CanSecWest is already over!  This year’s conference was great.  There has been a good mix of talks touching various security related topics including hardware, software and humans.

Tom Liston and Sherri Davidoff presented on memory forensics.  They demonstrated that inspecting the RAM of a computer after its reboot can yield a gold mine of information including sensitive documents, encryption keys and, of course, passwords.  Jan "starbug" Krissler and Karsten Nohl presented on Radio Frequency Identification (RFID) security and showed a great analysis they made on a commercial RFID tag.

On the software side, Marty Roesch gave an interesting overview of his upcoming Snort 3 intrusion detection engine.  A lot of time was dedicated to fuzzing this year.  In my opinion, Kowsik Guruswamy’s presentation on the topic was the most interesting one.  He showed various ways to express data dependencies inside file format.  Rob Hensing’s presentation on Microsoft Office malware had some very good examples of the evolution in malicious software writing.  Most of the malware samples described were clearly professional and very hard to spot for a normal user.

On the human side, that last presentation received a lot of attention.  Stroz Friedberg, a doctor in psychology, showed how he can extract information on the author of anonymous messages simply by looking at writing style and vocabulary used.  The main objective of his research is to identify authors of extortion.

A lot more information on the conference can be found on their website: www.cansecwest.com.

Pierre-Marc Bureau
Researcher