Category: Conferences

Defcon Coverage?

Defcon is better experienced than read about. How could I argue with a slogan like “What happens in Vegas gets posted to thousands of blogs? stays in Vegas?” But when those involved blog about it, I’ll admit to a little involvement:

I recruited Brian Krebs onto team Shmoo. Because everyone knows I’m a Shmoo wannabe. But wait for next year, when we’ll launch our new, über-leet group.

David Cowan bought me (and some other folks) a very fine dinner.

I did some tour guiding for some very nice folks–I enjoyed talking with you, and hope you enjoyed it. I have pictures if you don’t pony up the dough respect your privacy, and won’t name names.

Actually, I will name some names. First, Nico Sell did a bang-up job of staying on top of the chaos, and still bringing people together at a variety of functions and parties. One of the things she helped bring together was my panel. I’d like to thank Joseph Ansanelli, Richard Baich, and Paul Proctor, for joining me for a discussion of “The Future of Personal Information.” I thought that things went really well. We had good audience participation, we covered the things we wanted to cover, and we finished just about on time.

And that is what I have to say about Defcon until next year.

[Update: Fixed link to David Cowan, which I swear was valid when I posted it. Thanks, DM!]

The Fifth Workshop on the Economics of Information Security (WEIS 2006)

Ross Anderson has announced that the fifth WEIS will be held in Cambridge (England) 26-28 June 2006. Papers due March of next year.

I’m sad that I’ve only made one of the WEIS workshops so far. (Life keeps interfering.) What’s there is amongst the most interesting bits being done in security. I hope they continue to be a venue for new ideas, rather than refining the ones that have been discussed.

Maybe I’ll write something about the development of new security product, and why we’ll never see the end of “using email like a stupid person.

Blind Signature Patent Expiration Party

we-accept-ecash.jpgFriends, colleagues, and co-conspirators,

It has been 17 long years and now the time is finally here to celebrate at


A party to celebrate the expiration of the Blind Signature patent.

U.S. Patent 4,759,063 (“Blind Signature Systems“) to David Chaum is the core
invention enabling privacy-protecting electronic payment systems and
credentials. It was a truly ingenious, ground-breaking contribution.
Unfortunately the existence of the corresponding patent, which was
notoriously difficult to license, prevented this great invention from
receiving the wide use that it so very much deserved. For a copy of the
patent, see

Continue reading

Pre-Defcon Summit, and some small bits


The fine folks at DC702 are going to be hosting a “pre-Defcon Summit” and fundraiser for the EFF. I’m pleased to be a featured guest, and urge you to show up, contribute to the EFF, and hang out.

Hmmm, this needs some extra text to balance the icon. Dumb stylesheet. Who the heck wrote that thing, anyway?

Someone needs to teach me him, yeah, teach him CSS.

Ok, some small bits to fill the space:

DadaMail! Not just a web based e-mail list manager, but a conceptual art project! Thanks, Purple One!

Or maybe “US consumers want companies fined for security breaches:”

A large majority – 87% – of respondents also feel that companies that fail that to protect confidential data should be required by law to pay to restore consumers’ credit ratings. The survey found 40% of respondents think it would cost $1000 or more to clear their credit record.

Small Bits: Adam Sah on Startups, RECon, Irony and Biometrics

  • Adam Sah (hi Adam!) has a great page of startup advice I hadn’t seen before.
  • Presentations from RECon are now online.
  • The University of Connecticut will be offering a Masters in Homeland Security. That’s a database I’d like to steal. Thanks to Chris Walsh for pointing it out.
  • I’ve been meaning to followup on Juxtaposition’s comment in “Debunking biometric assumptions

    Imagine lost biometric passports allowing the creation of counterfeit passports with “real” biometric data on them. And further imagine trying to prove that it wasn’t you who bombed that plane in Lebanon. “But we logged you going through security…and biometrics are _unique_ and _unforgeable_”. *Shiver*”

    Of course, they don’t need such proof. They can just pluck you off the streets and ship you off to be tortured, where you’ll confess to it all anyway.