Reading from Black Hat USA 2008
Black Hat USA 2008 included Kaminsky's full DNS disclosure and substantive BGP-hijacking research. Specific structural lessons.
Reading from Black Hat USA 2007
Black Hat USA 2007 included substantive work on browser exploitation, DNS protocol research, and specific platform vulnerabilities. Reading notes.
Reading from Black Hat USA 2006
Black Hat USA 2006 included substantive research on hardware-rootkit techniques, web-application vulnerabilities, and protocol-level attacks. Specific reading notes.
Mike Lynn, Cisco, and disclosure under legal threat
Mike Lynn gave his Cisco IOS talk at Black Hat last week despite Cisco's legal pressure. The structural questions about disclosure under legal threat are larger than the specific case.