Wednesday, 21 September, 2005

Well, I'm back from Toorcon. It's 3:46am and I can't sleep because my body clock is so fucked up. I've got work in the next five hour: Oh joy of joys.

Toorcon ruled on so many levels. There was a lot of interesting security stuff at the conference and I met a whole bunch of cool people working in the field. There were a whole bunch of complex security hacks that were on show at the conference. So what were the key points?

  1. WEP is worse than no security at all - at least you don't have any false sense of security
  2. How to do SSH over DNS (yes, you read that right)
  3. IDSs are effectively useless.
  4. Professional forensic tools such as Encase are useless against even a moderately knowledgable attacker.
  5. Cross-site scripting vulnerabilities are very common and incredibly dangerous.

The cryptography was not the only good thing about Toorcon; The location is nice too. California is far more liberal than Florida. For example, I didn't get carded once for any of the beers I bought. When I went to Florida earlier this year I'd already been carded to get a beer with my dad. Fair enough, you know, in Rome does as the Roman's do. When my dad goes to get another round in and the barman ask to see some ID again even though they'd seen me only half hour ago. My dad brought his drink back and I had to go and collect mine from the bar. This was really pathetic and just served to make me pissed off. What a waste of everybody's time.

I think Toorcon is likely to become a yearly fixture in my Calendar. It was well worth the jet lag to go to another part of the world and do something truly unique. The next conference on my Calendar is scheduled for the Christmas break this year and will take me to Germany. I love doing these things..


04:07:26 GMT | #Life | Permalink
XML View Previous Posts