You could measure the relative popularity of the speakers at BlackHat (or at least the staff’s prediction of their popularity) by the size of the rooms to which they were assigned. For example, well-known Winternals founder (now employed by Microsoft) and newly famous novelist Mark Russinovich was scheduled to talk in the large Milano Ballroom, in anticipation of lots of people showing up.
Since I’ve already seen Mark’s excellent presentation on malware cleaning with Sysinternals tools (and in fact, I wrote an article about that presentation when he gave it at the MVP conference last year; you can read Part 1 at http://www.windowsecurity.com/articles/Hunt-Down-Kill-Malware-Sysinternals-Tools-Part1.html), I opted to attend another of the “big room” talks to start off the morning — that given by Robert Clark with U.S. Army Cyber Command. Given my own background in law enforcement, I gravitate toward the presentations that deal with legal issues. Sometimes these can be dry and boring, but when they’re good, they’re very good.
Clark didn’t disappoint me. My only complaint would be that he had way too much material to cover in the short amount of time allotted (one hour). Consequently he spoke very rapidly (something my Texas ears aren’t used to hearing) and sometimes the slides whizzed by so quickly I couldn’t take all the notes I wanted to. He discussed a wide variety of court decisions pertaining to cyberlaw, with focuses on the Google Wi-Fi collecting matter (along with other cases that pertain to the expectation of privacy when on an unsecured wireless network). This morphed into a discussion of 4th amendment issues (search and seizure by government authorities) of data.
Along with a number of other subjects (which I plan to talk about in more detail in my next Cybercrime column), he addressed the issue of employer monitoring of employees’ use of technology, and then moved on to discuss the Sony case and the question of when there is a duty to secure systems.
There was some discussion of jurisdictional issues and the roles of DHS, the FBI and DoJ, along with a quick look at major cyber incidents of 2011. Finally, he wrapped up with the admonition to get attorneys involved early and keep them informed (and to explain technical issues to them “at a third grade level”), and he cautioned that words matter — so when communicating with attorneys, be clear and concise.
While the material might seem tedious, Clark made it interesting with a presenttion style that included lots of poking fun at himself and other lawyers, along with his obvious broad knowledge of and enthusiasm for the subject matter.