AusCERT 2010 kicks off: photos

AusCERT is being held at the RACV Royal Pines Resort.

Stands received attention on Sunday night as delegates enjoyed food and drink.

AusCERT general manager Graham Ingram realises he's being caught on camera.

An IBM stand gamer gets a high score.

The Fortinet stand, with definitely the best beer.

Microsoft's Surface draws a crowd.

Paul Ducklin, Sophos head of technology, Asia Pacific

Shooting hoops with Alphawest.

The booth babes are back at AusCERT 2010. This is the Kaspersky stand — awaiting the arrival of the company's founder, Eugene Kaspersky.

A mystery guest arrives in style.

AusCERT general manager Graham Ingram once again explains the work of the Computer Emergency Response Team and stresses that AusCERT is far more than just an annual conference. He urges delegates to talk to each other, network and share ideas to help improve the overall level of security.

Whitfield Diffie, also known as "Whit" and one of the founders of public key cryptography, presents the opening keynote at AusCERT 2010, titled, "An historical look at cloud computing".

Whit also warned that internet users are "putting a tremendous amount of faith" in the Google founder's public intention to "not be evil" because they can see what everyone is looking for and what they're interested in.

Whit said the cloud as we know it could substantially improve the average level of security of ordinary users who don't need to (or want to) pay attention.

The second keynote on day one was presented by Bob Maley, the founder of Strategic CISO. Maley was fired from his job as the CISO for the State of Pennsylvania after he publicly disclosed the state Department of Transportation's security woes.

Maley said companies have a responsibility to their stock holders — unlike governments, which he said should be held responsible to the citizens but are not.

Dr Crispin Cowen, who for many years was a vocal Linux security guru and Microsoft critic, recently started working for the Redmond-based software giant. His talk on the first day of AusCERT 2010 was titled "Stranger in a strange land: Reflections of a Linux guy in Microsoft Windows".

Crispin said he went to Microsoft with a heap of ideas on how the company should change its Windows OS to make it more secure, and although the company did listen to all his ideas and even tested them, none of them worked because of the basic architecture of Windows and the need for backward capability. He said many applications actually depend on legacy Windows bugs in order to function.

Crispin's very amusing presentation also pointed out the many flaws in Windows, such as the ability for one desktop application to inject a thread into another application and run arbitrary code in that application's address space.

He also pointed out some basic flaws in Linux when running as a desktop operating system.