Breaking things--that's what the very bright and super curious do; they look beyond the obvious to see what's truly lurking beneath the surface. On Wednesday and Thursday, attendees at Black Hat D.C. 2008 got a window into the latest research being done on Web applications, wireless, and embedded technologies.
On Wednesday, researchers David Hulton and "Steve" showed how with about $1,000 with of equipment they can decrypt A5/1 cellular GSM traffic in less than a hour. Following that, Adam Laurie reprised his popular RFIDiots talk from last year's Black Hat briefings with a new program that allows him to read the data off smart credit cards "hands free."
Wednesday night included a social. There was also a speaker from the Washington, D.C.-based Spy Museum with stories of real-life spies.
On Thursday, Tiller Beauchamp and David Weston gave a presentation on DTrace, a security research application that is now available within Mac OS X Leopard and coming soon to various distributions of Linux. Following that, Zac Franken reprised his previous talk on biometric and token-based access control systems with new information on work access cards. After lunch, talks included Chris Wysopal on classification and detection of backdoors, Jason Larson on SCADA security, and Jon Oberheide on exploiting virtual machine migrations.