Welcome to Matt Curtin: The Web Page.
Finally! The story behind the project that I led with Rocke Verser and Justin Dolske to prove that the U.S. Government standard for data encryption was weak is available in print. Brute Force covers the story behind the scenes, how we overcame technical hurdles, organized a huge social network, and defeated the standard before Congress made it illegal for people to use good cryptography to protect themselves.
Online fraud is essentially no different from other kinds of fraud. Defenses often include an awareness of the scams that are out there and being careful not to be taken. In this paper, I document and comment on a recent scheme targeting eBay and Best Buy users.
If you're using spyware to see what your children or employees are doing, you might well be allowing a vendor to spy on them as well. We performed a quick analysis of Spector Pro for Windows for WBNS-10TV in Columbus, and documented our findings.
If you watch DVDs on your computer, you might be in for more than you realized, thanks to some unsafe default behavior in PCFriendly. More information is available in a press release and the paper.
Developing Trust is my book on how to build systems that don't come back and bite us. In the book, I argue that privacy-aware systems are necessary for good security, that today's methods of "addressing" privacy are doomed to failure, and that we can build systems worthy of trust, if we have the courage to do so. Available in late November 2001 from Apress in the US and from Springer-Verlag internationally.
A mailing list manager that differs widely from others like Majordomo and Mailman. For lists whose subscriptions are by invitation only, these are problematic. We introduce more sophisticated subscriber profiles, protection from "outsiders", and eliminate the problem of receiving multiple copies of the same message. More information is available on this project's page.
I like to talk to people about technology, and help them get a grasp on the sorts of things that are possible now. Something that especially appeals to me is demystifying fairly complex issues and technologies like security, cryptography, scalable architectures, distributed systems, and that sort of thing.
From time to time, I like to give presentations at schools, and try to help get kids more fired up about the sciences. The presentations I've given are usually pretty well-received; computers, cryptography, and the Internet interest kids now, and they're also great for showing how all that math-stuff they gotta learn is useful later in life. Throw me mail if you're a teacher or counselor in the Ohio area, and are interested in having some weird guy talk to students about the utility (and fun!) of science.
You can find my non-work stuff at Ergo Sum.
There are a number of ways to get ahold of me. By far, the best and most effective way is by email.
Should you happen to come across my phone number, don't bother. It's probably got some strange device hooked up to it, anyway. Snail mail? hahahahahahhaa! If you're going to send me something you want me to read via snail mail, you'll likely have a much greater degree of success if you enclose a cool t-shirt with it. I'm partial to shirts with Unixy, math, and crypto related themes. Microsoft shirts are burned, symbolic of the "crash and burn" with which users of Microsoft software are intimately familiar. (Their CDs are used for coasters.)