In the continuing saga of posts while Dave’s away…
Here’s Dave (with Net Sec Podcasters Martin and Rich) at RSA – have to say he looks all super professional. (Thanks to @kriggins for the pic, and sorry you’re not in it @securityincite!)
Well done Dave!
Well, I managed the impossible and got my sorry butt onto a plane and made it here to San Francisco for RSA. Which I have to admit came down to the last two minutes for a decision. That being said, I’m glad to be here while missing the quiet comforts of home. Time to nut up.
It has been an interesting day. I signed in for my speaker pass and press badge and oddly didn’t have to present ID. It turns out that I was not alone. I was waiting there patiently while four people behind the desk attempted to look busy while one person was being attended to. Don’t get me wrong but, as they were all quite cordial but, is was an odd scene. Hopefully they were just getting the rust shaken off before the crowds land on them in earnest later today and tomorrow.
Once I was signed up and badges acquired, I picked up my delegate bag. Normally this is a non event but, I have to give them credit. RSA ponied up and bought some very nice messenger bags this year. This one will actually get some use.
So, now I sit here in the press room keeping myself occupied. I wasn’t allowed to get into the Cloud Security Alliance meeting this morning that I signed up for because they were over capacity. So much for scaling that one (rimshot). In all seriousness I figured that since they knew how many people were to attend that they might have some idea as to capacity.
Now, I lurk among the scribblers.
(Bill Brenner and Robert Lemos)
#rsac
There are a lot of good conferences out there for security. So many so that it sometimes becomes a challenge to pick which ones to attend. One that stands out in my mind is the upcoming Notacon in Cleveland. This is the second year in a row I will not be able to attend due to travel conflicts. But, our very own James Arlen will be giving his talk entitled “SCADA and ICS for Security Experts: How to avoid cyberdouchery“.
From Notacon:
Notacon is a community event driven by submitted presentations. This means that every year of Notacon is much different than the last. Have an idea for a presentation? Submit it! Know someone who is working on a great project involving some combination of technology, creativity and/or community? Point them to the call for proposals. You control the course for Notacon 7. See what is on tap this year on our speaker page.
Be sure to check out James talk as well as all of the great line up that they have on tap this year.
Got the skills? Need to make the rent?
From DV Labs:
The TippingPoint Zero Day Initiative (ZDI) is proud to announce that the annual Pwn2Own contest is back again this year at the CanSecWest security conference held in Vancouver, BC on March 24th 2010. As the contest name implies, if you successfully exploit a target you get to keep it along with a ZDI cash prize and related benefits. This is our 4th year running and to commemorate we have increased the total cash prize amount to $100,000 USD.
$Deity knows that I won’t be taking home that prize. 
But, it would sure be nice to win. Best of luck to everyone who enters.
(Image used under CC from Tom Klaver)
Heading to Boston for SOURCE this April? Well, as soon as SOURCE wraps then Security BSides Boston spins up. BSides will run over the weekend of April 24-25, 2010.
From SecurityBSides:
BSides Boston will have two tracks (with “availability” for additional, ad-hoc talks that come up during the event). The first track will be talks voted on/confirmed before the event; the second track will be done Barcamp style, wherein talks will be announced on the first day and voted up on-the-spot. If you’d like to have a talk in the first track, please add your proposal (with your name and, preferably, Twitter ID or email address) on BSidesBostonTalks.
Mark it in your calendars! For more on BSides read on.
(Image used under CC from Quentin2)
As Shmoocon begins to wind down (and dig out) I’m reminded that there is a raft of conferences coming up this year. A new entrant to the dance card is Thotcon in Chicago on April 23, 2010.
From Thotcon:
THOTCON (taken from THree – One – Two) is a new small venue hacking conference based in Chicago IL, USA. This is a non-profit, non-commercial event looking to provide the best conference possible on a very limited budget.
This event will be limited to 8 main talks and a limited number of attendees.
Due to a scheduling problem I won’t be able to attend. That being said, if you’re in the area or have the means to get there check it out!
The early bird tickets are sold out but, there are still tickets remaining between $75 and $250.
Thotcon website
Here are a few pics that I culled from the stream on twitter of todays snow in DC. By the overwhelming number of cancelled flights I am glad that I didn’t make the trip.
First up from Chris Gerling the scene from the hotel this morning.
Here is an image posted by hevnsnt from the ground outside the hotel this morning.
And courtesy of Spagerogue we find the Shmoobus buried in the snow.
Hoping everyone finds their way home safely.
Can’t make it to Shmoocon this year? Got tripped up by the *cough* ticket process? Well, just announced, Shmoocon will be providing video feeds!
Here is the link. It should be live on Friday.
Enjoy!
(Image used under CC from mattimattila Flickr feed)
So, the Shmoocon tickets started round one today. And, people were pissed. The ticketing system immediately showed signs of being off kilter. It appeared to many that tickets were sold out in the first few minutes. Having successfully navigated the CAPTCHA from hell it was disconcerting to see a failure message saying that round two would take place in December. Most people missed the link buried at the bottom of the page to get tickets once having navigated the CAPTCHA. It couldn’t have been in a worse spot. Shmoo responded on their news page today,
It really was there folks…at the bottom of the page. Yes, we should have top posted and made it easier on all of you. It was an inadvertent overlook on our part and we’re sorry.
That being said, it is a hacker con. Maybe next time we’ll put the link in the middle.
But, after some griping, whining, bitching and a touch of rage…I noticed something.
A chap in Belgium, Security4all on Twitter, mentioned that he had refreshed the page and got a ticket code. My eyebrow went up.
“You don’t say?”
I then took a sip of coffee and proceeded to exercise my F5 foo. Eventually the system coughed up a ticket.
(A keen eye will notice that the time stamps are out of order on the screen caps. These are the caps from an unsuccessful attempt)
This one was a success. So, in an effort to help others I opted to tried to get a second ticket. Not wanting to run afoul of the Shmoo folks I stayed to my two ticket maximum. Others decided to play Robin Hood to get codes for others. Good on them for that. All in all it was a massively frustrating experience. Getting a vasectomy from a rottweiler would have been more pleasant.
Then the tide began to turn. Slowly but surely, folks started to have success getting their tickets.
Griping at the ticket purchase process notwithstanding, I have to say that I’m really looking forward to the great times at Shmoocon.
That being said, I GOTS MA TICKET!
The Thinkhaus hackerspace in conjunction with HackLab.TO, Diyode and KwartzLab came together to launch miniSoOnCon. A very cool experience.
From the miniSoOnCon site:
What: a Southern Ontario Hackerspaces / Makers Mini-Conference
When: evening of October 2 to evening of October 3
Who: Diyode, HackLab.TO, KwartzLab, think|haus, and friends
Where: think|haus — 152 Niagara Street, Hamilton, Ontario
