Photo montage from previous conferences


The following is a partial listing of speakers confirmed thus far.
To see the conference schedule, please visit our Events Page.

Jeffrey Altman Developer of AFS for Windows, Secure Endpoints Inc.
Kwabena Boahen Associate Professor of Bioengineering, Stanford University
Adrian Bowyer Senior Lecturer in Mechanical Engineering, University of Bath; creator of the RepRap project
Burnie Burns Co-creator of “Red vs. Blue”
Harold Cohen Professor Emeritus of Visual Arts, University of California, San Diego; creator of AARON
Robert X. Cringely PBS columnist and creator of “Triumph of the Nerds”
Chris DiBona Open Source Programs Manager at Google
Jawed Karim co-founder of YouTube
Eric Johnson FactSet Research Systems
Lillian Lee Associate Professor of Computer Science, Cornell University
Max Levchin Chairman and CEO of Slide, Co-Founder of PayPal
Chip Mayse SAIC satellite systems & numerical methods
Jim Miller Microsoft CLR
John Mizel A+ Programming Language, Morgan Stanley
Sanjay Patel Associate Professor of Electrical and Computer Engineering, University of Illinois at Urbana-Champaign and co-founder of AGEIA
Yale N. Patt Professor of Electrical and Computer Engineering, University of Texas at Austin
Joel Spolsky "Joel on Software" blog and CEO of Fog Creek Software
Alex Stamos Principal Partner, iSEC Partners
Michael Swift Assistant Professor of Computer Science, University of Wisconsin-Madison
Kudo Tsunoda General Manager/Executive Producer - EA Chicago

Making A Difference in Society With A Career in Computer Science

In this talk I will share my life experience, my motivations, my dreams, successes and failures. It is my hope that those who attend will be inspired not only to follow a career in computer science but to do so while thinking outside the box and applying their skills to solving society's challenges.

Computers are tools to be used solve much more interesting and complex problems in life. Computer science is one of the greatest fields to choose as a career because your skills can be applied to just about any problem domain from education to genetic sequencing to space exploration to modern dance to health care. A successful career requires the understanding not only of computer science techniques but also the problem domain to which they are applied. It is this application of computer science which in my opinion makes being a computer scientist or engineer the greatest occupation the world has ever known.

Jeffrey Altman

Jeffrey Altman is the founder and CEO of Secure Endpoints Inc. (SEI). Secure Endpoints' mission is to support individuals and enterprises adopt secure global data sharing infrastructures based upon open standards and interoperability between open source and close source implementations. Secure Endpoints has focused its efforts over the last three years on furthering the activities of the IETF Security Area and on ensuring that open source solutoins such as MIT Kerberos, OpenAFS, and OpenSSL work as well on Microsoft Windows as they do on UNIX and UNIX-like operating systems.

Some of Jeffrey's prior activities have included a two time board member of Project JXTA, lead designer of Columbia University's Kermit Project, and CTO of Internet Access Methods, a Java based collaboration technology company.

Metaelectronics: Self-Configuring Neuromorphic Systems

Nanoelectronic technology promises to cram a trillion transistors onto a 1cm2 chip. How do we harness all these devices? Abstraction, which has been used until now, is becoming increasingly inadequate as microelectronic chips approach a billion transistors. We can learn from biology, which handles complexity through developmental processes that elaborate a relatively simple starting recipe into a complex mature structure. By borrowing from biology, we have developed two self-configuring microelectronic chips. These chips capture the ability of epigenetic development to generate representations of features in neural layers and to autoroute connections between these layers. This metamorphic approach provides a powerful alternative to handling complexity in nanoelectronic systems.

Kwabena Boahen

Kwabena Boahen joined Stanfords Bioengineering Department as Associate Professor in December 2005. From 1997 to 2005 he was on the faculty of University of Pennsylvania, Philadelphia PA. He is a bioengineer who is using silicon integrated circuits to emulate the way neurons compute, linking the seemingly disparate fields of electronics and computer science with neurobiology and medicine. His interest in neural networks developed soon after he left his native Ghana to pursue undergraduate studies in Electrical and Computer Engineering at Johns Hopkins University, Baltimore, in 1985. He went on to earn a doctorate in Computation and Neural Systems at the California Institute of Technology in 1997. His lab is currently developing Neurogrid, a specialized hardware platform that will enable the cortexs inner workings to be simulated in detailsomething outside the reach of even the fastest supercomputers. Professor Boahens numerous contributions to the field of neuromorphic engineering include a silicon retina that could be used to give the blind sight and a self-organizing chip that emulates the way the juvenile brain wires itself up. His scholarship is widely recognized, with over sixty publications to his name, including a cover story in the May 2005 issue of Scientific American. He has received several distinguished honors, including a Fellowship from the Packard Foundation in 1999, a CAREER award from the National Science Foundation in 2001 and a Young Investigator Award from the Office of Naval Research in 2002. The professor is an avid cyclist.

The Replicating Rapid-prototyper—Moving Hardware Through the Wires

This talk will be about RepRap—the replicating rapid prototyper. RepRap will be a desktop manufacturing system that is able to make the vast majority of its own component parts, so—if your friend has a RepRap machine—you can ask him or her to make you the parts for one too. RepRap will be open-source, and will be distributed under the GNU General Public Licence; so anyone can have one.

Once you have a RepRap, you will be able to download designs for a wide range of items—from coat-hooks to cameras—and have your RepRap machine make them. In doing this, you will have used no goods transport, exchanged no money, and avoided completely any industrial involvement. You will also be able to design and to make items yourself, and—optionally—to post those designs online under the GPL for the benefit of others.

RepRap has the potential to completely revolutionise manufacturing and wealth-creation for the entire world.

Adrian Bowyer

In the 1970s Adrian Bowyer read for a first degree in mechanical engineering at Imperial College, and then researched a PhD in tribology there. In 1977 he moved to Bath University's Maths Department to do research in stochastic computational geometry. He then founded the Bath University Microprocessor Unit in 1981 and ran that for four years. After that he took up a lectureship in manufacturing in Bath's Engineering Department, where he is now a senior lecturer.

His current areas of research are geometric modelling and geometric computing in general (he is one of the authors of the Bowyer-Watson algorithm for Voronoi diagrams), the application of computers to manufacturing, and biomimetics. His main work in biomimetics is on self-copying machines.

Red vs. Blue

Burnie Burns

Burnie Burns is the creator and the head writer of Red vs. Blue. He began his career in media at the University of Texas when he and a group of friends discovered an unused low power VHF license. To the befuddlement of the FCC, Burnie and company used that license to create KVR9, the nation’s first student-run 24-hour broadcast television station. While at KVR9, Burnie created the award winning show Sneak Peek, which promoted and held advanced screenings of first run films.

In April 2003, Burnie created Red vs. Blue, an episodic animated series that spread like wildfire across the Internet. Within nine months, the project went from its humble website debut to premiering at the prestigious Lincoln Center in New York City. Burnie’s work has been featured on the front page of the Wall Street Journal, at BareNaked Ladies concerts, at the IMAX theater in San Jose, and as part of Microsoft Xbox promotions in every Wal-Mart, Best Buy and Target in the nation.

Red vs. Blue has been nominated for a Webby as “Best Humor” site, ranked at number 39 on FHM Magazine's “Top 100 Websites” and was awarded “Best Picture” and “Best Writing” 2003 by the Academy of Machinima Arts & Sciences. Red vs. Blue continues to grow in popularity, drawing over 1 million viewers every week.

When Burnie is not producing Red vs. Blue and The Strangerhood, he enjoys sleeping and not answering the goddamn phone.

Burnie voices the characters “Church,” “Vic” and &“Lopez” in Red vs. Blue and ldquo;Griggs” and &“Tovar” in The Strangerhood.

Color, Simply.

AARON began more than thirty years ago as research directed to a deeper understanding of how we make images and how we read them, than twenty years as a professional artist had revealed. AARON was a drawing program, its structure loosely following the then-current “expert system” paradigm, that exhibited a distinctive “art personality” of its own, and the program—not just its output—was widely exhibited during its first ten years. Of the many thousands of original drawings it generated, some were colored by hand and a few turned into paintings and murals. The problem of having a sightless program control something as fundamentally visual as color appeared intractable, however, and it was the mid-eighties before the first rule-based version showed that it might be possible. It took twenty years more for AARON to become the world-class colorist it is today.

This talk provides some background on the technology of color control, and presents an overview of how the program's expertise developed, resting finally upon a change from the implicit representation of knowledge in the rules provided by the author, to the explicit representation of that knowledge in structures made available to the program itself. That change has made it possible to replace the program's extensive rule-base with a remarkably simple algorithm that not only performs as well as the previous rule-intensive versions, but commands a much wider range of coloring strategies.

Harold Cohen

Harold Cohen grew up in London, where he studied painting at the Slade School of Fine Art. In the 1960s he exhibited widely, representing the UK in the Venice Bienalle in 1966, documenta-5 in Germany and in international museums and exhibitions around the world. In 1968 he went to California for a one-year visiting professorship at UC San Diego, met his first computer and never returned to London. From 1972-74 he was a visiting scholar at the AI Lab at Stanford, and began work on the AARON program. AARON/HC have exhibited at the Tate Gallery in London, the Brooklyn Museum, the San Francisco Museum of Modern Art, Boston's Computer Museum and many other prestigious venues, including Tsukuba, Japan, where they represented the US in the World Fair of 1986. Cohen was the founding director of the Center for Research in Computing and the Arts at UCSD. He retired from teaching in 1995, and continues to work on AARON at his home near San Diego.

Robert X. Cringely

For eight years from 1987-95, Robert X. Cringely wrote the Notes From the Field column in InfoWorld, a weekly computer trade newspaper. He is also the author of the best-selling book Accidental Empires: How the Boys of Silicon Valley Make Their Millions, Battle Foreign Competition, and Still Can't Get a Date.

Most recently, Cringely is the host and writer of the hit PBS-TV miniseries “Electric Money.” (If you'd like to own “Electric Money,” you can.) Cringely's work has appeared in The New York Times, Newsweek, Forbes, Upside, Success, Worth, and many other magazines and newspapers.

The sex symbol, airplane enthusiast and adventurer continues to write about personal computers and has an active consulting business in Silicon Valley, selling his cybersoul to the highest bidder.

On Why You Should Pay Any Attention to Him

When it comes to information technology, I know what I am talking about. Thirty years in and around the PC business have earned me wisdom, if not wealth. It's not that I am so smart, but that my friends are smart. The best and brightest in Silicon Valley talk to me all the time. It's my job to sift through their thoughts for valuable bits to share with you. But wait, if I am so great, why is this service free? Good question! Maybe it's time to renegotiate my contract with PBS.

Open Source and the Google Summer of Code

In this talk, Chris DiBona will talk about Open Source and how Google uses it. He will also talk about the Summer of Code, Google's program designed to introduce university students to open source software development.

Chris DiBona

Chris DiBona is the Open Source Programs Manager for Mountain View, Ca based Google, Inc. His job includes maintaining open source license compliance, running the Summer of Code and releasing open source software on Google's Code website, which can be found at As part of his work, he also works on issues surrounding open standards and external APIs.

Before joining Google, Mr. DiBona ran Damage Studios, a game company and before that he was an editor/author for the popular online website He is an internationally known advocate of open source software and related methodologies. He co-edited the award winning essay compilations “Open Sources” and “Open Sources 2.0” and he was briefly the Linux guy on TechTV and creates “Floss Weekly” a podcast, part of the TWiT network which can be found at

YouTube: From Concept to Hypergrowth

Less than two years after launch, YouTube has become one the most-visited destinations on the web. With more than 100 million videos served daily, it may be the fastest-growing entertainment website in the history of the World Wide Web. Jawed Karim will explain the thought process and the events that led to the development of YouTube.

Jawed Karim

Jawed Karim is the co-founder of the popular video sharing website YouTube. Karim attended the University of Illinois from 1997 until 2000, when he joined PayPal to become one of its first developers. He completed his remaining credits at UofI by correspondence and received a B.S. in CS in 2004. In 2005 Karim co-founded YouTube with two friends, co-developing the concept and product, and raising money from Sequoia Capital. He subsequently acted as an advisor to the company and is a graduate student in computer science at Stanford University and an investor in early-stage startups.

Jawed has a long history with ACM and Reflections Projections at UIUC. As a student in 1998, he presented a conference talk, “Practical Graphics Programming,” and in 1999, his team placed 2nd in MechMania.

For more information, please visit

Life With a Daily Build—The Good and The Bad

Over the past few years, it has become fashionable to advocate the virtues of a daily build. Yet, what does it take to really make it happen? What kinds of processes and social behaviors does a corporate culture have to adopt to make this happen? And what are the long term effects when it does?

In this lecture, we'll explore the experiences of one company that has had a daily build with weekly releases in place for nearly a decade. We'll look at how features flow from developers to end users, the processes to enable the delivery, and the required operational monitoring. We'll conclude with a brief outline of the risks and rewards of such agile behaviors.

Eric Johnson

After an unspeakably bad semester, Eric Johnson joined the then brand new SigSoft chapter at the UIUC ACM. A year and half later, he graduated by the skin of his teeth with a BS in CS from UIUC in 1993. He immediately joined FactSet Research Systems, where he has been ever since. Currently, he heads up the Market Data Engineering group that integrates real time quotes and news feeds from around the world into the FactSet product line.

Sense and Sensibility: Automatically Analyzing Subject and Sentiment in Human-Authored Texts

This talk addresses questions in document classification, broadly construed. One surprisingly subtle problem is that of building systems that can learn to recognize a document's overall “sentiment,” so that, for example, they can determine whether a movie review is “thumbs up” or “thumbs down” from its text alone. (Wondering why this is hard? Think sarcasm, for starters.) We also discuss the long-standing problem of representing topical content. In particular, we present an analysis of the widely-used SVD-based Latent Semantic Indexing (LSI) algorithm; our analysis motivates an intuitive generalization providing striking empirical improvements over LSI.

Portions of this talk describe joint work with Rie Kubota Ando, Bo Pang, and Matt Thomas.

Lillian Lee

Lillian Lee is an associate professor in the Computer Science Department of Cornell University. She is the recipient of the Best Paper Award at HLT-NAACL 2004 (joint with Regina Barzilay), a citation in “Top Picks: Technology Research Advances of 2004” by Technology Research News, and an Alfred P. Sloan Foundation Fellowship. But she is not from Iowa; nor is she ranked 843; and she is certainly not the pine-scented air.

Millionaire Before Graduation: Entrepreneurship in the Post-Post-Bubble Internet

Much has changed since the collapse of capital markets in the Spring of 2000, and the now proverbial subsequent Bubble Burst. Mortars filled with venture dollars from Sand Hill Road are once again being lobbed at unsuspecting entrepreneurs, a new business (usually named Somethingr—no “e”) is founded every half hour at select San Francisco Peet's Coffee & Tea, and Google is desperately trying to spend its $10B of cash shopping for companies with or without relevance.

So, is the dreaded (but oh so sweet) Bubble back?! More importantly, is there something you can do to get in on this frenzy, before you leave the hospitable walls and desperately cold streets of higher learning? Yes, I will argue, the startup economics have changed drastically. If you ever thought of starting a company, the time is now. Come listen to the talk someone should have given me ten years ago before I left Champaign for Silicon Valley.

Max Levchin

Max is the Chairman and CEO of Slide, a service that delivers your favorite digital content to your desktop or Web site in the form of a simple, sleek Slide show. Slide's mission is to dramatically simplify the way people consume information and interact with each other online. As the co-founder, former CTO, and technology expert behind PayPal, Max was a pioneer in the development of network and information security technologies to combat transaction fraud and identity theft. A successful IPO in 2002 was followed by eBay's acquisition of PayPal for $1.5 billion. Prior to starting PayPal, he founded two other Internet companies which made NetMeridian Software and SponsorNet New Media. Max is also the co-creator of the Gausebeck-Levchin test, one of the first commercial implementations of a Captcha, used in computing to determine whether a user is a human or a computer. In addition to his work with Slide, he also helped start Yelp, an online social networking and review service. Max is also currently serving on the board of directors of EverNote, a provider of note management, digital ink and handwriting recognition software and technologies for the PC, mobile and wireless markets.

A Newton's-Method Formulation of the Reconnaissance-Satellite Maneuver-Duration Problem

Reconnaissance satellites often have structures that are of large size and light weight, and (hence) relatively flexible. Moreover, they have limited on-board maneuvering energy. They are therefore subject to relatively modest dynamic limits-maximum angular velocities, accelerations, and “jerks” (time derivatives of acceleration). The process of maneuvering such a vehicle to point its sensors at a sequence of targets, particularly if these are close together, cannot be modeled accurately without accounting for the effects of these limits.

The duration of such a maneuver (“slewing and settling”) is not readily computable in closed form, because the vehicle moves some distance during the maneuver, affecting the required rotation angle. Assuming that the maneuver is a planar rotation enables constructing an iterative algorithm to resolve these coupled quantities. Combining vector calculus and simple physics in a Newton's-method formulation, this algorithm is implemented in about 100 lines of C++, and can compute about 80,000 maneuver-times per second on current PC hardware. Millions of such computations are required when analyzing and generating collection schedules.

The “slew model” described is embedded in IISYS (the Integrated Intelligence Systems Simulator), which is used by SAIC to analyze system architectures, concepts of operation, and their interrelationships for the National Reconnaissance Office. Staffed mainly by Air Force and CIA personnel, the NRO is the U. S. Government's executive agency for space-based reconnaissance (“spy satellites”). SAIC (Science Applications International Corporation) is an employee-owned professional-services company of about 43,000 people and annual sales approaching $8 billion.

Chip Mayse

Dr. “Chip” (William C.) Mayse is in his second career, having previously been an aerospace propulsion-systems engineer. Originally from Indiana and educated (BSME, MSME) at Purdue, he served in the Air Force; studied systems management (MS) at the University of Southern California; studied theology (MA) at Fuller Seminary (Pasadena, CA); and was a thermal-analysis engineer at Rocket Research Company (now Aerojet-Redmond) before switching to CS. Since leaving UI (Ph.D. '92) he has worked in Northern Virginia, mainly on high-performance visualization and systems-analysis software. This includes PowerScene, an early terrain scene-generating system; a very large and fast graph-domain data-mining system for the Dept. of Justice; FAST (the FIA Architecture and Scheduler Testbed), a high-fidelity satellite-constellation simulator for Boeing Aerospace; and (currently) IISYS and COSMOS. For its contributions to Operation Deliberate Force and the Dayton Peace Conference, PowerScene received a Technology Laurels Award (1995) from Aviation Week Magazine.

Where's My Compiler? Developer Tools: Past, Present, and Future

This talk is about the evolution of what is today called “the tool chain,” and specifically how the role of the compiler has changed over the last 50 years. I'll talk about how a modern compiler must balance the need to produce high-quality output code with the requirement that the compiler itself execute quickly. And I'll talk about how compiler technology has been absorbed into other parts of the software environment—some of them obvious, but some of them probably a bit surprising.

Jim Miller

Jim Miller has designed and implemented a number of novel and useful real-world systems over more than thirty years, including:

Since 1998 Jim has worked at Microsoft Corporation on the design and development of the Common Language Runtime (CLR). He served as editor for the ISO Standard on a Common Language Infrastructure. He's currently a software architect on the Developer Frameworks team. His current work is on versioning in an object-oriented system and on bringing the CLR to a wider range of programming languages as well as client-side and web-based applications.

Prior to his work at Microsoft, Jim created and headed the Computers and Society domain at the World Wide Web Consortium to work on issues ranging from child protection to electronic commerce to privacy protection to accessibility for the disabled. He has also been on the research staff at the Massachusetts Institute of Technology, the faculty of Brandeis University, the research staff of Digital Equipment Corporation, and the research staff at Bolt, Beranek, and Newman.

A+: From Proprietary Programming Language to Open Source.

This talk will discuss the development history of the A+ programming language at Morgan Stanley, some language features that lead to the proliferation of A+ trading applications, and the motivation and experience in making it an open source project.

John Mizel

John is a developer of trading systems in the Fixed Income Division working in both A+ and more recently Java. John joined Morgan Stanley and the A+ development team in 1994 and is the lead developer on the A+ project for the past 10 years, playing a key role in its migration to Linux and the A+ open source project ( Prior to joining Morgan Stanley, John was part of the APL2 language group at IBM.

John received a Masters degree in computer science from Union College and also holds an MBA and Bachelor's degree in biology from Lehigh University.

Morgan Stanley is a global financial services firm and a market leader in securities, investment management and credit services. With more than 600 offices in 28 countries, Morgan Stanley connects people, ideas and capital to help clients achieve their financial aspirations.

Video Games, Physics, and High-performance Computer Architecture

Video gaming has created an interesting dynamic in the economics of the computing industry, having driven teraflop-levels of performance to be available for less than $1000. In this talk, I'll illustrate how these dynamics have affected a small startup company called AGEIA in its quest to introduce a high-performace chip to accelerate physical simulation for video games.

Sanjay Patel

Sanjay J. Patel is an Assistant Professor of Electrical and Computer Engineering and Willett Faculty Scholar at the University of Illinois at Urbana-Champaign. He is the co-author (with Yale N. Patt of The University of Texas at Austin) of an introductory textbook for computer science and engineering students, titled “Introduction to Computing Systems: From Bits and Gates to C and Beyond”, which is now available in its second edition from McGraw-Hill.

His research interests include processor microarchitecture, computer architecture, and high performance and reliable computer systems. In particular, his research group, the Advanced Computing Systems Group, investigates high-performance and error-tolerant processor architectures for the 7 to 10 year time horizon. He and his group are developing key instruction optimization technology that will be used in next-generation high-performance microprocessors. Patel has published over 30 articles and papers in the area.

He has done architecture, hardware verification, logic design, and performance modeling at Digital Equipment Corporation, Intel Corporation, and HAL Computer Systems, as well as provided consultation for Transmeta, Jet Propulsion Laboratory, HAL, Intel, and AGEIA Technologies. He is currently serving as Chief Architect at AGEIA Technologies.

Patel earned his Bachelor (1990), Master of Science (1992) and Ph.D. (1999) in Computer Science and Engineering from the University of Michigan, Ann Arbor.


A stew is a collection of ingredients, prepared by simmering slowly. My pocket dictionary also adds the definition “mental agitation.” The ingredients of this talk can come from any of the topics below, or if anyone in the audience wants to add another ingredient to the stew, he/she is welcome to do so. We are computer scientists and engineers, and we spend a lot of our energies creating technology. My hope in this talk is to explore some of the issues we face, both as computer people and as members of the human race. Which ones we spend time on depends on the audience. I don't expect to lecture, since I have no idea which of these you are interested in. I am not concerned about going off track, since there is no track.

Yale N. Patt

Yale Patt is a teacher at The University of Texas at Austin. He is also the Ernest Cockrell, Jr. Centennial Chair in Engineering, Professor of Electrical and Computer Engineering, and Professor of Computer Sciences. He has done fundamental research in microarchitecture, producing (with his students) the HPS paradigm, the Two-level Branch Predictor, Runahead Execution, and Wish Branches, among other things. More importantly, he gets to teach the introductory freshman course in computing to 400 freshmen at UT every other Fall. He wrote the book for that course with Professor Sanjay Patel of UIUC. He also has an extensive consulting practice working with microprocessor manufacturers on problems in microarchitecture and computer systems. He has received a number of awards for his research and teaching, perhaps most notably the 1996 ACM/IEEE Eckert-Mauchly Award and the 2000 ACM Karl V. Karlstrom Award. He is a Fellow of both the IEEE and ACM. More detail can be found on his website:

Great Software

Too many times you see teams create very decent products that, for whatever reason, fail to rise above the crowd and truly capture the popular imagination. They are surprised when their products are mostly ignored by the marketplace, which seems to be captivated by some other shiny geegaw that's functionally inferior and more expensive.

In many product categories, from software to consumer electronics, the product with the most market share is often more expensive and less functional than the number two product. I will explore why this happens and suggest some ways to design a blue chip product that people will love. After you get great software and products using the usual repertoire of debugging, usability testing, etc., you have to go still further and think about beauty, user happiness, and emotional impact.

Joel Spolsky

Joel Spolsky is a globally-recognized expert on the software development process. His website Joel on Software ( is popular with software developers around the world and has been translated into over thirty languages. As the founder of Fog Creek Software in New York City, he created FogBugz, a popular project management system for software teams. Joel has worked at Microsoft, where he designed VBA as a member of the Excel team, and at Juno Online Services, developing an Internet client used by millions. He has written two books: User Interface Design for Programmers (Apress, 2001) and Joel on Software (Apress, 2004). Joel holds a BS from Yale in Computer Science. Before college he served in the Israeli Defense Forces as a paratrooper, and he was one of the founders of Kibbutz Hanaton.

Breaking AJAX Web Applications: Vulns 2.0 in Web 2.0

The Internet industry is currently riding a new wave of investor and consumer excitement, much of which is built upon the promise of .Web 2.0. technologies giving us faster, more exciting, and more useful web applications. One of the fundamentals of .Web 2.0. is known as Asynchronous JavaScript and XML (AJAX), which is an amalgam of techniques developers can use to give their applications the level of interactivity of client-side software with the platform-independence of JavaScript.

Unfortunately, there is a dark side to this new technology that has not been properly explored. The tighter integration of client and server code, as well as the invention of much richer downstream protocols that are parsed by the web browser has created new attacks as well as made classic web application attacks more difficult to prevent.

We will discuss XSS, Cross-Site Request Forgery (XSRF), parameter tampering and object serialization attacks in AJAX applications, and will publicly release an AJAX-based XSRF attack framework. We will also be releasing a security analysis of several popular AJAX frameworks, including Microsoft Atlas, JSON-RPC and SAJAX. The talk will include live demos against vulnerable web applications, and will be appropriate for attendees with a basic understanding of HTML and JavaScript.

Alex Stamos

Alex Stamos is a founding partner of iSEC Partners, LLC, a strategic digital security organization. Alex is an experienced security engineer and consultant specializing in application security and securing large infrastructures, and has taught multiple classes in network and application security. He is a leading researcher in the field of web application and web services security and has been a featured speaker at top industry conferences such as Black Hat, CanSecWest, DefCon, SyScan, Microsoft BlueHat and OWASP App Sec. He holds a BSEE from the University of California, Berkeley.

Improving the Reliability of Commodity Operating Systems

Despite decades of research in fault tolerance, commodity operating systems, such as Windows and Linux, continue to crash. In this talk, I will describe a new reliability subsystem for operating systems that prevents the most common cause of crashes, device driver failures, without requiring changes to drivers themselves. To date, the subsystem has been used in Linux to prevent system crashes in the presence of driver failures, recover failed drivers transparently to the OS and applications, and update drivers “on the fly” without requiring a system reboot after installation. Measurements show that the system is extremely effective at protecting the OS from driver failures, while imposing little runtime overhead.

Michael Swift

Mike Swift started as an assistant professor at the University of Wisconsin, Madison, in January 2006. He grew up in Amherst, Massachusetts and received a B.A. from Cornell University in 1992. After college, he worked at Microsoft in the Windows group, where he implemented authentication and access control functionality in Windows Cairo, Windows NT, and Windows 2000. From 1998 to 2006 he was a graduate student at the University of Washington, studying large-scale clusters, simultaneous multithreading and operating system reliability.

Kudo School of Game Design

Kudo Tsunoda

Kudo currently works as the General Manager / Executive Producer at EA's top next gen development studio, EA Chicago. In the 10 years he has been making video games, Kudo has been responsible for developing such industry and genre defining features as Fight Night's Total Punch Control, DEF JAM: ICON's “Beatings with Bass,” and the infamous winch mechanic in the Air Attack series. Since starting up EA Chicago, this studio has won 14 individual game of the year awards for their outstanding work on the EA Sports Fight Night series. Games Kudo has worked on have grossed nearly 1 billion dollars in total sales and he is recognized industry wide as the Johnny Depp of the video game development community. Before working in video games, Kudo worked as a lion tamer in Las Vegas. He is also an avid collector of butterflies.

“Haven't you heard a slow song that's a little faster? I mean it makes it cooler you know. People love slow songs when they're a little fast—it's much cooler. Lets just speed it up a couple octaves.”

—Rule #37 at the Kudo School of Game Design

12th Annual Reflections | Projections Computing Conference • October 20 - 22, 2006 • Contact