Black Hat and BSides Las Vegas: The Enemy Within

Monday, July 30, 2012

alan shimel


So I am fresh back from another pilgrimage to Vegas for what I have come to think of as Security Week (no relation to the periodical). 

I have been trekking out to Vegas for Black Hat for near 10 years or more now. I was at the very first BSides, but usually my Geiger counter reaches lethal doses of Vegas saturation before Defcon starts.  There is only so much Vegas I can take.

I missed the last two years in Vegas prior to this one because of family obligations. As such I was really surprised to see how Black Hat and BSides LV have changed. After reflecting on what I saw there I was reminded of an old Star Trek episode called “The Enemy Within”. 

You may remember this one. Due to a transporter malfunction when Captain Kirk beams back up to the Enterprise, there are actually two Kirks beamed up.  One is the “good” Kirk and one is the “bad” Kirk.  The same thing happened with some funky space dog they tried to beam up too.

One was a snarling, growling, vicious beast and the other a sweet little lap dog.  The bad Kirk creates mayhem on board, trying to have his way with woman and acting out on his most base impulses.  The good Kirk at the end of the day is too good. He doesn’t have what it takes to stop the bad Kirk and do what he has to.


The lesson of that episode is you can’t separate the good from the bad and still be strong. Neither of the Kirks was someone you would want to captain a starship. But together, they made James T. Kirk, the finest person to ever command a Federation vessel.

Much the same lesson can be applied to Black Hat and BSides LV.  There was a time that Black Hat was where the edge met the establishment; where the hacker mingled with the man.  Cutting edge research and exploits mixed with mainstream security vendors and the more advanced security pros. I loved it!

Black Hat had just enough commercialism to pay the bills and make you realize this is where the players were.  No exhibit floor, just some booths in the hallways of Caesars. The keynotes weren’t aimed at a general audience, but at security people. No message or morals about “working together”, just gun slingers with an “I am the best hacker” attitude by many of the speakers.

That was not the Black Hat I saw this year though.  I saw a condensed version of RSA.  I love RSA BTW. It is an event by the industry, for the industry and they know what they are and do a great job with it. But Black Hat didn’t used to be RSA. It is now.  Giant vendor booths, lots of suits (OK, not suits but biz casual dressing) and even many of the briefings seemed to have lost the edge.  

Summarizing, Black Hat has gone totally corporate and seems to have lost the edge. As my friend Thomas Stamulis said in only half jest, Black Hat is like the Nickleback of security conferences.

I don’t know, maybe that is what they wanted to do?  I know Trey Ford took over this year and he has not had a lot of time to bring his considerable talents to bear.  Maybe it will return to its roots. I hope so.  I want to bring back the Black Hat that I knew and loved. Ditch the big booths, ditch the business development fest and get edgier. 

On the other hand, all of the edge seems to have gone to BSides. BSides has grown from an intimate get together at some house in Vegas that Nickerson donated (if my memory serves me right) where I saw JJ talk about NAC and a bunch of the sharper woman in security (Erin, Jennifer and Leigh ) talk about sexism in security, into a bona fide event. The level of the presentations at this year’s BSides was amazing.  I think it would give the Black Hat presentations a run for their money.

On top of the presentations, the attendees were the edgier folks that used to flock to Black Hat and then stay for DefCon. Now they come to BSides and stay for DefCon.  Many of the BSides folks were younger. I would assume that the cost of Black Hat would probably keep many of them away from attending Black Hat. 

But don’t assume too much. Given the choice I think most of the BSides attendees would rather attend BSides than Black Hat, regardless of price. However, there are a sizeable chunk of folks like me, who attend both and would like to do so in the future.

But as good as the presentations were and as edgy and cool as the attendees are, BSides is far from perfect and needs to do a lot more.  Frankly, while the Artisan Hotel is very funky, it is not an ideal place to hold this event.  I know at BSides people attend presentations if they want to. But if they don’t want to sit in on a presentation, they shouldn’t be traipsing through the lobby where the talks are going on. It is distracting to the attendees and disrespectful to the speakers.

The hotel is too far from the strip where Caesars is held and the shuttle bus not nearly frequent enough to make attending both events very doable. Taking cabs when you can get them can be an expensive proposition. A better solution needs to worked out

BSides prides itself on being volunteer based and rightfully so. The volunteers do Yeomans work pulling this show off. I volunteer for many organizations, so I know that it is volunteers that make the world go round. But the BSides folks go above and beyond. Coming out to Vegas on their own dimes and working the show for the enjoyment of others is very commendable.

But as a show grows (and BSides is busting at the seams. It could easily handle twice as many attendees), it needs a little more to scale as well.  You can’t have a venue hotel where the wireless is out at night for instance. A little more organization goes a long way. While the wiki/twitter medium is egalitarian and good, it is not the most efficient means of organizing a conference.

The bottom line for me is that with an event that has a budget over 100k, top notch presentations and sold out attendance, I would be all for some professional organization to help manage it. Listening to Jack Daniel talk about the future of the BSides organization and the “big” and “little” options, I think that the right choice is a big BSides parent organization that brings a level of predictability and professionalism to the BSides brand, especially to the bigger BSides like Las Vegas and San Fran.

As some of you may know I was the sponsor coordinator for this year for BSides. I was really proud of all of the companies that stepped up and kicked in a lot of money to make BSides happen. I didn’t realize what I was signing up for and could have done a much better job perhaps had I known.  But in spite of me, there was a solid group of companies that sponsored BSides Las Vegas.

Companies like Tenable, Qualys, Firemon, Facebook, IOActive, Milton Security and others kicked in a lot of money and product without the usual ROI that you may see or measure for a trade show or conference sponsorship.  It is a testament to them and my heartfelt thanks to them for making BSides happen.

The BSides folks try hard to figure out how to honor the sponsors without appearing as crassly commercial as Black Hat. But at the end of the day, it is a hard, fine line to walk. I think we can walk it better.

Give the sponsors some sort of table top; perhaps have a 3rd sponsor track of presentations. I am not sure what the answer is, but we need to give the sponsors more.

BSides Las Vegas is not like most other BSides. It is the granddaddy of them all. While not the biggest from attendance perhaps, it is high profile. While other BSides can get by on a few thousand dollars in sponsorship, that is not the case here. BSides Las Vegas needs to change the model a bit and perhaps be just a little more commercial in giving their sponsors more. As I said, I am not sure what that more is, but the thought on it should happen right now.

Frankly, as it stands now I don’t think the present BSides Las Vegas does justice to the fantastic speakers, the dedicated sponsors and the blood, sweat, tears and cash that so many of you have put in (especially Jack, Josh and Banasidhe). 

It is edgy for sure. It has taken much of the edge that Black Hat used to have. But like the good and bad Kirks, Black Hat and BSides need a little bit of what the other has to be whole, viable and successful.

I hope this is taken in the right way. I love both Black Hat and BSides and think the security industry as a whole benefits from strong shows like this. I just want them to be better.

I know that the BSides folks are supposed to meet with Trey and team from Black Hat. When the Black Hat folks met with the RSA Conference people, that meeting resulted in what I think will be a better BSides San Fran next year and closer cooperation between RSA and BSides.

I hope a similar meeting here will do the same. Hopefully they can work something out that will allow them both to be better in the future for all of us who can’t wait to get back to Vegas for next year!

Cross-posted from the Ashimmy Blog

Possibly Related Articles:
Information Security
Management Training Innovation Infosec Black Hat Security BSides Conferences BSidesLV
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.