In other news, all my talks for OSCON were rejected again. Why did I bother? I should have paid attention my last year’s rant. Most likely, I will have to give up on submitting papers to certain open source developer’s conferences as honestly, why bother doing the work of doing the research, creating the paper…
Category: Conferences and Travel
OWASP / WASC AppSec 2007
It’s that time of the year again! Time to register for the OWASP / WASC AppSec 2007 Conference. Training Schedule Conference Schedule Secure Registration This is the conference track I dream about when I cry to myself re: lack of web application security in other security conferences. Awesome speakers, the Breach cocktail party (register now!…
Notes from Black Hat
Well, I had fun. You have to be basically a kill joy to not have fun in Vegas. Black Hat is getting busier and busier every year, and this year is no exception. There would have been easily three thousand folks at the event, and it was approximately 1.5-2.5 thousand too many, especially during breaks…
Final score: OSCON 4/234, Black Hat 5/92, DefCon 1/118. AppSecurity: 10/444 == ~Statistically insignificant
A little while ago, I wrote a dejected post saying that OSCON, Black Hat, and Defcon all missed the greatest opportunity to speak to the right folks about securing their apps. Well, with the final schedules of Black Hat and Defcon up, we have: Fear – Pretty much every talk Uncertainty – you betchya Doubt…
W Chicago – Do not stay
I am at the SANS GSSP second face to face in Chicago (photos soon). SANS have chosen a nice hotel, the W Lakeshore right on Lake Michigan. Until 10 pm tonight, it was awesome. But then at 10 pm… It was spoiled by the Richter level 4.0-4.9 bass drivers (seriously! – we’re feeling it in…
Why I will have a job in 2035, or how to write a successful talk submission
In 2035, I will be 65. Most likely, unless I was to take up photography or cat breeding, I will most likely still be in this industry doing pretty much what I’m doing today. Why? I submitted a bunch of “how to fix” talks to OSCON (the unconverted) and Black Hat (the converted). I’ve spoken…
Come see me at Ruxcon
My next speaking engagement (I’m such a junket slut) is Ruxcon. Ruxcon’s site See you there!
Defcon is dead, long live Defcon
Well, that was Day 3 of Defcon out of the road. I didn’t get to see too many actual talks due to the hallway track being far more interesting than the actual three track program. Again, few webappsec talks, and some were repeats of the BH talks I’d already seen. I caught up with a…
BlackHat Day 2
Day 2 had a complete web app sec track. This is a huge change from last year, where there was like … my talk and that was about it. And you know what? It was full! Every session I’ve attended so far today has been near full. Plus, it’s top material. Let’s get on with…
Blackhat Day 1
“TBA” – David Litchfield David did a talk on the problems with Informix. Awesome talk, and shows that all database servers are vulnerable. He totally 0wned his server in a set of well rehearsed demos. I don’t use Informix so it wasn’t that useful to me, but a take home message is total props to…