Susan Landau (Sun Microsystems)
Privacy v. Security
Susan Landau is Senior Staff Engineer at Sun Microsystems Laboratories, where she concentrates on the interplay between security and public policy. She is currently working on digital rights management and helped establish Sun’s stance on DRM. Her earlier activities included work on cryptography and export control. She and Whitfield Diffie have written “Privacy on the Line: The Politics of Wiretapping and Encryption.” She is a member of the National Institute of Standards and Technology’s Information Security and Privacy Advisory Board, as well as a member of the Computing Research Association Committee on the Status of Women in Computing Research. More information on Susan can be found at:
Matthew Miller (Boston University)
Building a Linux Distribution
Matthew Miller has been playing with Linux since 1995, and has successfully tricked BU into giving him money for doing it for the past seven years. Until January 22nd, the BU Linux project was his only baby — but now, he’s got one of the biological kind too. Only time will tell which is more of a security concern.
Paul Luppino (Tufts University)
Patching Strategies
Paul Luppino is the Manager of University IT Support Services & IT Projects at Tufts University. Paul is responsible for the daily operations of the University IT Support Center, which includes the call center, desktop support services, quality assurance testing, project management, communication, and strategic planning. Paul attended Harvard University, Boston University, and Tufts University and is a member of several professional organizations including EDUCAUSE, the Association of Certified Fraud Examiners, the Information Systems Audit and Control Association, Project Management Institute, The Veterinary Emergency and Critical Care Society, and the European Veterinary Emergency and Critical Care Society. Paul leads a constituent group for emerging technology at EDUCAUSE, specifically for Personal Digital Assistants (PDA).
James Burrell (Federal Bureau of Investigation)
Cyber Investigative and Forensic Response
James Burrell heads the FBI Counterterrorism/Counterintelligence/Criminal Computer Intrusion, Cyber Crime, and Computer Analysis Response Team (CART) Programs for the northeastern region of the United States. He previously served in the Counterterrorism and Cyber Divisions as the Chief of the FBI Computer Intrusion Unit and the International Investigative Operations Unit at FBI Headquarters in Washington, D.C. He is a doctoral candidate and holds a B.S. in electrical engineering and a M.S. degree in telecommunications/networking.
Collin Sampson (Sun Microsystems)
Identity Management
Collin Sampson is a Security Architect in the Client Solutions organization of Sun Microsystems. Collin has provided a variety of security consulting services to financial, media, academic, and government organizations. These services include security assessments, architecture design, forensic investigations, identity management, and operating systems security.
John A. Grossman (Massachusetts Attorney General’s Office)
Two Case Studies
John Grossman is Chief of Attorney General Tom Reilly’s Corruption, Fraud and Computer Crime Division (“CFCC”). CFCC is an integrated team of lawyers and investigators that is made up of ten prosecutors, thirteen Massachusetts State Troopers, seven financial investigators, a computer forensics expert, victim witness advocates and support staff. Our mission is to assure that law enforcement works for businesses and individuals who play by the rules, and so we focus on (a) “corporate community prosecution” – responding to the priorities of the corporate community: insider theft, computer security and theft of intellectual property; (b) high priority consumer protection cases – – fiduciary embezzlement, Internet crimes – – particularly those targeting children, and immigration cons and other multi-victim swindles; and (c) public corruption cases, whether they involve officials betraying the public trust or companies and individuals stealing from the government. We believe that in order to accomplish our goals, we cannot just prosecute cases. We must be involved in corporate associations and public education efforts that promote the prevention of and failing that, efficient response to, white collar and computer crime, we must work with other law enforcement agencies to leverage the expertise that we have developed by offering training and informal consultation, and we must draft and promote legislation where the current statutes fall short.

Mr. Grossman also serves as the President of Infragard — Boston and is a member of the Commonwealth’s Enterprise Security Board. Mr. Grossman has been an Assistant Attorney General since 1995 and prior to his current position, was a prosecutor in the Special Investigations and Narcotics Division and Public Integrity Division of the Attorney General’s Office and ran that office’s High Tech and Computer Crimes Division. Before joining the A.G.’s Office, Mr. Grossman was a litigation associate at the New York City law firm of Debevoise & Plimpton and a law clerk to Judge Bailey Aldrich of the First Circuit Court of Appeals. He is a summa cum laude graduate of Boston University School of Law.

Rich Graves (Brandeis University)
Riding the worm: MyDoom.AC
Rich Graves is Chief (and only) Security Officer, email and idM architect, and janitor at Brandeis Univeristy. He’s been at Brandeis about 7 years. Before that, he did network analysis and engineering at Stanford University for 6 years. He first became involved with the folks 8 years ago, when he got into the middle of a dispute between some Canadian and Californian neo-Nazis and the German government, which wanted them off the Internet. Rich has learned a bit about free speech, the Internet, and (on rare occasions) minding his own business since then.
David Escalante (Boston College)
Intrusion Prevention Systems, the Inside Dirt
David Escalante is responsible for information security at Boston College. Prior to that position, he worked for many years at Bolt Beranek & Newman, has consulted to a number of Fortune 500 companies, and did a stint working for a PKI vendor.