Back fromToorCamp, 2012. To get a sense of the event, check out the closing video
http://www.youtube.com/watch?v=Q7IeJ0HGK6o. Here are a few pictures of the camp I snapped on my phone, including the dome in the distance.
Next stop is the Intel Developer Forum in San Francisco on September 10. I suspect that my hotel will be a little further detached from Mother Nature, though.
The camp site was right next to the beach, too. Neah Bay is the northwest-most point of the continental US, so the Pacific Ocean formed the back yard for the talk.
The main dome hosted the various talks. Here's a closer view, including the podium in the back:
I delivered my talk on firmware security on Thursday afternoon. A link to my foils for
“UEFI Secure Boot and challenges in platform firmware” can be found at https://docs.google.com/open?id=0BxgB4JDywk3MWnM0WmNXMHBTcm8. The other talks were a mix of information security and the maker movement leading up to my presentation, so I treated my discussion of firmware security alongside a a review of the UDK2010 open source implementation of UEFI Secure Boot and the user controls enabled via Custom Mode on IA32 machines. Insightful questions both during the talk and with the researchers afterward.
Other interesting talks included Dan Griffin's discussion on TPM's and UEFI, which largely focused on measured boot from the operating system perspective. This talk was a shortened version of his DEFCON talk https://docs.google.com/file/d/0B7n3jaMQDSNCeDJBd2tnRGIxbDA/edit#. Dan Kaminsky also spoke about all things security, including weaknesses of random number generators http://dankaminsky.com/2012/08/15/dakarand/. Other interesting perspectives from DanK included how type safe language are not the security panacea since different machine on the network are written in different languages, so all communications must convert data to strings. And it is in these strings that attacks, injections, and vulnerabilities occur. Hearing both Seattle Dan's speak alone was worth the trip.
Other interesting talks included Dan Griffin's discussion on TPM's and UEFI, which largely focused on measured boot from the operating system perspective. This talk was a shortened version of his DEFCON talk https://docs.google.com/file/d/0B7n3jaMQDSNCeDJBd2tnRGIxbDA/edit#. Dan Kaminsky also spoke about all things security, including weaknesses of random number generators http://dankaminsky.com/2012/08/15/dakarand/. Other interesting perspectives from DanK included how type safe language are not the security panacea since different machine on the network are written in different languages, so all communications must convert data to strings. And it is in these strings that attacks, injections, and vulnerabilities occur. Hearing both Seattle Dan's speak alone was worth the trip.
On top of the great info-sec talks, on Friday I had the opportunity to attend a session by George Dyson http://en.wikipedia.org/wiki/George_Dyson_(science_historian) on Project Orion http://en.wikipedia.org/wiki/Project_Orion_(nuclear_propulsion)
And speak with George afterward.
I was as much inspired by his discussions of Orion, my read of his recent book on the history of the computer http://www.amazon.com/Turings-Cathedral-Origins-Digital-Universe/dp/0375422773, and of course, kayaks http://www.amazon.com/Baidarka-Kayak-George-Dyson/dp/088240315X/ref=sr_1_4?s=books&ie=UTF8&qid=1346014068&sr=1-4. Regrettably, the only hard copy of a book related to George I brought along to the camp was the book 'about' George and his father Freeman http://en.wikipedia.org/wiki/Freeman_Dyson
But I asked for an autograph anyway.
Overall, I enjoyed having the opportunity to participate in this type of conference. The spirit of creation, invention and curiosity was infectious and shared by all. And the accommodations were quite interesting, too.
Next stop is the Intel Developer Forum in San Francisco on September 10. I suspect that my hotel will be a little further detached from Mother Nature, though.
Cheers
No comments:
Post a Comment