Cupfighter.net

Yesterday, I spent some of the hours that I was stuck in a metal tube above the Atlantic Ocean to pull together my schedule for BlackHat and Defcon coming Wednesday to Sunday. The schedule I pulled together combined with my plans to do (semi) life blogging from the conference for Cupfighter.net is actually quite mad so I fully expect to have to skip some of the activities listed below.

Wednesday 29 July 2009 (BlackHat)

• Introduction to BlackHat 2009 by Jeff Moss
• Keynote by Douglas C. Merrill
• Router Eploitation by Felix “FX” Linder
• Rapid Enterprise Triaging by Aaron LeMasters & Michael Murphy
• More tricks for defeating SSL by Moxie Marlinspike
• Economics and the Underground Economy by Gormac Herley or
• The Language of Trust: Exploiting Trust Relationships in Active Content by Mark Dowd, Ryan Smith and David Dewey (preview)
• Internet Special Ops by Andrew Fried, Paul Vixie and Christopher Lee
• Gala reception with the talk “Me to We” by Johnny Long and the Pwnie Awards

Thursday 30 July 2009 (BlackHat)

• Keynote by Robert Lentz
• Cloud Computing Models and Vulnerabilities – Raining on the Trendy New Parade by Alex Stamos, Andrew Becherer & Nathen Willcox
• SADE: Injecting agents into VM Guest OS by Matt Conover
• Clobbering the Cloud! by Haroon Meer, Nick Arvanitis and Marco Slaviero
• Breaking the Security Myths of Extended Validation SSL Certificates by Alexander Sotirov and Mike Zusman
• Cloudburst – Hacking 3D and Breaking out of VMWare by Kostya Krichinsky
• Reconceptualizing Security by Bruce Schneier
• Toxic BBQ together with Chris John Riley

Friday 31 July 2009 (Defcon)

• Beckstrom’s Law – A Model for Valuing Networks and Security by Rod Beckstrom
• Asymettric Defense: How to Fight Off the NSA Red Team with Five People or Less by Efstratios L. Gavas
• Q&A with Bruce Schneier
• More tricks for Defeating SSL by Moxie Marlinspike
• Cloud Security in Map Reduce by Jason Schlesinger
• Socially 0wnded in the Cloud by Digividual
• Defcon Security Jam 2: The Fails Keep on Coming by David Mortman et al
• Stealing Profits from Stock Market Spammers or: How I learned to Stop Worrying and Love the Spam by Grant Jordan
• Malware Freakshowby Nicolas J. Percoco and Jibran Ilyas
• Criminal Charges are not Pursued: Hacking PKI by Mike Zusman
• Something about Network Security by Dan Kaminsky
• 10,000 cent Hacker Pyramid
• Hacker Karaoke or Hacker Jeopardy

Saturday 1 August 2009 (Defcon)

• Breaking the “Unbraekable” Oracle with Metasploit by Chris Gates and Mario Ceballos
• CSRF: Yeah, It Still Works by Mike “mckt” Bailey and Russ McRee
• RFID MysthBusting by Chris Paget
• Failure by Adam Savage
• The Projects of “Prototype This!” by Joe “Kingpin” Grand, Zoz
• Hijacking Web 2.0 Sites with SSLstrip – Hands-on Training by Sam Bowne
• Metasploit Track

Sunday 2 August 2009 (Defcon)

• Down the Rabbit Hole: Uncovering a Criminal Serverby Iftach Ian Amit
• Invisible Access: Electronic Access Control, Audit Trails and “High Security” by Marc Weber Tobias, Matt Fiddler and Tobias Bluzmanis
• Unmasking You by Jushua “Jabra” Abraham and Robert “RSnake” Hansen
• Cracking the Poor and the Richt: Discovering the Relationship Between Pysical and Network Security by Damian Finol
• AAPL – Automated Analog Telphone Logging by Da Beave
• Slight of Mind: Magic and Social Engineering by Mike Murray and Tyler Reguly
• USB Attacks: Plug & 0wn by Rafael Dominguez Vega
• Cracking 400,000 Passwords or: How to Explain to Your Roommate why the Power Bill is a Little High by Matt Weir and Sudhir Aggarwall
• Award Ceremonies hosted by Dark Tangent