Date:

2005

WCI v. AOL (case pending) law firm McAndrews, Held, & Malloy, Chicago

Case

Testifying expert on behalf of plaintiff, patent litigation

Project:

Instant messaging and online chat patent infringement lawsuit, C++ and Java source code review, claim infringement analysis, expert testimony, prior art research, claim construction Markman analysis.

Date:

2004-2005

Cardinal Health v. BioDose (case pending) law firm Gordon & Silver, Las Vegas

Case

Consulting expert on behalf of Cardinal Health, patent research

Project:

Radio pharmaceutical software patent and trade secret dispute, analyze eight years of source code written in Delphi and C++. Investigate patent claims and prior art, source code comparison.

Date:

2004

Navy Judge Advocate General UCMJ Court Martial, Pearl Harbor

Case

Expert testimony, information security and computer forensics

Project:

Analyze computer forensic examination procedures employed by and work product of the Department of Defense Computer Forensics Laboratory in a UCMJ court martial proceeding. Review EnCase images of the defendant's hard drives. Explain to the court what the limits of forensic value are to a hard drive taken from a Windows 98 computer that had previously been under the control of third parties by way of a Trojan and/or Windows vulnerabilities.

Date:

2004

Paiea Properties, Honolulu, Andrew Maxwell, bankruptcy trustee

Case

Chapter 7 bankruptcy litigation

Project:

Create forensic images of hard drives using EnCase, assist private investigator and bankruptcy court trustee in acquiring electronic evidence from the offices of a company forced into bankruptcy.

Date:

2003

Russell Rush, law firm Bowles, Verna

Case

Rush vs. Ritter

Project:

Forensic analysis of a decade of software development conducted by a California software developer specializing in life insurance illustration software. Consulting expert witness and forensic analyst role performed on behalf of the plaintiff in a civil case brought against the software developer alleging misappropriation of trade secrets, fraud, and breach of contract. Case pending.

Date:

2003

Criminal Defense Forensics on behalf of co-defendant

Case

U.S. vs. Alba, et al.

Project:

Forensic analysis of the FBI's Carnivore system for Internet pen register/trap and trace or wiretap warrant execution on behalf of the defense in a federal jurisdiction criminal conspiracy Drug Enforcement Agency case, Southern California 9th circuit court. Examined over a terabyte of hard drives and electronic surveillance evidence in the case to locate residual signs of remote penetration or unauthorized searches conducted outside of approved warrants.

Date:

2002

IBM, law firm Quinn Emmanuel Urquhart Oliver & Hedges

Case

Cardservice International vs. IBM

Project:

Performed forensic analysis of IBM's Net.Commerce Hosting Service (NCHS) and AIX on behalf of IBM in defense of a lawsuit brought by Cardservice International. Cardservice alleged product defects that prevented the development and launch of an OEM e-commerce solution based on NCHS and the ClearCommerce Corporation credit card transaction-processing gateway marketed by

Cardservice under the LinkPoint brand. Case settled in 2003.

Date:

1999

PearsonMacmillan Publishing, law firm Morgan, Lewis & Bockius

Case

RSA Data Security vs. Pearson Macmillan Publishing

Project:

Consulting Expert for Pearson Macmillan Publishing in defense of a suit brought by RSA Data Security, Inc. alleging patent infringement of the RSA algorithm as well as various cryptography and software patents pertaining to public key and SSL encryption in Linux products. Case settled before trial.

Date:

1997-98

Westinghouse, law firm Akin, Gump, Strauss, Hauer & Feld

Case

Innovative Business Systems v. Westinghouse

Project:

Consulting Expert for Westinghouse in defense of civil suit brought by Innovative Business Systems alleged breach of software license agreement and unauthorized transfer of source code for the client- server SQL database application and pascal/C programs used by a subsidiary of Westinghouse commercial and residential security alarm monitoring and response service. Case settled during trial.

Date:

1995-96

Electronic Data Systems, law firm Madrid, Corallo and Brooks

Case

Electronic Data Systems v. EMA

Project:

Consulting Expert for Electronic Data Systems in a civil suit against startup EMA regarding alleged violations of trade secret confidentiality and non-compete agreements and misappropriation of PowerBuilder programs developed by EDS for the electric utility industry. Also assisted testifying expert during trial. Case resulted in unanimous jury verdict in favor of EDS.

EnCase Hard Drive Imaging/Review

Reconstruction/Reenactment Testing

Software Evolution Map Tracing

Forensic Codebase Comparisons

Load, Stress, Performance Testing

Quality Assurance/Quality Review

Penetration / Vulnerability Testing

Carnivore/Pen Register Trap & Trace

Wiretaps/Keyloggers/Screen Capture

Electronic Intercepts/RF Engineering

From:

May, 2004

PivX Solutions, Inc. (pivx.com)

To:

June, 2005

Newport Beach, California

Director of Forensic Services

PivX Solutions is an information security product vendor and professional services firm that went public on the NASDAQ OTCBB through a reverse acquisition of a shell company named Drilling, Inc. The company's software products block the exploitation of security vulnerabilities in Microsoft Windows operating system or application software and scans for presence of vulnerabilities on a Windows host. In April, 2005 the company ownership changed when Lotus Fund, one of the lead investment groups that had backed PivX Solutions, became convinced that the founding management team needed to be replaced. My role as Director of Forensic Services continued until my decision to return to my former self-employed status.

From:

1999

Digital Marketplace, Inc.

To:

Present

California and Hawaii

Position:

President and Founder

Digital Marketplace, Inc. (digitalmarketplace.com) is an Internet programming, forensics, and infosec firm providing software engineering services, computer forensics, infosec, and e-commerce

hosting products and services. The corporation was formed in 1999 to create and market Internet, e-commerce, information security, and computer forensics products and services. The first software product produced by the company was business to consumer (B2C) e-commerce software programmed using Microsoft Commercial Internet System (MCIS), Internet Information Services, Active Server Pages, Microsoft LDAP Server, and Windows NT/2000 Server. Payment processing services for credit cards and electronic checks are provided by the company, and standard Web hosting services are provided through a server farm. In addition, Digital Marketplace, Inc. licenses its software to other companies. The largest deployment to date of such a license was done for Signeta.com, a venture capital-funded startup in the promotional products industry.

From:

1995

SCIENCE.ORG, a Private Non-profit Research Institute

To:

Present

California and Hawaii

Position:

President and Co-Founder

SCIENCE.ORG is a California non-profit corporation devoted to scientific research and development and consulting in forensics, computer and life sciences.

From:

1991

Pacific Knowledge

To:

1994

Walnut Creek, California

Position:

President and Co-Founder

Pacific Knowledge provided software development services to the wireless telecommunications and cable industries. Its two largest projects spanned multiple years and involved software engineering for Pacific Telesis Cellular, Nielsen Media Research, and Pacific Bell.

From:

1989

Independent Contractor

To:

1991

Silicon Valley and San Francisco Bay Area

Position:

Computer programmer, system and network administrator, support

From:

2000

Signeta Corporation

To:

2001

Consulting Software Engineer

Duties:

Designed and built, around Digital Marketplace, Inc. e-commerce framework source, a full-featured Internet-based promotional products ordering system. Product selection and order details included complex configuration steps to upload custom artwork and indicate where on the selected product the artwork should be embroidered, screen-printed, or laser-engraved. Real-time dynamic pricing based on variable pricing tiers for quantity orders, number of colors in the custom artwork, and setup and job run costs created application-specific complexity requiring a custom solution. Signeta.com launched successfully but died in the dot com bust.

From:

1999

CMP Media, Inc.

To:

2000

Consulting Software Engineer

Duties:

Created an online store for BYTE.com and techreviews.com including pay-for-access publishing of Internet content.

From:

1998

Tristrata Security, Inc.

To:

1998

Consulting Software Engineer

Duties:

Assisted with the design and coding of an encryption system for data networks and secure application software conceived by Tristrata Security founder and creator of the Atalla box for bank ATM network PIN number encryption, John Atalla. The software was developed for Windows 95/98 and Windows NT 4 using Microsoft Visual C++.

From:

1997

Digital Equipment Corporation

To:

1997

Consulting Software Engineer

Duties:

Wrote the network communications component for Digital's Millicent micropayment e-commerce system. Coded a Windows Sockets 2 layered service provider using C++ and COM/Win32. Interfaced to Java using the Java/COM bridge.

From:

1994

Independent Software Developer

To:

1999

Duties:

Created a Windows Sockets 1.1 programming API for PowerBuilder called the "PowerSocket Library" to enable PowerBuilder programmers to write Internet applications. Provided consulting to companies around the world seeking to build and deploy TCP/IP applications for corporate networks and the Internet. Marketed and distributed the PowerSocket Library as shareware. Licensed to Powersoft Corporation in 1996. Coded as a DLL in C.

Year:

1996

Stardust.com, Consultant and Technical Writer

Duties:

Continued development in C++ of Stardust's Winsock Component Architecture WCA for building layered service providers to extend the functionality of network applications. Wrote Windows Sockets 2 programming class material for Intel developer course. Provided consulting to Stardust clients. Made extensive use of Soft Ice by NuMega for system-level debugging of Windows 95/Windows NT.

Year:

1996

Logic-Covalent Corporation, Consulting Software Engineer

Duties:

Completed development of a PowerBuilder 4 application already in progress. Built a TCP/IP communications module using the PowerSocket Library and rewrote user interface code to connect as needed to a high-capacity commercial printer driven by a Macintosh server running custom TCP/IP print service software.

From:

1993

AdExpress/Nielsen Media Research

To:

1994

Consulting Software Engineer

Duties:

Wrote application in PowerBuilder version 3 under Windows 3.1 for joint venture between AdExpress/Nielsen Media Research that enabled advertising sales to query demographic and cable television network viewer ratings data in the U.S. to place ad spots on regional cable systems in order to reach a particular size and quality of audience within a prescribed budget. Donelly marketing data was optionally available as part of query criteria to allow targeting of regions wherein particular products or services were known to be in high demand. Deployed on CD using a stand-alone SQL RDBMS.

Year:

1993

Pacific Bell Digital Subscriber Group Consulting Software Engineer

Duties:

Wrote a TCP/IP application using C and a socket programming API from FTP Software, Inc. to demonstrate at a trade show the ability of ISDN to transmit high-resolution x-ray images for telemedicine.

From:

1991

Pacific Telesis Cellular (now part of Verizon Wireless)

To:

1993

Consulting Software Engineer

Duties:

Wrote programs in Sun Microsystems/Informix environment using C, UNIX shell scripts, Informix 4GL products/SQL, for Motorola EMX 2500 cellular switch Man/Machine Interface. Led multi-market radio frequency (RF) engineering specification development of network management system for performance, capacity planning and analysis of cellular networks. Assisted with system and network administration of SunOS 4.1.3 servers, data acquisition systems for Motorola EMX 2500 cellular switches, RF engineering reports and algorithms including periodic report to President Lee Cox. Provided support for design of cellular network of South Korea. Initiated software development to audit cellular switch performance/billing.