[Linux-aus] Security conferences (was: LUGs)

Marcus herstik Marcus at herstik.com
Fri Jul 7 21:36:21 AEST 2023 

Why should it be public?

It may have started as government owned not for profit but it ain’t anymore. 

Medibank is a “public” listed company, but that means its owned by investors so it won’t be dissected in public… proprietary blah, commercial in confidence yada yada. 

Regards,
Marcus


> On 7 Jul 2023, at 7:50 pm, Info via linux-aus <linux-aus at lists.linux.org.au> wrote:
> 
> I looked at a few conference links and did not find the "What we did wrong" style confessions from failed organisations. How can anyone know what to avoid if there are no investigations and coroner reports?
> 
> The medibank incident should be investigated out in the open the same as an aeroplane crash.
> 
> On 7/7/23 19:19, Adam Nielsen wrote:
>>> There was one subject of real interest everywhere that is just not
>>> covered anywhere I can see online or at conferences. How did people
>>> crack Medibank etc. Where are the "here is what we did wrong"
>>> presentations? Based on the last couple of years, you could run a
>>> five day conference with eight confessions a day just using the cases
>>> mentioned in the media, not the hundreds where they paid the ransom
>>> and kept everything quiet.
>> There are a few conferences that cover this sort of thing.  The most
>> recent one would be AusCERT which was held in May at the Gold Coast:
>>   https://auscert.org.au/events/auscert2023-back-to-the-future/
>>> I would fly anywhere for a conference like that, even Hobart in
>>> Winter.
>> In that case you could try one of the larger US conferences, like DEF
>> CON (https://defcon.org/html/links/dc-faq/dc-faq.html) or Black Hat
>> (https://www.blackhat.com/upcoming.html) which are both on in August
>> (one after the other to cater for travellers), or HOPE
>> (https://xiv.hope.net/faq.html) which starts in a couple of weeks.
>> For anyone less keen on travelling, many of these types of conferences
>> put up their talks on YouTube so they are easily found.
>>> I guess most of it would not be relevant to Linux users as it would
>>> be Microsoft email automatically opening viruses or something similar.
>> Microsoft e-mail products automatically opening viruses hasn't really
>> been a thing for at least a decade now.  Most of this stuff is
>> ultimately caused by tricking people into downloading and running a
>> program that provides remote access to their computer and things go
>> from there.
>> A lot of Linux users are attracted by the freedom that open source
>> provides, and a lot of security conferences have similar ideals and use
>> open source tools, so there is usually quite a bit of overlap there.
>> Cheers,
>> Adam.
> 
> _______________________________________________
> linux-aus mailing list
> linux-aus at lists.linux.org.au
> http://lists.linux.org.au/mailman/listinfo/linux-aus
> 
> To unsubscribe from this list, send a blank email to
> linux-aus-unsubscribe at lists.linux.org.au

More information about the linux-aus mailing list