Let me say, right off the top, that I love CanSecWest. I am tired of “vendor” conferences, where you pay outrageous fees for the privilege of sitting through a bunch of sales pitches. At least CanSecWest has real information, as opposed to virtual information. (Virtual information: n. – marketing spiel dressed up as actual technical information.)
However, today I have had the same conversation half a dozen times, with half a dozen different people. (And I didn’t initiate any of them.) The conversation generally starts out the same way, with the question, “Don’t you think CanSecWest is getting … less technical?”
Now, it may simply be a one year glitch, or a random set of presentations. But, yes, I have to agree that, so far, the presentations have not been as great as in the past.
Still good, don’t get me wrong. But we started with a pres on the boot process, nicely technical, but nothing new. Pen testing, which was also pretty generic, and nothing new. The social authentication, yes, that was good. Recent research, and some neat ideas to play with. The piece on APT was mostly about finding bugs in Shockwave/Flash. The piece on Duqu and Stuxnet was good, but I feel a bit used: Kaspersky obviously timed it to present the same thing at both CanSecWest and CeBit at the same time. Good PR hack, but a bit of a cheat in terms of “unique” presentations that haven’t been done before.
The smartphone rooting had some interesting points, but didn’t demonstrate real exploits. The probing of mobile networks had more real and technical data. (Marcia Hoffman’s presentation was, last year, a personal disappointment to me, since I’m a legal and forensics guy, and expected more depth. However, when I thought about it, I realized that she had nailed the target audience: these guys are geeks, and need the basic warnings about what they are doing. She did just as well this year.)
The iOS exploitation pres was interesting but covered material that was covered quite well last year. The piece on hardware-involved attacks boiled down to “if you don’t take care with your programming, hardware can do things you don’t expect: be a careful programmer.” The Near Field Communications (NFC) item did raise some interesting points about the careless acceptance of chip codes, but most of it was little different from discussions about RFID or validating input in general. (The HDMI was pretty cool.)
Like I said, I love CanSecWest, and I’m still going to come. I may complain a bit about these presentations, but they are still far above anything you are likely to find at a vendor conference. But I hope the program gets back to some solid, new technical stuff.
(By the way, if you want more details about the specific presentations, the slides are generally made available in an archive shortly after the event closes. It’ll probably be this link, or something similar.)