Wednesday, September 2, 2015

#RSAC vs. #VMWorld Take 2

I've noticed some more things and realized I called out what I was seeing at VMWorld on the last one without calling out the difference so I'll explain a few things better too.


  1. At InfoSec Cons people want to understand how things work, why they do what they do, what happens if you do something unexpected, etc. At VMWorld no one seems to care, they want to know how to make software work not how they heck the software does what it does. Which is sad, some of this software is freaking amazing but not one talk is about how they do what they do. I keep wondering how to break into it and remotely sniff traffic on virtual switches or grab files from virtual SANs without even touching the guest OS, but I digress. 
  2. Deep Dive talks at security CONs show code typically. At VMWorld Deep Dive talks I would call high level overview and are mostly slides with video recording of someone clicking buttons on a GUI as the speaker talks over it and that is the deep dive demo. Seriously. Almost no one at VMWorld seems to care that isn't really a deep dive, I've meet one person so far who isn't happy about that other than me.
  3. The booth swag is way worse. Most booths don't give anything away it is all a chance to win something, how horrible.
  4. The wifi is just as messed up as a typical security con and I'm seeing people doing evil doing the wifi pineapple thing cloning the main wifi network, you name it. They don't give a secure option either nor do they publish the correct MAC addresses on the APs so you are just screwed and have to turn wifi off. Everyone is complaining about the wifi but they don't seem to get why it is bad and that is isn't safe and that it is slow because it is all being routed through a guys laptop. I find it a bit funny.

Tuesday, September 1, 2015

InfoSec vs. Infrastructure Communities

Backstory:
I've considered myself part of the InfoSec community since going to my first DEF CON 15 years ago. Back then I had already been doing security work for a while but was not aware of the community and really that this could be your 100% focus until going to DEF CON, I was a self taught Infrastructure guy but my eyes were open and I never looked back. Until recently due to the Infra leader leaving my current company and I got asked to take over part of it with security. So I find myself at VMWorld this week. It tuns out VMWorld is Infra's RSA Conference. I mean exactly, same place, same size Expo, the vendors that do both even have their booths in the same spots. I know because I was just at RSA. So I've been noticing some differences in the communities that I found interesting enough to post and see what everyone else thought.

#VMWord vs. #RSAC

  1. People at VMWord overall are older, I know the hoards of kids I'm thinking of at security cons are not as represented at RSAC as other cons like DEF CON, but still. I don't think the kids these days think Infrastructure is cool. In 20 years this may be a problem.
  2. There are way less women at VMWorld than RSAC. Way less. A working at the center asked me why there were no women, he said he worked many of these events and this one had the least amount of women. I asked him if he worked RSA and he said yes, way more at RSA. I agree. I find it interesting there is an outcry about this in InfoSec but not Infra, Infra is far more male dominated from what I can see.
  3. VMWorld didn't get the note on "booth babes" probably due to point #2. It is like going back in time on that front, not all the booths but a lot and a lot really have the appearances of let's say professional dancers and leave it at that. 
  4. The booths are even more vague! Everyone uses the same buzzwords and you can't even tell what the company does without talking to them. I figured out this is because they all appear to do the exact same thing. Which is crazy. It reminds me of the days where every other booth was an IPS vendor, Infra is in that phase right now.
  5. Speaking of everyone doing the same thing, Infra isn't even Infra anymore. Almost all the booths are software or hardware the runs special software on top of it and it is only their software that makes them different than anyone else. Oh and their software does the same thing as everyone else on the same kind of hardware but we are better because, um, ya. Today Infra folks think they are working on a server when they play with software the abstracts the whole hardware layer. When I asked hardware questions no one knows the answers. I find this totally insane and I wonder how many people will be able to make this stuff work in 20 years.
  6. The parties are in the same places but totally different. The music is way quite and no one is even thinking about dancing and people are more into the sliders than the booze. Frankly being older I kind of like these parties better than a crazy Rapid7 party where you can't hear anyone talk. Maybe this is due to point #1.

Anyone I'm starting day two at VMWorld and will see what else I notice. If anyone reading has their own observations or disagrees or whatever leave your comments. Or reply to me on twitter.