Nov 5: the end of Facebook? No! The start of Kiwicon...

Filed Under: Featured, iOS, Malware, Mobile, Privacy

Remember how an anonymous person calling himself Anonymous urged you to join the cause and take out Facebook for the sake of your own privacy on the Fifth of November?

Here in New Zealand, it's been 05 November 2011 for several minutes already, and there's not yet the slightest sign of Facebook's demise.

But 05 November is also the start of Kiwicon V, a regional security conference now in its fifth year.

And Kiwicon has not only survived from last year, but moved to a bigger venue (the Wellington Opera House) and doubled its number of delegates.

This weekend, more than 600 cybersecurity experts from Asia Pacific and beyond will attend the event for a weekend of conferencing, conversation and conviviality.

A wide range of topics will be covered, from the importance of using good-quality random numbers to the security or otherwise of the iPhone; and from the meaning of "cyberwar" to the risks of a surveillance society.

All of these are issues I feel strongly about myself (the answers, in case you are wondering, are: vital; as much by obscurity as by design; marketing hyperbole; huge). So I'll be listening with great interest and reporting on topics which I think will interest you too.

Ka kite ano.

, , , , , , , ,

You might like

4 Responses to Nov 5: the end of Facebook? No! The start of Kiwicon...

  1. Bob · 1429 days ago

    I went for the Saturday but was sick on the Sunday. It was my first Kiwicon and I was sorely disappointed.

    One of the talks went on about building architecture for about 30mins sending everyone to sleep before he got to his point (ideas on how to secure browsers). Another had some lady talking about how to be anonymous if you happen to be on the run. Her suggestions: use a Nintendo DS to communicate with others (yeah right) and buy prepaid credit cards (wow huge breakthrough!).

    The two good talks I saw: one was from a guy talking about how the netsec industry in NZ is dwindling as there are less and less young people coming into it and how it has changed from 10 years ago. The other talk was about some exploits in movie editing/scripting software they use in Hollywood. While this talk was good, the audience thought the guy was a god because he used some shellcode from metasploit for a buffer overflow in applications that had no bounds checking.

    It looked like they had some good talks on Sunday but due to being sick and the poor performances on Saturday I had no desire to go and watch. I also saw a bunch of people using the open wifi there to open their gmail, fb and irc, wtf?

    • Genima · 1429 days ago

      I always thought the open wifi was like a Kiwicon in-joke, and that if you connected to it you were more-or-less inviting people to probe your device and have an open book on any data you sent over it. If I recall correctly it stated something along those lines on the event information a couple of years ago. You would kinda hope that they were doing it over a tunnel but I suspect a reasonable contingent of attendees are somewhere between script-kiddie and "I run Linux on my laptop but I can't explain why". Which probably reflects the dwindling number of *quality* people coming into security in NZ.

    • Paul Ducklin · 1429 days ago

      There was no Kiwicon network, IIRC. (That's what the brochure said.) So if you didn't have a 3G connection you were pretty much thrust onto Wellington's public network. I don't doubt that at least some of the delegates were casual with their connections - though at least Gmail and FB offer HTTPS for more than just authentication. You'd find the same casualness at any so-called security conference, whether commercial/expensive or non-profit/cheap. So you can't read too much into that...

      As for "applauding when a remote shell appears", I find that a bit OTT, too.

      But that talk was one of my favourites. It was well-organised, the presenter was well-rehearsed (hint to presenters at conferences of any sort!), and gave a good insight into how a series of apparently-small vulnerabilities can be exploited in turn, and why security really is a journey, not a destination, even for software developers who might not consider themselves "network coders".

      Anyway, for the NZ$60 (approx US$45) admission fee, I thought it Kiwicon was well worth it...hope you're not put off attending next year :-)

    • jim · 1428 days ago

      "Bob" - I'm sure that if you weren't satisfied the organisers would refund your $60, though from what I read you missed a whole day of the conference.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog