The week of con is over. The best talk of the week must have been Mark Dowd and Alexander Sotirov’s “How To Impress Girls With Browser Memory Protection Bypasses”. While I’m still not convinced that the girls were impressed with the bypasses, I was. The research was thorough, well done, and very well presented. Their 53 page paper on bypassing all of Microsoft’s memory protections through Vista SP1 is up at Mark etc’s website here. The techniques are clever and impactful.
The dns tunneling shellcode tricks that I wrote about in the previous post seemed pretty 1980’s, so it was nice to follow it up with Mark and Alexander’s talk.
We’ll post more on the topics tomorrow. I especially liked some of the results and opinions from the Race2Zero contest. In the face of some pretty questionable methodology, the organizer discussed the strong benefits of security in layers, especially the addition of behavioral based protection like ThreatFire.