SourceBoston 2008 Going on now and for the next two days. If your anywhere near Cambridge MA you should head over. The shear number of smart security people in this hotel is mind boggeling. Seriously, you can’t turn around without seeing someone else who is a major industry luminary.
Already listened to talks by Tito Jackson (no, not that Tito), he’s the Director of IT from state of MA. He basically said that Mass is great and that jobs are growing and all hail Gov. Deval! Woohoo! I kid, but it was some interesting opening remarks and good to hear that things may not be all doom and gloom as the economy suggests.
The official keynote was given by Richard Clarke the former head anti-cyber terrorism dude at the White House he runs a consulting company now, oh, and he has a book or two out. He asked a very interesting question about wether the government should disclose software vulnerabilities that it discovers or should it keep them for use in the next ‘cyber war’? IMO my tax dollars paid for it so yeah, I should get a copy!
Then Matt Moynahan from from Veracode spoke about how hard it is to quantify the security in software. A subject I have wrote here many times. Lots of good points, companys don’t want to give up their IP, there are no uniform standards, etc… Of course his company (andcformer L0pht peeps company) Veracode has the answer but it seems like a pretty good answer to me.

Oh, and I set up a Twitter account. Not sure if I will use it after the con but there it is.