03.01
Allright. First and foremost, thanks again to everyone who helped us make our goal in what was possibly the most painless on-air membership drive ever.
It was definitely a creative use of technology that went outside our normal channel to achieve our goal in a previously unheard-of time. It was an excellent hack, if you will. That’s hacking in its truest sense and not the nefarious activity that should probably be labeled as cracking these days.
The field of *hacking* has changed quite a bit over the last two decades. Gone are the days of pimply faced teens in their parent’s basements, war-dialing entire area codes and writing rudimentary shell scripts. These thirteen-year-olds have been replaced by thirty-somethings. Or maybe these thirteen-year-olds just grew up into thirty somethings.
Whatever the case, the “scene” is now an “industry” and the corporate term for these shenanigans is Information Security or InfoSec. (One definite perk to things going corporate is that most of the people in the industry can now afford digs outside of their parent’s domain.)
Information Security, for the most part, tends to be reactionary. AntiVirus vendors add virus signatures to their products only after the new virus has been spotted in the wild or otherwise detected by the vendor. The same goes for vendors of Anti-Malware and Anti-Spyware products. Anti-Spam tool kits also work along these principals, constantly improving their filters based on what is actually being seen in the real world.
In these arenas, it’s definitely a case of the bad guys leading the pack. In fact, the bad guys *often* find themselves on the cutting edge of technology. A great example of this is BotNets. It’s not uncommon to hear about BotNets that control hundreds of thousands or even millions of computers or nodes. To put that in perspective, the largest cloud based computing resources have, at most, just tens of thousands of nodes.
So it’s no surprise that the Bad Guys controlling these networks (that are often powers of ten larger than their corporate counterparts) have some pretty advanced technology to maintain control of these nodes and pass them instructions or workloads. These interfaces are called Command and Control structures and are just one of the topics covered in the Security B-Sides San Francisco Talks that took place yesterday and today on the West Coast.
B-Sides (think mix-tape) is a community driven unconference built for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. Its an intense event with discussions, demos and interaction from participants. It is where conversations for the next-big-thing are happening. If you’re familiar with the BarCamp format, you already know what these guys are about…
They’ve been streaming all of the talks via Qik the last two days, and while they are no longer live, they have been staged online for your viewing. Hit www.securitybsides.com and follow the B-Sides San Fran link or just surf directly to www.pathsecurity.com/pathtv/ for full videos.
While San Francisco is a little far away, Austin is not. The B-Sides Austin conference is happening Saturday, March 13th, in Austin, Texas, at the Norris Conference Centers. Titled, “BSides Austin 2010: Keep Security Weird” the one day event kicks of at 10:00 AM and culminates in an evening after-party called “Hackers on a Duck”. The group has reserved the Austin Cosmic Cowboy Tour for an evening of mobile hacking and drinking. The conference is free, and the Hackers on a Duck outing has been subsidized to the point where it’s just a few bucks to get on the duck. As with most water foul, seating is limited, so make your reservations now. There should be plenty of room on dry-land for all of conference attendees, so not to worry. Hit www.securitybsides.com/BSidesAustin for a complete run-down of the stationary event.
A little closer to home is our own open conference, covering all things tech: the March Geek Gathering. This is the Spring Edition, when the stench of “love of electronics” permeates the air. The downside to all this is that it’ll probably be too chilly to hang out on the outside patio, meaning that you may have to go home and explain why you smell like electronic love to a loved one.
Those who are unattached can come out in search of someone with which to bump, dock, or possibly practice what’s on the front of one of phliKtid’s home-crafted tee-shirts. Though I’d like to be the moral compass on this and say that you probably shouldn’t do that with someone you’re not twitterpated with. That’s a Bambi reference, by the way, not a nod to the fail whale.
Things get going this Friday night at seven PM at the Coffee Groundz in Midtown Houston. If you don’t see any geeks gathered inside, just follow the twinge of tech in the air out the door and to the right where you’ll find the Geek Gathering overflow room. I’m not sure if this was an upsell, or if JR’s just hiding us from the rest of his clientele, but it’s definitely been a lot of fun the last few months. There’s plenty of table space, so feel free to bring whatever interests you. We’ve had things from very high tech non-functioning robot rovers to very low tech yet
extremely functional toboggan caps built on site, so feel free to push the envelope in either direction or just aim for somewhere in between.
The Coffee Groundz offers free WiFi, and non-free food, beer, spirits and wine. Surf to www.coffeegroundz.net or just hit up our own website at www.geekradio.com for details and directions to Friday’s event.
That’s it for your Intro to InfoSec and that’s that for BarretTime.