Hacker Summer Camp: What to Expect From BSides, Black Hat, and DEF CON
An Anonymous Coward writes:
These are the conference events to keep an eye on. You can even stream a few:
The security industry is hitting Vegas hard this week with three conferences in Sin City that bring the world's largest collection of security pros together for the annual summer camp.
The week kicks off with BSides Las Vegas, which runs from Monday to Wednesday. Of the over 200 BSides security conventions held around the world every year, this one is the biggest and is being held at the Tuscany Hotel, although tickets are sold out.
BSides started as a conference for rejected Black Hat speakers, but those days are long gone. Now it has a range of talk tracks showcasing new research, and this year, passwords are a key theme, with a specific three-day schedule devoted to finding solutions to one of computing's oldest security challenges.
There is a series of live feeds on the conference's YouTube channel and, if you miss seeing the talks in real time, the videos should remain archived. At the password track on Monday at 1700 PT, there's a disturbing-sounding presentation on a custom rig used to crack 936 million passwords with 92 percent accuracy that should be worth tuning into.
[...] For anyone considering adding BSides to their schedule, it's worth a visit. While the smallest of the conventions, it's also one of the most offbeat and there are presentations on everything from building hacking hardware to commercial licensing problems in the industry. And, as is traditional, there's a Capture the Flag competition running and festivities in the evening.
[...] Black Hat: The opening keynote will be a farewell (sort of) address from Mikko Hypponen, who, after a 34-year tenure at F-Secure hunting malware, is quitting the industry to work on drones. As he told The Register in June, the Ukraine war has spurred him into working on the technology, particularly since his home country, newly minted NATO member Finland, has a massive border with Russia.
The core of the talks is about unpleasant new hacks and vulnerabilities in hardware and software. It was at Black Hat in 2008 that the late Dan Kaminsky revealed a fundamental flaw in DNS that could have run riot through the internet's backbone. While there's nothing on that scale this year, there are sessions scheduled on an Apple zero-day, ways to bypass Windows Hello's authentication systems, and even a talk on satellite vulnerabilities and how to exploit them.
Elsewhere in the talk tracks, there is a key focus on AI, as with everything in the security business these days, but this isn't a cheerleading event and there are some skeptical sessions planned, as well as deep dives into flaws. Several speakers are giving talks on how to fool AIs into breaking safety guardrails or leak information and bots - their use and misuse - are a particular focus.
Read more of this story at SoylentNews.