![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Security BSides Ottawa
Nov. 16th, 2010 02:39 pmI was at Security BSides Ottawa last weekend. I don't have much time to blog about it right now because I'm writing a paper, but here's what Pete Hillier and Dan Menard had to say about the individual talks.
As an academic, I find un-conference events a little strange. Normally, when I go out to a conference, I can expect every single talk to be about a brand new research idea, or some twist on an old one. There's a lot to be said for hearing existing ideas phrased well or talks showing off existing technologies, but it always takes me a while to move from one mindset to another. It's also lovely to hear people who are largely there because they like speaking and are willing to put work into their presentation skills. Definitely some quality talks to be had. And one that I didn't like (sorry, but mathematical formal methods for security are one of those things that always sounds great on paper but has been a great disappointment to me in practice), but I almost feel like it'd be disappointing if I agreed with everything!
I wish that some of these talks could be brought to even more general venues. Many were fun, but very much preaching to the choir. I'll bet the Star Trek talk, for example, could be rejigged nicely to take it in to a high school or undergraduate CS event. If anyone from BSides would be interested in doing talks at Carleton, you might want to talk to our undergraduate society or others at the school.
The other strange thing for me comes in meeting people who are working in industry, something I get to do surprisingly (embarrassingly) rarely as an academic. I learned some useful things from my lunch partners about the state of security in the trenches, especially how Ottawa as a government town has a particularly interesting landscape. And of course, Ron's now inspired me to go take a look at nmap scripts, which sound like exactly the sort of hacky security fun I needed: the type that comes in small debuggable chunks I can use as a diversion from research when I need a break but don't want to leave the security headspace.
So yeah, great people, interesting talks, and overall I felt it worthwhile despite the lack of research-level novelty that I take for granted in my usual conferences. Looking forwards to next time!
As an academic, I find un-conference events a little strange. Normally, when I go out to a conference, I can expect every single talk to be about a brand new research idea, or some twist on an old one. There's a lot to be said for hearing existing ideas phrased well or talks showing off existing technologies, but it always takes me a while to move from one mindset to another. It's also lovely to hear people who are largely there because they like speaking and are willing to put work into their presentation skills. Definitely some quality talks to be had. And one that I didn't like (sorry, but mathematical formal methods for security are one of those things that always sounds great on paper but has been a great disappointment to me in practice), but I almost feel like it'd be disappointing if I agreed with everything!
I wish that some of these talks could be brought to even more general venues. Many were fun, but very much preaching to the choir. I'll bet the Star Trek talk, for example, could be rejigged nicely to take it in to a high school or undergraduate CS event. If anyone from BSides would be interested in doing talks at Carleton, you might want to talk to our undergraduate society or others at the school.
The other strange thing for me comes in meeting people who are working in industry, something I get to do surprisingly (embarrassingly) rarely as an academic. I learned some useful things from my lunch partners about the state of security in the trenches, especially how Ottawa as a government town has a particularly interesting landscape. And of course, Ron's now inspired me to go take a look at nmap scripts, which sound like exactly the sort of hacky security fun I needed: the type that comes in small debuggable chunks I can use as a diversion from research when I need a break but don't want to leave the security headspace.
So yeah, great people, interesting talks, and overall I felt it worthwhile despite the lack of research-level novelty that I take for granted in my usual conferences. Looking forwards to next time!