TextSearch
https://defcon.org/html/defcon-14/dc-14-speakers.html

DEFCON 14 Speakers

DEFCON 14 Speakers

· archived 5/18/2026, 12:41:44 AMscreenshotcached html
DEFCON 14 Speakers ` Speakers Alpahbetical by Name A-E F-L M-R S-Z Kevin Archer arcon atlas Kevin Bankston Jason Beckett beth Teli Brown Wes Brown Johnny Cache Strom Carlson James Christy Robert Clark Tyler Cohen Cindy Cohn Greg Conti datagram Jared DeMott digunix dr.kaos Steve Dunker Scott Dunlop Chris Eagle Charles Edge Alexander Eisen Riley "Caezar" Eller Gadi Evron FX Yuan Fan Matt Fiddler Halvar Flake Foofus Andy Fried Pamela Fusco Kenneth Geers Joe Grand Thomas X. Grasso Lukas Grunwald Peter Gutmann Robert J. Hansen Seth Hardy Matt Hargett Rick Hill H1kari Thomas Holt Dan Hubbard Arias Hung Johan Hybinette Mike Jacobs Dan kaminsky Alexander Kornbrust Isaac Levy (.ike) Lin0xx Johnny Long Major Malfunction Rich Marshall Raffael Marty Damon McCoy Scott Miller Luis Miras Mathew Monroe David Mortman Scott Moulton Mudge Collin Mulliner R.P. Murphy Danny O’Brien Timothy M O'Neill Kurt Opsahl Chris Paget tommEE pickles Bruce Potter Ken Privette Danny Quist Michael Rash Renderman Keith Rhodes Melanie Rieback Xiao Rong Martyn Ruks Eric Schmiedl Seth Schoen Amber Schroader Jason Schultz SensePost Anmol Sheth Paul Simmonds simple nomad skrooyoo Brad Smith Mark Stamp Joe Stewart Henry Teng Richard Thieme Thorn Dave Thomas Irby Thompson Marc Weber Tobias Peleus Uhley Valsmith Randal Vaughn Vidiot Paul Vixie weasel Linton Wells Rick Wesson Andrew Whitaker Greg White Wing H. Wong x30n The Making of atlas: Kiddie to Hacker in 5 Sleepless Nights atlas Abstract: atlas was just a kiddie when asked to write his first exploit in order to qualify for dc13's capture-the-flag. After conquering his sense of inadaquacy, he went on to win the individual competitiion and finish third even among the teams. This presentation will introduce you to atlas, to hacking, and to the pivotal "Stage 3 Binary" which turned the man's life upside down. The talk will be an entertaining walk through his efforts to understand and write a network exploit, some of his lessons learned, and some tools which made hacking a bit easier. The talk will include use of GNU Debugger (gdb), objdump output, ReadElf, Ktrace, and the @ Utility Belt toolkit (newly released). People who will find this talk of interest include: N00b hackers with an interest in writing exploits Anyone interested in the defcon CTF drama Friends of atlas who wish to heckle and otherwise find amusement at his expense Bio: atlas, a disciple of the illustrious Skodo, has a history in programming, systems support, telecom, security, and reverse engineering. His introduction to the hard-core hacking world was through dc13's CTF Qualifiers. atlas went on to win the individual contest and place third overall. atlas has written the WEP-cracking tool bssid-flatten and the @ Utility Belt toolkit. Discovering Mac OS X Weaknesses and Fixing Them with the New Bastille OS X Port Jay Beale, Lead Developer, Bastille Linux Abstract: The Mac OS X operating system is beautiful, but it’s not as secure as you think. It’s mostly Unix under that shiny GUI and while we’ve come to expect a very locked down system from recent Unix/Linux releases, that expectation isn’t entirely realistic when it comes to OS X. For instance, the firewall GUI tool makes it seem like you can create a default-deny firewall that only lets packets from established sessions in. The firewall it produces, though, is full of holes! Whatever you do, don’t take your OS X laptop onto the wireless network here! Write your own replacement or take the one we’ll offer in this talk, where we’ll introduce the new OS X port of the popular Bastille Linux system lockdown and audit tool, Bastille OS X. Bastille increases the security of OS X systems. It starts by building a real firewall configuration that you can tune to your needs. It continues by deactivating services like the information-leaking Bonjour service, which a remote attacker can use to get your Security Update (patch bundle) level, hardware versions and machine name. Finally, it configures the remaining operating system components, doing things like isolating local users from the service that gives them the length of all users’ passwords. There’s a lot more than that, though. Come learn about OS X security, learn how to harden and see the newest part of the Bastille family: Bastille OS X! Bio: Jay Beale is a information security specialist, well known for his work on mitigation technology, specifically in the form of operating system and application hardening. He's written two of the most popular tools in this space: Bastille Linux, a system lockdown and audit tool that introduced a vital security-training component, and the Center for Internet Security's Unix Scoring Tool. Both are used worldwide throughout private industry and government. Through Bastille and his work with the Center, Jay has provided leadership in the Linux system hardening space, participating in efforts to set, audit, and implement standards for Linux/Unix security within industry and government. He also focuses his energies on the OVAL project, where he works with government and industry to standardize and improve the field of vulnerability assessment. Jay is also a member of the Honeynet Project, working on tool development. Jay has served as an invited speaker at a variety of conferences worldwide as well as government symposia. He's written for Information Security Magazine, SecurityFocus, and the now-defunct SecurityPortal.com. He has worked on five books in the Information Security space. Three of these make up his Open Source Security Series, while two are technical works of fiction in the "Stealing the Network" series. Jay makes his living as a security consultant with the firm Intelguardians, which he co-founded with industry leaders Ed Skoudis, Eric Cole, Mike Poor, Bob Hillery and Jim Alderson, where his work in penetration testing allows him to focus on attack as well as defense. Prior to consulting, Jay served as the Security Team Director for MandrakeSoft, helping set company strategy, design security products, and pushing security into the third largest retail Linux distribution. Phishing, it starts with “Ph” for a reason. Some best practices to detect and prevent for some new point of attack methods Teli Brown, Brown Communications Security Consulting, Secure Science Corporation Abstract: Phishing, it starts with “Ph” for a reason. Some best practices to detect and prevent for some new point of attack methods. When banks and other financial institutions tell their customers to only give personal information (e.g.: Credit Card, Social Security Number, ETC) via the telephone, because of online attacks from phishers, that's when phishers get creative and go back to what the root of phishing has been and blend it with some new technologies.   Bio: Teli Brown has done Security consulting for major telecommunications companies, aiding in tracking terrorist and malicious telephone users. He has also done massive amounts of testing with number delivery in SS7, and was able to identify and backtrace the flaw in SS7 that allowed people the ability to change their "Charge Number". Now spends his time consulting for small businesses for voice services. Exploit Writing Using Injectable Virtual Machines Wes Brown, Founder, Ephemeral Security Scott Dunlop, Developer, Ephemeral Security Abstract: Mosquito is a secure remote execution framework available via LGPL that combines high-grade cryptography and a small efficient virtual machine on both ends to ensure that intellectual property is protected. It also presents a dynamic environment on a target host that can be reprogrammed on the fly over a secure communications channel to fit the current situation. The virtual machine was written from scratch for this purpose, with a built in cryptography library, and was optimized for size with an eye towards being able to inject it. The virtual machine’s native programming environment is a Scheme-derived Lisp-family language, with an optimizing bytecode compiler. It is also cross-platform using ANSI C and GCC, currently running on OpenBSD, Darwin, Linux, and Win32. Compiled bytecode is portable between these platforms, much like Java except it fits within 150K on some platforms. This talk will demonstrate the use of Mosquito to write exploits on the fly while the audience watches; the advantages and flexibility of using a virtual machine will be leveraged to implement a second stage puddle-hop exploit into another host. The cross-platform advantages of writing exploits in a portable virtual machine will also be demonstrated. There will be some discussion of Mosquito itself to give context and understanding. Bio: Wes Brown is a long-time network security practitioner who specializes in code reviews, web application assessments, penetration testing, and tools development. Prior to joining Accuvant as a senior security consultant, Wes worked for Internet Security System’s X-Force Consulting team. He conducted hundreds of penetration tests and web application assessments for ISS clients ranging from the smallest to Fortune 500 companies. He was also responsible for many of the in-house tools that helped the external assessment consulting practice succeed. He also can be frequently seen at industry conferences, having spoken at Defcon in the past. In founding Ephemeral Security, Wes hopes to advance the state of the art in network security by doing innovative and original research work. When not conducting consulting work, he has spent the last year and half on the Mosquito Environment along with other members of his company. Currently, he is hard at work as one of Accuvant’s lead consultants which gives him an opportunity to test the tools and environments that is developed as part of Ephemeral Security’s research efforts. He does the majority of the automation and tools that streamlines the assessment practice’s engagements, increasing quality while reducing turnaround time. Of course, Wes also does conventional consulting with a keen focus on code reviews and application assessments. Fun with 802.11 Device Drivers Johnny Cache Abstract: The 802.11 link-layer wireless protocol is widely known for its design flaws. Unauthenticated management packets, a ridiculous attempt at providing link layer confidentiality and authentication (WEP), and general vendor stupidity have all contributed to 802.11 being the most sensationalized protocol ever mentioned in the media. All of the above topics have been beaten to death. Instead this talk explores new advances not in design problems in 802.11, but in implementation issues. The two major advances in 802.11 security will be covered, device driver vulnerabilities and link layer fingerprinting techniques. 802.11 fingerprinting represents the first time that a link-layer protocol has been vulnerable to finger-printing attacks. These attacks can provide useful information to the attacker, allowing him to accurately target the latest weapon in any wireless hackers arsenal: 802.11 device driver exploits. Bio: Johnny Cache is responsible for many wireless hacking tools. These include jc-wepcrack (a distributed wep-cracker) jc-aircrack (a complete aircrack re-write in C++), and also helped h1kari create pico-wepcrack (a FPGA accelerated WEP brute forcer). Cache is currently pursuing his Master's degree in computer security. He is also co-author of "Hacking Exposed Wireless". His latest accomplishments can be found in Airbase, available at www.802.11mercenary.net Hacking FedEx Kinko's: How Not To Implement Stored-Value Card Systems Strom Carlson, Hardware Security, Researcher, Secure Science Corporation Abstract: ExpressPay is a stored-value cash card system which utilizes the Infineon SLE4442 chip; it was developed by enTrac Technologies of Toronto, Ontario, and its largest application is as the pre-paid cash card system in use at FedEx Kinko's. Analysis of a few dozen cards reveals that the data stored on the card is unencrypted and poorly protected against fraud, and a simple attack can be used to obtain the security code necessary to alter the data on the card. This talk will step the audience through the analysis, research, attack, and subsequent tests performed on the ExpressPay system, and conclude with recommendations on how to implement a more secure stored-value card system. Bio: Strom Carlson is a hardware security researcher at Secure Science Corporation, the organizer of the Los Angeles area Defcon Groups chapter (DC213), and the co-host of Binary Revolution Radio. He enjoys tinkering with technology, playing with telephones, and having a good time with whatever he happens to be involved in. SOCIAL MESSAGE RELAY: Using existing social networks to transmit covert messages in public Strom Carlson, Hardware Security, Researcher, Secure Science Corporation skrooyoo datagram Vidiot Abstract: In the age of NSA phone taps, mandatory data retention, CALEA, the PATRIOT Act, and national firewalls, establishing a truly covert communications channel without leaving a trail is becoming almost impossible. Even when strong encryption is used to protect the message, Government agencies now have the ability to use pattern analysis to pinpoint almost all participants in the conversation. Without tremendous diligence, truly anonymous communication is almost impossible. But what if you could skip having to create the communications channel entirely? What if you could have unwitting, or even willing, third parties spread your message for you? The larger the network of people spreading the message, the more difficult traffic analysis becomes as the signal-to-noise ratio increases. Convenient anonymity for the sender and recipient of the message becomes possible again. The presenters will demonstrate how they were able to create a publicly available communications channel and use thousands of unwitting participants to spread their encrypted messages. The presentation will also include speculations on how to create networks designed to foil traffic analysis attempts, and observations about the culture of the online cryptographic community, and the nature of collaborative problem solving. Bio: Strom Carlson is a hardware security researcher at Secure Science Corporation, the organizer of the Los Angeles area Defcon Groups chapter (DC213), and the co-host of Binary Revolution Radio. He enjoys tinkering with technology, playing with telephones, and having a good time with whatever he happens to be involved in. Legal Aspects of Computer Self-Defense and Aggressive Self-Defense Robert W. Clark, Command Judge Advocate, 1st Information Operations Command (ACERT Legal Advisor) U.S. Army Abstract: This presentation looks at several scenarios of aggressive self defense. It applies the law to each of the participants in various schemes—to the aggressor and to the defender. We see where simple self defense options could actually result in prosecution to the aggressor; prosecution of the defender; prosecution of both; or, be faulted for screwing up an investigation rendering a prosecution impossible. Many of the legal rationales for aggressive self defense will be discussed from the typical discussion of self defense to the law of nuisance and self help. This presentation seeks to simplify the aspects of aggressive and non-aggressive self defense.  Bio: Major Robert Clark is the Command Judge Advocate for the Army’ 1st Information Operations Command. As the sole legal advisor, his primary duty is to advise the Army’s Computer Network Operations Division on all aspect of computer operations and security. This role has him consulting with the DoD Office of General Counsel, NSA, and DoJ Computer Crime and Intellectual Property Section. He lectures at the Army’s Intelligence Law Conference and at the DoD’s Cybercrimes Conference. Legal Aspects of Internet & Computer Network Defense - A Year in Review Computer and Internet Security Law 2005-2006 Robert W. Clark, Command Judge Advocate, 1st Information Operations Command (ACERT Legal Advisor) U.S. Army Abstract: This presentation looks at computer network defense and the legal cases of the last year that affect internet and computer security.  This presentation clearly and simply explains (in non-legal terms) the legal foundations available to users and service providers to defend their networks.  Quickly tracing the legal origins from early property common-law doctrine into today’s statutes and then moving into recent court cases and battles. We will look at the past criminal prosecutions and precedents, both civil and criminal, since we last met a year ago. As always, this presentation will quickly become an open forum for questions and debate.  Bio: Major Robert Clark is the Command Judge Advocate for the Army’ 1st Information Operations Command. As the sole legal advisor, his primary duty is to advise the Army’s Computer Network Operations Division on all aspect of computer operations and security. This role has him consulting with the DoD Office of General Counsel, NSA, and DoJ Computer Crime and Intellectual Property Section. He lectures at the Army’s Intelligence Law Conference and at the DoD’s Cybercrimes Conference. Googling: I‚m Feeling (un)Lucky Greg Conti, United States Military Academy Abstract: Birth, School, Work, Death. Imagine every web search you‚ve ever done placed on a timeline of your life. Is there anything on that list you wouldn‚t want your mother (or employer) to know about? How about the aggregate web searches of your entire company? What if they fell into the hands of a competitor? Recent trends indicate that we can no longer rely on the privacy policies of individual web companies to keep this information private. In this talk, we'll examine the many ways we disclose information in return for free web services as well as how effective you think your privacy countermeasures are. This session won't be a monolog, but an active discussion on the problem of web-based information disclosure. As part of the talk, I'm releasing a program that will extract web searches from your Firefox browser's cache to show you what you‚ve been disclosing. Bio: Greg Conti is an Assistant Professor of Computer Science at the United States Military Academy. He holds a PhD in Computer Science from Georgia Tech and a Bachelor of Science in Computer Science from the United States Military Academy. His areas of expertise include network security, information visualization and information warfare. His work can be found at http://www.rumint.org/gregconti/index.html. The Evolving Art of Fuzzing Jared DeMott, Vulnerability Researcher, Applied Security, Inc. Abstract: The Evolving Art of Fuzzing will be a technical talk detailing the current state of fuzzing and describing cutting edge techniques. Fuzzer types, metrics, and future research will be presented. Also, three of ASI's private fuzzer tools will be discussed. They will be released on the DEFCON CD. Bio: Jared DeMott Jared DeMott is a vulnerability researcher for Applied Security, Inc. (ASI). Jared earned a masters degree from Johns Hopkins University and is currently pursuing a PhD from Michigan State University, with dissertation work to be done on fuzzing. FEAR!(?)  The Census Bureau Steve Dunker Abstract: The Census Bureau is the Only Federal Agency that is acquiring detailed personal data on Every person in the United States. While the Census provides valuable information that is vital to our form of government, major privacy concerns exists. The potential for abuse of the data has historical roots, the most notorious being the rounding up and relocation of Japanese-Americans during World War II.  Learn how the Social, Economic, Housing, and Financial characteristics being gathered can be legally used against you. We will examine how dangerous the data could be if it was used illegally. (If you are paranoid, you do not want to miss this!) Finally, we wi

… truncated (154,862 more characters in archive)