ExploitHub Evolved

Knowing when to call it quits or pivot is an important life skill.  Unfortunately, this time has come for ExploitHub.

Advertisements

REcon 2012

I’ve just recently returned from REcon 2012 and while I heard a couple people express that they had “heard” that some people were more disappointed with this year’s conference compared to prior ones, I personally really enjoyed it and felt it was the best one yet.  I saw and enjoyed more of the lectures this […]

ExploitHub

A few years ago, following the failure of WabiSabiLabi’s 0day auction site, I gave some thought to how to create a public marketplace for exploits that actually works.  Obviously given the example of WabiSabiLabi and a little common sense that any vulnerability researcher worth their salt would know, you can’t have a public market for […]

TSA Lectures, Lies, and Rude, Dismissive Behavior

On a recent trip to Orlando, I opted out of the full-body scan at AUS, as I always do at every airport security checkpoint.  While waiting for my pat-down, I was lectured by the TSA gate agent about how safe they are, was subsequently questioned about my cellphone use as a radiation exposure comparison, and […]

CanSecWest 2011

Yes, that’s right…  After many, many years of wanting to attend this conference, I finally made it.  CanSecWest has been heralded as one of the best, top-quality security conferences that you can attend, and while I actually made it across the pond a few years ago to speak at EUSecWest, the logistics for getting up […]

ToorCon 12

After a two year absence due to unavoidable other obligations like good friends’ weddings, I finally made it back to one of my favorite hacker conferences, Toorcon.  San Diego is always beautiful when I happen to be there with nice weather and a cool mix of people, both locals and visitors who are there for […]

REcon 2010

This last weekend I took a trip up to Montreal for REcon.  If you’re unfamiliar with REcon, it’s a small security conference focused on topics most interesting to reverse engineers.  As such, the talks are more technical than you will find at other more mainstream conferences like BlackHat or DEFCON, and generally require a certain […]

Advanced Persistent Threat

Ok, enough with the APT marketing and journalism diarrhea…  It’s really quite simple: ad·vanced – /ædˈvænst, -ˈvɑnst/ -adjective 1. ahead or far or further along in progress, complexity, knowledge, skill, etc.: an advanced class in Spanish; to take a course in advanced mathematics; Our plans are too advanced to make the change now. per·sist·ent – /pərˈsɪstənt, […]

Fame, Trinkets and Cash

Taking place over the last week was the CanSecWest 2010 security conference, with their now annual Pwn2Own contest. For those that are unfamiliar, the Pwn2Own contest presents a number of devices usually consisting of mobile or cellular devices and laptops as targets and allows contestants to attempt to compromise them in some way. These targets […]

SmartPhone Unlock Screens: Moving in the Wrong Direction

I recently purchased the Motorola Droid from Verizon, and am so far very happy with it.  Other than finding the physical keyboard a bit lacking from being extremely spoiled by the Sidekick’s physical keyboard to which no other physical keyboard could ever hope to live up to, I’ve really had no complaints with the device […]