Some of us are just plain unlucky and always choose the short straw. The penalty for my latest poor straw choice was to fly out to sunny Las Vegas to attend the 2008 Black Hat briefings.
Readers please do not pity me too much, I am sure I will find something to do :-)
It is suggested there are some 4500 IT security enthusiasts of all 'hats' converging on the strip this week. There is an interesting mix of security professionals from established security vendors and consultants and those who wear a slightly dirtier hat that belong to no company but are just as passionate about IT security as
any other attendee.
The conference has multiple streams running in parallel and the briefings I watched today were all of a high
standard. In fact, it can be quite difficult to decide what briefings you are going to have to miss out on. Due to the interesting mix of presenters who are themselves from equally different security backgrounds as the mass of attendees, there is plenty said that rings true to some and almost criminal to others. As such, the halls are
full of spirited debate on what security practices are useful, must do's, musn't do's and possibly as
the hat gets dirtier, what is believed to be of no use at all.
However, that is what Black Hat is to me: a chance for black hats, white hats and everything in between to meet, wrestle a little on what really is best security practice and put down/pick up something new.
Oh yeah, there is also Vegas.. :-)