I’ve been invited to speak at DEFCON 15 this August which is being held at the Riviera Hotel & Casino in Las Vegas. I’ll be presenting on some new research I’ve been working on involving VoIP and steganography. The presentation will be entitled “Real-time Steganography with RTP.”
ToorCon Seattle (Beta) in Seattle was a new experiment by the ToorCon folks. It was essentially an informal and free invite-only conference, total attendance numbering around 150, with a single track of speakers each having 20 minutes to speak on their current (and potentially in-progress) research. The format was very similar to the format that the AHA! meetings take, so I was right at home speaking there. The conference talks [...]
BlueHat v5, held at the Microsoft campus in Redmond, is Microsoft’s own little hacker conference. It’s an invite only conference, however I was able to get an invite through a colleague. Normally I wouldn’t be interested in a Microsoft-centric security conference, as the large majority of my research targets have nothing to do with Microsoft products, but I was going to be in town during BlueHat anyway due to a [...]
In a couple of weeks I'll be heading to Seattle for Microsoft's internal security conference, BlueHat, and ToorCon's invite-only conference, ToorCon Seattle (Beta). I've never been to BlueHat before, but that's not really surprising since most of my research targets, both now and in the past, have had absolutely nothing to do with Microsoft products. The primary reason I'm attending is that BlueHat takes place the two days before ToorCon [...]
I've been invited to speak during the Black Track at the Black and White Ball this September which is being held at the Ministry of Sound in London. I'll be presenting on some new research I've been working on involving VoIP and steganography. The presentation will be entitled "Real-time Steganography with RTP."
I maintain a Google calendar entitled "Information Security Conferences, Workshops, and Training", and it contains dates for conferences, workshops, training, CFP deadlines, and related events. I inadvertently announced it to the InfoSec research community by way of a response to a recent post on the Daily Dave email list asking about such a calendar. Since then I've had a flood of responses suggesting additional events to add as well as [...]
Early last Friday morning I flew out of DFW on my way to D.C. for ShmooCon. I arrived in D.C. at noon after the pilot of my plane aborted the first landing and had to make a second approach. I forgot just how difficult the approach is flying into Reagan National Airport. If I recall correctly planes must maintain a minimum altitude and have to make an odd approach all [...]
During the first 3 hour leg of my trip, I finished the slides for my talk. During the second, 8 hour leg of my trip, I managed to sleep for about 5 of them. I arrived at 7 am local time, took an hour to get through customs and get my baggage, another hour to take the train from the airport to the hotel area, and another two hours for [...]
I've been invited to speak at EUSecWest 2007, an information security conference in London on March 1st and 2nd. I'll be giving an updated version of my VoIP Attacks! presentation.
I recently gave a presentation at ToorCon 8 in San Diego on the subject of VoIP attacks. You can find slides and video here. A writeup from Wired News can also be found here.