Yesterday's keynote at BlackHat 2011 was given by a long-time member of the "establishment," Cofer Black. Today's events were kicked off by "Mudge" (Peiter Zatko), well-known in the hacker community for writing L0phtCrack, who has now joined DARPA and is trying to bridge the gap between hackers and the government.
Peiter Zatko at Black Hat
He started out talking about how the growing complexity of today's operating system environments make things easier for malicious coders, and how the number of lines of code correlates to the complexity of the system. This in turn presents a larger attack surface, in addition to the performance and reliability issues it causes; he discussed a study from IBM showing that for every 1000 lines of code, 1-5 bugs are introduced. He also showed how, regardless of application size, the system must load the same support functions in this complex runtime environment. He also pointed out how additional layers of security actually add to the complexity and can increase the attack surface, as well.
Mudge wrapped things up by discussing his efforts to bring that agency into the 21st century to more effectively secure the nation's computers and network infrastructure by making it possible for individual researchers and small boutique security companies to compete with giant government contractors for funding. He discussed how the typical government program now takes 81 months - six years - to implement and how his "Cyber Fast Track" program will change that. This was welcome news for underfunded or unfunded security researchers who, in order to support themselves, must work at a "day job" and make important security breakthroughs in their off time.Related reading:
Debra Littlejohn Shinder, MCSE, MVP is a technology consultant, trainer, and writer who has authored a number of books on computer operating systems, networking, and security. Deb is a tech editor, developmental editor, and contributor to over 20 additional books on subjects such as the Windows 2000 and Windows 2003 MCSE exams, CompTIA Security+ exam, and TruSecure's ICSA certification.