Project Prometheus

Presented at DEF CON 12 (2004), July 31, 2004, 4 p.m. (50 minutes)

The goal of Prometheus is to create an Open Source project that takes into account the inherent flaws in the Microsoft implementation of Alternate Data Streams (ADS) and uses those attributes to create a tool for increased security. The concept is similar to making lemonade from lemons. We're taking an insecure component of the NTFS file system and creating a tool that will provide increased security. Russ and Grifter will be explaining and demonstrating the use of Alternate Data Streams and then discussing an Open Source project which they have currently begun development on.

Presenters:

• Neil R. Wyler / Grifter   as Grifter
  Grifter has been involved in the scene for over a decade and currently runs 2600SLC, the Salt Lake City 2600 meeting, and DC801 the Utah Defcon meeting; where he often lectures on a range of security related topics. He has been published in numerous online and print publications and has previously been a speaker at several Defcons. He has also been the subject of interviews for various online, print, and television pieces regarding different areas of the hacker culture over the years. He is a Defcon Goon and primary organizer of the Defcon Scavenger Hunt and Defcon Movie Channel.
• Russ Rogers - CEO & CTO, Security Horizon
  Russ Rogers is the CEO and CTO of Security Horizon, a Colorado Springs based information security professional services firm and is a technology veteran with over 12 years of technology and information security experience. He has served in multiple technical and management information security positions that include Manager of Professional Services, Manager Security Support, Senior Security Consultant and Unix Systems Administrator. Mr. Rogers is a United States Air Force Veteran and has supported the National Security Agency and the Defense Information Systems Agency in both a military and contractor role. Russ is also an Arabic Linguist. He is a certified instructor for the National Security Agency's INFOSEC Assessment Methodology (IAM).
• Tierra
  Tierra, while still somewhat new to the scene, has been manipulating bits since the 7th grade, and is currently working on his Computer Science degree at the University of Utah. He has been attending 2600 meetings for more than 3 years now in Salt Lake City, and has been helping run the Defcon Scavenger Hunt since Defcon 10 (you'll find him at the Scavenger Hunt table again this year). While working with the DC801 crew on projects such as this, he spends his time mastering his PHP and SQL skills on various personal projects such as TIMAP found on SourceForge.

Links:

• https://infocon.org/cons/DEF CON/DEF CON 12/DEF CON 12 video/DEF CON 12 - Grifter - Tierra - Project Prometheus - Video.mp4
• https://www.youtube.com/watch?v=S8ZdDGRuFLM

Similar Presentations:

• ToorCon San Diego 12 (2010) / The Carmen Sandiego Project
• DEF CON 9 (2001) / NTFS Alternate Data Streams
• HOPE Number Six (2006) / Aether Madness with the Prometheus Radio Project