Home

Summercon 2004 - Schedule

FBI SPAM Investigations Tom Grasso
10:15AM - 11:00AM

Need V(agra or prescription-free drugs? Tired of your ten year-old being asked if she wants her tool enlarged 600%? Want to transfer $17M in Nigerian funds - again? Do you get lonely if you go more than a month without a virus invasion of your hard drive? Do you fantasize that one day all spam will be illegal? Well, that ain't gonna happen soon, but some e-mail scams are illegal, like those that invite you to submit your credit card information to a bogus web site that looks like your bank's. The FBI investigates identity-theft spam such as these, and as statutes continue to evolve regulating e-mail commerce, is constantly preparing itself to broaden its never-ending quest to rid the Internet of Un-American scum.

GMPLS: An overview of Generalized Multiprotocol Label Switching Chris Tracy
11:15AM - 12:00PM

This session will introduce GMPLS and how it applies to the optical realm. It will also cover the routing and management extensions that support GMPLS. We will discuss why almost every network equipment manufacturer has adopted the protocol, why you should know about it, what kinds of problems it solves, interoperability issues, the differences from its predecessor (MPLS) and the myriad of supporting extensions and new protocols: LMP, RSVP-TE, OSPF-TE, IS-IS-TE, etc.

Interesting SQL Injection Techniques and Countermeasures Paul Scragg
02:30PM - 03:15PM

The paper will give an overview of SQL Injection and show some techniques and examples that could be used to compromise a system. The discussion will include SQL Injection detection and the protection against SQL Injection. As most of these techniques are database specific this will be geared to the Oracle rdbms.

SQLInjectionPaper.pdf (96K)
SQLInjectionSlides.pdf (684K)

RandomTalk: Whats Wheres Whys and Hows of Random Numbers Laszlo Hars
03:30PM - 04:15PM

  • Where and why are random numbers needed?
  • What is randomness (philosophically)?
  • What are the Random Numbers (mathematically)?
  • Do Random Numbers really exist?
  • Measures of (non)randomness.
  • How can we get true Random Numbers?
  • The security of Random Numbers
  • Why and how do we test them?
  • Is less (randomness) sometimes more (useful)?
  • Pseudo Random Numbers

Beer redpantz
04:15PM - 04:45PM

Mankind's most sacred discovery will be the subject of a presentation by this well-known Pittsburgh connoisseur. Life wouldn't be worth living without it.

Practical Workplace Security Mark J. Nernberg
05:00PM - 05:45PM

Workplace network security needs to be strong, yet practical. With or without internet access, the value of the workplace network lies in the information contained within it. If the information is compromised, the damage to the operations of the company may be extensive.

Protection from attack, intrusion, beasties, and outright information theft is crucial. However, when that protection becomes a burden to the users, it loses its effectiveness: users, burdened by what they consider to be excessive requirements, will find ways to circumvent the system.

So, an approach to network security must be taken which accounts for all possibilities of attack, yet remains practical for the users of the system to operate. Administration must also be streamlined for simplicity.

At the same time, the biggest danger to a well-designed system is not the actual weaknesses in the system, but rather the users of the system. The discussion will highlight the strengths & weakness of the different components in a security implementation, in addition to the importance of user training. We will also discuss some of the most notorious hackers ever and how they achieved their status -- a hint: they were engineers, but not the kind that you think!

Empowering Broadband: What is BPL? Mark Trumpbour
07:00PM - 07:45PM

  • About Power Utilities
  • Mode of Operation
  • Brief Overview of Power Generation and Distribution
  • So why do they care about Broadband?
  • So what's the problem? Why isn't my utility rolling out BPL?
  • Who's doing it?
  • Future goals of the utilities
  • The technology
  • How do the components fit together?
  • Who are the vendors?
  • Security Implications

Hacktivism and Artists kitizen sane
07:45PM - 08:30PM

kitizen sane will talk about various successes that people have experienced in the field of hactivism, including contestational robotics, indymedia and p2p networking, but also, more esoteric concepts like the skeedaddlehopper and security culture.

Computer Forensics Workshop Sam Norris
Please see Sam Norris for specific times.

An overview and demonstration of common techniques and tools of computer forensics investigations. The scope ranges from software to systems. A CDROM Toolkit will be distributed to each attendee.