I think this should be an nice question tu argue, and this because of many of us dedicate to security. Java, .NET are the future of applications and web services so where does buffer overflows and format string bugs goes? Accionally many of the vulnerabilities that we exploit are cause of this miss undestanding of safe programming. Millions of lines of codes have been patched againts this flaws.

So where do you think security is going, to Social Engineering (boring), to anit virus technologies (kind of Social Engineering), to IDS/IPS tech.

In Past Conventions on Defcon and BlackHat, nothing new or even intersting.

No new attacks techniques?

so were are in a dead spot, or it is really the end of security as we know it.

What difference  between VMWARE application debugging and non-VMWARE application debugging.

I ask this because i want to build good skillz in looking for software flaws/bugs.

An i think virtualization can in some way alter the assembly code?