ochsff ) - Taming the ROPe on Sandy Bridge Georg works for CrowdStrike, who, I am told, "do not engage in any illegal activities". So, now that their business model is completely clarified, this will be some kind of awesomeness about using new Sandy Bridge processor features to pick up ROP exploits with "almost no performance impact and without binary modification". Sounds like fightin' talk to me! Oh, also, Georg is pretty hardcore. Pedro Vilaca ( @osxreverser ) - Revisiting Mac OS X Kernel Rootkits @osxreverser may not be the hacker your Macbook needs right now, but he is definitely the one it deserves. And not in a good way. There hasn't been all that much sunlit work on OSX rootkits for a while, although it's safe to assume that the scary guys are going at them hell for leather (because, let's face it, who WOULDN'T want to own 80% of security conference speakers). Since Apple's hardening seems, oddly, to be strongly correlated with techniques released at cons, I think whichever side of the OSX Rootkit Fence you're on there's going to be a lot to love about this talk. Snare ( @snare ) - "... I mean, F*CK, it's got FPGAs in it, right?" (I'd assume this title is subject to change...) Snare describes himself as a "CIS-MALE POLYAMOROUS PANTSLESS PANSEXUAL NEO- PANTHEIST", which I feel, were I to understand more than half of those words, sums it up perfectly. DMA (Direct Memory Access) on IO ports (eg Firewire etc) is horribly scary, especially when done wrong. "Certain vendors" need to have their bad habits kicked out of them, and in this instance, snare is wearing the boots ( if not the pants ). If imagining the ultimate evil-maid passkey is enough to make your firmware go limp, you should probably be at this talk. Also, any speaker that forgets their display adapter for the projector will be forced to use one provided by @snare. DON'T LOOK AT ME LIKE THAT, I DON'T MAKE THE RULES, OK? Stefan Esser ( @i0n1c ) - Mountain Lion / iOS Vulnerability Garage Sale What praise can I heap upon Stefan that hasn't already been bestowed by his adoring Twitter followers? Scumbag, moran [sic], asshat, troll... but the whole truly is more than the sum of its parts. Stefan has been a fixture at SyScan Singapore for years, and I've had the brain-melting pleasure of watching him break stuff since his PHP days. On none of those occasions has he failed to deliver the awesome. We shall dance around as he showers us in 0day and we shall have an 0day Sparkle Party. j00ru ( @j00ru ) and Gynvael Coldwind ( @gynvael ) - TBA So, I'm starting out with some Windows kernel fuzzing at the moment, and I recently presented a small monograph on the subject at the legendary Ruxcon. I noticed that both Tarjei and Alex Ionescu were in the audience, and was basically terrified. I said something to break the ice like "the only thing that could make this worse would be if, like, j00ru were here ;)"... except he was and he came up and introduced himself afterwards and that is how I met j00ru. :( Anyway... the three things that should alert you to the fact that this will be an amazing talk are - 1. Gynvael Coldwind. 2. j00ru. 3. That we can't announce even the TITLE until some people patch some stuff. Nguyen Anh Quynh - OptiCode: machine code deobfuscation for malware analysts I have a new rule: "never argue with a PhD who codes in grandpa slippers". That rule may or may not have anything to do with Quynh. This presentation confirms what everyone has always known - that LLVM and theorem provers are basically magic, and if you attack any problem, no matter how difficult, with enough of them then you just win. That's my understanding anyway. OK, it may be a little rough around the edges, but I'm pretty sure that's the essential thrust of it. In this instance, Quynh will demonstrate how to magically deobfuscate machine code, commonly found in malware, but also in lots of other places where people don't feel reverse engineers should look. And, for his next trick, he pulls out a fully working tool, not just a hand-wavy paper. Flawless Victory. Mario Heiderich ( .mario / @0x6D6172696F ) - The innerHTML Apocalypse - How mXSS attacks change everything we believed we knew so far Everyone loves a good Apocalypse, and none more than the SyScan selection committee. Although I find it, personally, very difficult to credit, I am assured by scientists that web-based attacks, including XSS, are used in real life to actually cause damage in a non-ironic way. Pff. Scientists. Anyway, so "apparently" being able to bypass all current "XSS" filters and do whatever "XSS" does to lots of super important websites is "bad". Me, I'm still betting this semantic web idea isn't going to catch on. Barnaby Cornelius Aberfwyth Jack ( @barnaby_jack ) - TB, eh bro? Back in his wilder days, I would occasionally cross drinking swords with Barns. Any and all further embarrassing stories are fully embargoed under either the "Happens In Vegas Stays In Vegas Act" or under the terms of a Mutually Assured Destruction treaty to which I am signatory. Barns wrote the first exploit I ever compiled ( jill.c ). Barns got into the USA on a type "O" visa ( usually for foreign Olympians ). Barns made an ATM spit out cash. Barns hacked Chuck Norris' coffee maker. And, more recently, Barns has been scaring the living FDAs out of medical device manufacturers. This is going to be epic. Lut's git grimy, eh? Aaand done! If you made it this far, I should like to remind you about the part, WAY up the top, where I mentioned that there is an OPEN BAR at SyScan. Also amazing food, convivial company, the chance to lie about outdrinking me like @nicowaisman, assorted revelry and an open bar. You should come. Get a cyber up ya. Cheers, ben _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- CyberSyScan 2013 - The Speakers! Ben Nagy (Feb 01)
- Re: CyberSyScan 2013 - The Speakers! Dave Aitel (Feb 04)