Dailydave mailing list archives
Re: The lack of hard questions
From: "Dave Aitel" <dave.aitel () gmail com>
Date: Tue, 26 Aug 2008 17:01:47 -0400
I didn't get to see the talk, so I'm not sure what questions you asked and what the answers were. Of course, you can feel free to ask them here. Peer review isn't a static thing. -dave On Tue, Aug 26, 2008 at 4:48 PM, security curmudgeon <jericho () attrition org>wrote:
: Secure the Planet! New Strategic Initiatives from Microsoft to Rock Your : World *Mike Reavey, Steve Adegbite, Katie Moussouris* : https://www.blackhat.com/presentations/bh-usa-08/Reavey/MSRC.pdf : : Obviously my favorite part is the slide with CANVAS. :> But I think it's : interesting that Microsoft is doing this stuff and I don't think people : have asked them the hard questions about it yet. Also, those are quite : cool caricatures . Their "hard questions" in the slides were far from hard. I think you had left the room, but I went to the mic and asked them ~ 10 hard(er) questions. They answered a few, 'no commented' one and evaded a few. These were questions that came to mind while they gave their presentation, and the general lack of serious questions and putting them on the spot afterwards was a huge disappointment. I left BlackHat feeling that one of the purposes of BH (and DC) was to give the audience a chance to ask real questions, not the fluff questions that we see more and more each year. The audience has turned from a skeptical crowd into a passive herd, accepting anything presented, regardless of accuracy or sanity. I had to leave early on Saturday but I was told that Reavey, Adegbite and/or Moussouris wanted to speak with me because of the questions I asked. If any of you are reading this list, feel free to mail me if you had questions about my questions or skepticism. And no, I held back a few questions as they were cheap shots at the presenters/Microsoft but underscored the basis for some skepticism. After one comment Steve made to me in front of the audience, I should have let loose. Sometimes it doesn't pay to be a good guy. =) - security curmudgeon
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- The lack of hard questions Dave Aitel (Aug 26)
- Re: The lack of hard questions security curmudgeon (Aug 26)
- Re: The lack of hard questions Dave Aitel (Aug 26)
- Re: The lack of hard questions Mike Reavey (Sep 01)
- Re: The lack of hard questions dan (Sep 02)
- Re: The lack of hard questions Dave Aitel (Aug 26)
- Re: The lack of hard questions security curmudgeon (Aug 26)
- Re: The lack of hard questions Charles Miller (Aug 26)
- Re: The lack of hard questions Pusscat (Aug 27)
- Message not available
- Re: The lack of hard questions Charles Miller (Sep 01)
- Re: The lack of hard questions ergosum (Sep 01)
- Re: The lack of hard questions Charles Miller (Sep 02)
- Re: The lack of hard questions Matt (Sep 03)
- Re: The lack of hard questions Pusscat (Sep 03)
- Re: The lack of hard questions Pusscat (Aug 27)
- Re: The lack of hard questions Matthieu Suiche (Sep 02)