innismir.net

SOURCE Boston 2009 wrapped up last Friday. Once again, the SOURCE Advisory board did a bang-up job picking talks: Normally, during a conference there are “collisions” in which there are two talks I want to see that run concurrently. SOURCE had this, but it seemed that it happened almost every single talk. I was desperately switching my attention between the talk I was currently at and my twitter stream watching people live-tweet the other tracks. I constantly felt I was missing something great. SOURCE also improved the one complaint I had about SOURCE Boston 2009, lack of the ability to get to the venue via the MBTA. This year’s venue, the Seaport Hotel was easily accessible from the Silver line and the new digs were great.

My talk went as well as I could have hoped. Despite some minor issues with regards to what I could and couldn’t talk about and thus the presentation being much shorter then I wanted it to be, I felt I fielded all the questions cleanly and ones that I could not answer I made sure I got business cards so that I could follow up. For those of you interested in downloading my slide deck it is available here:

• Massachusetts Data Breach Laws, Regulations, and Responsibilities (PPT, 828K)
• Massachusetts Data Breach Laws, Regulations, and Responsibilities (PDF, 286K)

Some highlights of the conference:

• David Mortman‘s delicious bread, which he handed out if you asked questions during his talk. I got a slice because I was able to answer a question.
• Marcus Ranum‘s keynote. Despite being a presentation of “The industry is beyond repair, and here’s why…” gloom and doom, I was able to at least grab some good points out of it that will enable me to fight the good fight. He also made a great metaphor: “3D dancing pigs” meaning something which management wants and will try to implement despite any warnings.
• James Atkinson‘s counter-surveillance talk. Last year he did telephones and this year he did automobiles. Crazy stuff.
• L0phtCrack 6 information session. I can’t wait.

And these are just the ones I can remember off the top of my head.

SOURCE is a great conference and if I had the time and money, I’d seriously consider going to SOURCE Barcelona in September. If you have the chance in 2010, I would highly recommend attending.

This was brought to my attention via Jack Daniel and I nearly had to change my undergarments after heading over to l0phtcrack.com:

L0phtCrack is back! At a special information session at SOURCE Boston (Thursday, 10:15am), the team that brought you L0phtCrack will be releasing version 6 of the highly-acclaimed Windows password auditing tool. Come to the session to learn about this release, its new features and platform support, and the story of the product from the days of the L0pht, to @stake, Symantec, and finally back to the L0pht.

Expect this site to go live soon!
See you at SOURCE!

This is great news. L0phtcrack was an amazing utility (technically it still is, just a bit old) and it’s great to see development on it revived. I am pretty sure it will be a piece of every security person’s toolkit as soon as it’s released. I’m also sure that this session will be standing room only. I know I will be there.