Offensive Approaches to Information Assurance

Peiter "Mudge" Zatko, BBN Technologies

Abstract: Apophenia, anchoring, confirmation traps and other psychological phenomena influence not only defenders but also the attackers. The first third of the talk focuses on some examples of these and other traits and how they can be used both for and against an adversary. The second part of the talk dives into examples and ideas revolving around novel data acquisition and system compromise through non-standard means. The talk finishes with the novel approaches to asymmetric defensive tactics in information security environments.

Bio: Better known as Mudge, the hacker who testified to the Senate that he could "take the Internet down in 30 minutes", Zatko has been a pioneer of the commercial information security and warfare sector since the 1980s. The leader of the hacker think-tank "L0pht", he founded @stake and Intrusic and currently works as a Division Scientist / Technical Director for BBN Technologies (the company that designed and built the Internet) in the National Intelligence Research and Applications Division.

Mudge is the creator of L0phtCrack—the premier MS password auditor, SLINT—the first source code vulnerability auditing system, AntiSniff—the first commercial promiscuous system network detection tool, and Zephon—Intrusic's flagship product focused on Counter Intelligence / Counter Espionage for corporate Insider-Threat. His other software works are now included in several distributions of commercial and public domain operating systems.

As a lecturer and advisor Mudge has contributed to the CIA's critical National security mission, was recognized as a vital contributor to the success and creation of the President's Scholarship for Service Program by the NSC, has briefed Senators, the former Vice President and President of the United States, and has provided testimony to the US Senate multiple times.

An honorary plank owner of the USS McCampbell and referenced as part of "U.S. History" in Trivial Pursuit, his mission remains constant to "make a dent in the universe".

Time and Place

22 Feburary 2008 (Friday) at 1630 hrs
Gates 4B (opposite 490)