Observations Along the Road

Roadkill Along the Information Superhighway

Category Archive: 'acsac'

ACSAC 2012 Last Day / Friday Fun

Written By: cahwyguy - Fri Dec 07, 2012 @ 7:52 pm PDT
Posted in acsac | 2 Comments »

ACSAC Last Day:

Today was the last day of ACSAC. Had a great session on Continuous Monitoring from Ron Ross. That was followed by an even greater panel session with me (on Collaborative Protection Profiles), Mike McEviley (on System Security Engineering), and Ron (well, supposedly on Overlays, but he never got to that topic).

After the end of ACSAC, got the office packed up (as I usually do), and got all the boxes shipped (as I usually do, educating FedEx Office along the way).

Friday Fun:

After the conference, we went to the Charles Hosmer Morse Museum of American Art. This is a really cool museum in Winter Park with loads and loads of Tiffany glass — lamps, windows, and other stuff. Dinner was at a great Turkish restaurant, Bosphorous. Now we need to find Turkish food in LA (hmmm, there may be some place in Reseda). Tomorrow… Epcot!

ETA (while I’m waiting for a download to finish): Winter Park is a really neat Orlando community. Hipster neighborhood, with lots of funky stores and restaurants. Loads of ethnic cuisine, art stores, and such. A very different image of Orlando than the touristy places where we are staying near Downtown Disney.

Friday Un-Fun:

When we got back to the hotel, we got in the elevator to go to our room. Around the third floor (we were on the fifth), a jerk and… nothing. We were stuck in the elevator. After about 15 minutes, we were freed (they are comping Sunday morning breakfast… which happens to be the Character brunch!)

After that, I logged into work. Someone at work is trying, on Friday, to schedule a meeting at 5pm Pacific on Tuesday. That doesn’t fly for me, and probably flies even less well for folks on the East Coast.  Sigh. I’ll likely have to do some work Monday from home.

ETA #2: The hotel is filled with a pre-teen cheerleaders convention, as well as a bunch of Pop-Warner boys (and a bunch of medical coders, but they are OK). First, I feel like Miss Hannigan from Annie: “Little girls, little girls, everywhere I look I see them”. Second, I start to realize I’m in “Get off my lawn” mode, especially when the kids are noisy in the hall or in the pool that faces our room. Sigh. Another demonstration I’m getting older.

--- *** ---

ACSAC Update #2

Written By: cahwyguy - Thu Dec 06, 2012 @ 7:57 pm PDT
Posted in acsac | No Comments »

I’ve been a busy busy boy at the conference. A few highlights before I go to bed…

  • Ron Ross gave a very good opening keynote, made even more amazing when you realize he did it with a major toothache.
  • Marshall and I ended up doing the tutorial. It was very well received. Want to see it? Come to GSAW 2012!
  • Last night, Ross Anderson gave a great talk on the economics of computer security. If I was 20 years younger, I might be interested in research in that field.
  • The Conference Dinner was delightful. I had a wonderful conversation with the folks from @sec; there was also some great conversation with some grad students from UC Riverside.
  • This morning I went to Ron’s talk on -53 Revision 4. Good talk.
  • This afternoon I went to an excellent panel on software assurance. Got to see Kris Britton — haven’t seen Kris in years!
  • This afternoon’s talk by Eran Feigenbaum of Google on Cloud Security was also very very good.
  • Tonight was the conference committee dinner at a Brazilian restaurant. I’m stuffed.

One more morning, and ACSAC 2012 is over. ACSAC 2013 in New Orleans!

--- *** ---

ACSAC 2012 Update #1

Written By: cahwyguy - Tue Dec 04, 2012 @ 6:04 pm PDT
Posted in acsac | No Comments »

Well, the two training days of ACSAC (for which I am responsible) are over. I was able to audit three excellent sessions: one on Security Requirement Engineering, one on Assurance (which ended up having a greater focus on Mission and System Security Assurance), and one on Resilience. Good speakers, great subject material — this is what I love to see in ACSAC training sessions. I also had some great conversations over lunch and at the reception tonight regarding a myriad of technical subjects. Now if I can just avoid the ACSAC 15 (like the Freshman 15), I’ll be fine.

Tomorrow, some excellent technical sessions, plus I get to condense a 6 hour tutorial into perhaps 5!

--- *** ---

Arrived in Orlando

Written By: cahwyguy - Sun Dec 02, 2012 @ 6:46 pm PDT
Posted in acsac | No Comments »

This is just a quick note to left folks know that I’ve arrived in Orlando FL for ACSAC. Dinner was in Downtown Disney at Raglan Road (yum), and now it is quickly catching up on the nets. Tomorrow…. the conference starts!

--- *** ---

The Value of the Printed Word

Written By: cahwyguy - Wed Nov 28, 2012 @ 11:13 am PDT
Posted in acsac, rant | 1 Comment »

An off-hand comment in an email discussion today got me started thinking about the value of the printed word. The comment?

Hopefully most folks will take advantage of the mobile and EPUB versions.

The discussion was relating to the ACSAC Final Program. There has been a movement this year away from paper. There are no printed (or even CD) proceedings–they are all on-line. There is encouragement to use versions of the final program on eReaders and tablets; paper is discouraged. I haven’t yet had the call for me not to print Tutorial Notes, but I’m sure that’s coming.

I think this movement away from paper is a bad thing. A really bad thing. Consider the theatre. You attend the theatre and you get aprinted program. They don’t just point you to a URL and tell you to download the program. You can read the program at your leasure; you can consult it afterwards. More importantly, you can keep it as a souvenir, and you can share it with your friends. It can contain advertising that you can consult for related shows. It lives on afterwards.

A printed final program from a conference can do the same thing. You can use it to unobtrusively make notes during a session, without having to stare at a screen. You can share it with colleagues after the conference. It provides evidence of attendance for continuing education. It allows you to look back at the conference as you plan for the next one (that’s harder with an epub, which you probably delete after the conference).

Similarly, I feel the move away from printed flyers, newsletters, and other publicity items is hurtful to event attendance. I receive email blasts for events every day. I skim them, delete them, and forget about them. Flyers, on the other hand, I put up on my bulletin boards. I share them with colleagues. They are continually in my face, reminding me about the event. They are significantly better than the bits of an electronic message.

So what about you? Do you still want paper publicity? Is this an age thing — does the younger set treat electronic communication and documents with more reverence?

--- *** ---

Decisions, Decisions

Written By: cahwyguy - Wed Nov 28, 2012 @ 7:06 am PDT
Posted in acsac | No Comments »

Next week is ACSAC (you are coming, aren’t you?), and I’m having trouble making a decision regarding the conference: Do I take my work laptop or my personal laptop with me? Any work data I’ll be taking will be on my Ironkey, so I don’t need the work laptop for the data. The work laptop provides the ability to VPN, but I generally go in over the web interface (RemoteOffice) anyway, so that’s no big deal. Taking the home laptop allows me to update Quicken on the trip, plus it gives me access to iTunes and my iTunes library, meaning I can update podcasts. Both laptops have the basic tool suites I need. So which to take…

--- *** ---

Training in the Modern Era

Written By: cahwyguy - Wed Nov 14, 2012 @ 7:43 am PDT
Posted in acsac, security | 1 Comment »

I’ve been the training chair for the Annual Computer Security Applications Conference since 1990. In my over 20 years in this position, I’ve seen what was a very popular training program decrease in attendance. Whereas in the past we regularly had attendance for courses in the 15-35 student range, of late the attendance has been in the single digits (of course, there are always a few exceptional courses). That’s true again this year, even with (what I believe to be) one of our strongest training programs in years (look at Monday and Tuesday). [I certainly encourage all of my readers to attend the conference, and to encourage your friends to attend and take training courses.]

I’ve been trying to figure out the reasons for the decline in the program, and what to do about it. This post is part of that effort: I’d love comments that might help me figure out how to move the program forward in the future. Here’s what I think are some of the problems:

  • Publicity. As always, our publicity for the courses is poor. They tend to be subsumed into the technical program, and it is difficult to figure out what is a tutorial/training course and what is not. Part of this is due to how the Advance Program has changed: there used to be a separate section highlighting the training program and the courses, and it’s not there anymore. Part of this is due to a change in format: I’m of the strong belief that our move to electronic notification methods makes publicity in general less effective. People ignore email blasts and web pages except when they are seeking information. At least with mailed advance programs, if the target wasn’t interested, they could put it on a board or hand it to a colleague.
  • Growth of the Field. When ACSAC started back in the late 1980s, it was one of three major computer security conferences: ACSAC, IEEE (Oakland), and the NCSC. Today? There are hundreds and hundreds of conferences, each providing their own aspect of training. There are also online webinars, courses at local universities, and such. People don’t need to go to ACSAC to get their training, especially in a short course format for which they pay $$$.
  • Changing Budgets. Related to the last point is the change in budget. It is harder and harder for commercial contractors, defense contractors, and government to get funds to go to conferences. When they do, they need to be able to get something they can’t get elsewhere. That’s certainly true for the technical program–you only get the papers at the conference. That’s also true for workshops, where there is interaction with others in the field. Training courses? As noted above, those are increasingly available. With tighter budgets, it is harder to justify travel dollars for courses, even with CISSP requirements.
  • Changing Audience. One problem the conference has had is a changing audience. We’re working to fix that, but right now, the conference has become more academic. Contractors and government need tutorials to keep abreast of a changing field (and to maintain their CISSPs). Academics? Much less so. As the conference has become more academic, I believe the interest of that side for tutorials has gone down.

So what should the conference do about the situation. I haven’t fully worked that out yet. We already have an effort underway to restore the mix of the conference. Hopefully, this will increase the participation of industry and government. Doing that should help out the training courses some. Beyond that, however, what should we do? Here are some ideas:

  • Reduce Tutorial Days. If we reduce the number of paid tutorials, we can ensure that what we do present are the strongest and most attractive. I’m thinking right now of experimenting with only a single tutorial day (3 tracks), and using the second day for something training-related in a different way. Perhaps this might be more workshops related to the conference theme; perhaps this might be more interactive seminars.
  • Integrate Tutorials Into The Conference. Right now, we have two training approaches. We have our formal tutorials, for which attendees pay separately, and our government track, which has training sessions during the conference and is included in the conference fee. We could eliminate the training as a separate gated event, and just have a training track across all the days of the conference. This would provide more space for technical papers and discussions, and may increase attendance at the training courses.
  • Fix the Topics. I’ve begun to realize that general introductory topics are not good draws, even though they may be good courses. If I could get the material at a local university course, why have it at the conference? Our topics need to either be unique or something that clearly cannot be easily gotten elsewhere. Looking at our top draws this year, they are topics you are not seeing elsewhere. In past year, a regular strong draw was a tutorial on botnets. We need ACSAC-unique topics… and I need to find presenters to propose them.

Right now, I’m just at the musing stage on how to fix things. I’d welcome your ideas.

--- *** ---

Writer’s Block: B.Y.O.B. Holidays

Written By: cahwyguy - Mon Dec 12, 2011 @ 11:19 am PDT
Posted in acsac, Transferred-From-LJ , | No Comments »

Well, I always celebrate the Annual Computer Security Applications Conference (ACSAC), which is always in December. Great people. Great technical content. A conference committee that is like family. Wonderful food. Interesting locations. What more could you want?

[Wait, you mean there are other holidays in December? Well, I don't celebrate Christmas (I observe that it is on the calendar), and Chanukah moves around. New Years Day is in January. So I guess it is ACSAC.]

--- *** ---

12345>>