The Present
Hi-ho, Julia here. So, here’s a summary of computer security conference related things that I’m involved with.
I’ll be at the RSA Expo for at least one of the days next week (probably Wednesday). So if you see a blue-haired weirdo wandering around, asking vendors difficult questions¹, that’s probably me. If you would like to wander around the Expo for free too, then enter the code EC10FIR
[Expires Friday Feb 26] into the appropriate field from wherever this link <Register Now!> may lead you. You’ll need to register
— enter a bunch of personal information about yourself first, so that you can get a ton of junk mail later this year. However, note that the only thing they actually seem to check when you pick up your badge at the expo, is the name on your government issued photo ID. So, in previous years my job title has been Professional Tomato Squeezer
, working for the Instrumentality of Penguins Project
— which is how I know when marketers are using RSA’s mailing list.
FireEye has a booth at RSA this year (Booth #332) See also: Official FireEye RSA2010 Stuff.
The Past
And from last October, these are my ToorCon 11 Slides [ironically PDF] They’re almost the same as the ones from my Brucon talk, but with a little more stuff.
The Future
I’ll be presenting a talk at PH-Neutral 0x7DA on how to do horrible things with PDF files. Not just exploits and syntax abuse/obfuscation, but tricks like generating the Mandelbrot set with the halftone screen spot functions.
I’m thinking of submitting a talk to Black Hat or Defcon. Are there any topics that you, the reader, would like to hear me talk about? Sure, I could do an in-depth technical talk on a specific botnet. Or a less-in-depth presentation on a whole bunch of different malware. Or a talk about reading/writing exploits and reverse engineering. Or an actually-good-talk on old-school phreaking. Of course, Defcon being Defcon, I could probably submit a talk on Goetic demon summoning (with live demonstration!) and it would get accepted. So… suggestions?
I promise that my next blog post will have more crypto and hexdumps in it.
¹ For example…
Vendor: Our product is software that you install on your windows laptop, which calls home to check if it has been stolen. And if so, deletes sensitive documents to keep them from falling into the wrong hands.
Me: So, what if rather than booting the laptop into Windows normally, the person who stole the laptop takes the hard drive out and reads the data with Linux?
Vendor: <crickets chirping> … You’ll need to talk to one of our engineers.
Julia Wolf @ FireEye Malware Intelligence Lab
Questions/Comments to research [@] fireeye [.] com
