|
Image taken from 24 Hours in Cyberspace - Tan explains Technology Reclaimation.
For more shots of this and other studly d00ds, check out the L0pht
presskit |

|
motd |
01.31.2000 |
L0pht is still Alive and thanks to
@Stake, bigger than ever! We're on new (:^b)
equipment, and this year's sexiest chairs (according to Details magazine 1/2000)!
Whoo-hoo, finally full time! Thanks to everyone who called and mailed to
congratulate me and for those of you who didn't, what rock have you been hiding under?
For those interested in more details about L0pht's
merger with @Stake - we did up a
FAQ that's pretty informative and
funny and is worth a read.
I've moved to a simpler format and with a change in computing platform, need to get
myself another copy of pgp. Once I do, I'll update my pgp
key. Now that I'm releasing papers, that's what this page will focus on along with
providing the information I usually provide on L0pht (press kit and Pr0nNet topology map). For now
I'm continuing my Palm Pilot Document Library but I don't have time to add new stuff.
I just spoke at SANS this October in New Orleans.
I just attended RSA 2000 in San Jose, CA and did
the @Stake booth-babe thing in January. I hope to meet some of you at this year's
DEFCON.
|
Papers |
01.15.2000 |
Online-Banking - Everybody's a
#*$&!# Expert |
12.15.1999 |
A slide-show I have used
to demonstrate "following a bad example" in a talk on security pitfalls in
software engineering (BU) but was meant as expert testimony on negligence on the
part of the banking industry. This paper examines the currently deployed model
for browser based transactions. While everyone from web based email to online
shopping to banking is vulnerable, banking by far has the most potential impact
on the consumer. Additionally, the banking industry has demonstrated a much
higher degree of effort in the past which seems to have been cut-out by today's
ROI happy CIOs and marketing wizzards...
Read all about it:
|
CyberUL |
01.04.1999 |
CyberUL examines software and
professional certification as it relates to the industry today and why it is so out
of whack with what is needed. In order to clean things up, the UL model may be a
guide but other things have to change; namely, the only thing that will make or break
the state of security is the demand for it. Customers are at the very root of the
problem in that they don't demand security and they don't question security salesmen.
If customers, large customers especially, really demanded security, Microsoft
would not be operating like it does today.
Read all about it:
|
|
Pr0nNet |
04.15.1999 |
Pr0nNet was designed to distribute 90ohm signal bearing pr0n for content.
Pr0nNet currently facilitates pr0n and other viewing content in 2 labs, the bathroom,
the media room and the library. In total there are now 14 viewing nodes and 4 input
nodes. Pr0n and other content may be input via VHS VCR (and subsequently UHF/VHF),
LaserDisc, the Media Room's PC, or our video conferencing camera.
As keeper of the Pr0nNet topology map, I have compiled
the following statistics:
statistics as of 4/15/99 at the height of pr0nnet's presence
green=input,

red=composite-out,blue=rf-out
|
Number of Media Room Nodes |
5 |
Number of Library Nodes |
3 |
Number of Software Lab Nodes |
2 |
Number of Hardware Lab Nodes |
2 |
Number of NOC Nodes |
0 |
Number of Bathroom Nodes |
2 |
Total Number of Nodes |
14 |
Number of Inputs |
4 |
|
|
Presskit |
04.15.1999 |
As keeper of the L0pht PressKit, I have
compiled the following statistics:
Number of 1999 Entries |
n/a |
Number of 1998 Entries |
62 |
Number of 1997 Entries |
24 |
Number of 1996 Entries |
11 |
Number of 1995 Entries |
6 |
Total Number of Entries (12.31.1998) |
103 |
Space Rogue
has been working on some of the content, breaking down some of the video
content into "Web Presentable Format". So far he's got highlights from our
appearances on
The BBC and
New England Cable News.
|
Pilot Library |
04.15.1999 |
My Palm Pilot Document Library, where a bunch of
useful documents can be found in DOC reader format, will remain up however I'm not
updating it anymore unless a bunch of answering machine instructions come in. I may
refresh it with the latest advisories and/or documents from NMRC (but then again I
may not). In other words, its still here but don't hold your breath for updates.
|
Contact |
01.31.2000 |
I often need to exchange both casual and private messages with folks. To contact
me, send mail to tan@l0pht.com. You should assume
that all mail sent to/from L0pht has been read by someone else while in transit
between our mail system and yours. To insure your privacy, use my PGP version 5 public
key (02.17.1999):
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP for Personal Privacy 5.0
Stay Tuned... (01.31.2000)
-----END PGP PUBLIC KEY BLOCK-----
|
|