networks
DefCon 19, Day 3
Sunday was interesting — this was actually the first DefCon I have attended (and I’ve been to the last five) where Sunday was actually busy. Normally Sunday feels very empty — most people have gone home, and the ones that are still around are too hung over to go to the morning sessions. I was [...]
DefCon 19, Day 2
My experiences attending DefCon 19.
BlackHat 2009, Day 2
The Thursday keynote was given by Bob Lentz, a Deputy Assistant Secretary of Defense for the United States. His main point was the paradigm shift from network-centric security to what he called content-centric security, and the fact that this devalues the protections around network perimeters. Static defenses don’t work when all the services being used [...]
DefCon 16, Day 1
Having finished up with the BlackHat briefings, it was time to go on to DefCon. While many of the speakers from BlackHat stay on for DefCon, there’s also a lot of DefCon-only presentations, usually with a more attack-oriented focus (in keeping with DefCon’s nature as a hacker convention rather than a security conference like BlackHat.) [...]
Deterring the Internal Attacker
On January 21st, 2008, the major French bank Société Générale lost $7.09 billion attempting to unwind unauthorized trading positions taken by Jérôme Kerviel, a futures trader with the bank. Kerviel had taken positions worth $73.3 billion, far above not only his trading limits but the bank’s entire market capitalization. The loss taken by unwinding the [...]
