Category: News
SANS Toronto 2008 Keynote Roundup
As most of you already know, yesterday I was involved in the SANS Toronto 2008 keynote along with Rob Lee, Bryce Galbraith, Peter Giannoulis, Dave Shackleford, Dr. Johannes Ullrich, Stephen Sims, and Guy Bruneau. This was the first keynote that I had the pleasure to be involved with but I hope it won’t be the last.
We had a full room with a mix of local and out of town students, all of whom were having a blast. “How do you know they were having a blast” you might ask? Even though we were talking about serious topics pertaining to security, my fellow panelists and I had the entire room laughing like crazy. In fact, I think I saw a few people whipping away tears from laughing too hard.
I think everyone had a good time, myself included, and the thing that set this keynote apart from previous keynotes that I’ve seen is how laid back and fun the talk was. There were questions about social media and the validation of identities, acceptance and rate of deployment for mainstream wireless infrastructure, the shaping of traffic to prevent P2P transmissions, and several others. All of the panelists were able to add their insight into the posed questions and I think the crowd appreciated how frank we were in our responses.
I think they also enjoyed the running joke about including www.theacademy.ca, in one way or another, in almost all of our responses. It was one of those “you had to be there” jokes but, trust me, it was hilarious. I didn’t get a chance to see the reviews filled out by the students but I hope they enjoyed the session as much as we all enjoyed presenting it.
Maybe SANS will let us do it again some time.
Vote for my Black Hat USA 2008 Presentation!
Hey All,
I’ve submitted a presentation/paper for Black Hat USA 2008 and if you are attending I’d really appreciate it if you voted for me. The title of the paper: The Bot Came Back, The Very Next Day.
Vote it up and join me in discussing the past, present, and future of botnet activity in fabulous Las Vegas! 🙂
Kraken Botnet Infiltration Triggers Ethics Debate – Quoted in eWeek
I spoke with Ryan Narine last night about my ethical obligations towards shutting down botnets if I had, or had somehow obtained, the power to. I basically equated the prospect to “vigilante justice” and took the moral high-ground on the topic. I don’t believe that individuals should be solving this issue on their own. Ryan mentioned that we’ve been doing the exact same thing for years and botnets are worse than ever (paraphrasing). Regardless, we, as private citizens, do not have the right to invade others privacy to do what we think is best for them. My quote from the article:
Andrew Hay, product manager at Q1 Labs, a network security management company, said the concept of tampering with a user’s machine without consent, even if it’s to remove malicious software, is “ethically questionable.”
“I couldn’t in good conscience send any command to a machine without the user’s knowledge and approval,” Hay said. “Ethically speaking, we just can’t make that decision regardless of if it’s right or whether it’s the best thing to do for the good of the Internet.”
The full article can be seen online here (my part is the last two paragraphs on the second page).