It appears I will be at TechEd in Boston this year after all. There are precious few sessions going around. Attendees have voiced a desire to hear more external speakers so the MS people are getting fewer sessions this year. Steve Riley (henceforth known as “that slimebag” ) managed somehow to get three, but I only got two.
At any rate, I will deliver the Is That Application Really Safe and Windows Vista Security Tidbits presentations.
The former presentation is around half a dozen demos of ways IT admins can evaluate whether software they have purchased is blatantly unsafe to deploy. It is a take-off of chapter 14 in PYWN. It is a really fun presentation to deliver and hopefully you will enjoy seeing it too.
The Windows Vista presentation goes through a lot of the small, but significant security changes we are making in Windows Vista, such as new accounts, changed defaults, added security settings, and so on. There are many of these, and the goal of this presentation is to present those that you will not find in any of the other presentations that discuss the larger new features in Vista, such as Bitlocker and the Service Hardening.
I do have one request: the Is That Application Really Safe presentation, among other things, includes a demo of how to spot SQL Injection bugs. Currently it is based on SQL 2000, since that is still what most people are running. I was considering changing it and using SQL 2005, but have not done so yet. If you really have strong feelings one way or the other, click the “Email” link at the top of the blog and send me a note. If you have other ideas on things you want to see, send me those as well. That presentation is constantly evolving anyway.
It is likely that I will do a panel discussion or two as well, but other than that most of the week will be spent in the security cabana. Hanging out there talking to people about security is honestly my favorite part of the event!