[Dailydave] I watch the 2016 RSAC Keynotes so you don't have to

Andreas Lindh andreas at haxx.ml
Thu Mar 17 04:06:00 EDT 2016 

Dave,

Thank you for this post. I am a big fan of Snarky Dave (not so fond of
Team America Dave, but you probably knew that already) and this is SD++.

One thing that strikes me is that I get the feeling they are mostly just
going through the motions, some of them doesn't even seem that
enthusiastic about their own topics. Not that I'm surprised, most of the
content is basically rehashing what others, less high up in the food
chain, has been saying for years, but with the useful parts removed.

I know that there is good content being presented at RSAC too, but those
sessions are never made available anywhere (at least not for free). To
me, that says something about how disconnected RSAC is from the people
in the trenches, doing the actual work. Not that surprising really, in
the eternal words of Against Me: "There was purpose to be served, there
were fortunes to be earned".

AL

On 2016-03-16 22:05, dave aitel wrote:
> http://www.rsaconference.com/videos?tags=Keynote
>
> I like to watch all the keynotes after RSA and see what kinds of
> themes there are. Partially because keynotes are 100K at RSAC and that
> means that probably someone put time and effort into making them worth
> listening to? They are like the SuperBowl ads of our field. Also
> sometimes our friends are on stage, which is exciting.
>
> Most years, there are one or two that are hilariously bad. Also,
> because it is a prestigious thing to do, you often have speakers who
> are executives at big security companies, but who are not necessarily
> polished pro-level public speakers. What we're looking for in these
> talks is Vision, with a capital V.
>
> In 2016, as usual, most of every keynote fell into the category of
> "wishful thinking". Every big company wants the industry to give them
> all of the threat data, and then let them do the "innovation" on the
> analysis side.
>
> That's never going to happen! But yet you hear it again and again,
> year after year. Cisco
> <http://www.rsaconference.com/videos/ascending-the-path-to-better-security>and
> HP and RSA and Intel
> <http://www.rsaconference.com/videos/louder-than-words> and everyone
> else say this year "What if everyone just used our platform for your
> point products?" which sounds great but the only real way people have
> been able to make themselves a platform for point products is to do
> M&A. Collectively all the big companies have realized that the
> management costs of all their products are prohibitive for every
> customer, and no customer is going to buy just one product stack.
>
> HP did have some interesting hidden announcements about how they can
> find DNS beacons going outbound out of all of their huge data set.
> They said they find 50 new ones a day. I don't think they've tested
> against INNUENDO <http://immunityinc.com/products/innuendo/> yet
> though. Everyone SAYS they are doing lots of great analysis, but how
> do you know you are detecting APT unless you can test against APT?
>
> It is also amazing to see DIRNSA declare privacy of our citizens part
> of the essential equation
> <http://www.rsaconference.com/videos/remarks-by-admiral-michael-s-rogers>.
> He also stuck to the government talking point about how industry is
> amazing and can find a magical compromise. And of course, he, along
> with everyone else, has caught on to the idea that data theft can
> quickly turn into data manipulation.
>
> It's also interesting to hear the president of RSA talk about how
> badly the Government messed up with Wassenaar, and to hear that nobody
> who helped write the VMWare talk bothered to tell the CEO of VMWare
> that Wireshark is free software.
>
> To be fair, VMWare won "Worst of Show" this year
> <http://www.rsaconference.com/videos/not-lost-in-translation-building-an-architecture-to-reshape-cybersecurity>.
> They demoed some moderately interesting capabilities (software defined
> networking as part of your VMWare stack!) but everything about the
> talk was grating and terrible or an obvious half-truth. The CEO of
> VMWare has no idea that Wireshark is free software, and neither did
> anyone who helped write their talk. They paid one hundred thousand
> dollars to demonstrate on stage in front of three thousand customers
> how much vision they are lacking...and it is showing in their
> corporate performance as the get eaten alive by the rest of the
> virtualization market.
>  
> Also, we have to stop bringing kids on stage to talk about how the
> "Youth are our future". It's so boring. 
>
> -dave
>
> Previous years:
> https://lists.immunityinc.com/pipermail/dailydave/2014-April/000661.html
> https://lists.immunityinc.com/pipermail/dailydave/2014-April/000642.html
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave

-- 

-------------------------------------------------------
andreas at haxx.ml
PGP: 02F9 3462 5D14 BAA7 5498  5B05 FACB D36B 0FE5 271F

More information about the Dailydave mailing list