Behind the cut are the notes I took during DefCon 22, organized by name of presentation. Where appropriate I've linked to the precis of the talk. I make no guarantee that they make sense to anybody but me.

One Man Shop: Building an Effective Security Program All By Yourself - Medic

• Integrate with environment
• Continuous monitoring
• People and Process -> Secure Network Architecture -> Secure Systems Design -> Continuous Monitoring -> External Validation -> Compliance
• Compliance, per usual, means dick in the final analysis
• Roughly five year plan w/ deliverables
• Needs organizational supprt. Still answers to the Business.
• Supports, !replaces Business
• Security will not mature past …

Following battlefield tales that Hezbollah had compromised the IDF communications network during operations in Lebanon last year, defense contractors have developed Meshnet, a hardware and software firewall appliance to protect the data networks of battlefield equipment, on the chance that someone would figure out how to infect them with malicious agents of some sort in the near future. Meshnet is supposedly based upon the Sidewinder Security Appliance from Secure Computing, but includes specialized hardware that deals with the network protocols and connection gear used in the control systems of tanks, armored personnel carriers, or what have you along with anti-spyware …

Wait a minute... ex-president Gerald Ford died?!

Lyssa pointed me at an article that brought up something that never occurred to me - how libraries manage the limited amount of space they have for all of their materials. This is to say, they keep track of how often each book is checked out (much easier to do since card catalogues and patron records went digital in the mid 1990's) and if it isn't touched for longer than a certain time, they either throw the books out (dumpster diving at the local library is how I got most of my books when …