- At InfoSec Cons people want to understand how things work, why they do what they do, what happens if you do something unexpected, etc. At VMWorld no one seems to care, they want to know how to make software work not how they heck the software does what it does. Which is sad, some of this software is freaking amazing but not one talk is about how they do what they do. I keep wondering how to break into it and remotely sniff traffic on virtual switches or grab files from virtual SANs without even touching the guest OS, but I digress.
- Deep Dive talks at security CONs show code typically. At VMWorld Deep Dive talks I would call high level overview and are mostly slides with video recording of someone clicking buttons on a GUI as the speaker talks over it and that is the deep dive demo. Seriously. Almost no one at VMWorld seems to care that isn't really a deep dive, I've meet one person so far who isn't happy about that other than me.
- The booth swag is way worse. Most booths don't give anything away it is all a chance to win something, how horrible.
- The wifi is just as messed up as a typical security con and I'm seeing people doing evil doing the wifi pineapple thing cloning the main wifi network, you name it. They don't give a secure option either nor do they publish the correct MAC addresses on the APs so you are just screwed and have to turn wifi off. Everyone is complaining about the wifi but they don't seem to get why it is bad and that is isn't safe and that it is slow because it is all being routed through a guys laptop. I find it a bit funny.
Wednesday, September 2, 2015
#RSAC vs. #VMWorld Take 2
I've noticed some more things and realized I called out what I was seeing at VMWorld on the last one without calling out the difference so I'll explain a few things better too.