Pat Gunn (dachte) wrote,
Pat Gunn

Sigh-ber Security Summit

(entry made bit-by-bit over the day, post date is misleading)

I spent much of today at the "Cyber"-security Summit. I'm still getting used to the time shift, and so I was up at 6am and on campus much earlier than I normally am.. Notes:

  • Food was, as expected, standard-faire not-quite-a-meal stuff (pastries, bagels, orange juice)
  • The intros were a mixed bag. Some of them seemed clued (Mary Ann Blair), some did not, and one of them seems like he should've been clued but he got a number of details wrong (Pradeep Khosla)
  • The first keynote (Rich Pethia) was a historical (and predictive) review of network security threats. It was quite good, with a bonus that he didn't use the modern "hackers are good" BS definition. It is kind of odd for someone who used to be grey hat to be attending this though..
  • The Social Networking was another mixed bag. Alesandro Acquisti presented a study on CMU Facebook data that was interesting, and Jon Callas gave the impression of being a crackpot.
  • The second keynote (Dan Larkin, FBI) opened to a fancy splash screen, "Organized Crime of the Cyber Kind...", nicely decorated with a notice from some random windows app that it crashed and wanted to send an error report. The guy also said "Cyber" a lot, and a little bit of my nonexistant soul died with every such saying. Ow. Oh it hurts. He also used irritating catchphrases (5 P's, etc etc) and gee-whiz powerpoint effects using the most generic clipart imaginable. Fortunately, he had a sense of humour (and stuck in some good jokes), and embedded in the crap were some jewels. My intuition is that the government "presentation culture" is rather different than that from academia.
  • Dave Keener's "Future of Information Security" was down-to-earth and clear, but (perhaps because of my experiences over the years) was not particularly new to me.
  • Dawn Cappelli (of CMU-SEI)'s Insider Threat was fantastic - it reviewed a study of cases where insiders sabotaged their (usually former) employer, models for what went wrong with them, how to spot such users, and some ways they worked.
  • The Data Retention panel was interesting and quite relevant for my job - I need to get in touch with them for more details
  • After the Data Retention panel, I chatted a bit with a really cool Indian Physics Prof, talking about the physics and theory of MRI-based psychology research. I've seen him around before, although I don't recall where from.
  • My choice of MacOSX security for the second last session was based on the idea that none of the three choices were particularly good, but Brett Gross's presentation was really well done - I didn't learn a lot, but the presentation was very good - simple, with small, subtle flash, all delivered by an Apple Systems Engineer who has good speaking skills.
  • I skipped the last bit about file sharing, instead playing with photobooth with some other folk, and spreading the joy of Medvedica to more unsuspecting folk.

  • CMU, the First Amendment, and Indecent Exposure

    Earlier on my G+ stream, I commented on the matter of a CMU student who protested the Catholic church's coverup of sexual abuse by dressing as the…

  • Dilution

    I've been thinking about an issue that's been raised in the secular community; I'm not sure it's a good issue, nor a bad one. Let me lead up to it…

  • Commentary on the Human Rights Campaign

    I recently was pointed at a blog post suggesting people reject the Human Rights Campaign, a large social justice organisation that focuses on…

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded