Black Hat Briefings, Usa 2007 [audio] Presentations From The Security Conference.

Security is very hard these days: lots of new attack vectors, lots of new acronyms, compliance issues, and the old problems aren?t fading away like predicted. What?s a security person to do? Take a lesson from your adversary... Hackers are famous for being lazy -- that?s why they?re hackers instead of productive members of society. They want to find new and interesting shortcuts to a quick payoff with minimal effort. Or, they look at a protocol designed by committee and find all the issues that never got a vote. Why not use the same enterprising approach to a quick and easy victory in the security arms race against them? Stop dialing the phone to your security vendor and pay attention. This talk will shine light on simple methods to fix complex problems that your security vendor doesn?t want you to know about. Problems that will be addressed are: - How to take care of client side exploits with ease. - Find tons of 0day by letting someone else do the all the work. - Employ simple measures to keep a