October 18th, 2005, 11:03 PM
Information on Jeff Moss (Founder of Defcon)
Hey, I've come across a problem.. I've been doing research lately on some of the security worlds biggest names (I've looked up quite a few, been writing some reports, gathering information, just overall building up a lil' something for myself) and I wanted to look up information on Jeff Moss aka Dark Tangent, the founder of Defcon. I've searched Google and AntiOnline's database and have come up with nothing. I've been searching for quite some time and I wanted to know if anybody here had any particular resource, a personal website of his, an informative website of him, perhaps a report or biography?
Any help is greatly appreciated. Thanks!
October 18th, 2005, 11:57 PM
The History of Black Hat
Black Hat was founded in 1997 by Jeff Moss to provide advanced education to security professionals within global corporations and federal agencies. Jeff’s mission was to mix the best minds of the computer underground with the leading security professionals. The result was a unique conference known for providing new and exclusive research from the top technologists in the world. Black Hat continued to grow and now offers briefings as well as customized training and consulting services to provide unmatched knowledge about upcoming security trends to three continents.
About Black Hat
From: Jeff Moss <jmoss_at_blackhat.com>
Date: Wed, 28 Sep 2005 13:20:04 -0700
Dear Vuln Dev readers,
I want to keep you up to date with what Black Hat is up to. Currently there is a stand alone training in Seattle
in October, a Briefings in Tokyo in October, and a Federal Training and Briefings in Crystal City in January. Black
Hat returns to Amsterdam at the end February with expanded training and briefings. The CFP for Amsterdam will
open by October 15th.
Video from the summer USA show is starting to get encoded, and we will be updating the Black Hat "Black Pages"
in the coming weeks to reflect what happened, and still is happening, with the whole ISS/Cisco drama.
Vulnerability Development: Upcoming Black Hat events announcement
Jeff> Then I am going to tell you a long story. I had been operating in a Bulletin Board, back in the days before the Network was available to the people of my age. And I belong to all these kind of networks. Back then there where dial-up mail networks (FidoNet and compatible networks), but they were all undergroundish. One of the Bulletin Boards in Canada, called PlatinumNet, was going away, and I knew the person who ran that network, and now he's a big US HUB for that network, and he wanted to throw a party for all the people that had been on his network, and there was probably a total of a 100 people on it; So the number of people that happened to be at this party would be like six, you know: probably by the time people of my age can actually get somewhere.... he wanted to do that in Canada (!), and I did not think anyone was going to make it to Canada, and then all of he sudden he just... disappeared. So I thought it was a good idea, but instead of inviting people from PlatinumNet I invited people from all the other networks that I was on. And then I got a dialup account, got on IRC back then, and got on #poundhack, and started inviting everyone on #poundhack ! And then, posted on some newsgroups back then; there weren't that many newsgroups back then ! ...comp.os.security, etc. And why did I pick up Las Vegas: I had never been to Las Vegas, and if the show was a failure, I would at lest be *in Las Vegas* ! If all else went wrong, I would have been in Vegas, sitting by the pool, you know, drinking pinacolada, or something.... :-) So if I am broke, and there's no money left, at least I am - you know - in the sun, so... So then from there it grew.... we got a hundred people at that show, and it really was just word of mouth, people printed out our announcements, spread it around in the bookstores, covered all over the place, and we got nearly a hundred people, which is really amazing, and then it grew every year since then. By the fourth DefCon, a friend came to me: "hey, you should probably make this professional and charge a lot of money for it." We kept getting requests from people that wanted our announcements that they could show their boss, so they wanted a professional sounding announcement so they could show their bosses, and they would let them go. And we tried that one year, and then that nuts of my friend: "hey, you should probably another whole profesional show! And charge money for it, and then you can pay the speakers, then we can expect higher quality, then we can do all these other interesting things, like books, CDs, do everything". And so we started - I did not have the money that year, so the next one I borrowed some money, to have enough to try a 'BlackHat'. I forget how did I came up with the name, I was trying to come up with a name that could convey a kind of misteriousness, security, counter-spy, re-spy... at that time the term blackhat wasn't used at all, we were using the term cracker, back then. So this is how we came to the first BlackHat. It has done pretty well since.
Blackhat Europe 2004 Amsterdam - Interview with Jeff Moss
This one has a photo of Jeff Moss if you need it.
Black Hat Briefings CEO Jeff Moss takes a moment to relax during the Michael Lynn press conference. Moss' company was caught in the middle of the dispute between Cisco, ISS, and Lynn. One day before the conference was set to begin, Cisco hired temps to tear pages out of the conference proceedings book, and Moss had to scramble to press new proceedings CDs that lacked Lynn's presentation slides.
Today @ PC World - Black Hat, Lynn Settle with Cisco, ISS
Hope this helps a little and leads you in the direction you want to go!
October 19th, 2005, 12:16 AM
Jeff Moss is CEO of Black Hat, Inc. and founder of DEFCON, is a renowned computer security scientist best known for his forums, bringing together: the best minds from government agencies and global corporations with the underground's best hackers. Jeff's forums have gained him exposure and respect from each side of the information security battle, enabling him to continuously be aware of new security defense, as well as penetration techniques and trends. Jeff brings this information to three continents--North America, Europe and Asia--through his Black Hat Briefings, DEFCON, and "Meet the Enemy" sessions. Jeff speaks to the media regularly about computer security, privacy and technology and has appeared in such media as Business Week, CNN, Forbes, Fortune, New York Times, NPR, National Law Journal, and Wired Magazine. Jeff is a regular presenter at conferences including Comdex, CSI, Forbes CIO Technology Symposium, Fortune Magazine's CTO Conference, The National Information System Security Convention, and PC Expo.
Stealing the Network: How to Own an Identity(Syngress) August 2005
The first two books in this series Stealing the Network: How to Own the Box and Stealing the Network: How to Own a Continent have become classics in the Hacker and Infosec communities because of their chillingly realistic depictions of criminal hacking techniques. In this third installment, the all-star cast of authors tackle one of the fastest growing crimes in the world: Identity Theft. Now, the criminal hackers, readers have grown to both love and hate, try to cover their tracks and vanish into thin air.
oreilly.com -- Online Catalog: Jeff Moss
Though black clothing still dominated and clusters of hackers exchanging information was still the norm, the crowd at this year's Def Con was older and appeared to be far more professional.
"It is more laid back this year," acknowledged Jeff Moss, the founder of the conference, now in its ninth year. "It is more a reflection of what is going on in the hacking community."
While the hacking counterculture was still in attendance, its members seemed in the minority at the gathering of 4,500-plus people. Professional security consultants made up a large percentage, and law-enforcement and military officers padded out the majority.
"It is becoming more white-hattish," Moss confirmed, referring to the practice of denoting malicious hackers as "black hats" and security-conscious hackers as "white hats."
Part of the change in the crowd has occurred because computer security is no longer an esoteric subject protected by a technological priesthood. Security has gone mainstream, and Def Con has become the No. 1 way to meet others interested in the topic.
"If you wanted to learn something, you needed a mentor," said Moss, who used to be known as Dark Tangent. "Now there are a million books on security and a lot of sites on how to hack."
As the crowd has matured, so have many of the hacking groups.
Even the Cult of the Dead Cow, whose antics at past Def Cons have made headlines, played it straight this year, with a panel discussion on hacktivism and how hackers can help fight for human rights.
Originally, the cDc intended to announce an application, known as Peekabooty, that would create the foundation for an anonymous information-swapping network to help human-rights activists. Peekabooty combines the Internet's distributed file-sharing abilities--similar to those made famous by Napster--with technology to hide the source of data traveling around the network. The program is delayed because of unresolved technical problems.
"The cDc has done a lot of thinking about what (human-rights activists) can do to protect ourselves," said Patrick Ball, deputy director of the Science and Human Rights Program at the American Association for the Advancement of Science. "We have a tremendous need for a program that can do what (the cDc is) aiming to do."
Others at the conference seemed more intent on exchanging Divx copies of movies and grabbing archives of MP3 music.
In one corner of the main hall, 18-year-old Sean Horan set up a server--mounted directly into an old Samsonite suitcase--that offered more than 30GB of MP3 music and 25GB of movies compressed into Divx format.
Anyone who wanted access could ask him for an account on the computer, good through the end of the conference.
Def Con grows up | CNET News.com
But for those hackers without a checkered past, who spend their free time in pursuit of weakened networks or testing out hacking methods, there is still a future in the security industry, according to Jeff Moss, a.k.a. The Dark Tangent and founder of DefCon, the largest annual hacker convention in the United States.
The most recent change is that young hackers now know a job is waiting for them after they finish college, said Moss, whereas several years ago, such job offers were more of a surprise than the norm.
The difference, he added, is that hackers now are less likely to reveal their illicit hobby to potential employers, much less their handles.
"About two years ago, all the older hackers I know stopped using their handles. Now they go by their real names," Moss told NewsFactor. "Amongst their own group, they still use their own handles, but publicly, when anybody asks, they may not say they're a hacker."
Who Gets Hired?
In terms of whether companies actually hire hackers, Moss said he has hacker friends in several major companies, regardless of whether or not such organizations claim to employ such people. In most instances, the companies may be unaware they have hired someone who spends his or her off-hours striving to understand security in other systems.
"Many companies will only hire white hats, or at most gray hats who don't have anything that looks bad in their history," said IDC's Kolodgy.
Moss agreed that companies no longer hire those with a police record. Personally, given two candidates, one with a record and one without, he said he would be inclined to choose the candidate sans a conviction.
"Just because they call themselves a hacker doesn't automatically disqualify them," Moss said. "You would want to find out if they've gotten in trouble for it. It's a broad term."
Homeland Security Damper
That broad terminology has concerned security analysts since President Bush signed the Homeland Security Bill last week. According to a provision of the Cyber Security Enhancement Act, hackers could face life in prison if their actions "recklessly" threaten others' lives.
Ryan Russell, an independent security expert and author, said he is concerned that the government and prosecutors may use their new power to intimidate accused hackers into agreeing to plea bargains. But it is not likely that the new legislation will deter hackers and thus reduce the pool of security professionals-to-be, he added.
"Realize that you've got people who see themselves as very anonymous," he said. "Hackers don't see themselves as vulnerable or as necessarily doing something wrong, so changes in punishment tend to have little impact on current behavior."
Career Path Concern
Moss agreed that new potential punishments probably will not have a chilling effect on the behavior of hackers, particularly teenagers -- though it may increase the number of incidents in which they are caught.
"It's going to take really smart, rebellious, testosterone-filled teenagers and make them federal felons," said Moss. "Before they get out of high school, you're going to have a bunch of these smart people whose career opportunities [are ruined] -- they'll be flipping burgers for the rest of their lives.
"I'm concerned about the whole new generation," he added, "if they make a couple of bad choices and that's it for the rest of their life."
NewsFactor Network - - Does Cybercrime Still Pay?
October 19th, 2005, 02:42 PM
*Breathes* Geez, I definitely think you got me covered there.. Thanks Egaladeist (as always) for your help and support. I appreciate the help finding those resources and what have you, since it was kinda hard for me to find.
Anyways, thanks again!
October 19th, 2005, 02:46 PM
No problem...always glad to help out where I can.