Day one of Blackhat has come to a close and all in all it was a pretty good day of presentations.  A few were a bit lacking, but I’ll focus on the two that I enjoyed most, other presentations and panels were good, but a bit more rehashed information that I would have liked.

First was the Highway to Hell presentation that I mentioned in a previous post.  Nate not only he do a very good job speaking, but the material was very interesting, essentially the FasTrak system has some potential issues with their system, both the integrity of the components themselves, and potential misuse.  There are a lot of undocumented features/code in the devices and potential to clone these devices.  Definitely potential for unsavory use with that and Lawson is attending to work with authorities/vendors but hasn’t had a lot of luck, as such the details of how to do anything malicious was left out of the presentation.  There is still a lot of research to do in this area, including the EZ-Pass system used primarily on the East coast.

Secondly, the presentation on Temporal Reversing Engineering really got me excited, but I’m a sucker for things involving visualizations.  The research dealt mostly with unpacking malware, and seeing the flow of a program, using the graphing techniques they had developed the unpacking procedures were very clear.  I could see this being applied to other parts of reverse engineering in the future, and easily seeing program flow, calls to networking functions, etc.  Graphs were made with Oreas GoVisual Diagram Editor which looks to be a powerful graphing tool if you’re looking for one.

Other than that the only thing to report is that SCADA systems seem to be getting more attention from traditional IT security companies, but for the moment I don’t think that they’re quite sure how to handle it.  Right now it seems like “SCADA” is just ink on marketing material without a lot of business or knowledge to back it up, with a few exceptions that are easy to see.