I attended hack.lu from thursday evening to saturday afternoon.

It was an interesting conference: mainly because of the attendees rather than the speakers. However, Wietse Venema's talk on Software Engineering Security was very interesting though. He talked about a file wipe program which was badly broken although the code looked reasonably correct. He then demonstrated how a fix was proposed, and how that did not do much either. The main reason that it was broken was because of assumptions the authors (and fixers) made about what the operating system/hardware would do versus how it did things in reality.

Sandip Chaudhari talked about a way to exploit memory allocators by overwriting the memory management information and then abusing a following malloc call rather than a free call. It was a pity that he focussed his research on AIX and Solaris rather than more modern operating systems. I was happy to learn that our malloc (dnmalloc) was not vulnerable to this attack.

Defcon is over, I must say the european conferences are totally different. Very different atmosphere, I prefer the European conferences actually.

However I did meet alot of interesting people that I had known for a while but had never met before, I also met alot of new cool people. So the trip out to Vegas was definitely worth it.

I was disappointed with the organisation of Defcon though, looked very amateuristic: they ran out of badges, programs, just about everything. They had some replacement badges luckily, but they didn't print out any extra programs or anything. There were also no TVs showing the talks anywhere. The organization of CCC is alot more professional.

Anyway because of the lack of programs and basically because the program wasn't very interesting I only ended up going to one talk (basically because I knew the guys speaking): Fun with 802.11 Device Drivers by Johnny Cache and David Maynor, where they talk about hacking into computers by using bugs in the wireless device drivers. Because they are still waiting for Apple (and possibly other vendors) to fix their software, no technical details were released.

Now that Usenix is over, I'm on my way to Defcon, I can finally meet some of the people who I've known for years online but never met because they're US-based.
Hopefully it will be as cool as Usenix was.

PS: Vancouver Airport has free wireless internet!

Usenix Security ended just a few hours ago.

Overall it was pretty good, some of the refereed papers were impressive, others were only mediorce, it was very dependent on the track (and probably also my personal intererests because my colleagues often disagreed with me). The most interesting tracks were the ones on Software and Static analysis. I heard the Intrusion detection track was good as well, I didn't attend it because I was busy trying to convince my laptop to let me make some slides for the work in progress session.

Stephen McCamant got the best paper award for his paper Evaluating SFI for a CISC Architecture, which was definitely deserved. It was pretty impressive work, I'm looking forward to reading the paper.

Other talks which I found especially interesting: Keyboards and Covert Channels by Gaurav Shah, Milk or Wine by Andy Ozment, N-Variant Systems by Benjamin Cox, Taint-enhanced policy enforcement by Wei Xu. I've probably left some out though.

I'm currently in Vancouver for USENIX Security 2006 where I'll be presenting a poster called "Applying machine-model based countermeasure design to improve security" on Thursday.

The technical track of the conference starts on Wednesday. Today I attended the "First Hotsec" workshop which aims to be a gathering for researchers to get feedback on ideas which are less conventional. I was impressed by the amount of feedback given to the authors by the attendees, makes me wish I had submitted my machinemodel stuff to the workshop.

Hopefully I'll get equally interesting feedback on my poster.