Final Speaker Spotlight: Wade King on CBC Padding Oracles BSides Vancouver Island 2025

Join us for the last speaker spotlight before BSides Vancouver Island hits the Victoria Conference Centre on October 3! In this episode, we sit down with Wade King, whose cutting-edge research on CBC padding oracle vulnerabilities is reshaping how we think about encryption in 2025. Wade shares his journey from bug bounty discoveries to uncovering multiple real-world account takeover vectors—all rooted in overlooked CBC implementations. From subtle attacks that bypass padding error detection to techniques for recovering initialization vectors, this interview dives deep into the risks developers face when trusting decrypted plaintext without understanding the underlying cryptographic pitfalls. 🎤 Topics Covered: - Why CBC encryption isn’t as “dead” as you think - Real-world padding oracle exploits in modern systems - A novel method for extracting padding oracles without triggering errors - How attackers can recover IVs and decrypt first blocks with enough samples - What developers and d