As my colleague Brian Krebs has noted, often the talks that don't happen are more interesting than the ones that do.
Apple certainly didn't earn any PR points in the security community, by scrapping a talk that its engineers were set to give on the company's security response team. Now an Oracle talk by David Litchfield (he's famous as the researcher who gave us the exploit used by the Slammer worm) has been nixed.
Don't blame Oracle, though. Blame it on the price of gas.
For Litchfield, who was set to speak Thursday on Oracle Forensics at this year's Black Hat talk just wasn't meant to be. First the UK-based researcher lost his passport, then when he finally got around to booking his flight out to Las Vegas, he balked at the airline prices.
"I... didn't see the point in coming across for just a day when the prices for flights are as high as they are," he told me.
So what was he going to talk about? A new class of Oracle flaw and something called a dbms_assert bypass attack. He said that Dbms_assert "is a default plsql package that contains a number of functions that can be used to validate user input - to stop things like sql injection."
"I've noticed that Oracle every so often uses one of these functions in such a way that sql injection is still possible," he added.
Looks like show organizers have replaced his talk with: Windows Hibernation File for Fun and Profit, by Matthieu Suiche
