.
From: sc-l-boun...@securecoding.org [sc-l-boun...@securecoding.org] on
behalf of Steven M. Christey [co...@linus.mitre.org]
Sent: 31 August 2011 16:45
To: Sergio 'shadown' Alvarez
Cc: Adam Shostack; Secure Code Mailing List
Subject: Re: [SC-L] informIT: Building versus Breaking
Hi Ivan (and Sergio),
Maybe I should have clarified my position.
I have no problem with security researchers and whitehats that
investigate and reverse engineer malware to make the world a better
place.
I have problems with those that create malware - under the guise of
security research -
On Fri, Sep 2, 2011 at 6:19 PM, Chris Schmidt chrisisb...@gmail.com wrote:
On Sep 2, 2011, at 10:44 AM, Goertzel, Karen [USA] goertzel_ka...@bah.com
wrote:
What we need is to start building software that can fight back. Then we
could become part of cyber warfare which is much sexier than
On 9/3/2011 11:22 AM, Kevin W. Wall wrote:
On Fri, Sep 2, 2011 at 6:19 PM, Chris Schmidt chrisisb...@gmail.com wrote:
On Sep 2, 2011, at 10:44 AM, Goertzel, Karen [USA]
goertzel_ka...@bah.com wrote:
What we need is to start building software that can fight back. Then we
could become part of
Hi Steve,
On Wed, Aug 31, 2011 at 4:45 PM, Steven M. Christey
co...@linus.mitre.org wrote:
While I'd like to see Black Hat add some more defensive-minded tracks, I
just realized that this desire might a symptom of a larger problem: there
aren't really any large-scale conferences dedicated to
Ding ding ding... End of first round.
insert ring girl with below sign
Largest application software security focused event in 2011 - don't miss:
http://www.appsecusa.org
Sept 20-23 2011
###
Ding ding ding... Now let's get it on
Let's keep a professional..debate. Free speech only works
...@gmail.com
Cc: a...@homeport.org; sc-l@securecoding.org
Subject: Re: [SC-L] informIT: Building versus Breaking
Steve,
I think that the problem we have here is classic - defense isnta sexy. I
think you could get DHS to sponsor one maybe? I think between some government
funds, and some vendor support
While I'd like to see Black Hat add some more defensive-minded tracks, I
just realized that this desire might a symptom of a larger problem: there
aren't really any large-scale conferences dedicated to defense / software
assurance. (The OWASP conferences are heavily web-focused; Dept. of
I agree on the terminology of whitehat vs. blackhat here Sergio, but in
almost every other regard I disagree completely.
To design and build proper software and hardware there are a lot of
conferences out there, as well as trainings and a huge amount of literature.
There are very good books
Not many builders go to BlackHat. BlackHat is by Breakers, for
Defenders. It is primarily attended by Defenders, with a smaller pool
of dedicated Breakers.
It is very valuable to our industry to have conferences focused on
Breaking. Though they do have Builder and Defender talks. Some of my
first
Hi Chris,
Thanks for answering my email.
There's one thing that I actually believe you people are not following here.
Blackhat is a conference to present cutting-edge NEW offensive technologies,
methodologies, techniques, etc. It is *not* about talking things there were
already presented and
Sergio,
Blackhat IS about breaking stuff, the vendors area offers defense
products and services to improve your security. For building stuff (as
in development) there are other conferences out there. People go to
Blackhat to be aware of what things might go wrong in order to protect
better
: sc-l-boun...@securecoding.org [sc-l-boun...@securecoding.org] on behalf
of Steven M. Christey [co...@linus.mitre.org]
Sent: 31 August 2011 16:45
To: Sergio 'shadown' Alvarez
Cc: Adam Shostack; Secure Code Mailing List
Subject: Re: [SC-L] informIT: Building versus Breaking
While I'd like to see
Hi gem,
I've read your article to see what direction you were willing to take, before
jumping into the conversation. Your post was exactly what I thought you were
heading to.
I disagree with your thought for many reasons.
But first I would like to use proper terms so that we don't misuse some
14 matches
Mail list logo