Toorcon 2010 Talk

My over caffeinated self somehow managed to stumble through the talk at toorcon. I’m self critical over the whole thing, but still overall a great experience, and I’m glad I did it.

I was totally nervous. This was my first ‘con’ and the room was packed (people standing at the wall), I spotted relatively famous hackers in the audience, etc. I needed more beer!

Hopefully the next one I’ll relax, slow down, not use filler words, etc :)

Paper Fun: Simplified Single Packet Authorization

Another paper to be presented next week at worldcomp

Port Knocking and Single Packet Authorization (SPA) are relatively new (circa 2004 and later) techniques used to enable anonymous, temporary activation of remote network services that are otherwise blocked by means of a firewall. These techniques greatly enhance the so-called “zero-day” exploit resilience of systems which properly implement them, but they have weaknesses and more importantly share a weakness common to most common security augmentation system: human nature. This paper presents a framework for securely enabling remote services in a manner which focuses on the human factor, a concept often neglected in security research and the key reason that such systems rarely see widespread usage in the real-world. The primary focus is to make SPA easier for humans to interact with.

pdf paper is here: Simplified Single Packet Authorization_1.4

Paper fun: Concerns with Time-Space Based Wireless Security

I’m presenting this at worlcomp this year.


Wireless ad-hoc network protocols are a  topic of much recent discussion and development. This has prompted many researchers to develop interesting and promising-sounding protocols that should be considered and examined. One such protocol, Authenticated Protocol for Wireless Ad Hoc Networks (APEC), was designed by Robert Hiromoto and Hope Forsmann[1]. APEC has been the subject of an increasing amount of scientific discussion and research around Universities, Laboratories, and professional conferences. In this paper, we examine APEC in depth and discuss many potential problems with the protocol that must be addressed if APEC is achieve widespread acceptance.

Paper: probelm_with_time_0.7


Bleh. So since I’m applying for a job so I uploaded the only paper I’ve published so far. It’s basically benchmarking tests with a new type of architecture. It was a good Summer of work altogether.


In retrospect I think MEMS based storage is probably a bad idea.  Things should probably be moving toward non-moving parts.  On the other hand, I still think something needs to go between disc and RAM.