K I W I C O N _____ _____ |\ \ / /| | \ \ / / | \ \ \/ / / ____________________ \/ /\ \/ ______________________ / / \ \ /____/ /\ \____\ | |/ \| | |_____| |_____| 4:20PM FRIDAY 12 AUGUST 2016 DATACENTRE IN URBAN WELLINGTON At first, the incident response proceeds like countless others. A bored contract PwC technician perches on a stool, watching the internal state of MD5 increment as a torrent of bytes streams off the fourth disk of the storage array onto the forensic copy. Outside the roar of the hot aisle fans, in a hastily appropriated meeting room, the lead investigator became increasingly belligerent. “Let me get this straight, Steve… you knew you weren’t getting attacked by a NATION STATE, because what?” Steve, the acting CSO, falters. “Well I uh, I mean, the risk register doesn’t … and the antivirus… I mean, the McAf…” “What? McAfee? Like as in John McAfee? Did you just say that?!” “But the saleswoman said the heuristics… the best of breed…” “So you put it on your ‘risk register’? And then you mitigated it with ‘McAfee’? I uh… I’m gonna need to call someone, Steve. This is above my pay band. You stay here. And don’t. Touch. Anything.” The investigator pulls out his Blackberry, nervously picking at the worn corner where it rubbed on its holster. He dials, the prefix dancing through the RAN, the SIGTRAN, and into an obscure interconnect on a working line card in one of the few NEAX still purring deep in the core. An ISDN channel lights, across a path even the LI gateway doesn’t know to mediate. Ring voltage. Off hook. “Horowhenua Hangi Hut may I take your order?” “CUT THE CRAP MOULDER!” barks the investigator “this is serious. We need you and Scullery here now, this case is yours! We got some real occult spooky-fingers crap going down. This guy he believes he saw…” The investigator pauses eyeing Steve with derision “he says he mitigated risk with McAfee ANTIVIRUS.” Moulder cups his hand over the receiver. “Yo Sculls, let’s roll! We gotta another one of these Cargo Cult infosec things! The risk register stuff! I bet they got loads of firewalls. Grab your coat! Maybe we’ll see a Bigfoot too!” “Moulder, you know Quantum sold its storage unit to Maxtor, and Seagate bought that. The Bigfoot is a myth.” Moulder cannot ignore the bait, continuing to argue as they leave. “But the information I got from a thread on HNN clearly states that…” Slamming the door behind them, the inscription in the glass shudders with the impact. KIWICON SPECIAL INVESTIGATION DIVISION PARANORMAL | OCCULT | CARGO CULTS UNIDENTIFIED IMPLANTED OBJECT CODES INFOSEC | RISK REGISTERS THE KX - FILES <cue spooky music/> -==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==- KIWICON X - CALL FOR PAPERS You seen some strange shit? Some magical thinking? Like risk registers? Occult, witchcraft, magic boxes filled with patents and smoke, all painted red like salesweasel blood? Were you abducted at a conference, only to awaken in a hotel room bed with Homeland Security? Did you mitigate a risk to critical infrastructure by garnishing a vivisected fish with tea leaves because that’s the same as any other best practice? Who needs actuarial data to make decisions? Did the Tūrehu play the song of “I AM YOUR COMPENSATING CONTROL” in your ear while visions danced in the cloud of Motueka’s finest at your risk board meeting? Suspend your reality and open your third eye to behold the machine elves behind:
NEW ZEALAND’S HACKER CON TEN YEARS OF FAITH HEALING 17 - 18 NOVEMBER MMXVI WELLINGTON, AOTEAROA Share your revelations into the cosmic glory of your inner self, where probabilistic risk assessment is the methodology by which we protect national critical infrastructure from well funded adversaries with stuffed tchotchke ducks. Submit your tales of ancient worlds, of alien abductions, of the finest original crypto algorithms, and commodity fetishism that is COMPUTER SECURITY. Send us your ancient wisdoms via this form: https://goo.gl/forms/QLV1gNWzzVUOAEdV2 submissions close 14 October 2016. Kiwicon is New Zealand’s own hacker-con-slash-variety show, now in its tenth year. Our 2000+ seat venue in Wellington is just 10 mins by air from the Kaikoura peninsula, site of one of our most famous UFO encounters, and the Waihopai radomes, site of Five Eyes and Nicky Hager getting his sneak on. We’re cheap (read “have no money to pay speakers travel, accommodation or honorarium”), cheerful (read “but we’ll handwrite you a thank you note”) and have a single track to keep it simple. Our preferred talk content is generally what you’d expect for a hacker con; we keep talks short (15-45 mins), we like new technical content, and encourage interpretative dance numbers, musical acts and infosec poetry. <3 The Crüe Who Stare At Sheep.