[ Blue Hat Day 2 ]

I think I'm sufficiently recovered to blog about day 2.


I'm just kidding, it wasn't that bad, but I did drink a ton of vodka that night at the IOActive-sponsored limo races, and the Jello shots at the end didn't help at all either.

But let's rewind a bit and reminisce about the talks. Billy and Nitesh started off the conference in style with their Bad Sushi talk. Even though I've seen this talk 3 times I still enjoy it immensely.

Then kuza55 (Alex K.) talked about The Browser and Other Mistakes. It's been said before by others that his grasp of web app security is amazing for his age and I agree, but he's also a pretty cool guy to hang out with as well. He had some great stuff in his talk and some of the things he mentioned gave me ideas for future research.

Another talk I really enjoyed was Manuel Caballeros' talk about resident scripts. That talk was sick. I couldn't believe some of the stuff I was seeing. That will definitely be a focus in some of my future research into other languages.

Also, I got to meet Peleus Uhley and Eric Lee of the Adobe product security team. We worked pretty closely with them to get our Flash DNS Rebinding issue fixed.

When all was said and done I really had a great time there and I can't believe I was actually invited to attend. Thanks again to Katie Moussouris for inviting Nate and I out to the Microsoft campus. And kudos to the MSRC for all their efforts in the security space. It really looks like things are heading in the right direction. Unfortunately that makes my job more difficult...

I'll leave you with a picture from the inside of team Stoners/Hippies limo before our booze was stolen by certain unnamed assailants:


By the way, Nate has a pretty good writeup about Blue Hat over on the ZDNet Zero Day blog. Check it out.

[ Blue Hat Day 1 ]

I'm not going to say much in this post because I'm really tired right now. Mostly because I traveled today and it's 3:30 am in my time zone. But I'm back in Seattle again (last time was about two weeks ago) and this time it's for Microsoft's Blue Hat conference.


Microsoft held a welcoming party for everybody at the See Sound Lounge in downtown fairly close to the waterfront. Pretty cool place, live DJ, good finger foods and free alcohol. I got to hang out with Nate, Billy, John, Kev, Nitesh, h1kar1, kuza55, fukami, Peleus Uhley and Dan "Sombrero" Kaminsky. I think I see some of these guys more than I see my girlfriend these days.

But anyway, seems like they have a great line up of speakers and topics here and I'm really honored that I was invited to attend. Let the talks begin!

[ I Survived! ]

Well, I've safely returned to the States with some great memories and some new friends. As you can see below, I narrowly escaped Death.


I had an awesome time at Black Hat Europe. I got to briefly meet FX finally. I saw his talk at Black Hat Federal on Cisco IOS and forensics and really enjoyed it. I also got to hang out with my good friends Nate, Billy, Nitesh, David and Tiller. Unfortunately, even though I've seen their presentation twice now I don't remember the URL for David and Tiller's blog.

Anyway, I had a blast and as always I came away with a ton of new ideas.

[ Fresh Start ]

Recently my blog was rediscovered, not by me, but by Nitesh. I had completely forgotten about this site but leave it to Nitesh the Google ninja to find it. Anyway, I've deleted all my old posts and am going to start over. I won't be posting anything personal out here, just discoveries/revelations from my work as a computer security guy.

If any of my friends from back home find this and would like to see the old content that is gone, just contact Nitesh. I'm sure he's got it saved somewhere ;)