ToorCon Seattle (Beta)

ToorCon Seattle (Beta) in Seattle was a new experiment by the ToorCon folks. It was essentially an informal and free invite-only conference, total attendance numbering around 150, with a single track of speakers each having 20 minutes to speak on their current (and potentially in-progress) research. The format was very similar to the format that the AHA! meetings take, so I was right at home speaking there. The conference talks [...]

The VoIP Toll Shift

One of the promises of VoIP is it’s cost-effectiveness. By overlaying the new breed of telephony networks on top of our existing data networks and the Internet, thereby leveraging a transport mechanism that we’re already maintaining and paying for, we rid ourselves of the high toll charges imposed on us by the traditional telephony services by allowing end-users to call each other, regardless of the distance, essentially for “free.” And [...]

By |2007-04-24T14:28:37+00:00April 24th, 2007|economics, telephony, voip|0 Comments

EUSecWest 2007

During the first 3 hour leg of my trip, I finished the slides for my talk. During the second, 8 hour leg of my trip, I managed to sleep for about 5 of them. I arrived at 7 am local time, took an hour to get through customs and get my baggage, another hour to take the train from the airport to the hotel area, and another two hours for [...]

By |2007-03-02T16:10:08+00:00March 2nd, 2007|conference, security, security research, voip|0 Comments

VoIP Attacks!

My presentation earlier today went very well. Other than a few technical difficulties with the A/V setup regarding my laptop audio and running out of time with about 4 slides and my conclusion left and having to rush through the end, I was very happy with it. Slides in various formats and video of my talk can be found here.

By |2006-10-02T12:44:19+00:00October 2nd, 2006|conference, hack, voip|0 Comments

ToorCon 8 Speaker Lineup Changes

Apparently, some time a couple weeks ago, the ToorCon speaker schedule was updated. I'm now no longer up against Chris Eagle, but am now up against spoonm speaking about reversing with Ruby. I don't know if this change will help or hurt my talk's attendance... Both of them are excellent speakers with excellent topics, and my topic really is kinda blah unless your a telephony geek. I may end up [...]

By |2006-09-26T20:50:37+00:00September 26th, 2006|conference, hack, voip|0 Comments

ToorCon 8

I've been accepted to speak at ToorCon 8 later this month. My presentation is entitled "VoIP Attacks!" and will briefly cover some VoIP basics, various attacks against VoIP systems that are currently relevant, and then discuss mitigation techniques against those attacks and why many of the mitigation techniques have problems.

By |2006-09-06T19:01:58+00:00September 6th, 2006|conference, security, security research, voip|0 Comments

New Employer: TippingPoint

Today I've begun working for a new employer, TippingPoint, a division of 3Com. Essentially TippingPoint is a recent acquisition of 3Com's and has become 3Com's Security Research group. While working for TippingPoint, I'll be doing a number of different things, primarily working with the TippingPoint Security Research (TSR) team who do product vulnerability assessment and verify Zero Day Initiative submissions. I'll also be helping the Digital Vaccine team design IPS [...]

By |2006-03-06T11:30:24+00:00March 6th, 2006|employment, security, security research, voip|0 Comments

Does backwards compatibility stifle innovation and progress?

Upon beginning my new job, I’ve been thrown head-first into the world of Internet Telephony security, a sector that I’ve not really paid much attention to, much less followed. I’m currently in the process of getting acquainted with all of the various protocols and technologies involved, and in doing so I’ve signed up to the VoIPSec mailing list. After following the current discussion threads there for a few weeks, I [...]

By |2005-09-01T04:33:47+00:00September 1st, 2005|technology, voip|0 Comments