Audio From Black Hat USA 2008

We’ve got some audio from the past Black Hat conference I’ve already talked about over here and here.

Keep in mind that without the slides it will probably sound very boring. Both parts of the presentation can be found here and here.

more | comments | comments rss | posted by

My BH Las Vegas Slides

I believe that some of you may be interested to see my Black Hat slides. If you are not aware yet, the GNUCITIZEN Lab domain is now up. The slides have been there since yesterday.

The next post is all about the QuickTime vulnerability which I partially-disclosed over here.

UPDATE 2011/04/21: I included alternative download location.

more | comments | comments rss | posted by

More on GIFARS and Other Dangerous Attacks

This is a continuation from my previous post. The reasons why GIFARs, although in my case it was JPGAR (from JPG + JAR), work was explained to me by FX (Recurity Labs) after my talk during the last Black Hat in Amsterdam.

Basically, when you combine GIF/JPG and JAR/ZIP you have a hybrid file which have two heads. The head of GIF/JPG file is at the top. The head of the JAR/ZIP file is at the bottom. [...]

more | comments | comments rss | posted by

Black Hat Europe 2008

The Black Hat Europe 2008 event took place on the 27th and 28th of March. In this post, you will be able to find information regarding my talk and research.

My presentation was titled Client-side Security. Here is the abstract:

The event was very interesting and very well organized. I met a lot of people and had very interesting discussions all together. You can download the conference materials from here. The paper is located here and the slides over here. [...]

more | comments | comments rss | posted by

Black Hat Europe 2008 Amsterdam

I am just using the opportunity to let everybody (mainly pals who expect to see me there) know that I am heading off to Black Hat Europe 2008 in Amsterdam (as usual).

Supposedly, there are four full tracks for two days but I can see only two – or is that four track for two days – sounds more like it? I am speaking in track two on the first day, first slot, of the event, starting at 10:00 and finishing at 11:15, if everything goes as planned. [...]

more | comments | comments rss | posted by