Best Talk: Exploiting Embedded Systems by Barnaby Jack.

He presented his finding on taking a null pointer vulnerability to the next level by allowing code execution. Traditionally, null pointer vulns were overlooked because it would result in a denial of service. He showed how a D-Link router with the latest firmware, password enabled, and telnet disabled can be exploited into a password-less, telnet enabled device!

Moment that reminded me of the movie Sneakers: Eating lunch on the rotating top floor.

I had a great view into this office, and with my 200mm lens, I could see the content on the monitors.


“PWN2OWN” just got bigger: Tipping Point gives a $10k incentive for an apple hack.

The additional incentive is probably working, as I saw a few more people attempt to break in, and these guys seem to be working hard on something.


Honorable Mention: Lightning talks on the ANI vulnerability.

HD Moore presented his timetable on the exploit, and then Mike Reavey from Microsoft talked on the patch timetable.


If a presenter went over the five minutes allocated for the talk, the gong would be hit.