User Panel
Posted: 5/22/2015 12:21:42 PM EDT
So, I've been contemplating having some sort of UC summit. Kinda a semi-formal where a bunch of us gurus can all get together on a google hangout and people can pick a topic and maybe give a 10 or 15min presentation followed by Q&A or a round table discussion or something. Just as sort of a way that the industry experts here can exchange ideas, and have a good time for a couple of hours.
Thoughts? ETA: Summit Document - OneDrive |
|
I would be willing to attend, present not so much. I am a lightweight in this world, I prefer my dark corner.
|
|
So, so far we have Psyber presenting on something while Angry-American hangs on every word
|
|
I'm in.
I'll speak on whatever topic ya'll need, assuming I know it well enough. |
|
I'd attend that.
Problem is, I don't know how much value I bring to the table. I'm very much a dabbler in many IT areas... mile-wide-and-an-inch-deep, so to speak. I don't know how worthwhile my contribution would be any particular topic. For instance: VOIP. I use it, and have built/set-up several systems (including ZRTP-encrypted). But you'd want Subnet for a serious treatment of the topic. Forensics. I know a little bit, but I bow in the presence of a master (Bcauz3y) Cyber-security. Any number of posters would do a FAR better job than myself Coding. Ditto With the exception of the security-camera stuff, and the setup/networking thereof. That I probably know in enough depth to provide something useful. |
|
Quoted:
I'd attend that. Problem is, I don't know how much value I bring to the table. I'm very much a dabbler in many IT areas... mile-wide-and-an-inch-deep, so to speak. I don't know how worthwhile my contribution would be any particular topic. For instance: VOIP. I use it, and have built/set-up several systems (including ZRTP-encrypted). But you'd want Subnet for a serious treatment of the topic. Forensics. I know a little bit, but I bow in the presence of a master (Bcauz3y) Cyber-security. Any number of posters would do a FAR better job than myself Coding. Ditto With the exception of the security-camera stuff, and the setup/networking thereof. That I probably know in enough depth to provide something useful. View Quote I'd pay good money to attend your lecture on that subject. |
|
So we have the following:
Presenters and topics: Psyber - undecided bcauz3y - security stuff (most likely) TheGreyMan - IP Security Cameras Also added to the OP |
|
Why not just do something a little more informal without official presenters? Lower pressure and would get more people engaged.
|
|
|
If it's open to the "public" I would love to attend. Right now I'm just a geek who is interested in turning all this into a career.
The most advanced thing I've done is setup a web host on Amazon EC2 from various tutorials and things. So not a guru in any sense of the word. |
|
Quoted: If it's open to the "public" I would love to attend. Right now I'm just a geek who is interested in turning all this into a career. The most advanced thing I've done is setup a web host on Amazon EC2 from various tutorials and things. So not a guru in any sense of the word. View Quote |
|
Hey what if we partnered with Subnet and he broadcasted the whole thing live? That would be kinda neat.
|
|
you can do google hangouts that have a public sidecar, essentially.
you don't have to give everyone that's watching a mic |
|
Quoted:
Hey what if we partnered with Subnet and he broadcasted the whole thing live? That would be kinda neat. View Quote I'd be happy to, but I think it'd probably be better to see if Google Hangouts have a way to allow people to listen in, without being participants (I'm sure they do). It'll work on mobile devices this way. I'm actually in the middle of upgrading my broadcast server (it's still running win2k3). |
|
It's sounding like hangouts has a side car, I'll have to look into that when I get off work.
Sub how would you feel about being an MC? |
|
You can livestream Hangouts on your YouTube channel. Many BookTube folks do that when doing panel book discussions.
|
|
I think this is a hell of an interesting idea and would be wildly informative. Unlike a typical industry conference, presentation, or partner meeting, there's no "selling" or politics here. People will get the unvarnished and ugly truth about the various subjects.
I'm a C level IT executive for a mid-size corporation in the security and investigations industry. BEFORE you get out the torches and pitchforks, I spent 10 years in the trenches as a network and sys engineer for some sizable Silicon Valley companies before I went to the dark side! Trust me, I'm the CIO/Director you wish you had. If that's useful, I'd be glad to offer my time. Perhaps something like "Why your CIO/Director hates you and forces you to keep the AS400 system" or "How I made the shareholders happy by kicking the IT department in the balls" ETA: I keed I keed! sort of. No seriously it's a joke. Kind of.... |
|
If Subnet is hosting than I might be better off in the sidecar, cause if he is drinking, so am I.
|
|
Quoted:
I think this is a hell of an interesting idea and would be wildly informative. Unlike a typical industry conference, presentation, or partner meeting, there's no "selling" or politics here. People will get the unvarnished and ugly truth about the various subjects. I'm a C level IT executive for a mid-size corporation in the security and investigations industry. BEFORE you get out the torches and pitchforks, I spent 10 years in the trenches as a network and sys engineer for some sizable Silicon Valley companies before I went to the dark side! Trust me, I'm the CIO/Director you wish you had. If that's useful, I'd be glad to offer my time. Perhaps something like "Why your CIO/Director hates you and forces you to keep the AS400 system" or "How I made the shareholders happy by kicking the IT department in the balls" ETA: I keed I keed! sort of. No seriously it's a joke. Kind of.... View Quote I think something from the perspective of C-level would be awesome and informative, I think it's paramount that mid-level and senior engineers understand the drive behind top level decisions. |
|
|
Just wrapped up 32+ hours of physical security stuff which should help. It takes a special kind of asshole to design a certification program that requires continual upkeep after passing a six-hour test. |
|
IP everywhere. does anyone want to know anything about how IP everywhere? Should only take a minute or 2.
actually, depending on when this is, I may be able to give a presentation on software defined networks using mininet. apparently academia has some vision for this. im already a huge gns3/dynamips homer, so I feel right at home with mininet, you can even script stuff with python in it. |
|
Quoted:
IP everywhere. does anyone want to know anything about how IP everywhere? Should only take a minute or 2. actually, depending on when this is, I may be able to give a presentation on software defined networks using mininet. apparently academia has some vision for this. im already a huge gns3/dynamips homer, so I feel right at home with mininet, you can even script stuff with python in it. View Quote I'll buy you a beer. |
|
i'd like to listen in and learn from the smart folks.
would love to hear from web dev experts as well btw. |
|
Quoted:
Quoted:
IP everywhere. does anyone want to know anything about how IP everywhere? Should only take a minute or 2. actually, depending on when this is, I may be able to give a presentation on software defined networks using mininet. apparently academia has some vision for this. im already a huge gns3/dynamips homer, so I feel right at home with mininet, you can even script stuff with python in it. I'll buy you a beer. MORE BEER = MORE IP EVERYWHERE |
|
Quoted:
IP everywhere. does anyone want to know anything about how IP everywhere? Should only take a minute or 2. actually, depending on when this is, I may be able to give a presentation on software defined networks using mininet. apparently academia has some vision for this. im already a huge gns3/dynamips homer, so I feel right at home with mininet, you can even script stuff with python in it. View Quote I would love to hear something on software defined networks! |
|
in. not sure what sort of presentation would be interesting to folks , but i'm in. ar-jedi |
|
|
I'm in, depending on when it is as I'm on the other side of the world.
Let me think about presenting, I'm open to doing it, just not sure what people want to know about. |
|
Quoted:
I'm in, depending on when it is as I'm on the other side of the world. Let me think about presenting, I'm open to doing it, just not sure what people want to know about. View Quote I'd like to hear your input on nation state threats. I'm reasonable well connected into it, but not nearly as well as you. |
|
Quoted:
I'd like to hear your input on nation state threats. I'm reasonable well connected into it, but not nearly as well as you. View Quote View All Quotes View All Quotes Quoted:
Quoted:
I'm in, depending on when it is as I'm on the other side of the world. Let me think about presenting, I'm open to doing it, just not sure what people want to know about. I'd like to hear your input on nation state threats. I'm reasonable well connected into it, but not nearly as well as you. I like this idea. |
|
Quoted:
I know I'd find pretty much anything you had to say about Net Neutrality to be interesting and informative. View Quote View All Quotes View All Quotes Quoted:
Quoted:
in. not sure what sort of presentation would be interesting to folks , but i'm in. ar-jedi I know I'd find pretty much anything you had to say about Net Neutrality to be interesting and informative. whatever solution sells the most hardware, i'm for! ar-jedi ps maybe this is an interesting point... from a CALEA/NSA letter perspective, on the equipment manufacturer's side we are being pushed to develop encryption and key management solutions which take the burden of compliance off of the service provider. our customers ("tier 1" service providers and such) are working hard to get out themselves of the CALEA boondoggle. they are looking to sidestep the problem entirely by implementing end-to-end FIPS-certified encryption (AES256 on 10G/40G/100G/400G/++ optical spans) but moving the actual key management to the end client (e.g. banks, insurance companies, ISP's, cable companies, content providers, VoIP providers, etc). that is, the service provider does not have the encryption key to the span, and in fact can not retrieve it as the relevant FPGA and ASIC registers are write-only (but even if you could it's TTL is too short to be of practical value -- on a 100G span for example, a given rolling CBC or CTR key is only valid on the order of 10 minutes). from both the service provider's and client's perspective, it's win/win -- the service provider can offer end to end logical transmission security (which is upcharged), the client doesn't have to take a throughput/latency hit at their border routers, and the client is protected against unknown eavesdropping/intercept threats. from a CALEA/NSA letter perspective, the service provider can only provide to LE/three letter agency the encrypted bitstream -- and you would need an eternity of computing cycles to turn that sausage back into a pig. most importantly, from a business perspective, the service provider does not have to lie to their clients. you can do that maybe once with big clients -- major banks, brokerages, and the sort. after that, they will find another service provider who will offer canary service. |
|
Quoted:
I'd like to hear your input on nation state threats. I'm reasonable well connected into it, but not nearly as well as you. View Quote View All Quotes View All Quotes Quoted:
Quoted:
I'm in, depending on when it is as I'm on the other side of the world. Let me think about presenting, I'm open to doing it, just not sure what people want to know about. I'd like to hear your input on nation state threats. I'm reasonable well connected into it, but not nearly as well as you. I could do that. |
|
Quoted:
whatever solution sells the most hardware, i'm for! ar-jedi ps maybe this is an interesting point... from a CALEA/NSA letter perspective, on the equipment manufacturer's side we are being pushed to develop encryption and key management solutions which take the burden of compliance off of the service provider. our customers ("tier 1" service providers and such) are working hard to get out themselves of the CALEA boondoggle. they are looking to sidestep the problem entirely by implementing end-to-end FIPS-certified encryption (AES256 on 10G/40G/100G/400G/++ optical spans) but moving the actual key management to the end client (e.g. banks, insurance companies, ISP's, cable companies, content providers, VoIP providers, etc). that is, the service provider does not have the encryption key to the span, and in fact can not retrieve it as the relevant FGPA and ASIC registers are write-only (but even if you could it's TTL is too short to be of practical value -- on a 100G span for example, a given rolling CBC or CTR key is only valid on the order of 10 minutes). from both the service provider's and client's perspective, it's win/win -- the service provider can offer end to end logical transmission security (which is upcharged), the client doesn't have to take a throughput/latency hit at their border routers, and the client is protected against unknown eavesdropping/intercept threats. from a CALEA/NSA letter perspective, the service provider can only provide to LE/three letter agency the encrypted bitstream -- and you would need an eternity of computing cycles to turn that sausage back into a pig. most importantly, from a business perspective, the service provider does not have to lie to their clients. you can do that maybe once with big clients -- major banks, brokerages, and the sort. after that, they will find another service provider who will offer canary service. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
in. not sure what sort of presentation would be interesting to folks , but i'm in. ar-jedi I know I'd find pretty much anything you had to say about Net Neutrality to be interesting and informative. whatever solution sells the most hardware, i'm for! ar-jedi ps maybe this is an interesting point... from a CALEA/NSA letter perspective, on the equipment manufacturer's side we are being pushed to develop encryption and key management solutions which take the burden of compliance off of the service provider. our customers ("tier 1" service providers and such) are working hard to get out themselves of the CALEA boondoggle. they are looking to sidestep the problem entirely by implementing end-to-end FIPS-certified encryption (AES256 on 10G/40G/100G/400G/++ optical spans) but moving the actual key management to the end client (e.g. banks, insurance companies, ISP's, cable companies, content providers, VoIP providers, etc). that is, the service provider does not have the encryption key to the span, and in fact can not retrieve it as the relevant FGPA and ASIC registers are write-only (but even if you could it's TTL is too short to be of practical value -- on a 100G span for example, a given rolling CBC or CTR key is only valid on the order of 10 minutes). from both the service provider's and client's perspective, it's win/win -- the service provider can offer end to end logical transmission security (which is upcharged), the client doesn't have to take a throughput/latency hit at their border routers, and the client is protected against unknown eavesdropping/intercept threats. from a CALEA/NSA letter perspective, the service provider can only provide to LE/three letter agency the encrypted bitstream -- and you would need an eternity of computing cycles to turn that sausage back into a pig. most importantly, from a business perspective, the service provider does not have to lie to their clients. you can do that maybe once with big clients -- major banks, brokerages, and the sort. after that, they will find another service provider who will offer canary service. Yes please talk on this and im sure i will have questions. I designed and implemented a calea solution for a voip provider a few years ago. It was voice only though - hi1/2/3 to verint who handled the leaf for us. Ever since then ive wondered how the data side data works |
|
I'd be checking that out. I like the idea but the implications and practical implementation gives me pause. Is Cisco still pushing IPE via MPLS for things like superconnected grids?
Eh, off topic, my ADHD is kicking in. Quoted:
IP everywhere. does anyone want to know anything about how IP everywhere? Should only take a minute or 2. actually, depending on when this is, I may be able to give a presentation on software defined networks using mininet. apparently academia has some vision for this. im already a huge gns3/dynamips homer, so I feel right at home with mininet, you can even script stuff with python in it. View Quote |
|
Emphatically, me three, or four or whatever it is.
I am interested in the economic and market effects of the threat that nation states present. I may not be a part of the national security puzzle but I have balance sheets, income statements, and shareholders to protect! I'm sort of being facetious but more and more I am finding this subject in forecasting, finance projections, and DR compliance and audit planning documents. I'm behind the curve on the international aspect of IT security through my own fault. The corporate community is worried and it's not all about Target-style breaches. Quoted:
Quoted:
Quoted:
I'm in, depending on when it is as I'm on the other side of the world. Let me think about presenting, I'm open to doing it, just not sure what people want to know about. I'd like to hear your input on nation state threats. I'm reasonable well connected into it, but not nearly as well as you. I could do that. |
|
So it looks like this thing is getting legit as fuck. How about every one who wants to present, reply with the tentative title of your presentation and I'll update the ongoing list in the OP.
|
|
I can provide insight into how the IT component of business is viewed and utilized from the ownership and C level/executive perspective. Everything from strategic decision making, budgets, and staffing to aligning infrastructure, architecture, and development with the operations and profit model of the enterprise. It's a huge subject with many variants. I'd love it if people had specific questions or topics they want to know about.
|
|
I guess I could give a two hour PowerPoint on MAC addresses, and why they are the AK-47s of the internets.
|
|
|
|
My perspective has been temporarily warped by the last two days, but if anyone working for FedEx wants to step in and soothe my burns I suppose I could pull something off.
|
|
Quoted: Quoted: Quoted: I'm in, depending on when it is as I'm on the other side of the world. Let me think about presenting, I'm open to doing it, just not sure what people want to know about. I'd like to hear your input on nation state threats. I'm reasonable well connected into it, but not nearly as well as you. I could do that. Bit tricky keeping it unclass. |
|
Quoted:
I would love to hear something on software defined networks! View Quote View All Quotes View All Quotes Quoted:
Quoted:
IP everywhere. does anyone want to know anything about how IP everywhere? Should only take a minute or 2. actually, depending on when this is, I may be able to give a presentation on software defined networks using mininet. apparently academia has some vision for this. im already a huge gns3/dynamips homer, so I feel right at home with mininet, you can even script stuff with python in it. I would love to hear something on software defined networks! Wonder if we have any NSX guys here? |
|
Quoted: As long as you cover the filtering. That's the Holy Grail View Quote View All Quotes View All Quotes Quoted: Quoted: I guess I could give a two hour PowerPoint on MAC addresses, and why they are the AK-47s of the internets. As long as you cover the filtering. That's the Holy Grail |
|
Quoted: whatever solution sells the most hardware, i'm for! ar-jedi ps maybe this is an interesting point... from a CALEA/NSA letter perspective, on the equipment manufacturer's side we are being pushed to develop encryption and key management solutions which take the burden of compliance off of the service provider. our customers ("tier 1" service providers and such) are working hard to get out themselves of the CALEA boondoggle. they are looking to sidestep the problem entirely by implementing end-to-end FIPS-certified encryption (AES256 on 10G/40G/100G/400G/++ optical spans) but moving the actual key management to the end client (e.g. banks, insurance companies, ISP's, cable companies, content providers, VoIP providers, etc). that is, the service provider does not have the encryption key to the span, and in fact can not retrieve it as the relevant FGPA and ASIC registers are write-only (but even if you could it's TTL is too short to be of practical value -- on a 100G span for example, a given rolling CBC or CTR key is only valid on the order of 10 minutes). from both the service provider's and client's perspective, it's win/win -- the service provider can offer end to end logical transmission security (which is upcharged), the client doesn't have to take a throughput/latency hit at their border routers, and the client is protected against unknown eavesdropping/intercept threats. from a CALEA/NSA letter perspective, the service provider can only provide to LE/three letter agency the encrypted bitstream -- and you would need an eternity of computing cycles to turn that sausage back into a pig. most importantly, from a business perspective, the service provider does not have to lie to their clients. you can do that maybe once with big clients -- major banks, brokerages, and the sort. after that, they will find another service provider who will offer canary service. View Quote View All Quotes View All Quotes Quoted: Quoted: Quoted: in. not sure what sort of presentation would be interesting to folks , but i'm in. ar-jedi I know I'd find pretty much anything you had to say about Net Neutrality to be interesting and informative. whatever solution sells the most hardware, i'm for! ar-jedi ps maybe this is an interesting point... from a CALEA/NSA letter perspective, on the equipment manufacturer's side we are being pushed to develop encryption and key management solutions which take the burden of compliance off of the service provider. our customers ("tier 1" service providers and such) are working hard to get out themselves of the CALEA boondoggle. they are looking to sidestep the problem entirely by implementing end-to-end FIPS-certified encryption (AES256 on 10G/40G/100G/400G/++ optical spans) but moving the actual key management to the end client (e.g. banks, insurance companies, ISP's, cable companies, content providers, VoIP providers, etc). that is, the service provider does not have the encryption key to the span, and in fact can not retrieve it as the relevant FGPA and ASIC registers are write-only (but even if you could it's TTL is too short to be of practical value -- on a 100G span for example, a given rolling CBC or CTR key is only valid on the order of 10 minutes). from both the service provider's and client's perspective, it's win/win -- the service provider can offer end to end logical transmission security (which is upcharged), the client doesn't have to take a throughput/latency hit at their border routers, and the client is protected against unknown eavesdropping/intercept threats. from a CALEA/NSA letter perspective, the service provider can only provide to LE/three letter agency the encrypted bitstream -- and you would need an eternity of computing cycles to turn that sausage back into a pig. most importantly, from a business perspective, the service provider does not have to lie to their clients. you can do that maybe once with big clients -- major banks, brokerages, and the sort. after that, they will find another service provider who will offer canary service. |
|
Quoted:
Quoted:
Quoted:
Quoted:
I'm in, depending on when it is as I'm on the other side of the world. Let me think about presenting, I'm open to doing it, just not sure what people want to know about. I'd like to hear your input on nation state threats. I'm reasonable well connected into it, but not nearly as well as you. I could do that. Bit tricky keeping it unclass. That was my first instinct... then I thought, "Oh I can do it all open source"... Then I started thinking ppr... I'm debating. |
|
So gents, here's a onedrive doc that you can edit. Feel free to insert comments, or brush up your descriptions and what not. I'll add this to the OP as well.
http://1drv.ms/1elIvpt |
|
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.