RSAC 2017: What just happened?
RSA Conference 2017 is over. The numbers are in, and most of the talk videos are online. Over 43,000 infosec professionals, government employees, marketing biddies, sales flacks, and genuine rubes all piled into San Francisco's Moscone Center for a week of hellish hawking and conspicuous consumption, while everyone pretended like they weren't looking for new jobs. 

Attendees were hacked via rogue access points. There was a fight on the Cryptographer's Panel. Meanwhile, F-Secure acquired Inverse Path. 

Synack told press that Apt28/Fancy Bear(s) used Hacking Team tools on the DNC.  Microsoft declared that we need a Digital Geneva Convention

UnifyID, rather than being named "Most Likely To Have Emerged From A Fever Dream After Reading 1984," was instead named RSA Conference 2017’s Most Innovative Startup. The RSAC Security Blogger Awards were announced and it was the usual dudely suspects all around. (Is the collective noun for RSAC security blogger awards winners ... a disappointment?)

It was a week of gimmickry and impossible promises. Millions were spent while people starved outside on the streets of San Francisco, and people like me struggling for rent swam upstream through hordes of suits navigating $100,000 booths, all of us looking for a reason to be there.  We were rats in Moscone's endlessly Kafkaesque, under-construction maze.

The press weren't at their best. Some lingered at talks presented by well-known security brands, trying their hardest to pull negative stories out of security researchers who now despise the press just a little bit more. Or, some obfuscated source material in attempts to seem in the know about topics they struggled to explain.

It was all normal.

I'm really grateful that one thing RSA does right is get their talks online right away, so I can point you to the good stuff you might've missed. To my surprise, there were some really really great talks this year.  

A curated list of the most interesting are below. Talk title links to YouTube video; description and slides (if any) follow.

IoT: End of Shorter Days

(description / slides)

-Charles Henderson

Don't be fooled by the title, this talk hides a hell of a big, big problem in its IoT/identity management buzzword wrapper.  The nugget: Henderson discovered that car apps, mostly made by one third party entity, don't clear owner identity info when a car is sold. Playing with the app for a car he sold, he could still access the car's features and find its location, among other unsettling things... "Your smart devices aren't smart enough to know they've been sold."

Data Plays the Victim: What Ransomware Has Taken from the Kidnapping and Ransom Industry

(description / slides)

-Jerimiah Grossman, Chief of Security Strategy, SentinelOne

Fascinating talk; covers how ransomware is similar to kidnap and ransom, projections on the ransomware market, and tactics being employed to prepare for/prevent ransom scenarios.

Hello False Flags! The Art of Deception in Targeted Attack Attribution (description / no slides)

See also: Their incredible paper, Wave Your False Flags (.pdf)

-Brian Bartholomew, Juan Andrés Guerrero-Saade, Security Researchers, Kaspersky Lab

Superb presentation on currently active attack groups who obfuscate their tracks, and breakdown/analysis on how they're doing it. You won't see attribution the same.

The Cryptographers Panel 2017 

(description / no slides)

Do you like watching a good fight onstage? I sure do, and this panel delivered.

How to Delete Data for Realz: This Presentation Will Self-Destruct In... 

(description / slides)

-Davi Ottenheimer, President, flyingpenguin; Ian Smith, Research Scientist, University of Washington

This talk presents a new tool that could create an industry standard method for realizing an automated service with genuinely deleted data. This would solve much of the identity management problems we're seeing come up, and yes, these guys were mobbed with questions and requests for the barely-launched service after their talk.

Lessons from a Billion Breached Records 

(description / slides)

RSAC doesn't have this video up yet, but you can watch Hunt's interesting material previously presented in Lessons From A Quarter Billion Breached Records (Vimeo; talk starts at 4:30).

-David Gibson, VP of Strategy, Varonis Systems; Troy Hunt, Microsoft Regional Director and MVP, Consultant  

No doubt you've visited or found yourself in Hunt's HaveIBeenPwned service. This covers what he's observed and learned (sometimes the hard way) from running a continually growing set of searchable breach record databases. Also discusses how this data is sold and redistributed. Fascinating. 

RSAC TV: Jessy Irwin Interview


-Jessy Irwin, Paul Roberts 

Roberts stumbles over the intro, but nice discussion with Irwin about how she balances her advice for employees on security without compromising on productivity.