BlackHat Europe 2010 is already over! I spend good times (who don’t!) and the huge number of canceled flights (due to the ash cloud coming from Island) did not changed my point of view. I successfully escaped from Barcelona with @corelanc0d3r and we were back in Belgium after a mix of planes, trains and taxis. There were excellent talks that I already reviewed (see here and here). Now, I would like to give my opinion on another aspect of security conferences like BlackHat (as well as your preferred one – did I already mentioned BruCON? ). Conferences are an excellent way to build and increase social networks!
Social networking is defined by Wikipedia as: “A social structure made of individuals (or organizations) called “nodes,” which are tied (connected) by one or more specific types of interdependency, such as friendship, kinship, financial exchange, dislike, sexual relationship, or relationships of beliefs, knowledge or prestige“. Technical talks are great but, once presented, the next objective is to let people meet and discuss about them. By attending a specific talk, they are chances that you will meet other security guys having the same points of interest or the same problems as you.
Daily, we use tools like Twitter, mailing lists, forums or IRC to exchange information and build “groups” of people sharing the same objectives or interests. Here again, security conferences are an excellent way to meet your contacts “in real life”. The picture above is a perfect example! This year, I met very cool guys like @corelancd0d3r, @41414141, @seccubus or @ChristiaanBeek (My apologize for those I didn’t mention here – the list will be too long). Coffee breaks, parties, lunches (even ash clouds) are good occasions to meet the people you already know and, more important, make new contacts – “put a face on a nickname”. Internet is a wonderful way to exchange information and keep in touch, but nothing will replace a beer with friends in the center of a nice city!
Back to our main concern: security. The social network you maintain can help you to face day-to-day problems or receive feedback on several topics. The key is to share. One day you ask a question to your contacts and maybe, the next day, you’ll help. You did not understand all the technical aspects of a briefing? Who cares! The most important is to remember what’s possible and who was the speaker. As an example, take the briefing about “virtual forensics” presented by Christiaan Beek. Most important is to know that tools exist to perform forensics investigation in ESX environments. You don’t remember which ones? I’m sure that Christiaan will be happy to help you!