ToorCon Seattle (Beta)

ToorCon Seattle (Beta) in Seattle was a new experiment by the ToorCon folks. It was essentially an informal and free invite-only conference, total attendance numbering around 150, with a single track of speakers each having 20 minutes to speak on their current (and potentially in-progress) research. The format was very similar to the format that […]

The VoIP Toll Shift

One of the promises of VoIP is it’s cost-effectiveness. By overlaying the new breed of telephony networks on top of our existing data networks and the Internet, thereby leveraging a transport mechanism that we’re already maintaining and paying for, we rid ourselves of the high toll charges imposed on us by the traditional telephony services […]

Black and White Ball

I’ve been invited to speak during the Black Track at the Black and White Ball this September which is being held at the Ministry of Sound in London. I’ll be presenting on some new research I’ve been working on involving VoIP and steganography. The presentation will be entitled “Real-time Steganography with RTP.”

EUSecWest 2007

During the first 3 hour leg of my trip, I finished the slides for my talk. During the second, 8 hour leg of my trip, I managed to sleep for about 5 of them. I arrived at 7 am local time, took an hour to get through customs and get my baggage, another hour to […]

VoIP Attacks!

I recently gave a presentation at ToorCon 8 in San Diego on the subject of VoIP attacks. You can find slides and video here. A writeup from Wired News can also be found here.

VoIP Attacks!

My presentation earlier today went very well. Other than a few technical difficulties with the A/V setup regarding my laptop audio and running out of time with about 4 slides and my conclusion left and having to rush through the end, I was very happy with it. Slides in various formats and video of my […]

ToorCon 8 Speaker Lineup Changes

Apparently, some time a couple weeks ago, the ToorCon speaker schedule was updated. I’m now no longer up against Chris Eagle, but am now up against spoonm speaking about reversing with Ruby. I don’t know if this change will help or hurt my talk’s attendance… Both of them are excellent speakers with excellent topics, and […]

ToorCon 8

I’ve been accepted to speak at ToorCon 8 later this month. My presentation is entitled “VoIP Attacks!” and will briefly cover some VoIP basics, various attacks against VoIP systems that are currently relevant, and then discuss mitigation techniques against those attacks and why many of the mitigation techniques have problems.

New Employer: TippingPoint

Today I’ve begun working for a new employer, TippingPoint, a division of 3Com. Essentially TippingPoint is a recent acquisition of 3Com’s and has become 3Com’s Security Research group. While working for TippingPoint, I’ll be doing a number of different things, primarily working with the TippingPoint Security Research (TSR) team who do product vulnerability assessment and […]

Does backwards compatibility stifle innovation and progress?

Upon beginning my new job, I’ve been thrown head-first into the world of Internet Telephony security, a sector that I’ve not really paid much attention to, much less followed. I’m currently in the process of getting acquainted with all of the various protocols and technologies involved, and in doing so I’ve signed up to the […]