REcon 2010 was really HOT!

Thu 15 July 2010 by alex

And I am not speaking about adult entertainment, but about the crash of the air conditioning system in the hotel during the whole conference. This issue apart, RECON perfectly applies a simple mojo: if you want to make a bunch of reversers happy, talk to them about reverse-engineering. The conference, and the parties that come with it, were definitely great, and we met many interesting people to talk with.

During the first day, two conferences were dealing with improving code analysis tools. One of the great hilights is that instruction semantics has to be taken into consideration. William Whistler presented us his thoughts based on his reversing experience, and how he's currently trying to address these problems. The tool he develops, REvealer, is still under active development, a first release is scheduled for 2011. Some of the concepts he presented, like taint analysis and constraint solving, were also discussed by Sean Heelan in his talk about vulnerability assisted analysis. These two presentations were really great, even if a bit more concrete use cases, or better yet, demonstrations, would have been a big plus. This kind of improved analysis may become main stream in the next few months/years. Some existing tools already target similar goals, like Microsoft SAGE, BAP or Fuzzgrind (proposed by G Campana, from our lab).

Among the others presentations that especially did catch our interest, were Travis Goodspeed on hardware reverse engineering of misc wireless gadgets, Sebastian Porst on PDF/JS obfuscation, and Deviant Ollam on lock-picking.

Yoann and myself had the opportunity to present an use case of Metasm: the development of a (not so) basic code tracing tool -- a dedicated blog post will be made soon about that one. A special greetz to Ivan and Guillaume who helped us for this presentation. Our slides are currently available from Metasm website, here.

To conclude this post with a good news, Hugo announced that RECON should come back in 2011.