Re: CRIME Request for Security Conference Topics, Speakers

From: Joe St Sauver (JOE@private)
Date: Tue Feb 10 2004 - 18:17:16 PST

Next message: George Heuston: "CRIME FW: [Information_technology] Daily News 2/11/04"

Previous message: Todd Ellner: "CRIME Article on digital evidence on CNN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi John,

#I'm co-chairing the third Advanced Data Security Conference with Susan
#Koeppen from Microsoft, to be held in Seattle June 28, and am soliciting
#interesting topics and speakers. This event tends to attract corporate
#counsel and compliance folks, and is not "101" level. Hot topics and
#charismatic speakers with deep insight (who will work for free, of course)
#especially preferred; all suggestions gratefully received! Thanks!

How about some of the following:

-- Spam is obviously a hot topic; a couple of possible areas might include:

   -- understanding the inter-relationship between state (such as Oregon's
      SB910) and federal antispam laws (such as S.877) (you did mention that 
      corporate counsel types would be attending)

   -- insuring that YOUR mailings meet the letter and spirit of those acts
      (for example, if you have multiple entities doing mailings, do they
      coordinate their opt out requests?)

-- a roundup on replacement of plain text services with their equivalent
   encrypted analogs (e.g., telnet --> ssh, plain text POP/IMAP to POP/IMAP
   with encryption support, etc.), including a focus on areas where there
   are still gaps, with an eye to upgrading what customers are provided

-- adapting security measures to the emerging IPv6 environment (e.g.,
   user installs IPv6 on a Wintel machine and then begins doing 6to4
   via an autodiscovered/anycast 6to4 gateway -- that's a radically
   different environment than the user had before installing v6)

-- browser help objects (BHO's) and browser hijacking

-- handling abuse complaints, and expectations for complaint channels
   per RFC2142

-- configuring netflow or intrusion detection systems to identify
   problematic traffic

-- using ip-to-ASN translation to help identify and categorize traffic 
   from blocks with chronically absent PTR records

-- effecient vetting of potential customers prior to signup by sales staff

-- hijacked netblocks and ASNs

Regards,

Joe St Sauver (joe@private)
University of Oregon Computing Center

Next message: George Heuston: "CRIME FW: [Information_technology] Daily News 2/11/04"
Previous message: Todd Ellner: "CRIME Article on digital evidence on CNN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Feb 10 2004 - 18:47:37 PST