[ Blue Hat Day 2 ]
I think I'm sufficiently recovered to blog about day 2.
I'm just kidding, it wasn't that bad, but I did drink a ton of vodka that night at the IOActive-sponsored limo races, and the Jello shots at the end didn't help at all either.
But let's rewind a bit and reminisce about the talks. Billy and Nitesh started off the conference in style with their Bad Sushi talk. Even though I've seen this talk 3 times I still enjoy it immensely.
Then kuza55 (Alex K.) talked about The Browser and Other Mistakes. It's been said before by others that his grasp of web app security is amazing for his age and I agree, but he's also a pretty cool guy to hang out with as well. He had some great stuff in his talk and some of the things he mentioned gave me ideas for future research.
Another talk I really enjoyed was Manuel Caballeros' talk about resident scripts. That talk was sick. I couldn't believe some of the stuff I was seeing. That will definitely be a focus in some of my future research into other languages.
Also, I got to meet Peleus Uhley and Eric Lee of the Adobe product security team. We worked pretty closely with them to get our Flash DNS Rebinding issue fixed.
When all was said and done I really had a great time there and I can't believe I was actually invited to attend. Thanks again to Katie Moussouris for inviting Nate and I out to the Microsoft campus. And kudos to the MSRC for all their efforts in the security space. It really looks like things are heading in the right direction. Unfortunately that makes my job more difficult...
I'll leave you with a picture from the inside of team Stoners/Hippies limo before our booze was stolen by certain unnamed assailants:
By the way, Nate has a pretty good writeup about Blue Hat over on the ZDNet Zero Day blog. Check it out.