Greetings! I'm exhausted. :) Ok, that being said, I wanted to run down what I've been up to thus far. My feet hurt. And, for the record, it's rather chilly here, with a consistently stiff breeze (particularly cold in one's face while trying to walk uphill).
Pre-Conference Workshop (Monday)
I attended a full day workshop on Identity and Access Management yesterday. It was generally decent, though far too high level for what I was hoping to get out of it. Nonetheless, it was a nice easy start to things. I have been having a tough time sitting still for these sessions (it's like adult ADHD or something). Mainly, my brain is just on full-speed most of the time, so it's hard to feel like I'm idling.
Vendor Expo
The vendor expo kicked off officially on Monday night. I made it around to several booths, did the mandatory flirtation with the so-called "booth babes" and all that schtick. I then return today (Tuesday) a couple different times during the day to chat more in depth with some companies. As one would expect, of the couple thousand vendors, there aren't too many that I care about. All the biggies can be generally discounted (the RSAs, Symantecs, McAfees, Ciscos, Microsofts, etc, of the world). I have found several interesting small(er) companies, though, and will try to post a round-up of who I found interesting after I'm back (assuming I survive the week).
Jet-lag Sucks
I rather overdid things when I arrived on Sunday, not the least stupid of which was not eating or drinking from end of flight around 11am until a late dinner around 9pm (which is midnight body time). And then I did the same thing the next day. Oops. So, my sleep is all screwed up, I'm exhausted, and, well, anyway.
Cool People / AOL old timers
Today (Tuesday) has been a banner day for seeing and meeting famous people in the industry. Ron Rivest (the R in RSA) was nice, as was Marty Hellman (yes, that one, of Diffie-Hellman fame), and - my personal favorite - Dan Geer. I also bumped into John McCumber (Symantec, creator of the McCumber Model/Cube, one of my former GWU profs - who, btw, has lost a bunch of weight and looks great).
Perhaps more interestingly are all the AOL connections... Mandiant has several former AOL OpsSec'ers, including Jason Shiffer, who'll be presenting on Thursday. I also ran into Prentis Brooks, now at Time Warner Cable, and Fu Jy-Liu (who's name I've clearly misspelled - sorry Fu!), who's still in AOL OpsSec, and Brandi Moore, former OpSec'er, now with Ounce Labs in NYC, and Alex Joannou, formerly from Internet Services, now with Cloakware, and Bill Burns, still with AOL OpsSec, and... I think that's it - but it's surely enough! :)
Tuesday Sessions
The opening talk was RSA's President Art Coviello, who started out ok talking about info-centric security, but then quickly curtailed into tools, tools, tools. Blah. John Thompson, head of Symantec, followed, and while not outstanding, was certainly much better, delivering another preso on info-centric security, but one that made much more sense. After him was Craig Mundie at Microsoft, and a guest... I walked out after 5 painfully boring minutes.
The highlight of the morning was the Cryptographer's Panel... Whit Diffie, Marty Hellman, Ron Rivest, and Adi Shamir... yes, you have it right... Diffie-Hellman and the R and S of RSA... not too bad! Diffie was hilarious, Hellman was thoughtful and insightful, Rivest and Shamir were also decent... Shamir has a thick German (?) accent, so was a bit harder to follow at times. One bad time management note for me... they did an open Q&A session later and I misjudged the time, missing it completely. (Oh, sigh).
The big keynote of the morning was DHS Secretary Chertoff *yawn*. I seem to have missed that preso, that it certainly was easy to play "spot the fed" during the morning sessions, and I was amused to see SFPD do a bomb sweep with one of their dogs. On the way out tonight, I asked an SFPD guy on patrol if he'd had a busy day. He said he'd just come on duty, but that he figured something big must be happening at the Moscone Center because there were helicopters all over. Yep... nutty feds... Oh, well...
Vendors, Vendors, Vendors and their Trends
Like I said above, I'll try to do a proper post later on some of the vendors I visited. There seem to be some interesting themes this year, such as IAM and biometric solutions. There definitely are some interesting other players in different areas, though. More on that later...
So, that's my brain-dump for now. I have a few pictures, which I'll try to post later. Tomorrow evening is the big Security Bloggers Network event, where I may be able to put faces with infamous names, so hopefully that'll come off quite well. :)