I Am Not Satoshi

November 26, 2013

There has been a lot of speculation recently regarding whether or not I am Satoshi Nakamoto, the infamous creator of Bitcoin, and more recently whether or not a Bitcoin address which I control was used to fund the Silk Road marketplace.  I would like to address these two issues now and hopefully put them to rest.

Read the rest of this entry »

About these ads

REcon 2012

June 19, 2012

I’ve just recently returned from REcon 2012 and while I heard a couple people express that they had “heard” that some people were more disappointed with this year’s conference compared to prior ones, I personally really enjoyed it and felt it was the best one yet.  I saw and enjoyed more of the lectures this year than I have in the past and seemed to have better interactions with the other conference attendees, better conversations, and generally enjoyed myself more than years past.  Perhaps it was because this year Montreal wasn’t in the middle of a heat wave with no air conditioning in the hotel and the conference hotel didn’t catch fire (:

Read the rest of this entry »

InfoSec Southwest 2012 Debrief

April 11, 2012

ISSW 2012 LogoA couple of weekends ago I hosted my first information security and hacking conference called InfoSec Southwest here in Austin, Texas.  Having been attending such conferences for over fifteen years, and being involved with those in such capacities as speaker, volunteer, and sponsor, I had a general idea of the amount of work that this undertaking would be and luckily I wasn’t too far off in my estimation.  Had this been much more work than I had expected, I just might have keeled over and died from over-stimulation and exhaustion…

Read the rest of this entry »

ExploitHub

February 29, 2012

ExploitHub LogoA few years ago, following the failure of WabiSabiLabi’s 0day auction site, I gave some thought to how to create a public marketplace for exploits that actually works.  Obviously given the example of WabiSabiLabi and a little common sense that any vulnerability researcher worth their salt would know, you can’t have a public market for 0day vulnerabilities.  As WabiSabiLabi quickly found out, by disclosing enough information about the vulnerability so that a potential customer can make a determination about whether or not to buy it, you’re likely giving up enough information about the vulnerability for them to find it themselves, given varying levels of time and effort.  Thus, you can really only market 0day to trusted customers and when your marketplace is open to the public, your customers are most definitely not trusted and consists of various demographics who have lots of disposable time on their hands to go hunt down your vulnerabilities.  So, what if we remove 0day from the equation entirely I thought? Could an open market for exploits of public vulnerabilities work? Would anyone actually buy such exploits?  ExploitHub was born, and it turns out the answer is yes.

Read the rest of this entry »

TSA Lectures, Lies, and Rude, Dismissive Behavior

February 21, 2012

On a recent trip to Orlando, I opted out of the full-body scan at AUS, as I always do at every airport security checkpoint.  While waiting for my pat-down, I was lectured by the TSA gate agent about how safe they are, was subsequently questioned about my cellphone use as a radiation exposure comparison, and was subjected to repeated attempts to get me to change my mind and just go through the scanner.

Read the rest of this entry »

InfoSec Southwest 2012

February 14, 2012

InfoSec Southwest 2012 LogoA few years ago, the idea came up at our local AHA! meeting that our group should host an information security and/or hacking conference here in Austin, Texas.  Some venue ideas were tossed around, some preliminary cost research done, but the idea never went much beyond that due to a number of reasons, foremost of which is that AHA! folk are very, very busy people, myself included.  Back then, none of us simply had the time or resources to make such an undertaking happen.  Fortunately, while I still don’t really have the time personally, I now have the resources in the way of paid staff that I can have plan and execute such an event, so mid-2011 or so I decided to do so.

Read the rest of this entry »

Reboot

February 6, 2012

It’s been quite a while since I’ve posted anything here other than the occasional conference report, and there are many more of those in draft form from the past two years that I didn’t even get around to finishing up and actually posting…  This is due to a variety of reasons, some of which include a complete change in career focus a couple years ago involving going into business for myself, to having very little free time due to the myriad of things I’ve got going on.  This however needs to change, as I need at least one outlet for my thoughts that isn’t constricted to 140 characters or the no-frills formatting that most of the social networks provide.  That said, it is my intention to write here more often, beginning with this post and continuing with more to follow over the next few weeks, mostly about the various ventures I’ve begun or have become involved in over the past few years.

Read the rest of this entry »

CanSecWest 2011

March 24, 2011

Yes, that’s right…  After many, many years of wanting to attend this conference, I finally made it.  CanSecWest has been heralded as one of the best, top-quality security conferences that you can attend, and while I actually made it across the pond a few years ago to speak at EUSecWest, the logistics for getting up to CanSecWest just never worked out for me…  until this year.

Read the rest of this entry »

Toronto, October 2010

November 2, 2010

This post was originally entitled “SecTor 2010″, however I never actually attended the conference, so it’s not really about the conference but rather my short stay in Toronto during the SecTor 2010 conference.

Read the rest of this entry »

ToorCon 12

October 27, 2010

After a two year absence due to unavoidable other obligations like good friends’ weddings, I finally made it back to one of my favorite hacker conferences, Toorcon.  San Diego is always beautiful when I happen to be there with nice weather and a cool mix of people, both locals and visitors who are there for the conference, and this year was no exception.

Read the rest of this entry »


Follow

Get every new post delivered to your Inbox.