Some editors have posted their thoughts on what they think will be the hot topics of Black Hat 2012, but I'm going...
to respectfully disagree with them this round, and I'll walk alongside Robert Frost on his road not taken.
More from Black Hat 2012
See more of SearchSecurity.com's special coverage of Black Hat 2012.
Attendees deeply ingrained in a specific information security practice will seek out the new research briefings related to their fields. For the rest of us, many of those sessions are filled with acronyms, coding and concepts deeper than we're prepared to dive for. Here's my take on the progression of content and what to look for at this year's Black Hat USA.
Below is a selection of talks, recommended for all audiences and guaranteed to be hits.
Control-Alt-Hack(tm) (A computer security card game) with Microsoft's own Adam Shostack with Yoshi Kohno and Tamara Denning of the University of Washington. It certainly looks like Adam's done it again. In 2010, he helped Microsoft roll out the card game Elevation of Privilege (EoP), a huge hit with developers and security professionals everywhere. It looks like he has another card up his sleeve this year with Control-Alt-Hack(tm).
- A Scientific (but non-academic) Study of how Malware Employs Anti-Debugging, Anti-Disassembly and Anti-Virtualization Technologies with researcher Rodrigo Branco of Qualys Inc. Sheesh, Rodrigo sure gave us a mouthful with that title. Extra points though for keeping to the topic and not mentioning zombies or a malware apocalypse. This is one of a handful of talks on this year's agenda that dives in to a technical discussion in a more general sense; it doesn't apply to just one platform or one type of malware, so this talk has the potential to be a real crowd-pleaser and underline key points in malware analysis and detection.
- Black Ops by Dan Kaminsky. This is one of those nebulous talk abstracts with a big name behind it. I'm pretty sure the talk has nothing to do with black ops in the proper sense, but Dan has a great record and doesn't disappoint his audiences, so this makes the hit list.
- Catching Insider Data Theft with Stochastic Forensics by forensic researcher Jonathan Grier. Frankly, I don't know if this is new content, but it certainly seems to be a novel idea and one that will be of interest to a broad audience. His analysis hones in on the modifications made to a file structure during moves, thereby offering a means of detecting large file copies and moves forensically even if no artifacts are available. If the techniques can be packaged and supported, this might be a great technique for organizations of all sizes to identify insider data theft.
- Errata Hits Puberty: 13 Years of Chagrin with Jericho. A conversation that will undoubtedly prove interesting to all attendees, Jericho will pull back the covers on some of attrition.org's projects and fallout in years past. One of the less technical talks, but I have a feeling the audience will enjoy a sense of enlightenment and a spirit of entertainment.
- From the Iriscode to the Iris: A New Vulnerability of Iris Recognition Systems by Javier Galbally, a biometric researcher from Madrid. Biometrics are a popular sidebar in many IT conversations. People are always discussing how it's being used, how it could be used, and what the ramifications are for legal, privacy and security concerns. Iris scanning is becoming more widely used throughout the world (less so in the U.S.), and it's spreading. Research like Javier's will be relevant to organizations thinking of using biometrics in the future.
- Smashing the Future for Fun and Profit, a not-a-panel by Black Hat founder Jeff Moss with four original Black Hat 1997-1998 presenters, Bruce Schneier, Adam Shostack, Marcus Ranum and Jennifer Granick. I haven’t met Jennifer in person yet, but I can speak to the rest of these guys and tell you this panel will be a huge draw and it's going to be a packed room! A quick note that each speaker will talk in presentation-style, and this is not a panel format.
- The Christopher Columbus Rule and DHS with Deputy Under Secretary for Cybersecurity Mark Weatherford. If you have an interest in what the U.S. is doing, this talk's for you. Among other things, you'll hear about the US-CERT, ICS-CERT, organizations that deliver real-time vulnerability updates and security training for critical infrastructures, industries and systems. Less technical, but good-to-know content.
- The Myth of Twelve More Bytes: Security on the Post-Scarcity Internet with consultants Alex Stamos and Tom Ritter. This talk promises to cover direct security impacts of our recently overhauled Internet technologies, IPv6, DNSSEC and new top-level domains. Many of our security systems today are based on the legacy technologies and infrastructures, so this is an opportunity to wrap your head around the technical implications of these shiny new Internet tools.
- Here be Backdoors: A Journey into the Secrets of Industrial Firmware with IOActive ICS researcher Ruben Santamarta.SCADA and ICS has been a soapbox topic of mine, so it's fitting I've wrapped up my top 10 hit list with this talk. If our industrial systems don't operate smoothly, at any level, it has the potential to affect citizens throughout the U.S. and any country that relies on these infrastructures. From the water you drink to the power that lights your house, and so many smaller things in between; SCADS/ICS/DCS is there and it needs to be recognized as the vulnerability it is.
Jennifer Jabbusch Minella is CISO at Carolina Advanced Digital, Inc., an IT infrastructure, security and management consultancy. Jennifer blogs at Security Uncorked.