|| ||Mark Anderson <firstname.lastname@example.org>|
|| ||Final Round of Speakers for HiverCon 2002 Security Conference Announced|
|| ||Wed, 11 Sep 2002 12:56:44 +0100|
FINAL ROUND OF HIVERCON 2002 SPEAKERS ANNOUNCED
http://www.hivercon.com/ -- The submission deadline for this year's HiverCon
security conference passed last Friday at midnight PST. Many long nights
were spent by the organisers reading and rereading the submissions trying to
find the right mix of speakers for the November event. In total ten speakers
have been announced as confirmed to speak at HiverCon 2002. The industry
recognized names will be presenting papers on a myriad of information security
topics, introducing new tools and research, as well as discussing newly
highlighted security problems and solutions.
Before getting into the talk details it should be noted that Earlybird
registration for the conference closes on October 1st and tickets are limited
so order now and save 200 Euro. The venue for the conference, the Burlington
Hotel, still has some reduced rate rooms available but that offer is also
only open until October 1st.
Richard Thieme (thiemeworks.com) will open the conference on November 26th
with his keynote speech entitled 'Defending the Information Web'. Business
consult, writer, professional speaker and security philosopher, Thieme's work
has been published by the Business Times of Singapore, Convergence (Toronto),
and South Africa Computer Magazine (Capetown). His talk will cast a wide net
as he illuminates the on-going battle that is information security and our
role in it.
Dan Kaminsky (Doxpara Research) is the author of The Paketto Keiretsu, a
suite of userspace tools to demonstrate new and highly useful functionality
that lies dormant within existent, even stagnant networks. He will discuss
his work on previously unrealised subtleties of the TCP/IP standard and some
newly available cryptographic primitives will also be discussed and analysed
for potential uses. Dan worked for two years, at Cisco Systems, designing
security infrastructures for large-scale network monitoring systems. He
recently wrote the spoofing and tunneling chapters for "Hack Proofing Your
Network: Second Edition", and has delivered presentations at several major
David Houlton (Dachb0den Labs) will present a technical overview of all of
the current leading edge methods of attacking 802.11b wireless networks. It
will cover specifics behind WEP cracking using both the 21-bit passphrase
and brute force attacks, the Fluhrer, Mantin, and Shamir attack, and other
injection based WEP attacks. It will also cover specifics behind protocol
capture and injection attacks including disassociating nodes from an access
point, re-associating them with another access point, basic man-in-the-middle
scenarios, as well as some new 802.11b hardware/firmware and software based
vulnerabilities. David is the main developer of the bsd-airtools project, a
complete 802.11b penetration testing and auditing toolset.
FX is the leader of the German Phenoelit research group. His and the groups
interest is in less known or commonly ignored protocols, devices and
techniques. As such his talk 'Attacking networked embedded systems' will show
how to exploit design failures and software vulnerabilities in embedded
systems such as printers and routers. The attacks range from simple design
issue exploitation to code execution on the target for the purpose of
compromise or use as attack platforms .
Advances in storage technology, networks, file system software, operating
system advances and increasing mobility of data have all conspired to make
getting rid of data very difficult. Kurt Seifried will discuss the software
options for data deletion and encryption that are available and thier flaws.
The polish research group LSD will be focusing on the development of assembly
components within the Windows 2K/XP environment. They will show that security
vulnerabilities, allowing for unauthorized execution of few dozen assembler
instructions, have in practice the same high risk in Windows as on Unix
platforms. During the presentation the details of developing assembly
components along with proof of concept code will be presented.
The Open Source Security Testing Methods came about as a need for an open,
free security testing methodology in response to the numerous security testing
companies who claimed to have a secret, internal and corporate confidential
methodology for testing open source software. Pete Herzog will introduce the
audience to the OSSTM and walk it through the effect it had on groups like the
FAA, the US Government, Spanish government and Australian government helping
to define their anti-terrorist initiatives.
As previously announced Ofir Arkin, Rain Forest and Simple Nomad will also be
presenting papers entitled 'Security Issues with VoIP', 'Web server Profiling'
and 'Packetting Satan's Network' respectively.
to post comments)