Black Hat 2008 Day 1: We're Screwed!

Day 1 of Black Hat 2008 is in the books. It's great to see a lot of old friends, and it seems this year (more than the last two) many of the folks I'm talking to are more focused on the networking than on the session. Not me. I'm still fired up about seeing really smart guys discuss what they are up to and give me a lot of food for thought about how we need to continue protecting ourselves.

I ended up hitting almost all the sessions I wanted to, so let me go through some quick observations.

•  Keynote: Ian Angell, Professor London School of Economics - Professor Angell is a pretty engaging character and I enjoy his systematic skewering of the common knowledge about risk and what we can really control. Which is basically nothing.
• Bad Sushi: Nitesh Dhanjani and Billy Rios - As mentioned on Tuesday, I was looking forward to this session and it was a lot of fun. Especially when they pulled the RickRolling prank on the phishers and to see how many of them fell for it was great. Sometimes it's nice to strike back, although it doesn't have much of an impact on how we do things.
• Kaminsky's DNS talk: It was packed. I mean PACKED. And Dan delivered the goods. The thing that resonated the most is how dependent we are on DNS for pretty much everything, and if DNS is not trustworthy, we've got a real problem. Lots of innovative ways to comprise stuff assuming the bad guys own DNS and plenty of other goodies. I have some larger thoughts about the DNS topic, which I'll write up for Monday, but the only conclusion you can really draw is that we're screwed. But isn't that what Black Hat is all about? Giving security folks that uneasy feeling of not being able to keep up with all the attacks?
• Hoff's Four Horseman: The Hoff delivered the goods as well. First of all, the slides were very pretty. You should check them out. But aside from the aesthetic beauty of the content, Chris really put into question a lot of the assumptions many folks are making about securing the virtualization layer. Rich did a good write-up of Hoff's pitch and other Black Hat topics.
• Network Monitoring, Bruce Potter: I hadn't seen Bruce speak before and it was very entertaining. But most interesting was the very compelling case he made for why you need to monitor your networks using something like Netflow. He also talked a bit about a new open source tool called Psyche that his team is releasing and it looks pretty cool. It's nice to see the idea of network monitoring being discussed on the big stage. Of course, there are folks like Bejtlich that have been beating that drum for years. But given all the other stuff we're seeing at the show this week (basically we're screwed), the idea of figuring out everything isn't going to happen. So we need to REACT FASTER and monitoring is the way to do that.

The Mogull and I recorded a quick podcast yesterday as well. We talk about Kaminsky and Hoff's pitches and come the conclusion that basically we're screwed. You can check it out at the Network Security Podcast site.

Before I head off to Day 2, I have to relay my latest Vegas star sighting. To wrap up the night Shimmy, Mitchell, Adrian Lane and I are catching a little late night breakfast at Caesars. Sitting right next to us is Jeff Dye, one of the finalists on this season's Last Comic Standing. You all know what big fans of comedy the Boss and I are, so it was great to see him in person. He's a very nice guy and he really is that pretty. They are announcing the winner of the show tonight, so I told Jeff we'd be pulling for him.

Only in Vegas...