Advertisements

Archive for the ‘conference’ Category

Speaking at DEFCON 15

May 19, 2007

I’ve been invited to speak at DEFCON 15 this August which is being held at the Riviera Hotel & Casino in Las Vegas. I’ll be presenting on some new research I’ve been working on involving VoIP and steganography. The presentation will be entitled “Real-time Steganography with RTP.”

Advertisements

ToorCon Seattle (Beta)

May 16, 2007

ToorCon Seattle (Beta) in Seattle was a new experiment by the ToorCon folks. It was essentially an informal and free invite-only conference, total attendance numbering around 150, with a single track of speakers each having 20 minutes to speak on their current (and potentially in-progress) research. The format was very similar to the format that the AHA! meetings take, so I was right at home speaking there. The conference talks were held on a single day, during the day, in a night club called the Last Supper Club.

The badges for this conference were really unique and interesting in that they looked like chocolate bars. The badges themselves were wrapped in a paper candy-bar wrapping themed after a Wonka bar, and the conference being invite-only, some of the bars had golden tickets in them which ensured your invite to next year’s conference. I don’t know what the ratio of bars with golden tickets to bars without were, but I was lucky enough to have gotten a bar with a golden ticket.

Finally, here are my comments for the various talks that I attended:

(more…)

BlueHat v5

May 16, 2007

BlueHat v5, held at the Microsoft campus in Redmond, is Microsoft’s own little hacker conference. It’s an invite only conference, however I was able to get an invite through a colleague. Normally I wouldn’t be interested in a Microsoft-centric security conference, as the large majority of my research targets have nothing to do with Microsoft products, but I was going to be in town during BlueHat anyway due to a small vacation prior to BlueHat, and speaking at ToorCon Seattle (Beta) afterward, so I figured I might as well attend.

Being an “external” attendee (i.e., I don’t work for Microsoft), I was essentially treated as a speaker and got to hang out in the speaker lounge since apparently the only external people that really attend are generally the speakers. That was fine by me however, since mostly everyone there that I knew was speaking or was in the same situation I was in.

Finally, here are my comments for the various talks that I attended:

(more…)

Upcoming Conferences

April 19, 2007

In a couple of weeks I’ll be heading to Seattle for Microsoft’s internal security conference, BlueHat, and ToorCon’s invite-only conference, ToorCon Seattle (Beta).

I’ve never been to BlueHat before, but that’s not really surprising since most of my research targets, both now and in the past, have had absolutely nothing to do with Microsoft products. The primary reason I’m attending is that BlueHat takes place the two days before ToorCon Seattle and I’ll already be in town those days due to attending ToorCon Seattle and returning through Seattle from a trip to Vancouver which will get me there a few days early.

ToorCon Seattle (Beta) is the first of ToorCon’s invite-only conferences and is adopting an extremely familiar approach to structure; Basically, all speakers will have up to 20 minutes to present on research currently in progress rather than finished work, followed by a hand-full of 5 minute turbo talks toward the end of the day. It seems like I’ve seen this format somewhere before…

I’ve submitted something to speak about at ToorCon Seattle but haven’t heard back yet on whether or not I’ll get a slot, so I’ll refrain from talking about that just yet.

Black and White Ball

April 16, 2007

I’ve been invited to speak during the Black Track at the Black and White Ball this September which is being held at the Ministry of Sound in London. I’ll be presenting on some new research I’ve been working on involving VoIP and steganography. The presentation will be entitled “Real-time Steganography with RTP.”

Information Security Conferences, Workshops, and Training Calendar

April 16, 2007

I maintain a Google calendar entitled “Information Security Conferences, Workshops, and Training”, and it contains dates for conferences, workshops, training, CFP deadlines, and related events. I inadvertently announced it to the InfoSec research community by way of a response to a recent post on the Daily Dave email list asking about such a calendar. Since then I’ve had a flood of responses suggesting additional events to add as well as a lot of positive feedback from people who are now subscribed to the calendar. I believe it’s probably now the most comprehensive calendar for the subject available.  I previously maintained the calendar just for myself and a few friends’ personal use, but apparently people are finding it extremely useful.

You can view or subscribe to the calendar via HTML, iCal, or XML.

ShmooCon 2007

March 28, 2007

Early last Friday morning I flew out of DFW on my way to D.C. for ShmooCon.  I arrived in D.C. at noon after the pilot of my plane aborted the first landing and had to make a second approach. I forgot just how difficult the approach is flying into Reagan National Airport. If I recall correctly planes must maintain a minimum altitude and have to make an odd approach all due to airspace of all the various monuments and government buildings in the vicinity of the airport, which results in the plane having to drop quite a bit of altitude right at the last minute and make a fairly quick turn about the same time to approach correctly. Not an easy task for a large jet I’m guessing…

(more…)

EUSecWest 2007

March 2, 2007

During the first 3 hour leg of my trip, I finished the slides for my talk. During the second, 8 hour leg of my trip, I managed to sleep for about 5 of them. I arrived at 7 am local time, took an hour to get through customs and get my baggage, another hour to take the train from the airport to the hotel area, and another two hours for them to have my room ready. While waiting for my room, I discovered that I was speaking that afternoon at 4 pm. Once my room was ready there was no longer time for a nap, so I gave my “VoIP Attacks!” talk exhausted and fueled entirely by RedBull. It gives you wings indeed.

(more…)

EUSecWest 2007

January 18, 2007

I’ve been invited to speak at EUSecWest 2007, an information security conference in London on March 1st and 2nd. I’ll be giving an updated version of my VoIP Attacks! presentation.

VoIP Attacks!

October 5, 2006

I recently gave a presentation at ToorCon 8 in San Diego on the subject of VoIP attacks. You can find slides and video here.

A writeup from Wired News can also be found here.