Related Talks at BSidesSF and RSA 2015

The Silicon Valley convergence of hackers, researchers, consultants, vendors, press and others is nearly upon us. The annual BSidesSF and RSA Conference have returned to the Bay Area, hosted again in San Francisco. These events see some of the most original content presented to some of the largest crowds of the year. Much of the content will be relevant to I Am The Cavalry topics. Listed here is a sample of IATC relevant sessions to help you plan your time at these events. For quick reference, you can also add them to your calendar.


BSidesSF: April 19 – 20, 2015

Date Time Location Title Who
4/19 17:00 OpenDNS Medical Devices Security – From Detection to Compromise Adam Brand & Scott Erven


RSA Conference: April 20- 24, 2015

Date Time Location Title Who
4/21 13:10 North:  Room The Sandbox at 134 Open Garages – Learn How Technology Drives Your Car Craig Smith
4/21 14:20 West:  Room 2007 I Was Attacked by My Power Supply: A Mock Trial Steven Teppler
4/21 15:30 West:  Room 3022 Home Sweet Owned? – A Look at the Security of IoT Devices in Our Homes Billy Rios
4/21 16:40 West:  Room 3004 Securing the Internet of Things: Mapping IoT Attack Surface Areas with the OWASP IoT Top 10 Project Daniel Miessler
4/22 09:10 West:  Room 3022 Protecting Critical Infrastructure Is Critical Robert Hinden
4/22 10:20 West:  Room 3018 How Vulnerable Are Our Homes? – The Story of How My Home Got Hacked David Jacoby
4/22 11:30 West:  Room 3022 Don't Touch That Dial: How Smart Thermostats Have Made Us Vulnerable Ray Potter
4/22 11:30 West:  Room 3018 Tools of the Hardware Hacking Trade Joe Grand
4/23 09:10 West:  Room 3010 The Evolution of Threats Targeting Industrial Control Systems Frank Marcus
4/23 09:10 West:  Room 2002 Use of Technology in Preserving and Protecting Humanity Davi Ottenheimer, Alex Stamos, Beau Woods, Bruce Schneier, & Morgan Marquis-Boire
4/23 10:20 South:  Room Viewing Point at Gateway CyberLegislation is Upon Us…But Are We Ready? Joshua Corman
4/24 09:00 West:  Room 2002 Cyber Security and Aviation Erroll Southers & Lawrence Dietz
4/24 09:00 West:  Room 2006 IoT: When Things Crawl into Your Corporate Network Sam Curry & Uri Rivner
4/24 11:20 West:  Room 2018 Medical Device Security: Assessing and Managing Product Security Risk John Lu & Russell Jones
4/24 12:30 West: Room 3022 Security Hopscotch Chris Roberts

Down The Rabbithole Cavalry-esque Discussion

For those of you who don’t already listen to it, the Down The Rabbithole (DtR) podcast is a long-running podcast hosted by Raf Los (aka. Wh1t3 Rabbit) and James Jardine. Over the holiday weekend I was catching up on the podcast and ran across a great Cavalry-esque episode I thought I’d draw your attention to.

On the April 7th Newscast Raf and James discussed the downfall of Windows XP and how this will affect life critical systems. They went beyond the superficial issues and talked about the bad assumptions that have led to decision making failures for several years in the computer technology space. The true costs, they mention, won’t be on the Internet, they’ll come when computer security affects humanity. Our inability to accurately predict the future leads to public safety, human life and trust problems.

They also discuss wholly managed devices, such as the Google Nest thermostat. What are the implications of that management? If an update breaks a device what are the ramifications? They also talked about the fact that the updates themselves can be an attack vector, similar to my comments in the BBC article on ghosts in the Internet of Things.

We’re placing ever more trust in those who are behind our connected systems. We are trusting that they are acting in good faith. And we are trusting that their decision making process is sound. Shouldn’t we KNOW that these decisions are worthy of our trust?

IATC at ISSA Los Angeles, May 16th, 2014

I Am The Cavalry is proud to be an organizational sponsor of ISSA Los Angeles (Event Flyer). The conference will be on May 16th, 2014, from 7:30 am to 6:00pm, at the University City Hilton in Los Angeles. Keynotes include Richard Clarke and Marcus Ranum, and featured speakers include Jackie Lacey (LA County District Attorney), Marc Manfred (Beyond Trust), Jim Manico (OWASP), and Jeremiah Grossman (White Hat Security). I Am The Cavalry will have a table at the event – come by and say “hi”!