The following speakers have already confirmed their attendance at IT-Defense 2006:

Barry “The Key” Wels

Barry Wels earned his nickname "The Key" when he started picking locks around 1985. As co-founder of the infamous hacker magazine Hack-Tic, the magazine was a logical place to publish articles on lockpicking in the early nineties. His first presentations and workshops took place at the HEU (Hacking at the End of the Universe) conference and in Bielefeld at the "public domain" sessions (both in 1993). Many presentation followed, and some of them can be viewed online for free (

Barry is founder and president of Toool, a lockpick sportgroup in the Netherlands. Toool stands for 'The Open Organisation Of Lockpickers'. Just as their German friends of they pick locks as an official sport, complete with championships. Besides picking locks Toool members also study locks, sometimes finding huge and previously unpublished flaws. Needless to say that the lock industry is not always too happy, although Toool feels they should be. Lately, some smarter lock companies have started asking Toool what they think of a lock before commencing mass-production.

Even though some offers were made to get him to work for the lock/security industry, Barry still works at CryptoPhone. As one of the co-founders of CryptoPhone he thinks it is important to fight the battle for publicly accessible secure mobile communications. CryptoPhone is the first and only secure cellular, landline and satellite secure phone company that publishes the complete source code to its products. This allows the cryptographic/academic community (and the public at large) to look for flaws or backdoors in the product. Just as with mechanical locks, Barry believes in security trough transparency, not through obscurity.


Prof. Christof Paar

Chris Paar

Christof Paar has the Chair for Communication Security and is director of the Horst Görtz Institute for IT Security at Ruhr University in Bochum, Germany. From 1994 to 2001 he was professor at Worcester Polytechnic Institute, USA, where he headed the Cryptography and Information Security Labs. He co-founded, with Cetin Koc, the CHES (Cryptographic Hardware and Embedded Systems) workshop series, which has evolved into the leading international forum for research in embedded security. His research interests cover fast software- and hardware-realizations of cryptographic algorithms, physical security, tamper resistance, cryptanalytical hardware, and embedded security in real-world applications such as consumer devices, cars, and smart cards. He has extensive consulting experience with leading international companies, and is co-founder of escrypt GmbH – Embedded Security. Christof has over 70 peer-reviewed publications in embedded security, is editor of eight conference proceedings, special journal issues and edited books, and holds several patents in this area.  He was recipient of the prestigious CAREER Award of the National Science Foundation. He is member of the International Association of Cryptographic Research, the ACM and a senior member of the IEEE.


Darrin Miller – Technical Leader of Cisco’s Security Technology Group

Darin Miller is an engineer in Cisco's security technology group. For the past several years, Darrin has conducted security research in the areas of IPv6, SCADA, incident response and network device hardening. This work has included protocol security analysis and security architectures for next generation networks.  Darrin has authored and contributed to several books and whitepapers on the subject of network security. Prior to his seven years at Cisco, Darrin held various positions in the network security community.


Halvar Flake

Halvar has been working on topics related to reverse-engineering (and vulnerability research) for the last 8 years. He has repeatedly presented innovative research in the realm of reverse engineering and code analysis at various renowned security conferences (Blackhat Briefings, CanSecWest, SSTIC, DIMVA). Aside from his research activity, he has taught classes on code analysis, reverse engineering and vulnerability research to employees of various government organisations and large software vendors.


Eugene Kaspersky – World- renowned anti-virus expert

Wurde am 4. Oktober 1965 in Noworossijsk geboren. Absolvierte seine Ausbildung am Institut für Kryptografie, Kommunikation und Informationswesen und arbeitete bis 1991 an einem wissenschaftlich-technischen Institut in mehreren Forschungsbereichen. Im Oktober 1989 begann er Computerviren zu erforschen, als auf seinem Rechner der Virus Cascade gefunden wurde. 1991 bis 1997 arbeitete er am wissenschaftlich-technischen Zentrum KAMI, wo er zusammen mit einer Gruppe Gleichgesinnter das Antiviren-Projekt AVP entwickelte (im November 2000 wurde AVP zu Kaspersky Anti-Virus umbenannt). 1997 wurde er Mitbegründer von Kaspersky Lab.

Heute gehört Eugene Kaspersky zu den weltweit führenden Spezialisten im Bereich Viren-Schutz. Eugene Kaspersky hat eine große Anzahl von Artikeln und Übersichten zu Problemen der Computer-Virologie veröffentlicht, tritt regelmäßig in Seminaren und Konferenzen in Russland und im Ausland auf. Ist Mitglied der Organisation der Computervirenforscher (CARO), welche die besten Experten auf diesem Gebiet vereinigt.


Joanna Rutkowska – Security Researcher

Joanna Rutkowska is an independent security researcher. Her main interest is in stealth technology, that is, in the methods used by attackers to hide their malicious actions after a successful break-in. This includes various types of rootkits, network backdoors and covert channels. She is interested in both detecting this kind of activity and in developing and testing new offensive techniques. From time to time she speaks at various security conferences. She lives in Warsaw, Poland.


John Viega – Author of “Building Secure Software” and CTO of Secure Software

John Viega is an internationally recognized leader and expert on software security. He has co-authored three books in the field, including Building Secure Software (Addison Wesley, 2001), Network Security with OpenSSL (O'Reilly, 2002) and Secure Programming Cookbook for C and C++ (O'Reilly, July 2003). He just published “19 Deadly Sins of Software Security” (McGraw-Hill, 2005).

As CTO, John is responsible for Secure Software's core processes and algorithms for security analysis. He also works to promote better security practices for developers, and is a frequent lecturer on the topic.

John has been an Adjunct Professor of Computer Science at Virginia Tech (Blacksburg, VA), a Senior Policy Researcher at the Cyberspace Policy Institute and currently serves on the Technical Advisory Board for the Open Web Applications Security Project. He also founded a Washington, DC area security interest group that conducts monthly lectures presented by leading experts in the field.

John is also a well-known researcher in software security and cryptography. Most recently, he co-authored GCM, an encryption mode that is currently in the draft 802.1ae standard, and is being considered by several other standards bodies. He is the author or co-author of nearly 80 technical publications, including numerous referenced research papers and trade articles.

John is also the author or co-author of several software security tools, and is the original author of Mailman, the GNU mailing list manager. He holds a B.A. and an M.S. in Computer Science from the University of Virginia.


Ofir Arkin – Co-author of the Fingerprinting-Tools Xprobe2 and book author

Ofir Arkin is the CTO and Co-founder of Insightix, which pioneers the next generation of IT infrastructure discovery, monitoring and auditing systems for enterprise networks. Ofir holds 10 years of experience in data security research and management. Prior to co-founding Insightix, Ofir served as a CISO of a leading Israeli international telephone carrier. In addition, Ofir has consulted and worked for multinational companies in the financial, pharmaceutical and telecommunication sectors.

Ofir conducts cutting edge research in the information security field and has published several research papers, advisories and articles in the fields of information warfare, VoIP security, and network discovery, and lectured in a number of computer security conferences about the research. Hi best known published papers are: "ICMP Usage in Scanning", "Security Risk Factors with IP Telephony based Networks", "Trace-Back", "Etherleak: Ethernet frame padding information leakage". He is a co-author of the remote active operating system fingerprinting tool Xprobe2.

Ofir is an active member with the Honeynet project and is co-author of the team's book, "Know Your Enemy" published by Addison-Wesley. Ofir is also the founder of Sys-Security Group (, a computer security research group.


Phil R. Zimmermann – The father of PGP

Philip R. Zimmermann is the creator of Pretty Good Privacy, an email encryption software package. Originally designed as a human rights tool, PGP was published for free on the Internet in 1991. This made Zimmermann the target of a three-year criminal investigation, because the government held that US export restrictions for cryptographic software were violated when PGP spread worldwide. Despite the lack of funding, the lack of any paid staff, the lack of a company to stand behind it, and despite government persecution, PGP nonetheless became the most widely used email encryption software in the world. After the government dropped its case in early 1996, Zimmermann founded PGP Inc. That company was acquired by Network Associates Inc (NAI) in December 1997, where he stayed on for three years as Senior Fellow. In August 2002 PGP was acquired from NAI by a new company called PGP Corporation, where Zimmermann now serves as special advisor and consultant. Zimmermann currently is consulting for a number of companies and industry organizations on matters cryptographic, and is also a Fellow at the Stanford Law School's Center for Internet and Society.

Before founding PGP Inc, Zimmermann was a software engineer with more than 20 years of experience, specializing in cryptography and data security, data communications, and real-time embedded systems. His interest in the political side of cryptography grew out of his background in military policy issues.

Zimmermann has received numerous technical and humanitarian awards for his pioneering work in cryptography. In 2003 he was included on the Heinz Nixdorf MuseumsForum Wall of Fame, and in 2001 he was inducted into the CRN Industry Hall of Fame. In 2000 InfoWorld named him one of the Top 10 Innovators in E-business. In 1999 he received the Louis Brandeis Award from Privacy International, in 1998 a Lifetime Achievement Award from Secure Computing Magazine, and in 1996 the Norbert Wiener Award from Computer Professionals for Social Responsibility for promoting the responsible use of technology. He also received the 1995 Chrysler Award for Innovation in Design, the 1995 Pioneer Award from the Electronic Frontier Foundation, the 1996 PC Week IT Excellence Award, and the 1996 Network Computing Well-Connected Award for "Best Security Product." PGP was selected by Information Week as one of the Top 10 Most Important Products of 1994. In 1995 Newsweek named Zimmermann one of the "Net 50", the 50 most influential people on the Internet.

In addition to the awards for versions of PGP developed before Zimmermann started a company, subsequent versions of PGP as refined by the company's engineering team continue to be recognized each year with many more industry awards.

Zimmermann received his bachelor's degree in computer science from Florida Atlantic University in 1978. He is a member of the International Association of Cryptologic Research, the Association for Computing Machinery, and the League for Programming Freedom. He serves on the Roundtable on Scientific Communication and National Security, a collaborative project of The National Academies and The Center for Strategic and International Studies. He is Chairman of the OpenPGP Alliance, serves on the Board of Directors for Computer Professionals for Social Responsibility, and is on the Advisory Boards for Santa Clara University's Computer Engineering Department,, Hush Communications, Encentuate, and Qualys.


Snoopy - free Consultant, Author und Jester

After his graduation in computer science and computer information systems from the London University, Snoopy worked in diverse companies as system and network administrator and hardware developer.He was employed by iXOS Software AG for 12 years.Thereafter, he has gained experience in the computer game sector and has been freelance consultant, author and jester for several years.


Stefan Strobel

Stefan was one of the founders of Centaur in 1995 where he built up the security department which was sold to Integralis in 1998. He did consulting for many multinational industrial clients in IT Security and later moved to the European Strategic Development Team of Articon-Integralis where he was responsible for finding and evaluating new technologies. He is the author of several books which have been translated in more than 5 languages. His book on Firewalls is now in the 3rd edition. He regularly speaks at security congresses and teaches IT-Security and Cryptography at University of Applied Sciences at Heilbronn. He is now co-founder and CEO of cirosec.


The Grugq - Independent Anti-Forensics Specialist

The Grugq has been researching anti-forensics for almost 5 years. Grugq has worked to secure the networks and hosts of global corporations, and hes also worked for security consultanting companies. Currently, he slaves for a start-up, designing and writing IPS software and also as a freelance security consultant. Grugq has presented to the UK’s largest forensic practioner group where he scared the police. In his spare time, grugq likes to drink and rant.


Tobias Klein - Consultant

After concluding his university studies, Tobias Klein joined cirosec GmbH in July 2002 as an IT-security consultant. He is author of the book "Linux-Sicherheit – Security mit Open-Source-Software – Grundlagen und Praxis" (Linux Security – Security with Open Source Software – Fundamentals and Practice) published by dpunkt Verlag, and the book "Buffer Overflow und Format-String-Attacken-Problematik" (Buffer Overflow and Format String Attack Problems).