RSA Europe 2009 – Day 2 Recap

by kriggins on October 22, 2009

in Conferences

Day 2's recap is going to be rather short and for that I apologize. I spent a good portion of the day tweeking and twiddling with my presentation. My presentation went well. No technical failures and I got all my points across. I would have been happier with it being a little smoother, but over all, I am happy.

I did manage to take in one of the keynotes, "The Underground Economy." Andy Auld from SOCA and Keith Mularski from the FBI gave an interesting talk about how the computer crime economy works. They spoke about the different forms of malware and spam, digital currencies, exchangers and then talked about the organized criminal networks that they have come across. A very interesting talk even if a number of the slides where rather difficult to see.

The next session I attended was "Is IT Risk Management Just a Fad?". I expected a talk that would compare and contrast what I call "checklist security" and information security risk management. Unfortunately, that was not the case and I did not really take anything away from this talk.

They final talk I attended was the "Collateral Hacking" panel. It consisted of moderator Hugh Thompson and panelists, Andrew Nash from PayPal, David Ostertag of Verizon Business Services and Ira Winkler of ISAG. From the description, the panel was going to talk about what happens when your co-tenant in a cloud is attacked, hence the title of Collateral Hacking. Unfortunately, it quickly lost its way and ended up being far off topic.



RSA Europe 2009 – Day 1 Recap

by kriggins on October 21, 2009

in Conferences

Yesterday was the first day of RSA Europe 2009 and I enjoyed it a great deal.

I ran into Brian Honan first thing in the morning and Craig Balding shortly thereafter.

I attended both opening keynotes and they were well done.

I particularly enjoyed Hugh Thompson's presentation.  He spoke about gateway data. This is data, that by itself, seems innocuous. However, it can be used or combined with other data to get more data or more access. He was speaking from the perspective of the data that we often put in public spaces such as Facebook, Twitter, blogs, etc. He also mentioned how on-line behaviors can be used to infer additional information. He classified this data into three different types:

  1. Direct Use - Public data that can be transformed
  2. Amplification - Conversion of public data to private data by bouncing it off a person
  3. Collective Intelligence - Collecting and correlating information from different on-line activities to deduce private information.

The last was the most interesting. He is doing a study which shows how the activities of individuals on LinkedIn can often be correlated to significant future events in the companies the individuals work for.

The next session I attended was 'How Information Security Careers are Changing.' This was an interesting session that looked at where are profession started and where it is going. This biggest take away for me was that where our profession used to be primarily technical, we have started to see a shift to a more differentiated situation where we have technical specialists, generalists, consultants and leaders. This means we both have more choices and have to be cognizant of the choices we make as we navigate our careers.

Brian Honan's talk on stealing an identity using purely public information was very enjoyable. About a year ago, a journalist challenged Brian to "steal her identity" using only publicly available information, no automated tools and only completely legal means. Of course, he didn't actually steal her identity, but through the information he found online, he was able to get a copy of her birth certificate, a completely legal activity in Ireland. Pretty much game over at that point. The message here is to be very careful what you put out there because it a) never disappears and b) can be used easily by the 'evil hackers.' He then showed us a number of automated tools like and maltego that can make this process even easier.

My final session for the day was Craig Balding's Cloud Security talk. Again, very well done. His talk was a great overview of the issues that exist. Craig is an engaging speaker and stressed that the first step to being able to effectively use cloud services in as secure a manner as possible, is to classify our data. Yup, an old song, but a tune that is even more catchy when considering cloud computing. Unfortunately, I had to cut out a little early, but will definitely be catching the rest when the recordings become available.

The last event of my day was the RSA Europe 2009 Security Bloggers Meetup. I have already written my quick recap post of that one and so will not repeat it here other than to say that I really enjoyed seeing old friends, meeting on-line friends for the first time and making some new ones.

If you happen to be here and would like to say hi, send me a note at or @ me on twitter. I am @kriggins there.


Reblog this post [with Zemanta]


Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Benny has his day 2 recap of 25C3 posted. Would have been fun to be there.
    #25C3 Day 2 overview: Picking up the pace | Security4all - Dedicated to digital security, enterprise 2.0 and presentation skills
    Tags: ( conferences 25c3 recap )
  2. And day 3.
    #25C3 Day 3 overview: Going to warp speed
    Tags: ( conferences 25c3 recap )
  3. Hypatia also has her day 2 recap of 25C3 posted. It's always interesting to see multiple recaps.
    25C3 Day 2
    Tags: ( conferences 25c3 recap )
  4. And day 3.
    25C3 Day 3
    Tags: ( conferences 25c3 recap )
  5. A new worm is making the rounds that takes advantage of the recent Server service problem on Microsoft Windows operating systems. You really should be patched by now. If you aren't, I suggest getting on it.
    Microsoft Urges Organizations to Patch Server Vulnerability as New Attacks Surface
    Tags: ( patches microsoft worm )
  6. Here is a nifty script that can be used for many interesting purposes. A real good one to stick in your pen testing toolbox. Not to mention for general "what's out there about X" type data leakage queries, which is what it was originally written for 🙂
    Black Fist Security: Improving your Google hacking with Python
    Tags: ( tools google scripts gathering information python )
  7. The audio and video for 25C3 are available now. There is video sized for TV and for iPod.
    Index of /CCC/25C3/
    Tags: ( conferences video audio 25c3 )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.