Introduction

My name is Cariad Keigher and I am a senior security engineer working for a large natural resources company in Vancouver. I've been involved in information security for almost a decade and believe in using a simple, communitive approach to solving computer security matters.

Some of my hobbies include retro video games (specifically 16-bit-era stuff), reading, music, and restoring old computers. I also participate in various computer security capture the flag (CTF) events. You can also find me working with classic cryptographic ciphers and creating puzzles based on them.

Contacting Me

I like to make myself fairly reachable and do offer consulting services for computer security outside of normal business hours for a nominal fee. There are events in Vancouver that I do attend but due to circumstances in my personal life I am keeping my involvement with them very sparingly.

E-mail: cariad@keigher.ca
IRC: katelibc on Freenode

Before contacting me, please be aware that any communication you send to me should not be considered privileged unless we have come to a mutual agreement on such. This does mean that any e-mail with any pseudo-legal disclaimer informing me that I am not to diseminate any of the contents of said communication are null and void and don't hold any legal water anyway.

I also maintain a blog where I document my projects, gender identity, politics, and whatever else comes to mind.

I have been asked for e-mail service hosting by those who share the same last name as me. Due to the way my infrastructure is setup, I am unable to provide any support and will not be making any changes any time soon. Please do not ask.

Projects

I've on and off worked on various projects. Here are some of the things I have worked or am working on:

Canario/Canary - From 2013 to 2017, I ran a service that took data from either services such as Pastebin or data released from compromised systems and made the relevant information searchable. This allowed users to have open access to what data was stored in data breaches in order to determine the risk and impact within.

Avivore - Presented at BSides Vancouver 2013, Avivore was a tool that skimmed data within Twitter to locate phone numbers and other personal identifiable information. I was interviewed by Forbes as a result.

Super Nintendo Replay Bot (SNRB) - Using a Cypress PSoC, I have replicated some of the work of the TASbot team and built my own interface to replay commands into a Super Nintendo gaming system.

Security Snake Oil - I and a few others maintain a blog where we document security products being pitched on crowd funding websites and elsewhere that mislead people.

Outreach

I do attend conferences from time to time and have found myself speaking at them. Some of them include:

  • Hackers on Planet Earth (HOPE) - At the 2010 conference, I spoke about information security and its role within the 2010 Winter Olympics, which were hosted here in Vancouver.
  • BSides Vancouver 2013 - Presented Avivore, a Twitter data mining tool.
  • BSides Vancouver 2014 - Demonstrated Canario (then Canary), a breach data search engine.

I've also presented at the local OWASP chapter on password storage (current as of late 2015) and gave a presentation on Canario at Facebook's Palo Alto campus.