Re: [SC-L] InformIT: budgeting for software security
No, there is not a direct connection but Green and InfoSec do have a few degrees of connection. InfoSec - Is a part of - IT - manages - Datacenters - suck up 3% of word power - is becoming more expensive - Green - Al Gore RSA conferences *were *focused on infosec, and on cryptography in particular RSA is a Marketing/Fluff event - As Gary pointed out, there is a 1000-1 Marketer vs attendee ratio. Case and point: SANS is teaching there now! :D - Jim Jim, In response to Stephen's question, you wrote... What does 'green technology' have to do with infosec? Data centerers worldwide use at least 3% of all global electricity. With the growing cost of oil/power - most large corporations are looking for ways to reduce power consumption at their data centers. Google is building new database centers near cheap power, cheap land, and cheap water. Sun has bet the farm on Green issues. IBM and Intel have green/sustainability departments as well. http://www.baselinemag.com/c/a/Infrastructure/Disruptive-Forces-Sun-Microsystems/ Maybe I need someone to connect the dots for me, but IMO, your response _still_ doesn't adequately answer Stephen's question. You addressed why 'green technology' is good in general and why businesses are pursuing it, but not what it has to do w/ information security. Certainly, if there is a connection here, is is not a direct one. I don't want to speak for Stephen (but will anyways ;-), but I think it's unfair to interpret his remark as implying that green technology is bad or some sort of voodoo. In the context, I think his concern was that in the past, the RSA conferences were focused on infosec, and on cryptography in particular. Apparently, based on Stephen and gem's comments, it seems to have lost its focus. I think that's all that was being implied here. -kevin --- Kevin W. Wall Qwest Information Technology, Inc. [EMAIL PROTECTED] Phone: 614.215.4788 The reason you have people breaking into your software all over the place is because your software sucks... -- Former White House cyber-security adviser, Richard Clarke, at eWeek Security Summit This communication is the property of Qwest and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. -- Jim Manico, Senior Application Security Engineer [EMAIL PROTECTED] | [EMAIL PROTECTED] (301) 604-4882 (work) (808) 652-3805 (cell) Aspect Security™ Securing your applications at the source http://www.aspectsecurity.com ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___
Re: [SC-L] InformIT: budgeting for software security
At 8:14 AM -0500 4/11/08, Wall, Kevin wrote: In the context, I think his concern was that in the past, the RSA conferences were focused on infosec, and on cryptography in particular. Apparently, based on Stephen and gem's comments, it seems to have lost its focus. I think that's all that was being implied here. Some years ago at an RSA Conference I recall seeing Jefferson Starship. At least one song had altered lyrics for the GAK issue of the year, but that was not a whole lot of security content in a general session. -- Larry Kilgallen ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___
Re: [SC-L] InformIT: budgeting for software security
Hi all, Larry has it right. There was very little technical content at RSA this year. All of the vendors on the show floor had pitches that sounded exactly the same. Last year there was much more software security presence. The good news for our field is that at the (small) executive forum, there was a fair amount of discussion of software security. Justin Peavey from Omgeo put together a panel on software security that I helped with. That was good. Now attempting to fly home on the united cattle call cart. Moo gem - Original Message - From: [EMAIL PROTECTED] [EMAIL PROTECTED] To: SC-L@securecoding.org SC-L@securecoding.org Sent: Fri Apr 11 10:31:13 2008 Subject: Re: [SC-L] InformIT: budgeting for software security At 8:14 AM -0500 4/11/08, Wall, Kevin wrote: In the context, I think his concern was that in the past, the RSA conferences were focused on infosec, and on cryptography in particular. Apparently, based on Stephen and gem's comments, it seems to have lost its focus. I think that's all that was being implied here. Some years ago at an RSA Conference I recall seeing Jefferson Starship. At least one song had altered lyrics for the GAK issue of the year, but that was not a whole lot of security content in a general session. -- Larry Kilgallen ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___ ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___