Hi All,<br><br>Here are the details of the next meeting, would like to see you all there:<br><h2><span class="mw-headline">Next Meeting: Tuesday, June 15th, 2010 </span></h2>
<p><b>Meeting Sponsor: </b>
<table align="left" border="0" cellpadding="1" cellspacing="1" width="900">
<td> <a href="http://www.2keys.ca/" class="external text" title="http://www.2keys.ca" rel="nofollow"><img src="http://www.owasp.org/images/7/75/2keys_%28big%29.jpg" alt="2keys_%28big%29.jpg"></a>
</td><td> <a href="http://trendmicro.com/" class="external text" title="http://trendmicro.com" rel="nofollow"><img src="http://www.owasp.org/images/9/9a/TM_logo_red_rgb.jpg" alt="TM_logo_red_rgb.jpg"></a>
<pre>6:00-6:30 Pizza, wings and pop<br>6:30-7:30 Main presentation<br>7:30-8:00 Open discussion and questions<br></pre>
<p><b>Speaker: David Mirza Ahmad</b>
</p><p>David will be describing the CBC padding oracle attack,
originally discovered by Serge Vaudenay and presented at Eurocrypt 2002.
Recent applications of this attack affecting web applications
discovered by Juliano Rizzo and Thai Duong, presented at Black Hat
Europe in 2010, will be clearly described. There will also be a live
demonstration of POET (padding oracle exploitation tool).
</p><p><b>About The Speaker</b> David started his career over ten years
of professional experience as a founding member of SecurityFocus.com,
which was acquired by Symantec in 2002. David also moderated the
Bugtraq mailing list, a historically important forum for discussion of
security vulnerabilities, for over four years. He has spoken at Black
Hat, Can Sec West, AusCERT and numerous other security conferences, as
well as made contributions to books, magazines and other publications.
David also participated in a NIAC working group on behalf of Symantec
to develop the first version of the CVSS (Common Vulnerability Scoring
System) model. His current obsession is building a network security
startup in Montréal and acting as editor for the Attack Trends section
of the IEEE Security & Privacy journal..