It was a blast presenting at the first Prarie Dev Con. It was great to have so many attendees with a willingness and want to learn new things. As promised, here are the session materials: Hands On TDD Silverlight & WCF In The Real World

It was great to see you all out. Here are the materials from my talks Threat Modeling Slides Xbox Threat Model - Winnipeg Xbox Threat Model - Calgary Passwords Are Dying Slides & Code

I will be giving a talk on threat modeling at Calgary TechFest on March 21, 2009. The schedule/speaker list is starting to fill out and it should be another fun event. Hope to see you there!

Thanks all for coming out to my presentations. Here are the slides and other files from the talks Threat Modeling: ThreatModeling.zip  Passwords Are Dying: PasswordsAreDying.zip

I will be doing two talks at Victoria Code Camp this weekend Passwords Are Dying – A talk about the problems with passwords, how they are currently attacked, and alternatives to password based authentication Threat Modeling – Learn how to model your applications under different lenses to find security vulnerabilities and potential weaknesses in your application More info on the Victoria Code Camp Site

Although I am sure not many graphics students read this blog I figured I would announce it anyways. I will be giving a talk to the digital media class from 4:00-6:00pm. Its an open format event so I am sure the topics will be quite varied.

Tonight I will be joining 4 other local presenters to talk on the SOLID principles. I will be talking on the Liskov Substitution Principle. It’s at the usual time/place (6:00pm downstairs in the Milner Library). Hope to see you there!

Well it is getting really close to that time of year again. I am talking about one of the greatest conferences ever.... DevTeach! Some of the great things about DevTeach: Great size. There are enough people to make it a big conference but still small enough that you meet a lot of people Great speakers. I have been to DevTeach as an attendee three times now and I can not think of one talk that was disappointing Great tracks. Every year there are some great standard tracks like agile, architecture, web, .net, sql. There is also some specialized...

Thanks everyone for coming out to my security talk at the user group. I had a lot of fun doing a full fledged talk to the home town. As always if you have any questions feel free to shoot me an email. Materials: Injection Attacks And Cryptography As we did finish up a bit early I touched on partial trust out of a different demo. Materials: Partial Trust  

I will be presenting at the Edmonton .NET User Group tommorow night. My talk will be on common hacking vectors as well as protecting secrets via cryptographic techniques. Date: Thursday, February 28th 2008 Time: 6:00pm  Location: Milner Public Library Hope to see you there!

Here is the website and slides used in both talks (Cryptography So Easy A Goat Could Do It and Website Hacking 101 - SQL Injection Attacks and Cross Site Scripting). Both presentations used the same site and database so I have included everything as one bundle (including the slides). Injection Attacks And Cryptography.zip

I will be doing two talks at the Victoria Code Camp on January 26th. My first talk is titled "Cryptography So Easy A Goat Could Do It". This is an intro into cryptography including hashing, symmetric, and asymmetric encryption. I will be talking about a lot of best practices and comparing the differences between algorithms available in the .NET framework. My second talk has the much more boring title of "Common Web Site Exploits and How To Protect Against Them". In this one we will hack a sample site using common techniques and then look at how to lock the site...

Last week I spoke at the CalgaryAlberta Tech Fest. My first talk was on enabling partial trust for asp.net applications. Not many people knew what partial trust was comming in which I am finding to be the norm. There were lots of good questions about this technology and great audience participation which I always enjoy.Partial Trust.zipMy second talk was on implementing cryptography and cryptography best practices. Again this talk was a lot of fun and due to the smaller audience size it was more of an open space feel. I was getting over a cold and started loosing my voice towards...

As promised here is the presentation materials from my partial trust talk at the Edmonton Code CampPartial Trust.zip (1.18 MB)

I will be speaking on partial trust in asp.ent at the Alberta Tech Fest this year in Calgary on November 10th. Techfest is like a code camp but has a bigger mix of people. There is a developer track, an architect track, and an IT pro track. Adding the IT pro track is a neat idea to bring the people from the other side of our office floors to the same conference. I don't think there will be too many people switching between IT Pro and the developer track but hopefully some interesting conversations will happen between the two groups.

I recently had the pleasure of speaking to the e-commerce class at DevStudios about input validation and hashing. It was a fun talk and I love the interactivity you get when talking to a smaller audience. Thanks guys!

I wanted to thank the Vancouver user group for having me out to speak. It was a great experience and a surprising turnout considering that the weather was just great outside! As I said in the demo you can download the code, database and slides here. The demo web site also implements some other features that I did not get to talk about due to time constraints. The biggest one is a custom security level (the web.config has a named policy named demo and a demo.config file with the policy in it). I wanted to talk about this...

I will be speaking at the Vancouver User Group on July 4th, 2007. The topic is "Security So Easy, Your Goat Could Do It!" (hey why not). I will be covering injection attacks, validation techniques, hashing and cryptography at a minimum. Time permitting I will get into securing configuration files and least privilege. Hope to see you there!