Thoughts from Black Hat

Talk to anyone who attends Black Hat USA conferences and you'll hear about how boring the talks are, how nobody learned anything new, how the hacks were known last year — not to mention the ridiculous posers. Ask those same attendees if they plan to attend next year, and they say "yeah" as fast as a poker player pushing all in with pocket aces.

[ RogerGrimes's column is now a blog! Get the latest IT security news from the Security Adviser blog. ]

I learned that pushing all in with pocket 5s in Las Vegas apparently isn't nearly as smart, but that's another topic.

While many of this year's Black Hat sessions were ultraboring — I walked out of more talks than I stayed in — I learned all sorts of interesting factoids. And although there wasn't, as in the past, any raw meat flying into the audience, some of the speakers were superknowledgeable and entertaining. Here are the ones that seemed to impress the audiences in the sessions I attended:

Hacking Macs is easy

And my Microsoft, Windows-loving self didn't say this. It was self-proclaimed Mac enthusiast and security researcher, Charles Miller, Ph.D., principal security analyst with Independent Security Evaluators. He talked about how easy it was to hack Leopard and iPhones, which share a common root OS.

Essentially, Dr. Miller said that Apple was falling down on the job and making its OS way too easy to hack. He said he found more than 50 OS X programs that run in the SUID (Set User ID) context, most of which had been made non-SUID by most Unix and Linux distros years ago. He said that OS X doesn't randomize memory, the stack, heap, or kernel instruction pointers, which are simple antibuffer overflow mechanisms deployed in Windows, Linux, BSD, and many other OSes.

He continued by listing dozens of old programs and libraries patched in other OSes that Apple is still installing by default, or just getting around to patching. Dr. Miller showed the crowd two recent JavaScript exploits (one on OS X and the other for the iPhone) and shared all the great reasons why the Mac OS X is an easy platform to exploit. He also shared his techniques for hacking iPhones and discussed several other tools that made finding Apple exploits easier. He was absolutely giddy about some of the new changes Apple is making that will simplify the life of a hacker, er, researcher in the coming months.

Ultimately, Dr. Miller lamented Apple's growing market share as matched against its current state of security design. A member of audience put it this way: "Apple is like this little ole, family-town sheriff who's moved to inner-city D.C. and is attempting to spread the love. It won't be pretty."