Please email DT with any DEF CON related links, articles, pictures, etc. Thanks!
|Text Announcements||Logos for DEF CON 6.0|
|Ride and Room Sharing Links||Other Peoples DEF CON 6.0 Resources|
|Events happening at DEF CON 6.0||Current Speakers|
|Current Speaking Schedule|
Stisa Granick is a criminal defense attorney in San Francisco, California.
She defends people charged with computer-related crimes, as well as other
offenses. Jennifer has been published in Wired and the magazine for
the National Association of Criminal Defense Lawyers.
Schneier is president of Counterpane Systems, the author of Applied Cryptography,
and the inventor the Blowfish algorithm. He serves on the board of
the International Association for Cryptologic Research and the Electronic
Privacy Information Center. He is a contributing editor to Dr. Dobb's
Journal, and a frequent writer and lecturer on cryptography.
About 80 million digital cell phones worldwide implement the Global System for Mobile communications (GSM) protocols. Recently it was announced that COMP128, the cryptographic algorithm that protects the "identity key" in the majority of these phones, was extremely weak, thus allowing GSM phones to be "cloned". In this talk, we will examine how COMP128 is used in the GSM protocol, describe the algorithm itself, and demonstrate how to break it. We will also discuss the implications this result has for the security of of the voice privacy features of GSM.
Goldberg is a Graduate Student Researcher and founding member of the Internet
Security, Applications, Authentication and Cryptography (ISAAC) research
group at UC Berkeley. His research areas include cryptography, security,
privacy systems, and digital cash.
Mr. Shipley will present research covering an overview of a 2 year effort in massive multi-modem wardialing. His findings will include some personal observations and the results obtained from scanning the San Francisco bay area. When Mr. Shipley started this project he noted that there were no published research references to wardialing or documented statistical results of the types of equipment and computer networks commonly found on the POTS (Plain old telephone system) network. Mr. Shipley decided to change that through his research.
Shipley Is an independent consultant in the San Francisco Bay Area with
nearly thirteen years experience in the Computer Security field. Mr. Shipley
is one of the few individuals who is well known and respected in the professional
world as well as the underground and hacker community. He has extensive
experience in system and network security as well as programming and project
design. Past and current clients include TRW, DHL, Claris, USPS, Wells
Fargo, and KPMG. In the past Mr. Shipley has designed Intranet banking
applications for Wells Fargo, Firewall design and testing for WWW server
configuration and design for DHL. Mr. Shipley's specialties are third
party penetration testing and firewall review, computer risk assessment,
and security training. Mr. Shipley also performs post intrusion analysis
as well as expert witness testimony. Mr. Shipley is currently
concentrating his efforts on completing several research projects.
Valeri is a researcher in the information warfare programme of the International
Centre for Security Analysis, which is part of the Department of War Studies,
King's College London. He is also a PhD candidate at the Department of
War Studies at King's College. His research interests are information security
policies, the impact of the Internet and other online services on military
and strategic thinking and, in general, non-military threats to national
and international security and stability.
Gessel spent his childhood hammering steel in front of a coal-fired forge
as a blacksmith's apprentice for seven years. He then went to MIT to get
a degree in physics where he focused on robotics and precision engineering.
Switching coasts, David joined Apple's Advanced Technology Group and worked
on various things including pen-based computers, LCD technology, and digital
cameras. After ATG, David worked at Interval Research Corp, researching
rapid design/prototyping technologies for mechanical systems. David
is now CTO of Spinner, Inc., a startup developing QTVR technology; VP of
Engineering for Nebucon, Inc., a startup developing secure Internet services
for small businesses; and contracts mechanical design services bicostally.
Feedlebom and Technopagan have operated The Voice of Mercury and the Desert
Crossing Radio broadcasts for the last four years. They are also
responsible for strange radio emissions that have been heard in the Los
Angeles area on 104.7 MHz.
Dr. Byte is a Ph.D. candidate in Computer Engineering and an instructor of Computer Engineering at a major university. He received his B.S. and M.S. in Computer Engineering in 1994 and 1997 respectively. For his M.S., he worked with a real time bit error rate simulator, and developed a next generation real time hardware system for bit error rate simulations. He has developed a 16 bit RISC microprocessor in VHDL in a Field Programmable Gate Array (FPGA) able to run compiled 'C' code. His research interests include security over wireless networks, in particular ad-hoc networks using IPv6. He has co-authored 3 papers on IEEE 802.11 and IPv6.
Dan Veeneman, Writer & communications consultant. - Several low earth orbiting satellite systems are already in orbit, and commercial service is just around the corner. Global wireless voice and data services will be available from handheld terminals. Dan Veeneman will bring us up to date on existing and future systems and answer questions from the audience.
Veeneman has served in various management and technical positions in the
computer industry since 1980. He has developed financial programs for the
banking, investment and real estate industries, as well as software for
a variety of companies including A.C. Nielsen, McDonalds, Reuters and Baxter-Travenol.
Dan has installed and supported many local and wide area networks, including
a nation-wide data delivery network. He also has experience supporting
Internet connectivity, including Motorola's world-wide Network Information
Center. Dan has provided data security and encryption services for a number
of government and civilian clients, encompassing video and data delivered
over telephone, satellite and the Internet. He also edits a quarterly newsletter
concerning cryptography. Dan holds an engineering degree from Northwestern
University. Dan also writes a monthly column for Monitoring
Times magazine called PCS Front Line.
By failing to consider all aspects of security when implementing the system management tools provided with these computers, the vendors are selling million-dollar-plus products that are less secure than typical end-user workstations. I contend that as unix offerings start providing mainframe class computing power, they need to also look towards providing mainframe class security.
dropped out of high school about a month prior to graduation. After working
at Wendy's, Wal-Mart and Texaco for a few months each, he decided that
he would rather be a Unix sysadmin. He lives in 602 with his beautiful
fiancé (mgd) and is currently employed by American Express, where
he gets to play with all sorts of expensive toys.
Wright is a former law enforcement officer with 15 years experience.
He is court qualified as an expert in computer crime, and interview and
interrogation. He is a regular instructor for the International Association
of Computer Investigative Specialists (www.cops.org)
in the areas of computer crime. He has also taught interview/interrogation
techniques nationally for Reid and Associates (www.reid.com)
to the FBI, Secret Service, NSA, and many state and local agencies. Part
of his training has included extensive work in the area of criminal personality
profiling and behavioral analysis interviews. He works in the private sector
conducting internet investigations for software piracy, copyright and trademark
infringement, economic and corporate espionage investigations, and with
intellectual property law firms in the area of electronic discovery. In
addition he has conducted over 200 undercover internet investigations,
and has been asked to provide training to the FBI and RCMP on undercover
internet investigative techniques.
Richard Thieme is a business consultant, writer, and professional speaker focused on the human dimension of technology and the work place. His creative use of the Internet to reach global markets has earned accolades around the world. "Thieme knows whereof he speaks," wrote the Honolulu Advertiser. He is "a prominent American techno-philosopher" according to LAN Magazine (Australia), "a keen observer of hacker attitudes and behaviors" according to Le Monde (Paris), "one of the most creative minds of the digital generation" according to the editors of Digital Delirium, and "an online pundit of hacker culture" according to the L A Times.
articles are published around the world and translated into German, Chinese,
Japanese and Indonesian. His weekly column, "Islands in the Clickstream,"
is published by the Business Times of Singapore, Convergence (Toronto),
and South Africa Computer Magazine as well as distributed to subscribers
in 52 countries. Recent
clients include: Arthur Andersen; Strong Capital Management; System
Planning Corporation; UOP; Wisconsin Power and Light; Firstar Bank; Northwestern
Mutual Life Insurance Co.; W. H. Brady Company; Allstate Insurance; Intelligent
Marketing; and the FBI.
Gregory survived growing up in New York City where he learned how to program computers using punch cards and paper tape. After graduating from Clemson University with a Computer Science degree, he developed an extensive consulting business. Greg currently is VP of Software Development at Energy Interactive of Berkeley.
Thompson will be presenting on the design and development of his personal
operating system, which is being developed for the hacker community. The
OS, while egotistically being called JeffOS, will be released under the
name GuildOS in honor of its roots.
Smartcards are a marvelous tool for the security software developer. Their small form factor and tamper resistant, though not tamper proof, packaging allows for numerous applications, such as secure key storage and encryption. Unfortunately, many software developers still consider smartcards difficult to work with. No doubt largely due to the fact that vendors have so far failed to provide sufficient information and development tools.
We will introduce SCARD, a free, cross-platform smartcard development, analysis, and integration tool. No longer does the smartcard-curious individual have to learn obscure low level smartcard commands. If you know how to use a UNIX shell or Windows NT, you can use smartcards.
There will be a demonstration of several cryptographic, electronic cash, and GSM cards. The audience is encouraged to submit any smartcards in their possession for analysis.
Marc Briceno is the Director of the Smartcard Developer Association <http://www.scard.org>, the only vendor-independent smartcard industry association. The SDA's member base is comprised of smartcard and security experts in Europe, Asia, the Americas, and Australia. The SDA distributes universal smartcard analysis and integration tools to software developers worldwide.
Briceno coordinated the efforts leading to the discovery and break of COMP128
<http://www.scard.org/press/19980413-01/>, the GSM digital cellular
telephony authentication cipher. Mr. Briceno is a senior advisor on digital
telephony issues to an international development effort engaged in designing
low cost phone encryption devices and a consultant to memory chip forensic
data analysis teams at several major universities.
to starting Zero-Knowledge Systems, Mr. Hill was the Chief Technology Officer
for TotalNet Inc., which was one of the 3 largest Internet Providers in
Canada. This company was sold in March 1997 to MPACT Immedia which
is Canada's largest E-Commerce company.
Use some of the available logos people have been kind enough to create for the convention that are on this page. Please DO NOT USE the sponsor logos if you are not an official sponsor.
FRIDAY July 31st:
conference doors open!
- 18:45 Lockpicking demonstration in the main speaking
hall by Gurney Halleck.
SATURDAY August 1st:
Speeches, people selling
stuff, Capture the Flag, The DEF CON shoot, other special events to be
- 10:50 Richard Thieme - The More
Things Change The More They Don't:Soft Destruction and the Ancient Wisdom
- 21:00 The Black and White Ball
the speaking hall with live DJ action.
SUNDAY August 2nd:
Wrapping up Capture the Flag,
award giveaways, demonstrations to be announced
A 10:00 - 10:50 Dan Veeneman - LEO
systems, Iridium, and a satellite hacking update.
A 11:00 - 11:50 Dr. Byte - Technical
presentation on The security of wireless technology.
A 12:00 - 12:50 Peter Shipley - An
overview of a 2 year effort in massive multi-modem wardialing.
A 13:00 - 13:50 Se7en - Hacking
the Travel Industry.
A 14:00 - 14:50 Panel Discussion - Securing
A 15:00 - 15:50 Super Dave, of the DoC - Copyright
vs. Freedom of Speech.