cat slave diary

I woke up pretty early. Obviously as I am not alien Andrew, it must be the jet lag has not caught up with me yet. I took a long slow breakfast and decided to let everyone rush to the first sessions of DefCon without me. I prepared Mr Laptop for a day at DefCon. I turned on the firewall logs, I turned off inbound UDP and blue tooth. I logged out of all my favorite websites which have a clear text equivalent hash (such as slashdot or even this blog). I confirmed that I was using SSL to grab my e-mail. I fear that it’s not going to be enough.

When I tried getting a cab, there was a queue a mile long. So I waited. It was 40 C at 9.30 am. Lovely.

I finally got there around 10 am when the first sessions were kicking off, and I realized that effectively, if you’re not in the queue 15+ minutes before a session starts, you’ve got buckleys of seeing that session. DefCon has become too popular; only about half the attendees can see any particular session. In fact, this means you can only see about half the sessions if you stay to the end of each. So pretty much everyone leaves 10 minutes before the end. This is very disruptive to the presenter.

I wanted to meet up with a bunch of people, so I gingerly turned on Mr Laptop and SMS’d a bunch of folks. I watched the sheep board to make sure I wasn’t exposing any passwords. Luckily, the answer was no. The Sheep board is a bit disturbing, they have a short film clip every time someone exposes a password in the clear whether by bluetooth (boy am I glad I turned it all off before I arrived). The film clips varies between the bunny being cleaned up by a Mercedes in a race, to a woman being mauled by a bear when she sits next to it and others. Each clips is only a second or so long, but you wish you hadn’t looked.

Sure enough DefCon is filled to the brim with freaks. There’s the guy in a large woollen trenchcoat with a laptop in a harness on his back with two very large aerials. No guesses as what he is doing. There’s the various goths and so on who are there to be seen in their resplendant black battle gowns. It’s now 42 C. There’s the guy who is wearing a black skirt trying to desperately to make it out as if it’s a kilt. No sir, it’s a skirt. Here’s what he looks like - in fact I think I might have found his source:

Skirts for freaks

Then there’s the usual sort of script kiddie trying to attack other computers. The firewall logs I have are completely lame.

One of the cool things about this DefCon compared to last time is that there seems to be more chicks. There’s like five of them. Unfortunately, four are goths, but the other one is pretty cute. I will keep you posted on this disturbing trend!

I went to a few sessions, but they’re all network attack tools. The state of the art here really hasn’t moved along as much as I would have thought. I will be selecting day two talks a bit more carefully. Which could be tricky as there seems to be a hardware lock picking stream, leaving just two other streams.

One talk I went to by accident was the NRMC. The tent was running late and the guy they had planned to present on the next generation of cryptanalytic hardware thought was presenting on Saturday. I stayed anyway as Simple Nomad was not presenting, which is good as Simple Nomad is a wanker of the highest order. After presenting a few tools and using only half an hour of their allotted hour, they started their Q&A spanking session. You could ask a question, but only if you had previously filled out their “ass release form”, which allowed them to spank you with one of four things:

• “firm hand from any NRMC member of your choice”. They’re all blokes and only one looks like he could actually hurt you. The rest are weedy geeks
• Paddle from a previous conference. Weedy geeks, shouldn’t hurt.
• Copy of “Hacking Exposed, 3rd edition”
• piece of paper with the words “Patriot Act” written on it. Gee, how funny is that?

I didn’t hang around as they seemed to want to make love to Mudge on stage and I felt that Mudge wanted man meat sooo bad. Normally, I’m totally into that, but I’d already seen the presentation and I had a meeting to get to. The tools weren’t too bad, but the tools on stage had a highly inflated opinion of themselves.

I met our new publisher, Bill Pollock from No Stach Press. He’s a really nice guy and he’s so totally on the same page as us. He took me to a Vietnamese chain restuarant (!), and I had some grilled sliced pork. I think we’ll get along just fine.

After that, I was invited to a party at Hard Rock (again), but honestly, I just didn’t feel like being smoked upon, so I tried to go back to my hotel. The taxi line was more than a mile long, with hundreds waiting. A cab came every 30 seconds or so. I looked in the distance and I could see Caesar’s Palace. The cab ride in the morning wasn’t too bad… So I walked it back.

Well, it took about an hour and was filled with bizarre stuff. These dogdy dudes were at a set of lights, and they wondered if I would buy their shitty old van, a bargain at $300. Yeah, riigggght. I kept on walking and nearly got cleaned up when I accidentally stepped on to the road without looking in the right direction. Luckily, the lanes are wide. Then near the main drag, I was being followed by a goth, and he was being followed by an extra from Mullet World. I looked with interest at the ticket window of Fashionistas, and waited for them to pass. And what’s not to like about looking at a hoarding of five beautiful women in fake wigs, knee high boots, riding crops and fishnets?

I stopped off at the Bellagio’s fountains about 45 minutes into my trek. They started playing “A song for Guy” by Elton John, and the 600 metre long fountains in the middle of this man-made lake were doing this water ballet routine. It was so Las Vegas - one of the best gay love songs ever written playing through speakers hidden inside fake 19th century gas lamps spotted every few metres, beautiful water fountains routine obviously synchronized by a friend of Dorothy or two, all the while huge police and fire trucks are zooming down the strip drowning out the music with their sirens.

I finally got back to the hotel room. I was bushed, hot and sore. Only one thing for it - I filled the spa. Any thought of going out to get smoky was eliminated when those gentle bubbles hit my sore feet.

The day kicked off fairly well, albeit tinged with disappointment and anger at Cisco for being Butt Heads.

I read about Michael Lynn’s legal problems with Cisco in more detail. I tried finding him to offer my support, but unfortunately it’s a big conference and I bet he was lying low. I for one will be making sure that Cisco products are off my buy list for a long, long time. If they really think that squishing security researchers is the answer, then they do not deserve business. Fix your damn bugs, morons.

I tried interesting the press in talking to me about web application security issues, but unfortunately, they seem to be curiously disinterested. I think the next time, I’ll ask Black Hat (or whoever) to organize a press conference as honestly, they are missing the major story.

Robert J. Hansen and Meredith L. Patterson’s talk on Dejection, a mathematical model to detect dynamic injection patterns was an eye opener. This was the best talk for me so far this conference. I later had lunch with Robert, and we’re meeting with both of them again on Saturday to go through how their work might be referenced in OWASP. They are seeking patents and working with a VC, so it might be tricky to go forward without causing either themselves or OWASP issues.

I bought a copy of Michael Howard, David LeBlanc, and John Viega’s new 19 Sins book during the first break.

I went to Phil Zimmerman’s talk. It was encrypted VOIP. He uses Macs and talked off the cuff, but despite that, this was the least technical talk I went to at BlackHat. In some ways, I should have gone to another session as I didn’t learn that much. I read the new book rather than tune into the VOIP demo.

I and about five others went to Tzi-cker Chiueh’s excellent if very technical talk on using x86’s segment registers to provide hardware array bound overflow protection. He was very thorough, but unfortunately, did not demonstrate the approach live. This is the sort of stuff that BlackHat should be concentrating on to some degree - preventing attacks using novel approaches. Unfortunately, too many people want to see the latest exploits.

After lunch, I decided to try out the turbo talks. I went to Mike Pomraning’s talk on “not validating”, which actually was about validating. I had a good long talk with Mike the night before, so I felt I should at least see his talk and heckle a bit I sat with Robert and Meredith and we sort of heckled.

I skipped a few of the next sessions as I didn’t really think they’d be that interesting (and more to the point, the CD-ROM materials had good presentations) to go read more of 19 Sins, after which I wrote up a preliminary review.

The last session I attended was the Jericho Forum’s challenge, which is a deperimeterized architecture group. They were handing out prizes for best papers received which furthered their aims. None of the winners were there, but the papers themselves are fascinating. I’d really suggest you go get them:

All of them are here:

The winners:

1. Balancing the equation
2. Reference Architecture, Galwas
3. Blind public key

I am retaining my reputation for piking on social events. For some reason, I just didn’t feel like being smoked upon at the nightclubs where most of the apres parties were being held. In fact, I don’t know why they still allow smoking in the foyers of the conference during the day. Only a few took advantage of the smoking - most in IT aren’t stupid enough to smoke, but it was enough to make me feel queasy. I complained to the organizers at the end when I handed in my card. I’ll follow it up with an e-mail.

I’ve just completed a review of Howard and LeBlanc’s new book:

http://www.greebo.net/?page_id=325

I was expecting something else, and I’m a bit disappointed. But that’s okay, it’s still a great book for the PHP and Java programmers out there. I just think Writing Secure Code and OWASP Guide 2.0 is a better reference for significant projects.

Andrew

Well, day one was just excellent. There is a reason that Black Hat is the premiere security conference in the world, and it has a lot to do with excellent speakers and great topics.

I woke quite early and was dressed prior to breakfast arriving. Yes, I know that there is an alien impersonating Andrew, the regular Andrew will be back soon enough I fear. Luckily, the organizers work on the basis everyone is sloppy drunk from the night before, and most days don’t really kick off until ~ 10 am.

Talking sloppy drunk, there was a VIP event last night I was supposed to go to, but I didn’t feel up to going out and sure enough, when I heard about the lap dances and the security consultant who missed all the morning sessions due to being still drunk, well, I’m glad I gave it a miss. Apparently he is sharing a room with a co-worker, and he only had socks on. Not nice. Oh well, plenty of time to get that sloppy drunk in the next few days.

The keynote was a bit disappointing. The guy ranted for an hour and wanted to kill people. Don’t we all? I think it was the worst presentation I’d been to since I went to a Simple Nomad presentation a few years ago when he was reading his Vogon poetry to a hot, bored and restless crowd in front of a psychodelic X screensaver.

Then of course, my excellent presentation was on, and we had a 3/4 full house, which was good as we were up against David Litchfield. Lots of people stayed on, which is even better. Got through the slides on time and had some good quality questions. I gave myself 5/5 on the feedback form. I’m sure the others will agree. I gave away the two packs of Tim Tams (Black Forest cherry, and Tia Maria), and I gave Simon Gerraty the vegemite. It’s a good thing than an ex-pat has the Vegemite as I know it would have been tasted once by a furriner and thrown away thinking I was trying to poison them.

Went to a few more sessions, all of them good. I liked the session on hacking hardware. The presenter, Joe Grand, really knew his stuff and I enjoyed learning just how crap the security is on the various devices.

I met with Jessica Goldstein from Addison Wesley in the afternoon. We talked about the Guide and the other book I have been sorta neglecting since 2001. Hopefully something will come of that soon.

Now, it’s time to go get sloppy drunk.

It’s 7.25 am on Wednesday in Las Vegas.

The travel to Las Vegas was a monster. Not only did we stop for nearly three hours in Sydney, I had to go via LAX. Plus, United seems to have joined Qantas in using their oldest planes on the duopoly route. Our flight had the old style CRT overhead projectors (yes, with three bulbs), and old films like Miss Congeniality 2. Luckily, I needed to sleep - I had only had four hours sleep in the previous two days.

LAX, in how many ways may I hate thee? United baggage claim was on go slow - took about 45 minutes to get my bag, and then customs only had two desks open in the declaration area… when several 747s all landed at once. Took about another 30 minutes to get through even though I had nothing to declare.

I ran to the domestic terminal, and the new style TSA check ins were awful - brainless droids staffing the XRay machines enforcing rules which simply don’t work. There were in no particular hurry to screen people.

After clearing them, I ran towards gate 71b, only to see my connecting flight to Vegas leave through the windows. When I got to the gate, the next flight was another three hours away, at 4.11 pm (how do they know it’s 4.11 exactly?)

Waiting, waiting, waiting. I had been in the air for 21 hours so far, and I was a bit tired. I almost fell asleep just before the flight, and I missed the call to the unnannounced gate change to 71a. Luckily, that was right next to where I was dozing and when everyone else moved, I figured something was up.

The flight to Vegas was a bit adventurous; the A320’s brakes had overheated whilst taxiing on our extensive drive around LAX, and so they put them back down for a bit before climbing to the the cruise altitude.

If that wasn’t eventful enough, I had my only third only go around. We were literally meters from the ground when the engines roared and we zoomed off at a very sharp angle of attack. A few minutes later, the pilot explained a few minutes later that there was another plane on the runway. Close.

At least the day was clear, and the second landing attempt was fine. I was in Las Vegas at 6 pm, after 28 hours travelling so far.

Jumped in a cab to Caesar’s, and then tried to check in. After an hour, I finally get a smoking room (it doesn’t pong too much), but they upgraded me to a King size room. It’s pretty nice, but it doesn’t have mirrored ceilings like last time. Oh well. No scary photos!

Total elapsed time between leaving home to Las Vegas: 32 hours. Nasty.

I met up with some folks from OWASP and went to town at the buffet. They went for seconds. I don’t know where they put it.

We went through the slides in my hotel room and I retired for the evening. Luckily my “tire yourself out” strategy has worked, and I’m in the new time zone without jet lag. I’ll do that again next time.

Today… my talk is on in an hour or so. Should be fun! More soon

Nothing makes my blood boil more than selfish pricks.

I was at the supermarket today. As per usual, a born to rule fuckhead had parked their oafishly large SUV in the disabled spot whilst not displaying a disabled sticker. I realise that sometimes you might be carting around elderly relatives, so I let it go when I went in.

When I came back, the Toyota Pratto truck was still there, and an able bodied woman was behind the truck putting shopping in. I gave her the evil eye. There were non-disabled spots more than capable of taking her stupidly large monster not even 10 metres away. Would it have been so hard to park legally? Would her legs have given out if she had to go those extra few metres with her shopping trolley?

So TFN 247, you are outed as a low-life scuzzbucket. I hope that one day, you are disabled and can’t get a disabled parking spot … ever. That way you’ll know exactly how selfish you have been.