'Hacker Summercamp' links August 11, 2014

August 11, 2014

Meet the Puzzle Mastermind Who Designs Def Con's Hackable Badges - Kim Zetter - WIRED

This is really cool and I am jealous of anyone that got one of these badges.

Dan Geer Touts Liability Policies For Software Vulnerabilities - Sara Peters - Dark Reading

Another angle on Dan Geer’s opening keynote at Black Hat. Rafal Los linked to the full talk on Twitter if you’re interested:

You should read Dan Geer's Black Hat '14 speech ... http://t.co/1KeOOjk8M9 http://t.co/OhaHJGoDtN
— Rafał Łoś (@Wh1t3Rabbit) August 8, 2014

John McAfee: Google and Facebook's Erosion of Privacy is a Tragedy - Phil Muncaster - Infosecurity Magazine

John McAfee had an interesting closing talk at BSides Las Vegas about privacy.

This post first appeared on Exploring Information Security.

What vendors should not do at security conference

August 7, 2014

This is what not to do if you're a vendor at a security conference.

Okay, really??? pic.twitter.com/AhgAvoVeSN
— Wendy Nather (@451wendy) August 6, 2014

“@secitup: Not.ok. #BHUSA pic.twitter.com/NFHFAD0u4P” Fucking disgusting.
— aloria (@aloria) August 6, 2014

This is disgusting. @blackhatevents this is WRONG. This is a violation of your own code of conduct! RT this. pic.twitter.com/xUMJJRAlGi
— Hoff (@Beaker) August 7, 2014

Sure sex sells, but a lot of the people going to a security conference are PROFESSIONALS. What turns on security professionals at a security conference are products that work well and vendors that can technically explain that product.

Leave the half naked women at home.

@jaysonstreet We are getting the sign taken down no questions! We would like to figure out the official, do you have a name or description?
— Black Hat (@BlackHatEvents) August 7, 2014

This post first appeared on Exploring Information Security.

Terrifying 'Hacker Summercamp' links August 7, 2014

August 7, 2014

BSides Las Vegas - Incidents happen, react and learn from them - Dan Raywood - IT Security Guru

Adam Shostack opened the BSides Las Vegas conference with a talk titled "Beyond good and evil." The gist of the talk is to be more open about incidents that occur within the organization. The idea is that the transparency will not only benefit the breached but also those looking to learn from a breach.

Black Hat 2014 and Media Fud - Bill Brenner - Liquidmatrix

Read this and you'll understand why I the word 'terrifying' led the title of this post.

CIA Insider: U.S. Should Buy All Security Exploits, Then Disclose Them - Kim Zetter - WIRED

In the opening keynote at Black Hat, Dan Greer suggested, among other things, that the U.S. government buy up all the zero-day vulnerabilities and release them to the public. This would allow companies to close a lot of vulnerabilities in their software and applications. I like the idea, I just don't think we'll ever see it happen.

This post first appeared on Exploring Information Security.