Tuesday, July 31, 2007

Off to vegas 2007

I'm on my way to Las Vegas for Black Hat & Defcon. For Black Hat, it looks like I'm doing a booksigning on Wednesday at 4:30. BigFix is hosting the Gala at 6:00 on Wednesday as well, so I will be putting in an appearance. Please come say hi if you're around. I will also be at Defcon, but good luck spotting me in the crowd there if you don't already know what I look like.

I look forward to catching up with friends I only get to see at cons.

Thursday, July 19, 2007

The Ladies of Infosec

I was at an event not long ago, and the woman in the group was really pissed. In a room full of nothing but security geeks, someone asked her "Oh, do you do security work?"

This didn't happen with any of the guys. The question they got was "Where do you work?"

I was thinking about this today, and I realized that every woman I know who works in infosec has told me a similar story. That might be a slight exaggeration, but not much. Literally every one I can think of right now has told me one of these stories.

They get things like:
  • Are you here with your boyfriend?
  • She used to be a man
  • Take your shirt off
Yes, sadly I have heard jerks yell out "take your shirt off" when a woman was trying to give a talk.

How much do women hate this? You can read what Raven thinks about it.

Let me tell you a little about this particular woman in question that reminded me of all this. She has worked in some of the most important software companies in the world, in the security groups. She has worked at at least two security companies that I know of. Pick just about any well-know security male, and they know who she is and they respect her work.

If you've been paying attention to the infosec world, you probably know who I'm talking about. Keep it to yourself, because this particular woman is not the point.

I have met a number of women at various conferences. I'd look really foolish if I went around assuming they weren't attendees or didn't know what they were doing. I've met a woman who works for the CIA. I've met one who was a heavy-duty cryptographer. I've met one who does BGP vulnerability research. Yes, the women are rare. Staring and asking stupid questions doesn't help improve that.

Because of how hostile the infosec world is to women, the ones who manage to survive tend to really love what they do, and have worked very hard to stay in the field. This may mean that the woman you just met is better at security than 90% of the men. That probably includes you (and I'll happily concede that includes me.)

Keep that in mind.

Wednesday, July 18, 2007

BaySec 3 Tonight!

BaySec 3 is tonight, July 18 2007.

Per Nate:
July 18th, 7-11 pm or so.
O'Neills Irish Pub
747 3rd St (at King)
http://www.tisoneills.com

Tuesday, July 17, 2007

The BigFix logo


I promised to keep my work blogging on the the work blog, unless I thought I had been particularly clever. I think this one qualifies.