IT Security World Day 1: Hangin' with hackers

I landed in SF Last night a little later than expected, but aside from some weather delays between Kansas City and Chicago, all went pretty well.  Google Maps' newish Transit functionality got me from SFO to my hotel quickly via BART (Note the map on my laptop). I set up mobile HQ in the room as shown below.

I also inadvertently pulled the cover off of my 10dBi wireless antenna. I always wondered what was inside. I figured I would share. It's basically just a run-of-the-mill omnidirectional antenna with a plastic sheath around it. Go figure.

Today, I went to four different tracks.  First up was Window Snyder's keynote. Window is the Chief Security Something-Or-Other at Mozilla. On top of being personable, humorous and very intelligent, she is extremely energetic and effectively conveys a lot of information very quickly.  Trying to type notes, I could barely keep up with her, and had to revert to typewritten short-hand.  This is a first for me.  Window's talk was titled "Building multi-layer defenses to mitigate threats attackers haven't thought of yet" and fundamentally, it focused on developing high-performance security teams, design patterns and product security life-cycles.  

Next up was Rich Mogull's talk on disruptive innovations and future security. I somehow didn't cross paths with Rich at DefCon, so it was nice to finally meet him. He talked about how certain technologies are disruptive and how they can eliminate or completely change the way we're currently doing things.  Case and point: Virtualization is both a security enabler and a security risk, and requires security to be handled differently than you might traditionally handle individual hosts.

This led into predictions for the future of security and how technology that's in use today might evolve, and what kinds of new technologies might come out of this whole thing in the future. Some of it was logical (such as the direction that Data Loss Prevention could eventually take).  Some of it sounded like science fiction (for example: Grid Security). All of it was exciting.

After lunch, I saw Joe Grand (a.k.a. Kingpin), who I met at DefCon and was able to talk to a little more person-to-person today.  He even autographed my DefCon badge!

Joe's talk was about hardware hacking as it pertains to electronics that are responsible for information security.  While the talk was geared towards people who are even less electronically-inclined than I am (which is saying something, I'm not that talented), I still picked up some neat tricks and learned about some tools and methods that I hadn't thought of before as they pertain to circuit analysis and hardware hacking.

Last on the agenda was the Security Rock Star panel, featuring Joe Grand, Fyodor and several other high-profile security folks.  This was mostly a Q&A from the audience.

I shook some new hands, met some new people, and met some people who I've known online for a while.  I even met one guy from Australia that LinkedIN's "People You May Know" has been throwing into my list a lot lately... And that kind off freaks me out.  It was Craig Steven Wright, for those who care. I've never met him before today.

I wrapped up the day by walking a few miles and enjoying California.  I snapped the below pic of the moon over the SF Bay Bridge while I was out and about.

blog comments powered by Disqus