Tuesday, 13 May 2014

Four Conferences Later


Security, Social Media, Linux and Android – Part 1


As a good friend once said to me, “Your industry is basically built out of conferences!”. Hard to argue with the logic, given the fact that I had just completed a two week trip away from home that covered two European capitals, four conferences, and exposure to countless geeks of all kinds talking about a variety of subjects! In this trip I learned a lot, not all  intentionally, not all of it practical, but educational none the less.


So, my journey starts back in the UK at BSidesLondon; a must for anyone in the European Security community. In one way, shape, or form, I have been involved with BSidesLondon since it started 4 years ago. 3 talks, 2 Rookie tracks, and a workshop later, I've watched the conference grow, and boy has it grown! Bigger doesn't always mean better, but in this case, its hard to say that it isn't.  Two years of 'officially' being crew has been both rewarding and educational. For me, the most rewarding aspect of BSidesLondon has been the 'Rookie Track'. Sometimes (and just sometimes!), really good things can come from ranting and this is a case in point. Taking people who have never given a talk, and giving them the platform, coupled with the correct support, has gone on to produce not only excellent talks, but speakers who  understand how to help new, fellow speakers of the future. Yet again, this year's rookies set a standard showing that just because you've never spoken before doesn't mean you can't own the stage like you were born for it.

My day at BsidesLondon started off as a speaker with a lightning talk, a very under prepared lightning talk I might add, but nonetheless I stood up and talked about Crypto Parties (and no, the 90's didn't call and ask for their keys signed!). I know a lot of people find it surprising that someone with my cynical nature would be involved with them, but personally I believe that hands on grassroots help for people not involved in security is a must. Put simply, our industry must roll its sleeves up and help. I then followed the talk with a short workshop on presentations, or moreover, how not to kill your audience by slide deck (Death by Powerpoint anyone?). I'll put this out there for the record; “Our industry SUCKS at presentations”. Granted it's a difficult task, but if you want to deliver a message to people and in doing so poke them in the eyes with a horrible PPT don't moan that no-one took anything from it! This theme of “let's stop sucking at slides” is a theme you're going to see played throughout these posts for a while. Back to the workshop though, this seemed to go down very well, and like all good experiences, I learned from it too. It seems there is salvation for our 'sucky' slide deck community after all! Finally, the workshop was followed by my talk on detection system fails. Yeah, I'm still talking about that subject, you know why? We still fail!


London was then wrapped up with 44Cafe, followed by the EU Security Bloggers Awards. I'm going to put this out there as well; “STOP PLAYING HEARTBEAT WHEN YOU TALK ABOUT HEART BLEED!!!!!”. I don't want to hate you, but you make it bloody hard not too! The EU Security Bloggers Awards were fun, this year we beat last years record and managed to come third in a one horse race, which for me is personal best. Congratulations to Martin McKay, and his NetSec Podcast. To the Eurotrash guys; 'Mwhahahahaha, that's how it feels boys!'. I also managed to grab dinner with the 'grandfather' of British Security Mr Pete 'Grandpapa' Wood, which is always a pleasure. He didn't talk about the war, or being on any sinking boats for the navy which is a win, but we had such a laugh. I always love spending time with him, he's been a great friend over the years and frankly a good role model for any young upstart in security. Also, Dan Raywood of IT SecGuru coined the 'before and after look' whilst 'Grandpapa' Wood and  myself were at the bar.  Thanks Dan ;)