The Rant Conference 2015 – Blisters, T-Shirts And Self-Inflicted Social Engineering

Having attended and thoroughly enjoyed the previous two RANT conferences in 2013 and 2014, the anticipation for this year’s event was huge. So huge in fact that I am reliably informed that I picked up ticket #001.

With the day booked as holiday some months in advance, I was well set, until the pesky tube drivers decided they fancied an additional day off. Ho hum, I could still get there though, albeit with 16 miles of walking. Probably should have worn trainers though – my feet are still killing me. Plus, I wouldn’t have surprised Quentyn so much – I think he was almost disappointed not to see me wearing a T-shirt.

Anyways, I eventually arrived at the venue – the London Hilton – which, as you may imagine, was pretty impressive indeed.

So here follows my thoughts of the day. Or should I say the second part of my view of RANT Con – I’ve already written about Jenny Radcliffe’s turn on stage.

RANT

RANT Conference 2015

After negotiating the lifts I found the conference area and grabbed my name badge along with a pretty decent bag full of marketing bumf from the various vendors in attendance.

Entering the main hall, I immediately saw the aforementioned Jenny Radcliffe, sitting on her own (she doesn’t socially engineer everyone you know) and parked myself up for the day.

Soon joined by Stuart, who I had met for the first time a few weeks earlier, the scene was set…

Morning session

So, during the morning we heard from a number of speakers who told us how Transport For London’s systems were so antiquated that there was no risk of any potential contagion spreading between them. We were told how OPM had under spent on infrastructure, still had programs written in Cobol, lacked encryption and how the breach had been rated by a CIA officer who said “there is bad, there is worse and then there is this”.

We were told that education and training do not add up to make awareness (curious) but were informed that “culture eats strategy for breakfast”.

On the topic of APTs, it was said that most organisations are pwned by sheer idiocy rather than by anything advanced (yes, the human factor is always key).

We saw Shan Lee cope admirably as a moderator, having been thrown in at the deep end at the last moment, and heard a discussion on hacking hackers and the ethics thereof.

Now, while the morning session was ok, I do have to say that it was very ‘flat’.

The mood, or at least my perception of such, was somewhat sombre and maybe even a little defeatist I think. Also, the talks didn’t really prompt any great interaction with the crowd, something that has been key in previous events. Additionally, some of the speakers did not convey much in the way of passion for their chosen topics (I don’t doubt they possess it, they just didn’t demonstrate it). So, all in all, I thought the first half of the day was a bit of a letdown.

Lunch

I have to say the quality of the catering was excellent – great food, and plenty of it. Also, an endless stream of coffee was available throughout the day. Excellent!

Beyond that, lunch is of course a time for networking, catching up with old buddies (I’ll only name-drop Thom Langford – because he likes that sort of thing) and chatting with a vendor or two.

Now, for reasons that would be apparent if you overheard the conversation, I cannot elaborate too much on what must have been the funniest part of the entire day. Suffice to say, one attendee (not Jenny) engaged a vendor in conversation. Said vendor then socially engineered themselves, for want of a better phrase, into believing they were speaking to someone with whom they most likely already do business. My compatriot missed a golden opportunity to bag some high value training for nothing, as well as the opportunity to put an awesome ‘con’ on their CV but, hey, they have morals, and that’s why they’re such a cool person :-).

RANT Conference

Afternoon

After lunch the conference began to simmer. It wouldn’t get to boiling point until 4pm, but at least it was on its way.

Quentyn Taylor supplied what I would argue was the first piece of ebullience as he cheerily chaired a panel that I would describe as the first energised period of the day.

We later heard from a subject matter expert who certainly knew his stuff but could have done with injecting some tonality (to be fair, I can’t talk for toffee myself so props to everyone who got up on stage) in order to break his monologue up somewhat, saw an imposter posing as Troels Oerting and found out how some professionals are rather keen on getting the word ‘cyber’ into their job titles.

One item of interest for me was a discussion about how job profiles within the industry don’t necessarily work because corporate culture often prevents skilled but academically unrecognised candidates from acquiring jobs for which they would actually be well suited.

And then there was The Analogies Project which I covered in a separate post – have a read – which embodied everything I’ve liked about previous RANT Conferences.

So, overall, I would say this year’s event was good. It may not sound that way from the above but it was good. It just wasn’t as exceptional as the previous two events.

Would that put me off going again? No, it was still well worth the travelling time and the blisters.

After all, conferences are about the people who attend them and everyone I met was great, with plenty of knowledge and a huge amount of passion. It’s just a shame that the latter didn’t shine through in the morning’s talks.

#RANT2015 Breakout: Jen Jenny And The Axeman’s Jazz

[note: it’s a Life On Mars thing, in case you were wondering] So, as many of you know, I like to write something up after I’ve been to a conference and this time is no exception. But I am going to do it differently this time. Mainly because I’m tired – the tube strike forced […]

Continue

The EU Security Blogger Awards 2015

After leaving BSidesLondon I walked back to Olympia for the EU Security Blogger Awards, keen to see whether the Naked Security blog would win one or both of the categories it was nominated in. I was also feeling really excited for some of my friends who were nominated in other categories – I had high hopes they’d scoop at least […]

Continue

Rookies, Blue Pills And Mars Bars – BSidesLondon 2015

With InfoSecurity (I had a great time) almost done for another year (more later), Wednesday was BSidesLondon day. Riding into town on the tube (I got a seat!) I reflected on years gone by – the first BSidesLondon was the first conference I ever attended – and how things had changed. Gone were the nerves […]

Continue

How InfoSec15 Turned My Daughter Into The Coolest Jedi In Town

A long time ago, in a retail store far, far away, I booked 3 days off work so I could do the annual InfoSecurity/BSidesLondon thing. Then, far more recently, my parents dropped the bombshell that they were coming to stay at the same time (they live in the Outer Rim and don’t come back to Blighty […]

Continue