It’s been a crazy couple weeks! Some quick housekeeping:
ChicagoCon – I’ll be in Chi-Town next week giving one of the Keynotes at ChicagoCon. If you’re going to be in the area, hit me up and we’ll grab a few drinks.
Bluehat - I’m glad to see all the young blood in the scene. It’s going to be scary to see what Kuza55 and Sirdarckcat are up to in 10/15 years (they’re already tearing stuff up as it is…). As for us old guys, we can’t drink like we used too… but we still try :) As usual, the Bluehat parties ROCKED and it was great meeting everyone. We topped off all the Bluehat debauchery with a night at the shooting range, shooting AR-15s and various handguns…
MBA - I actually took a Midterm during the WAF discussion panel at Bluehat (no wonder I was soooo quiet). Once this class is over, I’ll have 3 more classes to go and I’ll have completed my MBA! The coursework isn’t too bad, but the time commitment is pretty high. It definitely cuts into my “pwnage time” and I can’t wait till it’s all over. Don’t ask me why I need another Masters degree and don’t ask me how many times I’ve XSS’d my online class discussion forums. I promise to practice responsible disclosure after my classes are over... but for now, its the only thing that keeps class bearable :)
Grey Goose - This was an AWESOME project and I’m glad Jeff Carr asked me to participate. Jeff basically assembled enough Intel brain power to rival an Intel agency of a small country. Jeff put out a couple reports and if you need more info on the project, you can find it here. I studied warfare as an Officer in the Marine Corps (Maneuver and Expeditionary) and I'm interested in anything related to cyber warfare. We’re living in a time when the tactical, operational, and strategic thinking surrounding cyber warfare is being defined. We can already see striking similarities between cyber capabilities and air power. Just as air power added a new dimension to modern warfare, so do cyber capabilities. Many typically view Computer Network Attack (CNA) and Computer Network Exploitation (CNE) as solitary events, but they can also be used in “combined arms” scenarios (much like targeted air strikes vs close air support). One day doctrine related to cyber warfare will be required reading for young military officers, just like Sun-tzu, Clausewitz, and Jomini.
Apple Pwnage – Nitesh and I reported a vulnerability to Apple (CVE-ID: CVE-2008-3638). I’ll go over the details on the blog as soon as some loose ends get tied up.
Win7 – I finally took the advice of Rob Hensing and Dave Weston and switched to Win7 as my primary OS…. So far, it absolutely ROCKS.
Great talk by a respected haxor.... – http://video.google.com/videoplay?docid=-1012125050474412771&hl=en