I was at 20th FIRST
Conference Vancouver last month. Forum of
Incident Response and Security Teams is a community of folks
who work behind the scenes to keep the world running - from people
securing your banks to people protecting your national infrastructure.
Here are pointers to some of the interesting topics from the conference:
Fast Flux networks
Fast Flux nets are where compromised computers are used to temporarily
A talk on "Applied Security Visualization" demoed state of art
of network visualizations and tools. There is a live CD project called
DAVIX which aggregates the tools.
An interesting demo was of "RFID hacking" - where Adam Laurie
demonstrated duplicating company badges and electronic passports with
gadgets that cost less than $100. He could take his scanner near a passport with RFID (aka E-passport) and display holder's information including passport photo
A Keynote presentation from former security chief of OLPC (One Laptop
per child) talked about features of OLPC as something as a great
advancement in security - for eg. the ability that only a open dialog
box can open files! (BTW, that sounds very similar to what we call in the UNIX setuid - that only password command can change passwords)
A presentation about Mozilla development process talked about how
testing is done: they are always running enormous number of test suites
against the latest tree. They don't rely on the developers to do the
testing for changes.
Honey spiders - that crawl spam and phishing sites in search of malware and execute or analyze them.
Atanai Sousa showed how a phishing malware operated in Brazil,
giving insight into how the spyware and malware have an upper hand in
capturing your bank passwords weather you type them or use any
other practically useless mechanisms invented to circumvent
Overall it was good listening to stories direct from people in the
battleground, to get an understanding of real world problems and
threats they face. It also gave a good opportunity to meet
product security folks other companies and CERT folks from around the
world - many whom we communicate over email daily.