hi sc-l, Ivan Arce is the CTO and co-founder of Core. He's a very knowledgeable guy and well-respected among the breakers of stuff, especially when it comes to low-level attacks against BIOS, kernels, and VMs. Ivan is Silver Bullet podcast victim 49:
http://www.cigital.com/silverbullet/show-049/ We discuss the attacker's perspective, geek life in Argentina, embedded systems attacks, and an important vulnerability in Virtual PC that Core is having a very hard time convincing Microsoft to fix. On that last point, Ivan and I wrote this month's informIT column about the as yet unfixed the Virtual PC problem: Assume Nothing: Is Microsoft Forgetting a Crucial Security Message? http://www.informit.com/articles/article.aspx?p=1588145 It seems Microsoft is overlooking one of the most important lessons from Exploiting Software...assume nothing. As always, your feedback on Silver Bullet and the informIT series is welcome. gem company www.cigital.com blog www.cigital.com/justiceleague book www.swsec.com _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
