I’m looking forward to this year’s pilgrimage to San Francisco. Not that it’s ever been a pilgrimage before, since I lived 60 miles away, but now that I live near London, it’s a much longer trip. I’ll be arriving in San Francisco a few days early for a couple of reasons. The first is to visit my family and friends in the Bay Area, who I haven’t seen since I moved away. The second reason is to attend BSides SF on Sunday and Monday. Which, in many ways, is also a visit to friends I haven’t seen since moving.
Let’s assume for a second you’ve never attended a BSides event. It’s community led, it’s free, and each one is unique. BSides SF is being held in the DNA Lounge, which has been a fixture in San Francisco for as long as I can remember. Think of a funky, grungy, dark underground bar. Then add in a couple of hundred hackers, security devotees and a few people who happened to find their way into the event with little or no idea of what’s going on. The talks range from first time speakers (something that’s strongly encouraged) to some of the best speakers in the realm who want to step outside the confines of a business conference to talk about things that aren’t quite politically correct. Finally, add in a healthy dose of chaos and an even healthier sprinkling of community and you have some idea of what BSides is. But unless you actually attend, my description is never going to be adequate to capture the true energy of the event.
I make no bones about it, for me conferences are about meeting the people there, not about the talks. However, the talks at BSides tend to take a higher priority than they do elsewhere. While some of the talks are a bit rougher than those at conferences you pay for, the fact that people are speaking with unfiltered passion more than makes up for it. And a number of the talks simply couldn’t be given at a corporate event. I’m looking forward to Morgan Marquis-Boire’s (aka @headhntr) talk, even though he hasn’t publicly stated what it’ll be about yet. Morgan has worked on uncovering a number of government surveillance schemes around the globe, so anything he’s chosen to talk about has to be interesting. Along the same lines, Christopher Soghoian’s talk about living in a post-Snowden world is a must for me, even though I often find myself disagreeing with with what Chris says publicly. What can I say, privacy has always been a favorite topic of mine and has never been something that’s more in need of open, public discussion.
I’m also looking forward to seeing three of my friends on one panel, Jack Daniel, Wendy Nather and Javvad Malik discussing how to talk to an analyst, or rather how not to talk to an analyst. Javvad gave an excellent PK (20 slides, 20 second per slide) talk at RSA EU covering all the horrible slides he sees again and again as an analyst. The trio will be entertaining at the least, and I might even learn a little about talking to analysts myself. Ping Yan’s talk on using intelligence looks interesting and has potential for my day job, so I’m going to try to find a seat for that talk as well. And I have to support my podcast co-host Zach Lanier, even though I usually understand about half of what he’s presenting on any given occasion.
There are other interesting talks, if I can sit through the talks I’ve already mentioned, it’ll probably be the most I’ve seen at one conference in a long time. I have a pretty short attention (Squirrel!) span, and I’d rather be talking with the presenters than simply listening to them passively. I’ll have a mic and my Zoom H4, so it’s entirely possible I’ll be able to get a few of them to spend a few minutes doing exactly that. Which means I can share the conversations with you as well.