Defcon 25.

Well, I'm finally back from Defcon 25 and writing up my notes while in the throes of con drop before too much of the experience fades from memory.  Suffice it to say that I have opinions about last weekend, which I will attempt to write as concisely as I can.  I don't like being negative about things because my experience is my own, and I much prefer that people have their own experiences and make up their own minds about things.  However, I would be lying if I painted a rosy picture of my attendence of the largest hacker convention …

Read more...

Back from Defcon 25.

Back from Defcon 25.

Exhausted.

Dealt with multiple crises at home.

Didn't spend as much money as I usually do, which isn't a bad thing.

Spent quality time with some old friends.  I hope I made a few new ones.

I have opinions.  They'll have to wait until I get some sleep.

'twas the week before DefCon.

UPDATE - 20170902 - Typos, finding emergency exits.

So, after many years I've decided that it's my turn to write a first-timer's guide to Defcon.  There are many like it, so I'll try to be as frank as I can about the topic.  I'm going to try to write for people who've never been to Defcon before (but may have been to other hacker cons).  I'm not going to lie or joke around (which some of the guides tend to do) and give as much personal advice as I can.  I'm also going to try to not sound like your parents, because …

Read more...

Back from DefCon.

Back from DefCon. Don't know how I'm still on my feet right now. Went to lots of talks, went wandering more than is usual for me at DefCon, attended some incredible shows. Still smarting from how much even a lousy meal costs in Las Vegas. Had an incredibly lousy pair of plane flights to and from Vegas.

And now, back to figuring out how to reacclimate with workaday life.

DefCon 23: Presentation notes

Here and behind the cut are the notes I took at DefCon 23. They are necessarily incomplete because they're notes, and I refer you to the speakers' presentations and eventually video recordings for the whole story.

Applied Intelligence: Using Information That's Not There - Michael Schrenk

  • Knowing your operations and resources
  • More effective and efficient
  • Competitive intelligence
  • What's happening outside of your business
  • Know your competitors and markets
  • Collect, analyze, and apply external data
  • There is a professional association of people who do competitive intelligence
  • Applied intelligence is actionable and changes what you do
  • Most is useless unless you develop it …
Read more...

DefCon 23: The Writeup

Well, I'm back from DefCon in sunny and hot Las Vegas, Nevada and more or less reinserted back into my everyday life. I'm just about caught up on everything that happened at work and finally finished the notes that are going to comprise this article. I'll type up the notes I took during the talks at DefCon in a couple of days; they've voluminous and I want to get the experience out of my head and into external storage before the memories fade much more. Unfortunately, I didn't make it to any of the villages so I don't have anything …

Read more...

DefCon 22 presentation notes

Behind the cut are the notes I took during DefCon 22, organized by name of presentation. Where appropriate I've linked to the precis of the talk. I make no guarantee that they make sense to anybody but me.

One Man Shop: Building an Effective Security Program All By Yourself - Medic

  • Integrate with environment
  • Continuous monitoring
  • People and Process -> Secure Network Architecture -> Secure Systems Design -> Continuous Monitoring -> External Validation -> Compliance
  • Compliance, per usual, means dick in the final analysis
  • Roughly five year plan w/ deliverables
  • Needs organizational supprt. Still answers to the Business.
  • Supports, !replaces Business
  • Security will not mature past …
Read more...

DefCon 22: The writeup.

The reason I've been quiet so much lately and letting my constructs handle posting things for me is because I was getting ready to attend DefCon 22, one of the largest hacker cons in the world. It's been quite a few years since I last attended DefCon (the last one was DefCon 9, back in 2001.ev) due to the fact that Vegas is, in point of fact, stupidly expensive and when you get right down to it I need to pay bills more than I need to fly to Las Vegas for most of a week. I'm also in …

Read more...

DefCon 22: The Omega of hacker cons.

Back from DefCon 22. Exhausted from the flight home. Lots of stuff to write, need to type up my notes. No pictures of the con due to the "no photography" policy. Unlocked achievement pink mohawked cyberpunk.

Greetings to everyone I met at DefCon this year. Love to old friends, you know who you are. If you're waiting for e-mail from me, please be patient because my inboxes are backed up by thousands of e-mails and I'm patching together some new bots to help me sort through it all. It might be a week.

Let's do this.