Hackers enter Microsoft campus

It's is 'Blue Hat' time again at Microsoft. How much the software giant may hate hackers for creating security holes in its product, the company does seem to value their technical prowess.


The Redmond giant has once again invited an exclusive group of "responsible" hackers into its Washington campus to show the software giant where it's gone wrong.

The company's famed Blue Hat conference is an internal Microsoft event, where Microsoft employees and executives learn from top security researchers from across the world, and use the knowledge they gain to improve the security of Microsoft products.

The fifth such event on the Microsoft campus, kicked off this week, focuses on mobile security, hardware hacking, Microsoft's security tools and the underground vulnerability economy. According to the event schedule on Microsoft Website, sessions include: Death by 1,000 Cuts (will do a deep dive into the technical aspects of the Web application security threat, while keeping a steady eye on the consumer issues that drive large-scale website design); Breaking and breaking into Microsoft security tools (the session discusses how a hacker will analyze, test, break, and evade various types of security tools); Emerging mobile security problems, or how we learned to stop worrying and love Windows Mobile (the talk examines the security problems unique to mobile devices, explore how hackers are attacking these devices, and investigate several vulnerabilities affecting currently-shipping Windows Mobile products); Your Tamper-resistant hardware makes a great sport for hackers (in this talk, practicing hackers provide examples of how security systems in consumer devices have been foiled, and will present some material on how silicon-based security systems could be defeated); and Your underground vulnerability economy (the talk discusses the underground economy, the engine that fuels and is fueled by the online crime and abuse every user endures).

The multi-day meeting of Microsoft employees with hackers provides both sides with a glimpse into the other's world.
The provides Microsoft employees find ways to develop more secure software, gives them a security reality check from hackers and fosters dialogue between the company's security team and external security researchers.

Microsoft began hosting these in 2005, when the company invited several hackers to Redmond for the first time. Enthused by the gathering's success, Microsoft decided to host such events twice a year. The Blue Hat conferences are, however, closed to most outsiders.

Microsoft is said to have modeled and named Blue Hat conference on the popular Black Hat security conference in Las Vegas. Many of the Black Hat talks focus deep into security flaws found in software. The Blue Hat name is tweaked to reflect Microsoft’s corporate color.