Wednesday
Jun102009
Rant Back – ValSmith
Wednesday, June 10, 2009 at 10:11PM
Val Smith recently wrote a post on the new Attack Research / carnal0wnage blog titled:
”Security Conferences, pen tests and incident response”
Here are my thoughts on what he wrote:
In paragraphs 2-6 he talks about two points. The first being that Hacker Conferences have become sort of commercialized with most speakers going for their day in the lime light or to pimp some product/0day. And the second being a lot of the talks are things that most can’t go home / back to work and test out or implement.
I agree with him on both points.
On the first point I think that one detail was left out of this evaluation. Size. Back when DEFCON was <500 people, almost everyone knew each other. 90% of those attending had the passion, had the fire for that what makes our line of work such an art. Now that our community has become “popular”, that percentage is around 20-30%. These numbers aren’t based on any stats, just something that I have been observing as well.
On the second point, my first security conference was ShmooCon ‘06. I was glued to might seat in each talk I attended, and in just 3 short years I have seen EXACTLY what he’s talking about. I used to have to decide between awesome talks in the same hour. Now I actually find times where I’m not interested in anything being presented for that hour. But, rooms still get packed so I guess that’s just my own pickiness.
Penetration Testing and Incident is the second portion of his post and I really think he’s hit the nail on the head, Pen Testing and Incident Response should work closely together. I want to throw Vulnerability Assessment and Forensics into the mix as well, feeding each other, sharing data, and assisting. The segmentation of duties / teams is killing collaboration.
Lets get back to the basics, and really show what this community is capable of.
”Security Conferences, pen tests and incident response”
Here are my thoughts on what he wrote:
In paragraphs 2-6 he talks about two points. The first being that Hacker Conferences have become sort of commercialized with most speakers going for their day in the lime light or to pimp some product/0day. And the second being a lot of the talks are things that most can’t go home / back to work and test out or implement.
I agree with him on both points.
On the first point I think that one detail was left out of this evaluation. Size. Back when DEFCON was <500 people, almost everyone knew each other. 90% of those attending had the passion, had the fire for that what makes our line of work such an art. Now that our community has become “popular”, that percentage is around 20-30%. These numbers aren’t based on any stats, just something that I have been observing as well.
On the second point, my first security conference was ShmooCon ‘06. I was glued to might seat in each talk I attended, and in just 3 short years I have seen EXACTLY what he’s talking about. I used to have to decide between awesome talks in the same hour. Now I actually find times where I’m not interested in anything being presented for that hour. But, rooms still get packed so I guess that’s just my own pickiness.
Penetration Testing and Incident is the second portion of his post and I really think he’s hit the nail on the head, Pen Testing and Incident Response should work closely together. I want to throw Vulnerability Assessment and Forensics into the mix as well, feeding each other, sharing data, and assisting. The segmentation of duties / teams is killing collaboration.
Lets get back to the basics, and really show what this community is capable of.
tagged Rant, attackresearch, carnal0wnage, conferences, defcon, pentesting, shmoocon, valsmith in Rant
Rant, attackresearch, carnal0wnage, conferences, defcon, pentesting, shmoocon, valsmith in Rant
Reader Comments (4)
I agree with you, but have a different perspective as a recent college graduate and someone who's never gone to a conference until this year. I am constantly having to pick and choose between presentations, and end up watching most as videos (which sucks because of the distractions here) I think you might be a little jaded because for me EVERYTHING is new, and exciting still. Might I respectfully suggest that if there was a slot that you found nothing interesting, that should be a slot to teach in? Even grabbing some newbs like me and saying here's a different way to do something, or here's a new tool I discovered last night.
Yeh the size thing is definitely a bit issue. Seems that in life almost nothing can grow large without experience a ton of degrading entropy. Anyways, thanks for the mention!
V.
Get a small group of obviously like-minded people and the interaction is probably high. Hacking, counter-culture, security...
Get a large group of people who may have varied minds and interests, and perhaps there is that barrier for socializing properly. I'm guessing most of us socialize easily in small groups but probably shy away from larger ones (my own guesses). Half (?) the people attending are only security-minded during the work days perhaps? <--that right there may be a key issue.
While having not attended any of these smaller groups, I think that is why things like podcaster and blogger meet-ups are really valuable. They break down daunting larger groups and get people who have at least some like-mind together; something they have in common immediately rather than just being in the same physical place at a too-varied con.
Hell, maybe I'm off and just projecting. :)
Just some added thoughts that run pretty tangential to your and even Val's post...but thought nonetheless. :)
I agree in part with James' comment that when you are new to this community, it can be overwhelming with how much information is out there and at what a fast pace it gets released.
I get really frustrated to hear that many people show partial interest in the community as a whole (just the commercialized hacking crap mostly glorified by the media and movies) rather than possess the passion and drive to progress it further.
However, it just keeps motivating me to know that they merely followers and if you removed them from the equation, you get your core of 100% dedicated enthusiasts.
I for one will continue to read, study, learn, ask, test, break and do whatever I can to even be part of the group that loves the challenges out there now!
If the dedicated few stopped attending, it really depletes the conferences and the community of its strengths. Those of us who care to learn from you, are stuck with the many that truly don't care!
Just my two cents (before taxes)!