Archive for the ‘hpavc’ Category

ToorCon Seattle (Beta)

May 16, 2007

ToorCon Seattle (Beta) in Seattle was a new experiment by the ToorCon folks. It was essentially an informal and free invite-only conference, total attendance numbering around 150, with a single track of speakers each having 20 minutes to speak on their current (and potentially in-progress) research. The format was very similar to the format that the AHA! meetings take, so I was right at home speaking there. The conference talks were held on a single day, during the day, in a night club called the Last Supper Club.

The badges for this conference were really unique and interesting in that they looked like chocolate bars. The badges themselves were wrapped in a paper candy-bar wrapping themed after a Wonka bar, and the conference being invite-only, some of the bars had golden tickets in them which ensured your invite to next year’s conference. I don’t know what the ratio of bars with golden tickets to bars without were, but I was lucky enough to have gotten a bar with a golden ticket.

Finally, here are my comments for the various talks that I attended:



On Social Hacking Groups, Meetings, and AHA!

April 23, 2007

Since the early ’90s, when I first really started getting into information security and the hacking scene, I’ve always found immense value in social hacker meetings. Back then all I had was my local 2600 meeting, however today, depending on your place of residence, there may be many different types of meetings available to you ranging from black to white-hat orientations such as 2600, local-area DefCon groups, the regional *Sec groups like NoVASec and SeaSec, various security user groups like NTSUG, and independent groups like AHA!

The groups that I’ve participated in over the years which include both Dallas and Ft. Worth 2600 meetings, dc214, and AHA! have vastly contributed to my personal experience and continued success in my career and have definitely helped to get me to where I am today. Nowadays I simply won’t do without them.


Upcoming Conferences

April 19, 2007

In a couple of weeks I’ll be heading to Seattle for Microsoft’s internal security conference, BlueHat, and ToorCon’s invite-only conference, ToorCon Seattle (Beta).

I’ve never been to BlueHat before, but that’s not really surprising since most of my research targets, both now and in the past, have had absolutely nothing to do with Microsoft products. The primary reason I’m attending is that BlueHat takes place the two days before ToorCon Seattle and I’ll already be in town those days due to attending ToorCon Seattle and returning through Seattle from a trip to Vancouver which will get me there a few days early.

ToorCon Seattle (Beta) is the first of ToorCon’s invite-only conferences and is adopting an extremely familiar approach to structure; Basically, all speakers will have up to 20 minutes to present on research currently in progress rather than finished work, followed by a hand-full of 5 minute turbo talks toward the end of the day. It seems like I’ve seen this format somewhere before…

I’ve submitted something to speak about at ToorCon Seattle but haven’t heard back yet on whether or not I’ll get a slot, so I’ll refrain from talking about that just yet.

AHA! 0x0006

March 31, 2007

I am continually impressed by both the quantity and quality of speakers we have at our Austin Hackers Anonymous (AHA!) meetings every month. This last meeting was our 7th technical meeting and we had no less than 10 individual speakers with anywhere from 5 to 30 minutes each, each with something unique and interesting to talk about. The variety of subject matter was simply astounding.

I’m truly grateful to be surrounded by so many incredibly smart security people here in Austin. I hope we can continue to maintain this level of quality.

ShmooCon 2007

March 28, 2007

Early last Friday morning I flew out of DFW on my way to D.C. for ShmooCon.  I arrived in D.C. at noon after the pilot of my plane aborted the first landing and had to make a second approach. I forgot just how difficult the approach is flying into Reagan National Airport. If I recall correctly planes must maintain a minimum altitude and have to make an odd approach all due to airspace of all the various monuments and government buildings in the vicinity of the airport, which results in the plane having to drop quite a bit of altitude right at the last minute and make a fairly quick turn about the same time to approach correctly. Not an easy task for a large jet I’m guessing…


VoIP Attacks!

October 2, 2006

My presentation earlier today went very well. Other than a few technical difficulties with the A/V setup regarding my laptop audio and running out of time with about 4 slides and my conclusion left and having to rush through the end, I was very happy with it.

Slides in various formats and video of my talk can be found here.

AHA! 0x0001

September 30, 2006

Last wednesday we had our second AHA! technical meeting at the Austin Public Library. For anyone that didn’t know, the various branches of the APL have meeting and conference rooms available for use by the public if you can prove a non-profit status.

So far I’m really happy with the format of the meetings being a bunch of “turbo-talks” (presentations under 15 minutes in length). Not only does it keep me from getting bored but there’s always a wide range of things that people are talking about so there’s usually something for everyone.

We’ve recently put up a wiki site to hold slide decks from some of the talks at the meetings and short descriptions of the talks. Check it out if you’re interested in finding out what we’ve been talking about or want the details for the next meeting.

ToorCon 8 Speaker Lineup Changes

September 26, 2006

Apparently, some time a couple weeks ago, the ToorCon speaker schedule was updated. I’m now no longer up against Chris Eagle, but am now up against spoonm speaking about reversing with Ruby. I don’t know if this change will help or hurt my talk’s attendance… Both of them are excellent speakers with excellent topics, and my topic really is kinda blah unless your a telephony geek. I may end up speaking to a mostly empty room…