From: Robert Hettinga Subject: DCSB: Chris Wysopal, L0pht; Client Security in Digital Commerce Date: Monday, April 12, 1999 12:26 PM The Digital Commerce Society of Boston Presents Chris Wysopal Hacker, L0pht Heavy Industries Client Security: You've got armored trucks, but what about the pick pockets? Tuesday, May 4th, 1999 12 - 2 PM The Downtown Harvard Club of Boston One Federal Street, Boston, MA Everyone in ecommerce these days is peddling better vaults for stores and stronger armored cars to deliver payments and merchandise. Does this really matter in an Internet world where you can pick the pocket of a consumer? Or more likely, to automate the pocket picking of a large number of consumers. Current authentication and purchasing systems rely on consumers using off the shelf operating systems such as windows 95/98. This is the operating system which Microsoft has admitted to having no security model. Current ecommerce client security is layering strong encryption on this bed of jello. What are some of the attacks that are being used? What technology can be used to overcome this problem? Chris Wysopal has a computer engineering degree from Rensselaer Polytechnic Institute, but almost all of what he knows about computer security he has learned from his exploration of computers as a hacker for the past 15 years. As an associate of L0pht Heavy Industries he has worked to expose the "snake oil" in the computer security industry and tried to make the general public aware of the just how fragile the internet and security products are. Last May he testified as a computer security expert before the Senate Governmental Affairs Committe and has appeared on several TV documentaries and news programs, including the BBC, CBC, ZDTV, FOX News, and The Jim Lehrer News Hour. This meeting of the Digital Commerce Society of Boston will be held on Tuesday, May 4, 1999, from 12pm - 2pm at the Downtown Branch of the Harvard Club of Boston, on One Federal Street. The price for lunch is $32.50. This price includes lunch, room rental, various A/V hardware, and the speakers' lunch. The Harvard Club *does* have dress code: jackets and ties for men (and no sneakers or jeans), and "appropriate business attire" (whatever that means), for women. Fair warning: since we purchase these luncheons in advance, we will be unable to refund the price of your lunch if the Club finds you in violation of the dress code. We need to receive a company check, or money order, (or, if we *really* know you, a personal check) payable to "The Harvard Club of Boston", by Saturday, May 1st, or you won't be on the list for lunch. Checks payable to anyone else but The Harvard Club of Boston will have to be sent back. Checks should be sent to Robert Hettinga, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they *must* be made payable to "The Harvard Club of Boston", in the amount of $32.50. Please include your e-mail address, so that we can send you a confirmation If anyone has questions, or has a problem with these arrangements (We've had to work with glacial A/P departments more than once, for instance), please let us know via e-mail, and we'll see if we can work something out. Upcoming speakers for DCSB are: June Ron Rivest MIT Deep Crack = MicroMint? July TBA We are actively searching for future speakers. If you are in Boston on the first Tuesday of the month, and you are a principal in digital commerce, and would like to make a presentation to the Society, please send e-mail to the DCSB Program Commmittee, care of Robert Hettinga, . For more information about the Digital Commerce Society of Boston, send "info dcsb" in the body of a message to . If you want to subscribe to the DCSB e-mail list, send "subscribe dcsb" in the body of a message to . We look forward to seeing you there! Cheers, Robert Hettinga Moderator, The Digital Commerce Society of Boston ----------------- Robert A. Hettinga Philodox Financial Technology Evangelism 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'