Difference between revisions of "Seattle"

Revision as of 17:06, 8 October 2006

OWASP Seattle

Welcome to the Seattle chapter homepage. The chapter leaders are Mike de Libero and Scott Stender

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?

Local News

10/12/2006 @ 6 o'clock - Seattle chapter meeting.

Details: Location: Bellevue Las Margaritas (http://www.lasmargaritasbellevue.com/) Time: 6 o’clock. We have the following two talks lined up for this meeting:

Black Ops 2006: Pattern Recognition

The "Black Ops" series of talks tend to look for useful functionality in existing systems, and this year's edition is no exception. Topics will include:

• Detecting selective degradation along network paths
• Results from a worldwide SSL scan
• Cryptomnemonics
• A midpoint between dumb fuzzing and smart fuzzing
• Dotplots as a guide for fuzzing
• Visual Binary Difference Analysis

Dan Kaminsky is the Director of Penetration Testing for IOActive Inc, a Seattle security consultancy. Previously of Cisco Systems and Avaya Inc, he has been presenting research into interesting mechanisms within TCP/IP for several years. One of his more well known endeavors involved correctly estimating the global infection rate from Sony's DRM Rootkit by use of quirks in the Internet's Domain Name System infrastructure. Dan focuses on design class issues, most recently spending much of 2006 auditing Microsoft's new Vista operating system.

Wireless Communications Security

Up to recently, wireless communications have enjoyed a certain amount of security through obscurity because of the high cost of the hardware required to examine these communications at the lowest levels. With the advent of software radio, this obscurity is rapidly disappearing.

Josh Lackey will discuss some of his current research in the area and will demonstrate the latest generation of low-cost hardware which supports software radio. As examples, he'll demonstrate

• Software which emulates the GSM broadcast control channel (let's phuzz your phone)
• How to show (and replay) the bits sent between your car and your wireless key fob (or how to steal every Infiniti off the lot)

Josh Lackey has his Ph.D. in Mathematics but he quickly realized that teaching calculus to freshmen for the rest of his life would drive him crazy. Instead, he decided to do what he was really good at: breaking things. While he enjoys breaking almost anything, he specializes in breaking wireless protocols. Josh is currently the Security Development Lead for Microsoft SWI and is responsible for leading a team of world-class hackers who get a chance to attack all of Microsoft's products before you do. Previously, he was a Senior Ethical Hacker for IBM Global Services where he led penetration testing teams against large IBM customers.

Please let us know if you can make it or not so we can make sure to order the correct amount of food and beverages.