My Work by Subject Matter


Industrial Control Systems/SCADA

"SCADA and PLC Vulnerabilities in Correctional Facilities" co-authored by John Strauchs and Teague Newman

"SCADA and PLCs in Correctional Facilities: The Nightmare Before Christmas". Defcon 19, Las Vegas, Nevada, August 2011 with Teague Newman, John Strauchs and "Dora the SCADA Explorer".

"Paul Dot Com Security Weekly Episode 257 Part 1," September 9, 2011 with John Strauchs and Teague Newman

Wired Magazine "Researchers Say Vulnerabilities Could Let Hackers Spring Prisoners From Cells," by Kim Zetter, Wired Magazine, July 29, 2011

Packet Storm http://packetstormsecurity.org/files/author/9060/

Schneier on Security "Attacking PLCs Controlling Prison Doors", August 2, 2011 http://www.schneier.com/blog/archives/2011/08/attacking_plcs.html

CNN Headline News "Hackers Take Aim at Prison Locks and other Real World Targets", by John Sutter, August

The Register "PLCs a Prison Vulnerability" by Richard Chirgwin, August 1, 2011.

Reuters "Hackers Don't Need Movie Magic To Wreck Havoc", by Jim Finkle, August 6, 2011

Also Covered by MSNBC

Huffington Post "Security Flaw Could Let Hackers Help Inmates Break Out of Prison", by Gerry Smith, August 8, 2011


Car Hacking/Reverse Engineering Vehicle Embedded Systems

Guest on "Off the Hook" live radio show, New York City, October 22, 2008

Guest on "Off the Hook" live radio show, New York City, December 3, 2008

Winner of Pace University School of Business 2008 Venture Capital Pitch Contest, New York City, December 4, 2008

"Hacking Your Car: Reverse Engineering Protocols, Legalities and the Right to Repair Act", Notacon, Cleveland, OH, April 2010

"How Hacking Helps Us," presentation at the New America Foundation, March 5, 2012

"Hacking Cars to Keep Them Safe," by Dawn Lim, MIT Technology Review, January 30, 2012

"Students Get an Education on How to Break into the Latest Automobiles," by Jordan Robertson, Bloomberg News, August 22, 2012

National Highway Traffic Safety Administration (NHTSA), Washington, DC: Vehicle Cyber Security Roundtable [Panel], January 19

Carnegie Mellon's Software Engineering Institute, Pittsburgh, PA: Vehicle Cyber Security Problem Challenge Workshop, March 9

Society of Automotive Engineers (SAE), World Congress, Detroit, MI: "Why Do Hackers Hack? [Car Hacking Panel], April 14

Society of Automotive Engineers (SAE), Cyber Auto Challenge, Detroit, MI: Law, Ethics, and Responsible Disclosure: Hacking Cars, July 25

Washington Post "Hacks on the Highway", by Craig Timberg, July 2015

M.I.T., Boston, Massachusetts, "Connected Vehicle Standards," October 17, 2017

NDC {Minneapolis} Software Development Conference, Minneapolis, Minnesota https://ndcminnesota.com/


Critical Infrastructure Protection (NIST Framework)/IOT

Featured on the Discovery Channel's "The True Story: Die Hard 4.0" program

"Streets Lights, Security Systems and Sewers? They're Hackable, Too" by Steve Henn on National Public Radio's "All Things Considered," March 4, 2013

ABC Evening News, Washington, D.C. area "With an Increased Reliance on Technology, Consumers Pave Road for Hackers", December 2013

Podcast with Stacey Higginbotham "Can Your Coffeemaker Be Compromised? The Internet of Things", November 5, 2013

ech News World "The Internet of Things: There's a Great Big Beautiful Tomorrow", by Tiffany Rad, March 18, 2014

C-SPAN "Washington Post Cyber Security Summit,"Critical Infrastructure Security," October 1, 2014

Joshua Philipp "Gas Lines, Power Companies Targeted by Cyber Attacks", October 2013

Internet of Things (IOT) Day, Oslo, Norway: IOT Security: Connected Home Appliances and Cars, March 17

NDC {London} Software Development Conference, London, England https://ndc-london.com/

NDC {Oslo} Software Development Conference, Oslo, Norway: https://ndcoslo.com/

American Bar Association "Drone Cyber Security Panel," Holland & Knight, LLP: https://www.hklaw.com/, Washington, D.C., June 5, 2018

Intellectual Property Law

"The DMCA & ACTA vs. Academic & Professional Research: How Misuse of this Intellectual Property Legislation Chills Research, Disclosure and Innovation," July 2010, Las Vegas, Nevada, with Chris Mooney

Ars Technica "3D Fabbers: Don't Let the DMCA Stifle and Innovative Future" by Nate Anderson, November 2010

PC World "3D Printing May Bring Legal Challenges, Group Says," by Grant Gross, PC World, November 10, 2010.


Privacy

"REAL ID Act and RFID: Privacy and Legal Implications," July 19, 2008 at The Last HOPE (Hackers on Planet Earth): MS PowerPoint presentation

"Your Mind: Legal Status, Rights and Securing Yourself," Defcon 17, Las Vegas, NV, August 2009, with James Arlen

"Your Mind: Legal Status, Rights and Securing Yourself", Black Hat USA, Las Vegas, NV, July 2009, with James Arlen

"Your Mind: Legal Status, Rights and Securing Yourself", Hacking at Random (HAR), Netherlands, August 2009, with James Arlen

"Your Mind: Legal Status, Rights and Securing Yourself", SecTor, Toronto, Canada, October 2009, with James Arlen

"Hello, My Name is Host Name", Defcon 17, Las Vegas, NV, August 2009 with Dan Kaminsky and Elliot Bradbury

Flaunt "Have You Seen My Phone" interview, April 6, 2016


Exploit and Vulnerability Disclosure Policies

Disclosure of Security Vulnerabilities, Pumpcon Presentation, Philadelphia, October 25, 2008.pdf

The Register "Big Browsers Scramble to Fix Cross Platform Zero-Day Flaw", by Iain Thomson, June 13, 2013


International Policy and Law Regarding Cyber Crimes and Digital Weapons

Hudson Institute, authored "Threats to Critical Infrastructure and the Transportation Sector: "Cyber-Enabled Economic Warfare: An Evolving Challenge"

Georgetown University's Journal of International Affairs Cyber V edition, authored "The Sword and the Shield: Hacking Tools as Offensive Weapons and Defensive Tools"

"International Cyber Jurisdiction: Kill Switching", Black Hat Abu Dhabi, November 2010

"Jurisdiction Hopping", 27C3, Chaos Communication Congress, Berlin, Germany, December 2010


General Cyber Security

and Policy

Guest with Dan Kaminsky on "Off the Hook" live radio show, New York City, January 20, 2010

TripWire "InfoSec's Rising Stars and Hidden Gems", Anthony Freed, July 22, 2013

Microsoft "A Professional Hacker Reveals Her Top Cyber Security Tips," Microsoft Podcast, March 27, 2015

South by Southwest (SxSW) Conference "Hacker to InfoSec Pro: New Rockstar Generation," March 15, 2015

Marketplace Tech (radio) "Marketplace Tech" with host Ben Johnson, August 18, 2015

NetScout "Engage" Conference, I taught a full-day course on cybersecurity, Orlando, Florida: https://www.netscout.com/engage20, April 25, 2017

Defcon, Las Vegas, Nevada: "Behind the Scenes on the movie Sneakers," with John Strauchs, July 29, 2017

Maine Start-up Conference, Portland, Maine, "Cyber Security for Small Companies," https://www.startupmaine.org/ June 20, 2018

California Lawyer "Every Firm is a Target", by Susan Kuchinskas, January 2014

Life Hack "7 Reasons Your Data is Probably Not Safe Online", by Brian Penny, February 28, 2014

Forbes "20 Cyber Policy Experts to Follow on Twitter," by Richard Stiennon, April 7, 2014

Bloomberg "Female Cyber Sleuths Hack Into Silicon Valley's Boys Club," by Jordan Robertson, July 1, 2014

Washington Post "What Top Government and Business Officials are Saying about Cyber Security," by Washington Post Live, October 7, 2014