I’ve just returned from a week long security conference in Edmonton, Alberta known as the ICE Conference and it was terrific. The weather was brisk and I was actually surprised to see snow on the ground. Now as most of you know, I’m a big fan of the ice and snow, hailing from Wisconsin originally. The event organizers did a great job of ensuring that the event went off without a hitch, which is always nice. Thanks everyone for that!
As always, I was extremely excited to go up to Edmonton and mingle with my brothers from the Great White North. I was hoping to catch the Edmonton Oilers at Rexall Place for a game…but once again, they heard I was coming to town and scheduled themselves a week of away games. No offense, but I’m starting to take this personally. I did however get a nice invitation to bring my goalie gear on my next visit, so I can try and stop some Canadian rubber. That should be a humbling experience. (Thanks Joshua Trupin, MSDN Magazine – Sr. Editor, for the lovely photo!)
Last week I did a session on Windows Vista Security and the Microsoft Security Strategy. I received a fair number of questions during the event. Here are some that I’ll be researching for some definitive answers. Of course, if anyone reading has some insight, I’d appreciate the feedback:
- What kind of performance hit will be seen when using BitLocker full-volume encryption in Windows Vista?
- What are some good web application vulnerability scanners out there that can compete with tools like AppDetective?
The ICE conference itself had a bunch of great security speakers, including Brian Bourne and Brad “Renderman” Haines. Brian Bourne from CMS Consulting in Toronto, did a great presentation on Rootkits (complete with demos!) and he clued me into a great new security organization based out of Toronto known as TASK. He described it as a “2600 meeting for grown ups”. I can’t wait to attend when I’m up there.
Renderman did a fantastic session around wireless security and showed his newest project – The Teddy Bear which is actually a Rogue Access Point. He has some really interesting stuff on his site, so be sure to give that a visit. He speaks at ShmooCon, DEFCON, etc.
Finally, to whomever the guy was sitting on the plane ride from Edmonton to Denver, I’d suggest that in the future, when conducting your important business on your cell phone…..be careful of saying, “No no….my username is BobN and the password is the same as my username, BobN for the XYZ system”. You think people would have learned by now.