Femtocell Media Blitz, and Vegas 2013
15 Jul 2013 08:26:00 EST

Hi all. If you wound up here as a result of the many news articles about the Verizon femtocell - thanks. This is my personal site, and while I try to keep it pretty tech relevant, it goes into more cryptography and anonymity theory than my company's website. Obviously, the opinions I express here and on twitter are not my employer's.

If you'd like to learn more about how we broke into Verizon's Network Extender and can use it to listen to your phone calls, read your SMS and MMS, and man-in-the-middle your data connection - Doug and I will be presenting the work at Black Hat and Defcon later this month! (With the help of Andrew Rahimi who has helped us on this project immensely.)

Besides the Femtocell talk (which believe me, is plenty), I'm also presenting twice more in Vegas. At Black Hat, The Factoring Dead: Preparing for the Cryptopocalypse is a talk I'm helping out just a smidge on with Alex Stamos, Tom Ptacek, and Javed Samuel. There's been a lot of recent advances from Joux in solving discrete logrithms in fields of a small characteristic. What if this made the jump to RSA and factoring? How screwed would we be? And at Defcon, a talk I've been working on for literally years: De-Anonymizing Alt.Anonymous.Messages. Have you ever looked at it? It's a giant shared inbox of encrypted messages. Have someone dump messages to you there, and nobody knows if you recieved a message or not. Well, at least in theory. I've collected hundreds of thousands of posts and have been working on analyzing, brute forcing, and correlating messages based on... metadata.

