Day 6 - 01/13/2006: It is Friday the 13th and the final day of the Department of Defense Cybercrime Conference 2006. I admit that I am sad to see it end. Unlike most people I know, I truly love coming to conferences like this one where I am immersed into a learning environment and subjected to highly technical topics that I am interested in. It is fantastic. There were some presenations that were disspointing, but overall, it was worth every minute of my time.
The day started out early since I had to load up my junk because room checkout was around 11am when I would be in a presenation. After loading up, I headed over to Inverness Hall for breakfast and the "conference wrap-up." Nice things were said about everyone who participated and presented. Jordan and I won First Place in the Cipher Hunt challenge. Now that I think about it, I wish I had a copy of our challenges. Oh well. We received First Place medals in the DoD Cybercrime Olympics 2006 along with USB Aquariums. I received two nice certificates; a generic one for attending the conference and a very nice one for completing the 2 day Mac OS X Forensics class. Those were bonuses I wasn't expecting.
The first presentation of the day was "Identity Theft" by Kevin Mandia. Kevin is an awesome speaker. I was really impressed by his "stage presence" and comfort with the material. He went through a case study of a woman who had $50,000 stolen from her accounts which was later determined to have been accomplished by exploiting Internet Explorer on her computer and installing a keylogger. Great intro to people who don't do incident response and know the associated tools.
The second and last presenation focused on BitTorrent and forensics. It was quite and interesting topic. One of the dilemmas mentioned deals with how do investigators tracking down child porn deal with the issued of forced sharing when they are trying to download and verify potential child porn images. As soon as the investigator finishes downloading a file chunk, it is automatically shared out to others making the investigator a distributor of child porn. It raised several questions that I would like to research later on and possibly provide some help to the author and law enforcement (forensic) community.
I am now hanging out at my sister-in-law's house working on an article with a looming deadline but wanted to get in my last conference update. It was a great experience. I loved meeting all of the interesting people and look forward to keeping in touch with them. I am already anticipating next year's conference. Thanks to DoD, JTF-GNO & Technology Forums.