Interested in speaking?
Contact Jim Tantalo at
or Denis Baldwin at

Dark Tangent
I am pleased to announce that Dark Tangent, my personal hero and savior to all mankind, will be giving our keynote address this year. You know him as the founder and lead organizer of DEF CON and Black Hat, the two largest, oldest, and most significant computer security conferences on this planet.

Dark Tangent (Jeff Moss) will be presenting our keynote address at 19:00 on Friday in Room A.

Jeff Moss is the founder and organizer of the Black Hat Briefings, a computer security conference and training company that deals with the technical issues of secure implementations of networks and applications. Staffed by "hackers"* of the highest skill level, this conference was created to provide hard information and a realistic assessment of technology as seen by those in the trenches. The Black Hat Briefings are held worldwide on three continents: North America, Europe and Asia. Past speakers have included the Assistant Secretary of Defense, Art Money, as well as some of the leading names in the most technical aspects of computer security worldwide.

Through this forum Mr. Moss has established global relationships in law enforcement and professional security companies, as well as with the computer underground's best hackers. This unique exposure and respect from both communities allows Mr. Moss to speak honestly and objectively on the security problems companies face when implementing technology.

In a past life Mr. Moss was a director at Secure Computing Corporation, and helped form and grow their Professional Services Department. In his capacity of developing and delivering consulting products, Mr. Moss has worked in Taipei, Tokyo, Singapore, Sydney, and Hong Kong. Prior to SCC, Mr. Moss worked for Ernst & Young, LLP as a manager in their Information System Security division.

Mr. Moss has presented at: OSS '95 Open Source Solutions, The Forbes CIO Technology Symposium, Access All Areas '96 in London, North America CACS '98, Comdex '98, The National Information System Security Convention in '98 and '00, Software Development Expo '98, PC Expo '99, CSI Net Sec '99, and Fortune Magazine's CTO Conference in '00. In addition he speaks regularly at smaller industry security seminars. Mr. Moss helps to organize "Meet the Enemy" sessions as seen at computer security gatherings worldwide including the annual Computer Security Institute conference.

Mr. Moss speaks to the media regularly about computer security, privacy and technology and has appeared in such media as CNN Fn, NPR Radio, Forbes Magazine, Fortune, Business Week, PC World, the New York Times, Wired Magazine, National Law Journal, Internet Underground Magazine, New Media Magazine, and Phrack Magazine.

Mr. Moss graduated with a BA in Criminal Justice, and halfway through law school, Mr. Moss went back to his first love, computers, and started his first IT consulting business in 1995. He is CISSP certified, and a member of the American Society of Law Enforcement Trainers.

* "Hackers" = Non-criminal computer security expert.

Richard Forno

Currently the Chief Technology Officer for a DC-area security firm, Mr. Forno was the INTERNIC's Chief Security Officer from 1998 to 2001. Before that, he helped establish the Information Security Office for the U.S. House of Representatives, and was a consultant to elements of the Office of the Secretary of Defense where he assisted in researching and developing capabilities needed to respond to information warfare attacks against the United States.

Mr. Forno is a frequent speaker at security and intelligence community seminars and industry conferences. His 1999 co-authored book, "The Art of Information Warfare" and numerous articles (at INFOWARRIOR.ORG) have been hailed by the government, the military and the private sector. He is the co-author of an O'Reilly book on computer incident handling called, of course, Incident Response. He is an adjunct instructor at The American University and occasionally lectures at the National Defense University in Washington, DC.

Mr. Forno will be presenting "An Armchair General's Guide to Information Warfare" at 22:00 on Saturday in Room A. The presentation focuses on full-spectrum information operations, identifies REAL not perceived threats and vulnerabilities, and offers objective, rooted-in-rationality solutions, not the FUD the media and industry thrives on. It's a recurring lecture Mr. Forno gives at the National Defense University in Washington DC to senior level DoD folks.

Richard Thieme

A business consultant, writer, and professional speaker focused on the human dimension of technology and the work place.

Mr. Thieme has spoken for the Black Hat Briefings (intelligence and corporate security) since its inception in 1997 and for the annual computer hackers conventions Def Con IV (1996), Def Con V (1997), Def Con VI (1998) and Def Con VIII (2000). He has also spoken for PumpCon, Xmas Con (New Orleans 2600), Rubi Con (2000 and 2001), and SummerCon.

At Def Con VIII, he moderated a panel that included the Assistant Secretary of Defense, the Director of Information and Infrastructure Assurance for DOD, and the Director of the Federal Computer Incident Response Team, who came to "dialogue" with more than 5000 computer hackers. He was invited to moderate because, according to the National Security Agency officer who asked, "You're the only one in the room with the acceptance and respect of both the hackers and the Feds."

Mr. Thieme has been published widely and has been translated into German, Chinese, Japanese, Slovene, Danish and Indonesian. His articles are taught at the University of Leipzig and numerous universities in Ireland, England, and Canada, as well as in the United States at Rutgers, Baldwin-Wallace College, Ohio State University, University of Vermont, San Diego State University, Colorado State University, and others. His work has been frequently anthologized. His column, "Islands in the Clickstream," has been published by the Business Times of Singapore, Convergence (Toronto), and South Africa Computer Magazine (Capetown) and is distributed to subscribers in 58 countries. He has had articles published in Forbes Digital, the Village Voice, LA Weekly, Salon, LAN Magazine, Wired, Computing Japan, and CTHEORY.

Mr. Theime will be presenting the somewhat recursively titled, "The Truth About Life, Hacking and the Truth (about Life, Hacking and the Truth) ((about Life, Hacking and...))" at 10:00 on Saturday in Room A.

OK, let's face it, the older I get, the less I know, in fact, about The Things That Matter. I am totally clueless. The only thing I know is what I don't know. So this presentation will be about things I don't know. It will be about Nothing.

But Nothing has power. Nothing is the source of creativity, unconventional thinking, the capacity to see deeply, and the ability to look like... nobody... as we move through life like ghosts. Nothing, in other words, is about hacking.

In this half hour or so, plus some Q&A, I am going to tell you what I don't know. I will talk about social engineering and how it really works, the differences between information and intelligence, why hacking isn't what it used to be (and never was) and why --if you are true to The Hacker's Code-- you can do and create phenomenal things. It's about power. It's about mastery. It's as close as I can come to The Truth About Life, Hacking and the Truth about...

Dead Addict
Considering himself a "great pirate" in the Buckminster Fuller sense of the term, Dead Addict has infiltrated some of the most powerful software publishers and financial institutions in the world. Moving from hacker/poet to security systems analyst he is always trying get a handle on the big picture while remaining a useful tool for multinational corporations. He has consistently been useful enough for them to allow him to be a full-time internal dissident. Extensively studying global media influence as well as global activist politics has given him a healthy appreciation for appropriate levels of paranoia. While respecting those that run entirely Microsoft Free, DA prefers to run entirely free Microsoft.

Dead Addict has been an active organizer and speaker at DEFCON for the last nine years. He was a founding member of the now defunct criminal conspiracy calling themselves national security anarchists. Actively appreciative of the statue of limitations, he has been involved in other underground groups using various handles. This means nothing. Not believing in the concept of authority, he implores all that listen to him to evaluate his words according to their own value, not because he has spoken them.

Dead Addict will be presenting "Sucessfully leaking evidence of corporate crime" at 21:00 on Friday in Room A, after the keynote address.

Jerry Dempsey
As a software engineer and security researcher for the X-Force team at Internet Security Systems (ISS), Mr. Dempsey is responsible for ensuring ISS stays at the forefront of Information Protection Systems technology. Prior to his position as a researcher, Mr. Dempsey worked as a quality assurance engineer focusing on real time intrusions. His experience includes work as a Systems and Security Administrator, and the hostile ISP industry. He has been active in IRC communities for seven years which gives him a great deal of insight into many of today's attacks.

Mr. Dempsey will be presenting "The Anatomy of a Hack" at 14:00 on Friday in Room A. Nary a day goes by in the Internet Age without media squawking about an unscrupulous attack against a government, financial or commercial network or computer system. What just a few years ago was a highly publicized event is quickly becoming yesterday's news.

Although our familiarity with hacker attacks has become common, for most, understanding how a perpetrator compromises a system is still a mystery. In his Anatomy of an Attack presentation, Mr. Dempsey will detail how easy it is for hackers to break into today's networked computers. He illustrates the importance of assessing and managing the risks associated with e-business and offers solutions to companies for protection against this risk. This presentation includes real world visuals and anecdotes to detail in laymen's terms an attack on a fictional company's system.

Bill Cheswick

With some 13 years of service at Lucent/Bell Labs, and 30 years of effort on operating system security, Mr. Cheswick is an internationally acclaimed "white-hat" and "greybeard." He wrote the bible for firewall management, "Firewalls and Internet Security: Repelling the Wily Hacker" in 1994. In 1997 he began mapping the Internet, producing the compelling maps that have been reprinted by Wired and The New York Times, to name but a few. Mr. Cheswick is currently chief scientist at Lumeta Corporation. At Lumeta, he turned his attention to mapping intranets and giving control back to the network managers. In his words, if it's large enough to be called an intranet "it is out of control."

Mr. Cheswick will present "Mapping the Internet and Intranets" at 20:00 on Saturday in Room A. Internet mapping has provided a rich source of information for research and infrastructure studies. The Internet Mapping Project has been providing this information since 1998. The same technologies now help enterprises discover the extent of their intranets and extranet connections. These are the first tools that scale to explore very large networks to search for perimeter leaks and monitor M&A activities.

Jason Scott
Jason Scott has been involved with computing machinery since 1978 and modems of one sort of another since 1981. Wrapping himself up in the world of BBS's, Diversi-Dials, Dial-Your-Matches and the occasional Alliance Teleconference, he had a grand old time from high school until early college. Leaving the BBS world for the Internet, he had an even grander old time, and got involved in a number of successful online projects. As he neared 30, he returned from his years of telnetting and web-browsing to find his childhood gone, his favorite BBS's unmentioned on any web site, and the BBS itself a forgotten foundation underneath it all.

Out of this initial concern of what had been lost came, which now contains over 30,000 textfiles, g-files and log files from the 1980's, and, a collection of information on over 90,000 BBS's. These sites made him a bit of a focal point for the nostalgia and memories of an online generation, and he has embarked on a new project: An all-inclusive BBS Documentary. No, it never ends; worthwhile projects never do.

Mr. Scott will present "BBS: Always and Forever" at 13:00 on Saturday in Room B, wherein he discusses some of the more amazing bits of history he's discovered in his deep research for his BBS documentary. Expect reminiscing about some of the stranger aspects of dial-up Bulletin Board Systems, and the sounding out of names and events that you'll either hear for the first time or remember like it was yesterday. As online life barrels forward into issues of intellectual property, broadband availability, wireless insecurity and the eternal battles of the OS, it's healthy to take the occasional break to look back and remember where things came from, or perhaps ran from. Mr. Scott will also be soliciting interviews and memories from folks who themselves experienced the BBS, and is especially seeking artifacts from that time. Bring them along!

Chris Scharff
Mr. Scharff holds the distinction of being one of just thirty worldwide Microsoft Certified Exchange Server MVPs along with his MCSE (Microsoft Certified Systems Engineer) designation. In addition, he serves as the technical/reviews editor and columnist at Microsoft Exchange & Outlook Magazine and has contributed to a number of best-selling reference titles on Microsoft Exchange including the ever popular Nutshell and Pocket Consultant Guides.

Prior to joining MessageOne, Chris worked as a systems and Microsoft Exchange design consultant at Simpler-Webb, where he ran client engagements focused on implementing messaging solutions for a number of high profile, multinational corporate accounts.

Mr. Scharff began his career in the trenches as the messaging and corporate email administrator at Black & Veatch a multi-national engineering firm based in Kansas City, KS. Chris holds a Bachelor of Arts from Iowa State University.

Christopher R. Hertel
Chris Hertel has been playing with software since 1978, when he was granted access to a terminal linked to the high school's minicomputer. Reclusive, shy, and having been called a "cornflakes-vert" by his peers, Chris found solace in writing a "Star Trek" game that did not involve an 8x8 grid. To this day, the game remains unfinished (though the development copy will run on a PDP/11 under RSTS/E). Nut allergy sufferers should avoid this product.

Chris spent many years working in the IS department of respectable insurance companies and financial institutions thus gaining, through observation, a very clear understanding of how to write really bad code and make really bad business decisions. It was while working in one of these suit-and-tie jobs that Chris was introduced to the IBM/Sytec/Intel/3Com (...and Microsoft) filesharing protocol, then known as Server Message Block (SMB). This was at roughly the same time that Andrew Tridgell --half a world away-- was writing the first version of what was to become Samba.

Chris augmented his IS department experiences by continuing his education and tinkering with Amiga computers. This eventually led him to his current position as a Network Design Engineer at the University of Minnesota. It also lead to a nine-month stint as a consultant working with Amiga, Inc. (they're not dead yet) where he helped to design what is now the AmigaDE OS environment (they're getting better.)

In addition to his position as a member of the Samba Team, Chris is a founding member of the jCIFS Team and has contributed to the Storage Network Industry Association's (SNIA) effort to document CIFS (the protocol formerly known as SMB).

Mr. Hertel will presenting "Crossing Proprietary Software Boundaries with Samba and its Ilk" at 10:00 on Sunday in Room A. This talk will provide an overview of the architecture and protocols of CIFS, Microsoft's filesharing system, including an introduction to tools beyond Samba available to developers wanting to write software that participates in CIFS networks. Also included will be an enumeration of the (proprietary) authentication and authorization techniques employed to protect market-share.

Colin Steele
Colin Steele was one of AOL's early employees. As the first hire in AOL's Systems and Advanced Technologies Group, he wrote AOL's first Internet gateway. Later, as Director of AOL Instant Messenger Host Development, he architected key components of the system, co-authored key pieces of intellectual property for it, implemented its original distributed account database, and led its development team. He has extensive knowledge of massively distributed client/server architectures, object-oriented design and programming, and network programming.

Colin currently runs The Ruby Cookbook and does technology consulting. He is a resident of Charlottesville, VA.

Dr. Gordon B. Agnew

Dr. Agnew received his BASc. and Ph.D. in Electrical Engineering from the University of Waterloo in 1978 and 1982 respectively. He joined the department of Electrical and Computer Engineering at the University of Waterloo in 1982. In 1984, he was a visiting professor at the Swiss Federal Institute of Technology in Zurich where he started his work on cryptography.

His areas of expertise include cryptography, data security, protocols and protocol analysis, electronic commerce systems, high-speed networks, wireless systems and computer architecture. He has taught many university courses and industry sponsored short courses in these areas as well as having authored many articles. In 1985, he joined the Data Encryption Group at the University of Waterloo. The work of this group led to significant advances in the area of public key cryptographic systems including the development of a practical implementation of Elliptic Curve based cryptosystems.

He is a member of the Institute for Electrical and Electronics Engineers, a member of the International Association for Cryptologic Research, a Foundation Fellow of the Institute for Combinatorics and its Applications and a Registered Professional Engineer in the Province of Ontario. Dr. Agnew has provided consulting services to the banking, communications and government sectors. He is also a co-founder of CERTICOM Corp., a world leader in public key cryptosystem technologies.

Dr. Agnew will be presenting "Elliptic Curve Cryptography: What is it and Why do we Need it?" at 17:00 on Saturday in Room A. In this talk, we compare the popular public key cryptographic systems that are in use today (RSA, Discrete Exponentiation and Elliptic Curves). We look at how Elliptic Curve systems have developed and at the applications where they are particularly useful such as low power, wireless handheld devices.

Mikko H. Hyppönen
Works as manager of anti-virus research at F-Secure Corporation's anti-virus team in Finland. He has worked with virus research (and with F-Secure) for the past ten years.

A well-known figure in the anti-virus industry, he frequently contributes to various security-related magazines and conferences. He has co-authored two books, and consults various interest groups on netwarfare.

Mr. Hyppönen's research team was the first to locate, analyze and build protection against the LoveLetter virus in May 2000. He has been quoted, among others, in Wall Street Journal, New York Post, Chicago Tribune, San Jose Mercury News, PC Magazine, Wired, CNN and BBC.

Mr. Hyppönen has been a member of CARO (the Computer Anti-Virus Researchers Organization) since 1995, and a member of VAPS (Video Arcade Preservation Society) since 1998.

Apart from computer security issues, Mr. Hyppönen enjoys collecting and restoring classic arcade video games and pinball machines from past decades. He lives with his family, and a small moose community, in an island outside Espoo, near Helsinki.

Mr. Hyppönen will be presenting "Wireless Viruses: Content security on Smartphones and PDAs" at 23:00 on Friday in Room B. What kind of content threats can we except on current and future hand-held devices such as advanced PDAs and Smartphones? Possible scenarios including mobile viruses, chain letters, trojans and backdoors are discussed.

Mark Epstein
Mark Epstein has 14 years of experience in the security and network administration fields, having held key leadership positions at organizations such as McAfee and SGI. At SGI Mark helped create OpenVault, a distributed storage resource broker that enables any storage management application to interface with robotic multi-vendor storage libraries. Mark drove OpenVault to become an IEEE standard. He also spent time "on the front-line" at Network Operations Center (NOC) while with UC Berkeley Central Computing Services. His previous speaking experiences include: Fall 2001 quarterly meeting of the New York Electronic Crimes Task Force sponsored by the U.S. Secret Service, TeleManagement World 2001, 2001 USENIX/LISA Conference on New Generation Operations Systems and Software.

Mr. Epstein will present "Examining the Challenges Associated with Network Security Policy Implementation" at 14:00 on Saturday in Room A. This technical presentation will explore the past, present and future of policy control.

Due to the abundance of Internet security attacks, the news over the past year has been flooded with warnings and reports of numerous network vulnerabilities. Network devices are continuously being compromised to set the stage for Distributed Denial of Service attacks (DDoS), leaving no enterprise, service provider, government agency or educational institution out of harm's way. Integral to companies' efforts to ensure the integrity of their networks is the ability to keep network security policies up to date and consistent across all network devices. Towards this end, administrators need a mechanism for directly, mechanically and reliably linking technical policy statements to the implementation of that policy into network devices. Technical policy on paper, while useful as a starting point, does not seamlessly translate into implementation in the network unless there exists some sort of automation process. The automation should translate technical policy into device statements, which are then delivered to the devices for implementation. Automation should also assess the network state on an ongoing basis to ensure that the network configuration does not drift away from defined policy, either through mistake or malice.

There have been multiple efforts to create an overarching policy language that can handle every nuance of configuration for every type of network device that exists in the world. One would think that such a language would bode well for developing an automated implementation process that administrators could use universally throughout their networks. Take two well-known examples; SNMP dealt with the problem of status and exception reporting, while the more recent DEN focused on control and configuration. Although these efforts are well meaning, they still do not, and will never, solve the underlying problem. Devices need a way to implement the technical policy desired by the network operators. Efforts such as SNMP and DEN, whether intentionally or not, have traditionally squelched diversity into a sort of least-common-denominator conformity. This is anathema to device manufacturers that must differentiate in order to succeed and survive. Device manufacturers will ignore, delay or effectively nullify efforts at standardization that deny or do not advance their business goals. A least common denominator standard is also anathema to administrators because they want or require the new differentiated features from vendors that such standards inhibit or delay. This presentation will examine the need for a flexible, extensible policy creation framework while avoiding the disadvantages of a least common denominator approach.

Andrzej Jan Taramina
Andrzej Taramina is the Chief Architect and CEO of Chaeron Corporation, responsible for eCommerce/Internet technology strategy, application architecture/design/development, portal operations and leadership of the Chaeron technology team. Chaeron is a successful technology consulting practice, which has built GPS and J2EE-based solutions for the financial services, manufacturing, logistics, telecommunications and software development sectors.

In recent prior positions, Mr. Taramina was the CTO for Bayshore Capital (responsible for and the Director of Technology for a J2EE-based financial services portal joint venture with Barclays Bank. Mr. Taramina also worked as the CTO for Accredo Systems in Ottawa, which specialized in net-enabled project management and middleware solutions. He is also the author of the open source Java GPS Access Library and GPSml markup language for specification of position-based data and a key developer on the Mobile GPS Demonstration Platform (MGDP) project.

Mr. Taramina will be presenting "We're not in Kansas any more, Toto! The Mobile GPS Demonstration Platform (MGDP) Project" at 16:00 on Friday in Room B.

Which way should I go? Which way should I go?

The Mobile GPS Demonstration Platform (MGDP) project demonstrates a proof of concept for the integration of a number of emerging technologies including: embedded/realtime Java, mobile, position-based applications, GPS (Global Position System) technologies, wireless/mobile connectivity, web Services (XML, SOAP, WSDL, JAX-RPC, etc.), and server-side J2EE (including EJB and DBMS persistence.) The MGDP has been constructed using commonly available, inexpensive hardware and software (much of it open source) to illustrate that applications of this nature are very feasible using existing tools and technologies.

The MGDP project consists of three major components:

1. Nobody knows the places I've been... The MGDP Mobile Vehicle is built upon a Radio-Shack RC (Radio Controlled) truck platform, equipped with an Embedded Java Processor, GPS receiver and wireless communication to the Internet which regularly transmits its current PVT (GPS Position/VelocityTime) data using SOAP over HTTP to a back end web service over a wireless link to the Internet. The Mobile Vehicle also accepts remote commands to turn various functions on/off (siren/flasher/headlights).

2. It's a small, small world. A MGDP web service (built on a J2EE/EJB server platform) that accepts real-time PVT information from the Mobile Vehicle and persists both the current and historical information. The web service also acts as a gateway that forwards commands to turn various Mobile Vehicle functions on/off (siren/flasher/headlights).

3. X marks the spot! A MGDP client application that displays the current and historical position information for the Mobile Vehicle on a moving map display by accessing the position data from the MGDP web service. MGDP client application can use static map images (eg. .jpg) or can access USGS Aerial Satellite map images of the continental USA from the TerraServer web service (a Microsoft .NET public web service.) The client application also exposes a UI that allows a remote user to turn various Mobile Vehicle functions on/off (siren/flasher/headlights.)

The presentation will include a demonstration of the MGDP project. A detailed white paper describing the MGDP project, architecture and technologies is available (in .pdf format) at:

Now can someone please tell me where I am?

Seth Hardy
Mr. Hardy started learning about cryptology many years ago, through a high school science fair project. Since then his academic studies have focused on cryptography, from both mathematical and computer science standpoints. For work, he has spent the past two summers in Germany writing code for a elliptic curve cryptography project for the European Union. He is currently a member of a prominent cryptography research group at a well known university.

Mr. Hardy will be presenting "Distributed Cracking of Elliptic Curve Cryptosystems" at 15:00 on Saturday in Room B. He will talk about distributed cracking of elliptic curve cryptosystems, explaining the method and mathematics behind it and showing how it can be implemented (possibly with a working demonstration) in a manner similar to the cracking of DES or RC5. He will discuss the feasibility of such an attack, in terms of time and computing power required, and the sort of resources needed for an independent group to set such a system up.

Dave Piscitello
Mr. Piscitello is president and founder of Core Competence, Inc., and founder of The Internet Security Conference (TISC). He advises and consults for security and broadband access, *SP's, and Fortune 100 companies. He is an advisory board member of Foundstone, Inc. (the very cool Hacking Exposed folks), IntruVert (an IDS/DDOS company) Watchguard Technologies (firewall/VPN), and CoRadiant (an Internet Data Center provider). He's a former member of the board of advisors for Covad and CoSine Communications. Mr. Piscitello has been involved in the development of (generically) Internet technology for 20 years. He is a past Internet Area Director for the IESG and has written several Internet RFCs. He has authored books on internetworking and remote access, and publishes and speaks regularly on a variety of subjects including very broadband local access, Internet security, and virtual private networking. Dave lives and plays with security technology on Hilton Head Island, South Carolina. He has a beautiful wife, Molly, and two great kids, Matthew and Taylor.

Mr. Piscitello will present "Debugging IPsec" at 18:00 on Saturday in Room A. Dave will be debugging IPsec as a protocol and explaining its security issues, problems with protocol design, and its many uses. In this session he hopes to debunk many of the myths of IPsec and make it user friendly enough for all to grasp like a rodeo clown holding onto the horns of the beast that could crush him senseless in a swift move of its torso.

David Sugar
Mr. Sugar is the primary author of many free software packages and an active maintainer for several packages that are part of the GNU project. Starting with games written for Ohio Scientific computer systems, Mr. Sugar has been involved in writing free software well before the evolution of the current crop of free operating systems, including writing programs to perform as bulletin boards, getty's, text-to-speech engines, and switch interface daemons, to name just a few. Most recently Mr. Sugar authored the GNU telephony server, Bayonne. Mr. Sugar also serves as voluntary chairman of the GNU Project's DotGNU steering committee, which oversees numerous GNU packages being developed to provide a free software infrastructure for providing next generation web services. Mr. Sugar is a founder of Open Source Telecom and the CTO of FreeDevelopers Net.

Mr. Sugar will present "DotGNU and you, the future of free software web services" at 20:00 on Saturday in Room B. This presentation will cover what the FSF is doing to develop DotGNU, why the FSF has chosen to sponsor this work, what the results of it will be, and what the architecture will look like and mean for future development of web based services on free operating systems. Mr. Sugar will discuss this take on how to ethically provide internet wide authentication and user profile services that provide the same convenience of single signon while neither relying on a single entity or provider nor, most importantly, having to either compromising user's personal data thru a third party or the integrety of commercial entities. He will also discuss the various DotGNU working groups including groupware, bytecode runtime, and the DotGNU secure execution environment.

John Mozena
Mr. Mozena is a co-founder, vice president and board member of the Coalition Against Unsolicited Commercial E-Mail (CAUCE), a grassroots, non-funded coalition that is trying to end the practice of unsolicited commercial e-mail, or "spam." As CAUCE's "media droid," he's been quoted hundreds of times in media outlets ranging from Wired News and InternetWeek to Ladies' Home Journal and the Wall Street Journal.

In his day job, Mozena is a team leader at Airfoil Public Relations, a Detroit-based public relations agency for technology companies, and has worked as a reporter and in public relations for a local ISP/CLEC. He's been involved in Internet governance and abuse issues since the mid-1990s.

Mr. Mozena will present "Why Haven't We Solved Spam Yet?" at 09:00 on Sunday in Room A. He will put together an overview of technical, social, legal and economic reasons for the current spam-drenched state of the Internet.

Jesse Lovelace

Jesse Lovelace has been programming communication programs since 1993 when he started his BBS, "Artificial Stupidity," in Asheville, NC. He has done professional coding under Unix, OS/2, and Windows. In 1998 Jesse started developing under the wxWindows cross-platform development framework and the Crypto++ cryptography toolkit. Jesse's current project is NNIM, an open-source, cross-platform communications platform which seamlessly accesses open and proprietary networks. Jesse is a senior in Computer Engineering and Computer Science at North Carolina State University and plans to do graduate work at NCSU in Computer Science.

Mr. Lovelace will present "Secure Real-Time Messaging" at 14:00 on Saturday in Room B. The presentation will focus on the practical aspects of cryptography in communication over insecure networks. It will cover the newer cryptographic algorithms like MARS, AES (Rijndahl), Serpent, and Twofish and how to implement them with CBC, EBC, and other modes in software. Also, how this can be done in the GNU Messenger suite, and the ssh2 encryption layer.

Dennis Salguero

Dennis Salguero currently runs his own computer consulting firm, Beridney Computer Services, which specializes in Microsoft Office, Visual Basic and Internet application development. A graduate of the George Washington University, he currently resides in the suburbs of Los Angeles. He was a contributing author to Outlook 2000 Programming by Wrox Press and he is a co-author for Professional Access 2000 Programming, also by Wrox. In his free time he enjoys reading, poker and chess.

Mr. Salguero will be presenting "MySQL Administration" at 12:00 on Saturday in Room A. He will cover the different installation possibilities across various platforms including steps needed to secure the server. He will also cover some of the third-party tools that are available for day-to-day administration. In addition, examples will be presented for using MySQL for both client/server applications and Internet based applications.

Mike O'Connor
Currently a member of Technical Staff for Silicon Graphics, working in a wide variety of networking and security roles. Mr. O'Connor has worked at Oakland University, Ford, GM, and other automotive suppliers. He has done work for HP, AOL, and assorted ISPs and consultancies. He also runs SEMiSLUG, a Unix/Internet/securitygeek user group based in Ann Arbor, MI.

Mr. O'Connor will be presenting "Everything you know about Unix Vendor Security is a Myth" at 22:00 on Saturday in Room A. Clearing up many misconceptions folks seem to have about what commercial Unix vendors do/don't do for security, giving some straight talk about how to interact with U vendors in ways that make sense. Not entirely sure about how I'll format it --I have a David Letterman-esk "Top 10" list in mind.

Bill Marquette
Currently employed as a network security engineer for a large, unnamed human resources company. His duties include working with in-house (and sometimes contracted) developers during the design and pre-deployment phases of new applications his company develops. While these are primarily web applications, the amount of network and other application dependencies can get quite complex. He helps the developers (although they would say it's obstruct them) think in terms of security for their applications and work with them to deploy applications that aren't likely to get broken into and work well in our secured environments. In my spare time, he runs a security web site ( geared more towards the average computer user, and hangs out in the coffee shop at Borders drinking mochas and writing code. In past lives Mr. Marquette has been the behind-the-scenes system admin for PacketStorm Security (before the transfer of ownership to Securify aka Kroll O'Gara.)

Mr. Marquette will present "A conceptual approach to application security" at 22:00 on Saturday in Room B. The speech will focus on security ideas and concepts that must be considered when designing a new application --be it web, network, or even local. He will cover issues such as user input and how it's validated, storage of passwords, secure network communication between applications, file access and a small handful of other issues that have yet to make it into the speech outline ;) As this is more of a talk on concepts that span multiple operating systems and languages, he will have a very limited amount of code for example purposes.

Allen P. Numerick
Since the dawn of the Radio Shack TRS-80 in 1978 and 120bps modems, Allen Numerick ran BBS's from a Colossus BBS to Genesis II and a TAG BBS in 1994, which he helped his father Robert Numerick, along with Victor Capton and Randy Goebel to write. Within that time Allen helped pioneer Fido-Net witch spanned worldwide providing an early form of email across BBS's to Packet BBS's.

Currently Allen Numerick is the senior network security engineer for a higher-educational institution. Previously, Mr. Numerick was a corporate security/network engineer for Sprint's 5th larger bandwidth customer from 1999 to 2001. The move that jumpstarted Allen's career was joining the Cambridge Technology Partners in 1998 as a network security analyst where he provided security audits for some of the largest North American financial institutions and pharmaceutical firms on the east coast.

Mr. Numerick brings a wealth of knowledge as well as four years in the professional field (and 20+ years of hacking history,) from securing firewalls to social engineering tactics.

Allen will be presenting "Securing Your Box Beyond the Firewall Policy" at 14:00 on Sunday in Room B. This session will demonstrage how to secure your Checkpoint Firewall, as well as how to secure your box should your policy fail. This presentation is a must for all Checkpoint Firewall administrators, covering Unix and NT.

Michael Ossmann
Network security has been a major area of interest for Mr. Ossmann throughout his eight year career as a Unix system administrator. An independent consultant for much of that time, he has had the opportunity to work with the networks of a wide variety of businesses from the smallest to the largest, including 3com, Ameritech/SBC, and HP. He is currently the lead instructor/engineer for Tarantella and Unix systems at Alternative Technology, a thin client distributor in Denver, Colorado.

Mr. Ossmann will present "Thin Client Security: How Citrix or Tarantella Can Make or Break a Great Strategy" at 22:00 on Friday in Room A. He will discuss the advantages and disadvantages of thin client solutions as well as specific vulnerabilities of Citrix and Tarantella. Additional thin client and remote display technologies, such as Windows Terminal Services, the X Window System, and VNC, will be discussed and compared.

Tom Mason
Mr. Mason, MCSE, AANG, is a senior business and technology consultant with Management Assistance, Inc. in Grafton, OH. Starting out with punch tape on Litton machines, he has a varied background encompassing UNIX, Linux, OS/400, MPE, DOS as well as Mr. Bill's favorites on the Intel platform. He is a long term member of APICS, SME, GCPCUG, and is on the Advisory Board of Ohio's Grafton Correctional Prison (not as a current or former inmate) Tom has been involved in helping government, academia and business clients implement technology solutions for a "long time." He is a speaker at state, regional, and national level conferences on the benefits of technology.

Mr. Mason will be presenting "802.11: Form, Function, Use and Security" at 17:00 on Friday in Room A. The session will present some vendor-neutral aspects of interaction between vendor implementations, desktop versus notebook, distance and object barriers including "shout testing," and site survey notes. Do vendor products interact equally, what is a standard, what security is offered and benefits versus vaporware. Will A really outshine B? or will the best bet still be wires?

Martin L. Shoemaker
Mr. Shoemaker is a software developer with 17 years experience in the industry. He has worked in the fields of color science, on-line shopping, databases, material handling, medical imaging, and customer relations management. He is also an accomplished speaker, having presented to the Detroit Colour Council, the Ann Arbor Computer Society, the Visual Studio Live/Visual C++ Developers Conference in San Francisco, the UML World conference in New York, and later this month at the Software Development Conference in San Jose. His most popular presentations are Richard Hale Shaw's UML BootCamp courses, which Martin writes and presents. Now he is the principal in Martin L. Shoemaker Consulting, offering his guidance and expertise to clients who need high-quality design services with UML, as well as custom software in the Windows environment.

Mr. Shoemaker will be presenting ".NET is an Elephant" at 13:00 on Friday in Room A. Wondering how .NET will change the way you develop and work? Or just wondering what an elephant has to do with it? In this session, we will examine the classes that make up these services, and we will show how you may use them in your code. We will discuss the .NET Framework, a vast sweep of new reusable services, covering everything from window processing to Internet applications and beyond. The .NET Framework is so large that it's easy to miss the forest for the trees. We will take an exploratory journey through the .NET forest, showing you some of the more interesting sights you might otherwise have missed. Learn what .NET is all about from the inside, so you can better evaluate the hype and see how .NET can help you. And as for the elephant? Check out this poem, and just substitute ".NET" for "elephant"...

Aviram Jenik
Mr. Jenik holds a computer science degree from the Israeli Technion Institute of Technology and is completing his MBA at Tel Aviv University. Jenik has a technical background in security and programming, and in addition to speaking about security, he still likes to keep his hands dirty in the technical work.

CEO and co-founder of Beyond Security Ltd, a leading force in the security world. Beyond Security specializes in finding security holes in hosts, networks and products, and maintains --one of the largest security portals on the Internet. Beyond Security provides automated security scanning services for networks and servers, using the unique Automated Scanning service.

Mr. Jenik will be presenting "Bypassing the Firewall: Application Level Attacks" at 15:00 on Friday in Room B. The lecture will be technical, and live demonstrations will be included. The lecture will discuss generic application attacks, in an attempt to show how such security holes can be found during a penetration test or a product security audit.

Today most people understand that there is no "silver bullet" for security --no single security solution that can completely protect the network. The firewall is no longer a magical solution and some may claim it never was. One of the reasons for this new approach is the widespread presence of application level attacks. Any server that provides some kind of public service may be vulnerable to such attacks, and unfortunately there is not much that can be done about it, apart from continuously checking for security problems and applying patches when those are released.

Kyle Amon is the founder of GNUTEC, Inc., a Unix and Networking Security Services Company. He has spoken about Linux security for SANS, written for Embedded Linux Journal and is coauthor of the Red Hat Linux Installation and Configuration Handbook by QUE. He was the Security Specialist for IBM WWW Services during IBM's big e-Commerce push in the late 1990's and was Corporate Unix Systems Administrator for Jabil Circuit, the 3rd largest contract manufacturer of circuit board assemblies in the world, prior to that. A member of USENIX, SAGE, ACM and EFF, he has been a rabid proponent of the Free Software Foundation, Linux, FreeBSD, NetBSD and OpenBSD for about as long as they have respectively been around. Other than that, he is just another long-haired, semi-paranoid, UNIX freak hiding in the closet.

Mr. Amon will present "Building and Managing Firewall/VPN Systems with OpenBSD" at 15:00 on Saturday in Room A. The presentation will focus on the following areas: Why OpenBSD is a better firewall/VPN platform; OpenBSD firewall/VPN configuration options; OpenBSD firewall/VPN kernel configuration; Basic IP Filter (and IPF) configuration (both due to the Daren/Theo fight); Advanced IP Filter (and IPF) configuration; Untouchable (stealth) firewall configurations; Configuring and using IPSec VPNs; Adding hardware based encryption and PRNG suport; Logging, monitoring and reporting; Establishing Intrusion Detection Systems (IDS); and efficiently managing large numbers of deployed systems.

Clif Flynt
Clif Flynt has over three decades of programming experience ranging from AMD 2900 microcode to high level scripting languages under operating systems ranging from realtime kernels like IRMX-86 to Unix and Linux. His projects have ranged from developing a distributed processing framework for the human genome project to automated computer hardware and software validation.

Mr. Flynt is an expert in the Tcl/Tk programming language. He writes regular articles about Tcl/Tk uses for ;login: magazine, and is working on the second edition of his book: Tcl/Tk for Real Programmers.

Mr. Flynt's company, Noumena Corporation, provides training and support for Tcl/Tk and Tcl/Tk based applications.

Mr. Flynt will present "Configuring a Linux firewall with IPChains" at 10:00 on Saturday in Room B. It will describe how to set up a Linux based firewall using IPChains. Mr. Flynt will also present "Configuring a Linux Firewall" at 11:00 on Saturday in Room B. It will cover how to monitor this system using Tcl/Tk based client/server based tools.

Glenn Jacobson
Glenn Jacobson has been in the computer services business for 35 years. He is a 1964 graduate of the University of Wisconsin (Go Badgers) and a big fan of Big Ten college football and basketball. He is the CEO and founder of Unique Systems (USI.)

Prior to forming USI in 1990, Mr. Jacobson held positions in programming, systems design and management. USI was started as a custom database accounting software firm, to follow in the footsteps he'd formed earlier in his career to bring quality computer software services to a wide variety of businesses.

Based on his experience USI was started as a firm that uses SQL database accounting software that runs on UNIX. Thus in 1995 when Linux became available as a turnkey Internet server, it provided all the basic components he looked for in a software product to enter into the new Internet/Intranet arena. After six years of experience working with Linux, USI has had phenomenal success. Mr. Jacobson has many examples to relate why he feels that Linux represents the future of computing.

During the last several years he has given talks literally around the world on the use of Open PC hardware in conjunction with Open Source Linux software to build and deploy inexpensive Linux thin clients.

Mr. Jacobson will present "Thin Clients and the Future of Linux" at 11:00 on Saturday in Room A. The presentation will review how the Linux desktop of the future will use the Open Source LTSP Linux product to drive Open PC diskless workstations (ThinStations.) The amazing part of his talk is that he will tell how this combination of software and hardware has saved his clients hundreds of thousands of dollars to deploy complete Linux installations to replace Microsoft desktops and servers. Unique Systems has done this in large manufacturing, professional services and food distribution companies. Glenn will explain why he thinks that this combination will lead the way towards the Linux desktop of the future.

More information about Mr. Jacobson and Unique Systems can be obtained at their web site,

Matthew S. Hamrick
Currently co-founder and managing partner of the Meson Group. With over ten years experience designing, implementing, debugging, and breaking cryptographic systems, he wields a wealth of practical information about cryptography. Of his work, Mr. Hamrick says it is "where security meets crypto," indicating his interest in systems that balance the need for strong cryptography, ease of use, and limited administrative overhead.

Mr. Hamrick works out of the Meson Group offices in Palo Alto, California and is active in many local and international professional organizations. Previously the manager of the Secure Product Development Group at Borland/Inprise; a Cryptologic Engineer at Certicom Corporation, Uptronics Incorporated, and RSA Data Security Incorporated; and a technical marketing specialist at Bell Canada International and Convex Computer Corporation.

Mr. Hamrick will be presenting "Using XML as a Transport for Secure Assertions" at 16:00 on Friday in Room A. XML is rapidly becoming the ASCII of the new Millennium and there are already at least three separate proposals for how to use XML as a certificate format. This talk examines exactly what it is we're trying to do with certificates, and propose that authenticating the contents of the certificate is less important than authenticating the secure assertion it represents. When viewed this way, systems can be made in which trusted databases are populated with relatively complicated assertions which are transported between secure execution environments via signed XML messages.

This talk will address the problems with existing certificate formats (including existing XML formats.) Presented as a replacement is the Meson XML/XSLT recommendation, a system for storing, authenticating, and keeping private assertions about keys, people, systems, and things in the real world.

And we will tell one or two jokes about Microsoft.

Luke Kanies
Luke Kanies has a degree in chemistry from Reed College but a resume full of system administration. He is currently consulting, researching, and writing articles, all on his quest to build a better sysadmin. He has specifically concentrated on automating system administration, and recently spent much time with LDAP.

Mr. Kanies will be presenting "Concentrating on LDAP" at 23:00 on Friday, discussing the current and future roles LDAP can play in managing name service information, which we all spend too much time dealing with. Security, management, and coding will be included.

Donald R. Glass
As Information Security & Technology Solutions Manager of Adistec Professional Services Donald is responsible for driving the IT Security Services strategy while promoting the company's ongoing process of innovation in network and IS security. Prior to ACRON, he worked at PricewaterhouseCoopers as TRS (Technology Risk Services) Manager, leading numerous teams in the assessment, design and development of different IT security architectures for his clients. His expertise has been built on different platforms and industries, such as telecommunications, bank and financing, stocks brokers and retail. He has been a member of the Information Security Committee of ISACA (Information Systems Audit & Control Association) as well as the Digital Signature Committee of CACE (Argentine Chamber of Electronic Commerce.) He is also member of several international associations, such as IEEE (Institute of Electrical and Electronic Engineers), ISSA (Information Systems Security Association) and ISACA. Additionally, Donald has been teaching at CAECE University courses of telecommunications, information security, cryptography and risk management, both at undergraduate and graduate schools.

Mr. Glass will be presenting "Assessing and Enhancing Windows 2000 Security Using in-box Tools" at 13:00 on Friday in Room B. This class is designed for the system administrator and IS auditor who is not sure how to take advantage of the security tools provided by Micorosoft for the Windows 2000 platform.

Mark Hayden
Co-founder and CTO of North Fork Networks. There Mr. Hayden heads the design and development of North Fork's SANi.q. storage management software. Prior to founding North Fork Networks, he was a research scientist at the Compaq Systems Research Center. There he worked on a broad range of fault-tolerant systems projects, including serving as a principal in the Compaq/Tandem ServerNet II fabric management system and working on clustered storage research projects.

Mr. Hayden earned a Ph.D. in Computer Science from Cornell University. As part of his Ph.D. research, he was the primary author of the Ensemble fault-tolerant communicaton toolkit. This freely-available software is used in many commercial high availability products and research projects. A derivative of the Ensemble software forms the core of North Fork Network's storage system. He has published numerous articles in the distributed systems research literature and has a patent on optimizing communication protocol performance.

Mr. Hayden will be presenting "Commodity Hardware-based Scalable Storage Systems" at 09:00 on Sunday in Room B. He will present the various approaches to building high-end, scalable, and fault-tolerant storage systems out of PC hardware, and will describe many of the issues that arise in making low and medium-end hardware to behave like enterprise-class storage systems.

Joshua Teitelbaum

Joshua Teitelbaum is a software engineer whose focus is primarily on financial workflow applications, application layer security, and pervasive cryptography to help secure the civil liberties of all. Joshua is best known for CryptoMail, an encrypted Email program developed for the World Wide Web. His work is currently hosted at Joshua Teitelbaum is currently working for a fortune 400 company, developing a trade order management system. He has been the lead software engineer for a number of projects and enjoys developing secure, web-based applications and protocols.

Mr. Teitelbaum will present "CryptoMail: Pervasive and Transparent Email Cryptography for all" at 16:00 on Saturday in Room B. CryptoMail is intended to be a secure, end-to-end encrypted Email solution implemented with a "zero client install" tactic. Users simply create an account from any java enabled browser, and then send and receive mail securely. The primary part of the session will address the rationale for building CryptoMail and the final part of the session will describe in detail, the application layer and network layer protocols of CryptoMail.

The first version of the CryptoMail Email System was written by Joshua Teitelbaum in the Fall of 1999, after one of the most popular web-based Email services ( had major security problems. Joshua was concerned by the security issues of those web-based Email services, since Email messages had not been encrypted, neither from the client nor within the server. Time and time again, service after service, the same security issues kept arising. Can we really trust big corporations that provide web-based Email services? Are we really willing to give up our freedom to perform private communications just for free web-based Email?

The answer to Joshua's concerns is obvious: We should start an open source end-to-end secure web-based Email system project. With regard to cryptography and application security, open source allows many programmers around the world to foresee any security flops within the Email system. Furthermore, an open source format opens up the server side and allows everybody to host their own web-based Email service. Since then, Joshua has written the foundation codes for the CryptoMail Email System.
The MOB was founded in the early nineties and was composed of many computer programmers, security experts, telephone phreaks, illegal aliens, and government employees. Since The MOB's immaculate conception, our members have been leaders in both the above and underground scene. While several arrests, marriages, and deportations have cooled us down quite a bit, we still remain an active, growing family and we hope to remain so for decades to come security collective will be giving a talk entitled "Hacking your Urine: A guide to passing drug tests" at 01:00 on Sunday in Room B. Our members will be talking about different ways employers, parole officers, and parents test potential employees, and drug abusers. Testing methods discussed will include but are not limited to Gas Chromatography/Mass Spectrometry, EMIT, Radio ImmunoAssay, and PharmChek. These subjects will be discussed in layman's terms. We will also give detailed information on what you can do to prevent detection of narcotics. Mob members will be doing this speech while intoxicated as always.
Sarah Loyd

Sarah Loyd holds a B.Sc Hons. degree from Keele University and a M.A. degree from Cambridge University. She has been involved in Unix Systems administration and networking since 1978. She worked as a consultant prior to working as a Senior Systems Administrator for the Department of Applied Mathematics and Theoretical Physics at Cambridge University for four years. Since then she has worked as a Senior Consultant for ISS (Internet Security Systems) in the field of UNIX Security, as the Manager of the "Knowledge Services Research" team for ISS and is currently employed as a UNIX and security guru for Logica.

Ms. Loyd will presenting "Running and configuring BIND securely" at 19:00 on Saturday in Room B. The speech will look at the security risks in BIND, and illustrate the talk by attacking two BIND servers running on virtual machines, live. She will then go through all methods of enhancing BIND security such as chroot gaol, id_pool, DNSSEC and TSIG and show the consequences for the attacker of running these options.

Lewis McCarthy
After stints in academic, government, and industrial research labs --and the dishroom of a dining hall-- Lewis McCarthy has most recently worked for a series of Silicon Valley software startups. Although he designs and writes code for a living, he's more inclined to read papers on security primitives and protocols in his spare time. The earliest piece of malicious code he can recall writing was an Applesoft BASIC program dubbed VTOC Chock. Lewis received an MS in Computer Science from UMass and a BS with Distinction from Cornell U.

Mr. McCarthy will present "Microsoft Passport and the Quest for Single Sign-On" at 13:00 on Sunday in Room A. Thanks largely to the legacy installed base of Hotmail users, Microsoft's Passport is the most widely used single sign-on (or sign-in) mechanism on the web today. We'll examine the evolving architecture of the Passport system and the nature of the published attacks on it. Stepping back, we'll discuss the goals of single sign-on and consider future directions for Passport and similar projects like the Liberty Alliance. Hopefully this will be neither a marketing nor bashing session for Microsoft. I can attest that not all Microsoft employees are evil, incidentally, having dated one....

Frank Keeney
Mr. Keeney runs his own computer consulting firm, Pasadena Networks, LLC, which performs various network security services. Currently Mr. Keeney is doing a great amount of war driving in the Los Angeles area and publishing his findings to bring about awareness of the issues surrounding insecure wireless LANs. He is a frequent speaker at Los Angeles area user groups and other organizations.

Mr. Keeney will be presenting "Sniffing 802.11b for fun and profit" at 13:00 on Saturday in Room A. Demonstrations of traffic caught while war driving, how to find 802.11b LANs without special tools, and finding "stealthy" 802.11b LANs.

Ryan Fox

Ryan Fox is the project leader of NOLA, a GPL web based business accounting, inventory, and payroll package, and CCC, a GPL lightweight inventory and job tracking system for computer companies. Ryan has been doing web development for 10 years, including developing commercial web applications for Fortune 500 companies. He spends his 9-5 at Noguska, guiding the development of their open source and commercial software solutions.

Mr. Fox will be presenting "Secure Web Application Design" at 09:00 on Saturday in Room B. It will cover the properties of Web applications, and how that effects security. Issues regarding PHP and SQL, PHP variable setting, sanitizing input, and authentication will be covered. The server itself will be looked at, and ensuring a secure path between the client and web application. Time permitting, there will be a group activity to find a vulnerability in a given package.

plastek has been in the hack phreak scene since about 1995, and is founder of coke-diet information labs, and is an active coder for cyberosis interactive ( but don't bother, cause its 0day lamer!)

Linux is his preferred operating system, but he has a variety of different boxes on the top secret coke-diet LAN. His hobbies are coding, coding, and making fun of people that don't code. Almost everything he knows is self taught, with the exception of two years of college for computer science. Currently he holds a job with the worlds largest private label credit card financing company.

plastek will present "Linux Kernel Security Basics" at 19:00 on Saturday in Room A. He will go over the basics of Linux kernel security. Memory management, process management, kernel modes, syscalls, loadable modules, and process execution are a few of the topics that will be touched upon. The idea of the speech is to give as much information about how the Linux kernel handles permission type j0nx in the time available. Expect to learn how suid files work on a hardware level.


I began in computers around 1988. I was a regular to BBS's in the local area. Later I learned about Phreaking and making a red box and stuff. I found the idea interesting of making phree calls and shit. It was cool! Now I could call long distance boards with my 1200 baud modem (later got a 9600 when they came out. I thought it was zooming then). Later chatted with Techman! Really private guys (a whiz tho'). Slowly started opening up and later I found out that he was a black guy from Detroit. We shocked each other. Most of us didn't have computers, and some really didn't know what it was at the time, or a modem, BBSing or the Internet.

I learned more (mostly hands on). I learned all the mods, tweeks, test modes, etc. of all cellulars out at the time, reading skamaticz, building cables, etc. What really got my attention was the night I finally met Techman after many missed appointments. Told me to buy a NecP300 from a pawnshop, turned the joint on right from a laptop inside his ride at the gas station. I was hooked! Later we hook one night, with the clones, and I made $1200 that night in 8 hours... most of the time he was teaching, talking shit like guys do, and cracking jokes. $1200 it was OVER for me then. The money was CRaZY! Many stories passed and escapades...

Later we learned we caused a 38% loss in cellular sales here in MI, and they were going to work on a system called pick-up-and-go to curb the cloning market! It wouldn't be long for me. Then the Bust! I had 38 counts! Including cellular cloning, conspiracy to access, possession of misc. unknown elect. devices, possession of hacking material, possession of company and personal info, frauds of different types... the list goes on. But the main thing they were after was the economics with the biggest payoff 10-29a,b Cellular Cloning. I went from 6-7 years to 2-3 years then to 12-18 months (beat the indictment) to 10 months. 5 in a halfway house and 5 on a tether. Restitution was $128,000. Then at $500,000 plus fines. All my points were from what they believed I earned and cost the companies (Ameritech and CellularOne). This was where my battle was.

Cybertr0n will be presenting "The Ins and Outs of Being Caught: A Personal Story of Celco 51" at 24:00 on Saturday in Room A.

Jim Yuill
A Ph.D. Candidate in the Computer Science Department of North Carolina State University researching the investigation process used during incident response.

Mr. Yuill will be presenting "Using Military Intelligence Techniques for Incident Response Investigation" at 15:00 on Friday in Room A. Military intelligence is principally concerned with estimating an adversary's disposition and courses of action, both current and future. The U.S. Army and Marine Corps have developed a process for systematically making such estimates. This process focuses on three aspects of battle: 1. A tactical model of the terrain, 2. The enemy's capabilities and intentions, 3. Estimates of the enemy's courses of action: likely, possible, and most dangerous.

Our research applies this military intelligence process to the process of investigation during a incident response. Tactical models of the network are built. Current incident response literature focuses on finding evidence of hacker activity. Following the approach of military intelligence, this evidence can be used to build models of the hacker's capabilities and intentions (C&I). Combining tactical models of the network with models of the hacker's C&I, estimates can be made of the hacker's courses of action.

Earlier versions of this research have been presented at the RAID and FIRST conferences, and published in the journal Computer Networks. The presentation at Rubi Con will be of our latest developments. This includes the application of investigation theory from jurisprudence (law,) and the development of a data-management system for investigation. Our research is a work in progress --correcting prior problems and making some advances.

Lars Hecking

Hecking received a MS Eng in Electrical Engineering/Microelectronics at Technical University of Darmstadt, Germany in 1993. Then went on to do a Ph.D. at the National Microelectronics Research Centre (NMRC) in Cork, Ireland, but didn't finish. He changed directions and went into IT, and works now as a UNIX sysadmin at NMRC.

He started hacking in the early 90s when the first gcc ports for AmigaOS were available. Contributed to Fred Fish's ADE project (Amiga Developer's Environment) which later became GeekGadgets. Became involved with GNUplot development in 1996, mainly over portability issues, took over project lead in 1998 and made the first new GNUplot release in six years in 1999. Started using AMaViS at work in 1999, and after emailing bug reports and patches, he found himself subscribed to the developer's mailing list. When Chris Mason, who rewrote AMaViS in Perl, pulled out for personal reasons, Hecking took over AMaViS-Perl maintenance. The rest is history. Contributions to other projects include mutt, mp, SCCS, and autoconf, but mainly involving portability and autoconf/automake stuff.

Mr. Hecking will present "Development and Application of AMaViS, an Email Virus Scanner" at 16:00 on Saturday in Room A. It will cover the history, implementation, and functionality of this email virus scanner.

Michael Lucas
Michael Lucas lives in a haunted house in Detroit, Michigan, with his wife Liz, assorted rodents, a multitude of fish, and a big ugly pile of computers. By day he's a network consultant with the Great Lakes Technologies Group. By night he's a FreeBSD committer, a regular columnist for the O'Reilly network, and a very poor student of kung fu. He contributes to publications such as Sys Admin in his copious free time. He's also the author of "Absolute BSD", a friendly introduction to FreeBSD, that is due to be released about the same time as Rubi Con 2002.

He has been a pet wrangler, a librarian, a network engineer, and a security consultant. Somehow he persuaded the Boy Scouts to award him an Eagle.

Mr. Lucas will be presenting "SNMP-based Network Monitoring" 22:00 on Friday in Room B. The presentation will cover SNMP and data tracking tools. A sysadmin cannot define "abnormal activity" until he knows what normal is. This makes defining and tracking a system's normal behavior a vital part of computer security. You'll learn how to gather long-term system performance data using freely-available software such as net-snmp and MRTG.

Chad Margita
An active duty, 23 year veteran police officer and licensed private investigator, I have had a lot of personal experience with wearing and placing bugs, taps and listening devices. During that time I ran into several amateur and professional listening devices planted on people and companies who had no idea at all they were being monitored. So 12 years ago I decided to specialize in the detection of clandestine and illegal phone taps, room bugs and electronic listening devices. I have poured my heart into this area ever since. Corporate level sweeping requires technically advanced gear and I typically bring over $100,000.00 worth of equipment on a commercial sweep. Corporate clients typically schedule quarterly sweeps, which includes executive's homes and cars, to prevent competitor espionage. Today it is increasingly common that competitors are more likely to have bugged a firm, not only for proprietary software and chip technology etc., but to acquire information for stealing clients and key employees. Today there is a new breed of professional blackmailer, called vampires, who prey on the wealthy. They listen in on every personal conversation and when they record something that would be damaging, they bleed them over a period of 5 to 10 years for annual payments. The vampires don't ask for too much, or for all of it at once. They have all of your financial information at their fingertips and know exactly how much you can afford to pay without sending up flags.

Mr. Margita will present "TCSM and Security Measures" at 21:00 on Saturday in Room B. He will also set up a table with sweep equipment as a display, and to answer questions about TSCM (Technical Surveillance Counter Measures), Electronic Counter Surveillance, and Counter Espionage.

Jeremy Hunsinger
Manager of the Center of Digital Discourse and Culture at Virginia Tech, where he is also an instructor of political science and a Ph.D. student in science and technology studies, with certificates in Internet studies and information, and policy and society. This role combines research and advocacy in a variety of arenas with software development, and systems administration and security of several UNIX-like systems. His research and teaching deals with the social and political implications of information technologies, specifically looking at the nature of code and coding, computer and network security, and public and political conceptions of the Internet. One of his current research projects is an ethnography of Internet security professionals. He is on the executive committee of the Association of Internet Researchers, reviews articles for several leading journals, and has more projects than he can possibly accomplish in one lifetime.

Mr. Hunsinger will be presenting, "It's About US: The Political Dimensions of Internet Security" at 09:00 on Saturday in Room A. The presentation will address the social and political implications of Internet security. Mr. Hunsinger has conducted extensive research in the area, it being one of the areas of his dissertation. He will discuss the broad range of problems and possibilities while keeping them in an understandable context.

Maxime Labelle
With some experiences in the world of UNIX and network security, I have had many jobs as a system administrator for network security consultants but am now unemployed. I currently study Computer Science in Québec at the University of Laval in Québec (College of Lévis; DEC/BAC). I have been in contact with the computer world since a very young age and, like most of us, have taught myself everything I know on the Internet. Rapidly I have found a particular interest in network security and encryptions. With most work done under NetBSD, BSDi and OpenBSD, I am now developing secure tunneling solutions with OpenBSD which has become my best friend.

Mr. Labelle will present "Secure Tunneling With IPSec" at 11:00 on Sunday in Room B. The session will cover VPN analysis, secure tunneling implantation, configuration and installation under most common operating systems, from the big boys to the ones you should use in the real world. It will cover some of the encryption algorithms used and how to optimize them. If time allows, there might be a special game called "Crypt This" (maybe "blowfish me") in which players will compete to write the best encryption algorithm. The best algorithm will win a special prize which could be anything from a t-shirt, some beers, a thumb screw or whatever funny... Jon Erickson is preemptively barred from this competition.

Sebastien Tricaud

Working as a French security programmer, I often write white papers on security subjects. I like to explain to everybody how security works and my dream is to demystify computer security.

Mr. Tricaud will be presenting "Analysis of Port Scanning Methods" at 14:00 on Sunday in Room A.

Ron Gage
Ron Gage is an Electrical Engineer who works with the machine tool industry. Ron has been using Slackware Linux for over four years now and has been developing software under Linux for over two years. Ron is entirely self-taught in both his programming skills and his career. Ron also owns and operates a Linux consulting and custom programming business and website hosting service in Saginaw, Michigan.

Ron's work in the machine tool industry, along with his love of Linux, has come together with some of the software projects he has authored. Some of those projects include ABEL - the Allen Bradley Ethernet Library for Linux - and CELL - the CIP/Ethernet Library for Linux.

Mr. Gage will be presenting "Reverse Engineering a Proprietary Industrial Communications Protocol using Linux" at 12:00 on Sunday in Room A. The talk will give real-world examples of how Linux based tools can be used to write communications drivers to talk with various industrial machine tool controllers.

Walter B. Ligon III
An associate professor of computer engineering in the Holcombe Department of Electrical and Computer Engineering at Clemson University. Mr. Ligon earned his Ph.D in Computer Science at Georgia Tech in 1992. His teaching interests are in high performance computer architecture and system software and his research has been in parallel computing, programming environments, parallel file systems, and reconfigurable computing. Mr. Ligon is affiliated with the Parallel Architecture Research Laboratory and the Center for Advanced Engineering of Fibers and Films and is the faculty advisor of the Clemson Paintball Club. Also the creator and executive administrator of the Beowulf Underground - a web site for Beowulf related software and documentation (

He has worked on several projects in his career including the SPOCK project at Georgia Tech, where the programming environment for a custom parallel computer is built; the RAW project that developed a simulation tool for evaluating reconfigurable computers; the MACTAC project at Clemson that developed satellite telemetry processing hardware for a desktop personal computer; the PVFS project that developed a parallel file system for Beowulf parallel computers, and the CECAAD, RCADE, CERSe, and COVEN projects which focus on programming environments for various application domains. Mr. Ligon's research has primarily been supported under grants from NASA Goddard Space Flight Center and the National Science Foundation.

Mr. Ligon will be presenting "Beowulf: Coming Out of the Underground" at 10:00 on Sunday in Room B.

Jenn Vesperman
Jenn Vesperman is a programmer and technical writer. She codes for a Unix/Linux development and sysadmin company in Australia, and writes for O'Reilly. She has an eclectic range of interests in computing, and can argue with her husband over data structures while writing an e-mail on usability for Linuxchix. (She admits that this isn't easy.)

Ms. Vesperman is the current co-ordinator for, a largely online forum for women (and men) who find the traditional Linux user groups to be less than friendly. "RTFM" is a forbidden answer on the Linuxchix lists --at a minimum, it must be accompanied by the name of the manual and how to find it. Jenn finds this a challenge --especially when she has no idea about the topic in question herself.

Ms. Vesperman will present "Linux PAM" at 01:00 on Saturday in Room B. Modern Linux systems have a highly flexible, highly configurable security system preinstalled --and underutilised. By default, PAM mimics traditional Unix security, but it is flexible and allows almost any program to use almost any security system. This talk will discuss some of the options PAM makes available, and some of the possible ways it can be extended.

Jose Nazario
A Ph.D. biochemist, Jose has been in the world of computing and toying around since the Apple II days. Things only got worse when he found the Internet. Since 1994, he's been involved not only in networking, but also in high performance computing and, in that time, security. Since then, he's become widely known for his work on intrusion analysis, vulnerability research, and various contributions to the community on education and writing.

Jose is also a founding partner in Crimelabs, a hacker collective based throughout the US. His research interests include trust relationships, widespread intrusion analysis and methods, firewall implementations (and their evasion), and, of course, bit entropy.

Mr. Nazario will be presenting "Secure Shell Session Keys: How Random is Random?" at 18:00 on Saturday in Room B. The secure shell (ssh) has been widely adopted due to its ease of use and obvious improvements in security over rsh and telnet. In this scheme, the client directs the negotiations concerning the cipher, and also generates the session key. This poses a potential problem, as some implementations may be weaker than others.

How far can we trust ssh clients to "do the right thing"? How random is random? An entropic analysis of the keys generated by several clients will be discussed.

I started hacking when I was 10 (now 19.) In 1997, I started the group toXiK HoloKaust (not Nazis in any way shape or form.) We did some sweet stuff there, until 1999, when I got raided by the Feds (I talked to an undercover cop.) Luckily I use Blowfish encryption, so I didn't go to jail. I don't work for a tech company (but I AM looking for one!! PLEASE!!), and am currently a CNC machinist. I reformed toXiK HoloKaust in late 2001, 'cause I had nothing better to do, and the Feds have better stuff to do than watch me anymore. Did I mention I need a tech job?

Triax will be presenting "UPnP: Microsoft's 'holey' vision" at 24:00 on Saturday in Room B. UPnP, Micro$oft's vision of a totally plug and play network. It works for computers, wireless devices, and those fancy new smart appliances like WinCE toasters. Code is written in an XML format, allowing devices to be connected to the network with no configuration whatsoever. However, it uses UDP, and has numerous security flaws. I intend to cover the UPnP Device Architecture, and its uses in multiple situations. It will be given from the perspective of the hacker (naturally...)

Sir Ace
Sir Ace started working on computers when he was eight. From Motorola, to PC, to Alpha, to MIPS, to SPARC. 18 years later he has a 10 page resume that includes things like building an Intel render farm, and rebuilding the famous Alpha render farm at Digital Domain. {Titanic and X-men were made on those.} A hacker at heart and a consultant by trade, he holds positions at several companies with titles like Unix Admin, or Sr. Unix Admin. He worked on NT for eight years and Novell for five years. He has worked in the traditional corporate IT setting, as well as with startups. He is currently in the middle of finishing Daydream Linux as well, Linux for SH-4/Dreamcast.

Sir Ace will present "Corporate Networking: NIS, DNS, NFS, clustering, and blahness in the void" at 12:00 on Sunday in Room B. As for the session, I would like it to be a Q&A based thing. I'd first like to go over things like NIS, DNS, RPC, general networking, and NFS. Then move on to clustering, what types of clusters are most benifited from, and when to use them. If time allows and if anyone is interested, I would like to be able to do a quick and dirty howto on setting things up from scratch.

Paul "Froggy" Schneider

System Administrator in the Electrical Engineering and Computer Science Department at Case Western Reserve University in Cleveland, OH with a focus on Windows technologies. Holds a BA in Computer Science and is currently pursuing a Masters degree in the same area. He is interested in all areas of computer administration, with a focus on network security as well as the effects of computing on human interaction and social exchange. A veteran at giving seminars to local student groups as well as being involved with organizing computer and network security conventions, Froggy is also a founding member of The Geek Empire out of Cleveland, a computer geek co-operative that offers education to members and Internet services to its clients.

Mr. Schneider will be presenting "Computing considerations in an educational environment" at 17:00 on Saturday in Room B. Educational computing differs significantly from corporate computing. The rules that work for businesses and groups that intend to actually make money can be thrown out the window. This talk will explore the differences between the two computing paradigms, pinpoint some of the "gotchas" sysadmins entering education do not often realize and relate from first hand experience some of the decisions and situations that I have had to go through. I will also discuss reasons why Open Source software can be helpful and even essential. Finally, I will discuss why someone might want to make the trade off of a good salary to work in the education industry.

Vladimir Dergachev
Currently working as a consultant. Mr. Dergachev has taken part in many open source projects. His major strength is the breadth and depth of his education. Mr. Dergachev's mathematical background has been applied to various science intensive projects.

Mr. Dergachev will be presenting "Evolution of Open Source Projects" at 13:00 on Sunday in Room B. It will include a 30 minute description of how open source projects are born, live, and die, and a session for audience questions.

Karl Mozurkewich
Playing with computers since his Commedore 64, Karl is not afraid to tell you why he thinks the Amiga 1000 was the best computer of its day. Besides getting nostalgic over the long forgotten days of Amiga, Mr. Mozurkewich is one academic term away from his undergraduate in Computer Science from an engineering school in Flint, Michigan, second in atmosphere only to Detroit. When not at school, he works for what is perhaps the largest and certainly the oldest information technology company in the world. When not working, he finds the time to run Utropicmedia, a collective of industry professionals that enjoy art, music, computers, and business enough to do it in their spare time.

Mr. Mozurkewich will be presenting "The Ownership of You: Peer-to-Peer" at 12:00 on Saturday in Room B. That Mr. Mozurkewich's thesis is peer-to-peer networks, it should come as no surprise his presentation is on the same. For the past two years Karl has done "Networking 101" and "Networking 102," this year he departs from the basics of networking and attempts to convince us why p2p network models will assert their ownership upon us over the next few years, not only demonstrating why, but showing us why they have failed in the past and how they can be fixed. Beware, this presentation will not only contain violence and nudity, but will also contain technical jargon and corporate buzzwords.

Dan Kivel

Mr. Kivel has been employed as an Ameritech Authorized Distributor for the past 3 years. Prior to his training as a certified system technician and installer, he was an evil little phreak with a dark sense of humor. He has been heard to claim the title of "best field tech ever" to many Ameritech supervisors, and then amends the thought with "not that your trained chimps aren't professionals, or anything."

Mr. Kivel is one of the few certified Nortel Networks BCM installers in Michigan (the only other company certified as of this writing is Ameritech). He will discuss the weakness' and basic design flaws within the BCM, as well as the importance of being either "a hacker that phreaks" or "a phreaker that hacks."

Mr. Kivel will be presenting "Voice over IP and the Horrors of NT" at 11:00 on Sunday in Room A. Northern Telecom has its own Voice Over IP capable multi-site system (the BCM.) Kivel will discuss this system, and the ugly, scary secret it harbors: It's based on Windows NT, and requires Outlook to do most of the interesting features.

George Hotelling
George Hotelling is a Unix systems administrator and security researcher working with K4 Security Solutions based in Holland, MI. He has been active in computer security since his parents tried to password protect the family's 286. His primary research interests are Unix (and Unix-like) system security and web application security.

Mr. Hotelling will be presenting "War Dialing in the 21st Century" at 03:00 on Sunday in Room B. War dialing seems like something that just isn't considered anymore, by white hats or black hats. Because of this there has been a lack of research in the area in recent years. Mr. Hotelling will be presenting his findings on the current state of war dialing, including an explanation of the tools available at and an overview of his findings from wardialing in southeast Michigan.

Myself will not be talking at length about firewalls, VPNs, cryptography, intrusion erection, administration, Linux, script kiddies, programming, Beowulf, or anything else that so many others have more than adequately covered. Instead, Myself likes to remind us that our computers would be little more than exotic calculators if it weren't for the circuits that connect them.

A telco geek with too little supervision on the job, Myself likes to curl up with a good manual, frequently while sprawled out in the cable rack above an ESS machine. A background in computers and electronics, and the ability to explain almost anything to almost anyone, should make for an interesting talk. Bring your questions! Bring your t-berds! And bring the numbers you found while wardialing that you couldn't make sense of!

Myself will be presenting "Introduction to digital transmission systems and maybe other neat stuff" at 17:00 on Friday in Room B. At least the first ten minutes will be an overview of T-1, T-3, SONET, and some of those other telco words that most computer geeks don't really understand. After that, it'll probably turn into a panel Q&A session, with whatever other telco geeks manage to drop in.

Jon Erickson
Mr. Erickson has over seven years of experience in the realm of computer security. He has spoken at computer security conferences around the world, from Chaos Communication Congress in Berlin to the standard blend of DEFCON-esque conferences in the US. He works as a Cryptologist and Enterprise Security Designer for a healthcare infrastructure consulting company in San Francisco. In addition, Mr. Erickson also runs Phiral Research Laboratories, an independently funded think-tank dedicated to the research and analysis of a myriad of computer science related projects.

Mr. Erickson will be presenting "The Password Probability Matrix: A winnowing method for brute-force password cracking using lossy compression" at 23:00 on Saturday in Room B. He will present the specifics for a newly developed password cracking method, and perform a demonstration of it. The method is a hybrid between using computational power and storage space for an exhaustive brute-force attack utilizing a compressed matrix of probabilistic values. He will demonstrate the ability to crack any 4 character password with a fixed salt in under 8 seconds (on a pIII 450), using only a 141 meg file. A normal exhaustive brute-force on the same system would take over 2 hours, and flat text storage of the plaintext/hash pairs would normally use over a gigabyte of storage. This translates to 99.9% keyspace reduction and 89% storage compression.

Admin-X- is an active member of the local computer scene. Founder of the ill-fated Amerisuk Communications, Admin-X- hails with knowledge on computer security, Unix, NT, and the Local Telephone Network, not limited to LAN/Line and Cellular. Though he works now in the professional IT industry with NT and high end UNIX systems. Since the demise of Amerisuk Communications in mid 2001, Admin-X- has been an active member of the informal group, "Detroit Crew," which includes several other "silient partners," and with rivils the likes of the 419 crew and Admin-X- enjoys HP-UX, Korn Shell, and cooking.

Admin-X- will present "New Technology File System and Alternate Data Streams" at 24:00 on Friday in Room B. The presentation is based on NTFS and Alternate Data Streams. Giveing an overview and backgroud of ADS, and demonstrating why ADS could be "danagerous." Also supplying propaganda for programs to find Alternate Data Streams, and various other tools.

By day, Darkcube is a Solaris security researcher for an unnamed company in Silicon Valley. He sharpened his techniques as a fairly active member of the computer and telephony underground, which he's been in contact with since 1994. This year, he decided to take a break from running the social engineering presentation/contest to talk about computers for a change.

Darkcube will be presenting "GOT ALL MAH' HOES ON LOCKDOWN..." at 02:00 on Saturday in Room B. It will be a three part, quick and easy guide to auditing the (in)security of a Solaris host, penetrating it, and then securing it against intrusion.

The first part of this presentation will cover remote and local discovery methods to assess the relative security of a solaris host; Vulnerability scanning, RPC services, and various network and host based techniques one can use to determine a path into the machine. The second part will cover what to do with this information; i.e., actually breaking into the machine, placing backdoors/trojans, and hiding one's self from the admins. The final part is for the admins... It covers several methods administrators can use to secure hosts running Solaris; Stack protection, filesystem permissions, system logs, and third-party software.

Member of the much-feared Project Nexus hack/phreak group, rious spent most of his youth and spends much of his present spare time defeating physical security systems. Though now a Cisco and Novell certified engineer with a real job at a large, unnamed, national electronics company, rious still finds time to wreak havoc on western (and occasionally eastern) Michigan.

rious will be presenting "Physical Security and the Enterprise Network" at 02:00 on Saturday in Room A. This session is intended as a companion to the "PND Demonstration" session. rious will discuss not just how to access secure rooms in secure buildings, but what to do when inside. He will address how networks can be compromised readily and thoroughly via physical attacks, and how to go about doing just that. He will illustrate this with colorful examples and some personal stories. Audience participation is encouraged, as most everyone has a good story about "physical intrusion."

Member of the venerable Project Nexus hack/preak group, Eta indulges in late nights of reckon, espionage and havoc in his ongoing attempt to bring his large, unnamed, western Michigan city to its knees. A student and general geek, he is involved in ham radio, Linux, networking, and breaking his ass biking into trees.

Eta will present "TCP/IP 101" at some as yet unspecified time. The session will cover the basic structure and function of TCP/IP, why TCP/IP is so important, common UNIX tools such as whois, tracerout, and ping, their functionality and how they actually work, and other basics of networking. If time allows, Eta might address some of the common exploits and weaknesses of IP, such as ICMP, Smurf, teardrop, and spoofing.

Project Nexus
A geek conclave in western Michigan, most Project Nexus members are either in jail, on probation, or somewhere in between. The varied members are known for their acts of technical prowess, as well as their acts of reckless and senseless destruction. They feed off of your sorrow, and can kick your ass from the terminal.

Members RijilV and rious will be releasing the Project Nexus Distribution (pnd) Linux variant. pnd fits on and boots off a credit card size CD, and reaffirms the adage that physical security is part of network security. The demonstration will show how pnd can be used to pull information off of a host computer as well as exploit trusted networks. "PND Demonstration" will be at 23:00 on Saturday in Room A.