The following speakers have already confirmed their attendance at IT-Defense 2009:

Bill Paul

Bill Paul

Bill Paul is a member of technical staff in the VxWorks OS group at Wind River Systems, who specializes in network device driver development.
Bill is also a recovering open source OS developer who was responsible for writing many of the ethernet drivers in the FreeBSD operating system.
Originally born and raised in New York City, Bill now lives in San Francisco and works at Wind River's headquarters in nearby Alameda


Karsten Nohl

Karsten Nohl is a security consultant with expertise in hardware security and cryptography. He holds a Ph.D. in computer engineering from the University of Virginia, where he researched privacy protection and RFID cryptography. Karsten has presented talks on RFID and smart-card security at various venues including USENIX Security, 23C3 and 24C3, BlackHat, CanSecWest, Toorcon, and the HOPE conference.

Shirley McGuire

Shirley McGuire

Shirley McGuire is an Associate Professor of Psychology and the Director of the Twins, Adoptees, Peers, and Siblings study at the University of San Francisco. She uses behavioral genetic approaches to demonstrate the importance of the interaction between family experiences and personality traits in the development of children’s behavior problems. She became interested in adolescent computer crime when one of the teenagers participating in her study tried to hack into the university computer system using a computer in her research lab. Dr. McGuire is working on a theory of the development of children’s computer crime based on psychological theories of children’s participation in physical crime and other forms of juvenile delinquency.


Felix 'FX' Lindner, Head of Recurity Labs


FX is the technical and research lead of Recurity Labs with 18 years computer technology experience, over ten years experience in the computer industry, almost all of them in consulting for large enterprise and telecommunication customers. He possesses a vast knowledge of computer sciences, telecommunications and software development. His background includes managing and participating in a variety of projects with a special emphasis on security planning, implementation, operation and testing using advanced methods in diverse technical environments.
FX is well known in the computer security community and has presented his and Phenoelit's security research on Black Hat Briefings, CanSecWest, PacSec, DEFCON, Chaos Communication Congress, MEITSEC and numerous other events. His research topics included Cisco IOS, HP printers, SAP and RIM BlackBerry. Felix holds a title as State-Certified Technical Assistant for Informatics and Information Technology as well as Certified Information Systems Security Professional.


Jan Krissler aka Starbug

Jan Krissler studied microsystems technology and computer engineering in Berlin and works since his diploma at the Fraunhofer Institut for reliability and mikro integration. Since 5 years he is engaged with the overcoming of biometric systems and reverse engineering of RFID-Chips.


Jacob Appelbaum

Jacob Appelbaum
Jacob Appelbaum is a developer on the Tor project and a researcher with an avid interest in security technologies. Specifically his focus is on communication security in the areas of cryptography with respect to privacy and anonymity. He's also an accomplished photographer and travels frequently for both photography and computer security related business. He currently lives in the People's Republic of San Francisco, California. (

Himanshu Dwivedi

Himanshu Dwivedi

Himanshu Dwivedi is considered an industry leader in the area of Storage Security, with numerous books, presentations, and whitepapers. He also has more than twelve years experience in security and information technology. Himanshu has a patent pending for a storage security design, specifically with his Fibre Channel research. He also has published five books, including Securing Storage (Addison Wesley Publishing), Hacking Exposed: Web 2.0 (McGraw Hill/Osborne), Hacking VoIP (No Starch Press), Hacker's Challenge 3 (McGraw-Hill/Osborne), and Implementing SSH (Wiley Publishing). He also has produce many storage security tools, all available from the iSEC Partners' website (


Joerg Heidrich

Jörg Heidrich
Joerg Heidrich, an IT lawyer, has worked as a legal adviser for the Heise Zeitschriften Verlag (publisher of c’t, iX, Technology Review, heise online) and as a lawyer in the new media sector in Hanover since 2001. After studying law in Cologne and Concord, NH, USA, he has worked on problems of the Internet and media law for 10 years. Heidrich is the author of many articles on legal aspects of IT Security and works regularly as a lecturer in this area. He has been registered as an IT lawyer since 2007. In addition, he is one of the publishers of the loose-leaf collection Heise Online Law.

Richard Thieme

Richard Thieme

"Those seen dancing were thought insane by those who could not hear the music." - Nietzsche

Richard Thieme has been hearing the music for a long time. His record includes hundreds of articles, dozens of short stories, one book with more coming, and several thousand speeches.

He speaks professionally about the challenges posed by new technologies and has keynoted conferences in Sydney and Brisbane, Wellington and Auckland, Dublin and Amsterdam, Eilat, Israel, and al over the USA. Clients and audiences range from GE, Medtronic, Microsoft, and the Thunderbird School of Global Management to the Pentagon, FBI, the US Secret Service, Los Alamos National Lab, and dozens of hacker and security cons as well as business and educational forums.


Christoph Wegener

Christoph Wegener

Christoph Wegener, CISA and CISM, has a doctorate in physics and has freelanced with in IT security and OpenSource since 1999. He is the author of many articles, a member of several program committees, reviewer for various publishers and a lecturer in IP Security training. Since 2005 he has also worked for the European Competence Center for Information Technology Security (eurobits). Moreover, he is a founding member and board member of the work group Identity Protection on the Internet (a-i3) and a board member of the German Unix User Group (GUUG).


Anton Kapela

Anton Kapela is a co-owner and partner at 5Nines Data, a Datacenter and IT solutions company in Madison, Wisconsin, where he is responsible for the architecture and implementation of network services and datacenter facilities. Prior to 5Nines Anton actively consulted with several network, wireless, and communications industry companies. His most memorable clients have been Redline Communications, Motorola's Canopy Wireless division, and a subsidiary of Research In Motion known as 'Slipstream.' More recently he consulted on Internap Networks' acquisition and integration of VitalStream - a Content Delivery Network.
Anton is actively involved in the Internet operations and research community and has been a frequent presenter at numerous Operators Group meetings on a variety of topics.
When Anton isn't working, he spends time in rehearsal and recording studios playing drums and bass guitar.


Marcus J. Ranum

Marcus J. Ranum
Marcus J. Ranum, Chief Security Officer of Tenable Security, Inc., is a world-renowned expert on security system design and implementation. Since the late 1980's, he has designed a number of groundbreaking security products including the DEC SEAL, the TIS firewall toolkit, the Gauntlet firewall, and NFR's Network Flight Recorder intrusion detection system. He has been involved in every level of operations of a security product business, from developer, to founder and CEO of NFR. Marcus has served as a consultant to many FORTUNE 500 firms and national governments, as well as serving as a guest lecturer and instructor at numerous high-tech conferences. In 2001, he was awarded the TISC "Clue" award for service to the security community, and also holds the ISSA lifetime achievement award. In 2005 he was awarded Security Professional of the Year by Techno Security Conference.

Andrew Cushman

Marcus J. Ranum

Director, Security Response and Outreach Microsoft Security Response Center, Trustworthy Computing Group Microsoft Corp.
As director of security response and outreach for the Microsoft® Security Response Center (MSRC), part of the Trustworthy Computing Group at Microsoft Corp., Andrew Cushman manages the teams responsible for the company's monthly security updates and those focused on collaborating with researchers and companies to mitigate the effect of security vulnerabilities. Cushman and his teams lead emergency responses to security threats, define and enforce response policies, and monitor monthly update quality and timeliness. Cushman has expanded Microsoft's outreach programs to cover security researchers as well as mainstream security organizations, companies and computer emergency response teams.

Cushman joined the MSRC in 2004 as a member of the Trustworthy Computing - Security executive leadership team that made security processes an integral part of Microsoft's engineering culture. Since then he has been a driving force behind the company's security researcher outreach strategy and execution efforts, formulating the Responsible Disclosure Initiative strategy and initiating the BlueHat security conference franchise.

Since joining Microsoft in January 1990, Cushman has held positions on the Microsoft International Product Group, the Microsoft Money team and the Internet Information Services (IIS) team. He led the IIS product team during the development of IIS 6.0 in Windows Server® 2003. IIS 6.0 was one of the first Microsoft products to fully adopt the security engineering processes that are today embodied in the SDL and remains a "poster child" of Microsoft's commitment to security engineering and Trustworthy Computing.

Cushman earned a bachelor's degree in international studies from the University of Washington and a master of international business degree from Seattle University. Away from work, he is an avid skier.