Go to Original Article
Go to Original Article
Go to Original Article
After nine years running, DerbyCon held its ninth and final show, and attendees and a co-founder looked back on the conference and discussed plans to continue the community with smaller groups around the world.
DerbyCon was one of the more popular small-scale hacker conferences held in the U.S., but organizers surprised the infosec community in January by announcing DerbyCon 9 would be the last one. The news came after multiple attendee allegations of mistreatment by the volunteer security staff and inaction regarding the safety of attendees.
Dave Kennedy, co-founder of DerbyCon, founder of TrustedSec LLC and co-founder of Binary Defense Systems, did not comment on specific allegations at the time and said the reason for the conference coming to an end was that the conference had gotten too big and there was a growing “toxic environment” created by a small group of people “creating negativity, polarization and disruption.”
Kennedy claimed in a recent interview that DerbyCon “never really had any major security incidents where we weren’t able to handle the situation quickly and de-escalate at the conference with our security staff.”
Roxy Dee, a vulnerability management specialist, who has been outspoken about the safety for women at DerbyCon, told SearchSecurity that “it’s highly irresponsible to paint it as a great conference” given the past allegations and what she described as a lack of response from conference organizers.
Despite these past controversies, attendees praised DerbyCon 9, held in Louisville, Ky from Sept. 6 to 8 this year, there have been no major complaints, and Kennedy told SearchSecurity it was everything the team wanted for the last year and “went better than any other year I can remember.”
“When we started this conference we had no idea what we were doing or how to run a conference. We went from that to one of the most impactful family conferences in the world,” Kennedy said. “It’s been a lot of work, a lot of time and effort, but at the end of the day we accomplished everything we wanted to get out of the conference and then some. Family, community and friendship. It was an incredible experience and one that I’ll miss for sure.”
As a joke, someone handed Kennedy a paper during the conference reading “DerbyCon 10” and the image quickly circled the conference via Twitter. Kennedy admitted he and all of the organizers “struggled with ending DerbyCon this year or not, but we were all really burned out.”
“When we decided, it was from all of us that it was the right direction and the right time to go on a high note. We didn’t have any doubts at all this year that there would ever be another DerbyCon. This is it for us and we ended on a high note that was both memorable and magical to us,” Kennedy said. “The attendees, staff, speakers and everyone were just absolutely incredible. Thank you all to who made DerbyCon possibly and for growing an amazing community.”
Kennedy told SearchSecurity that his inspiration for fostering the DerbyCon community initially was David Logan’s Tribal Leadership, “which talks about growing a tribe based on a specific culture.
“A culture for a conference can be developed if we try hard enough and I think our success was we really focused on that family and community culture with DerbyCon,” Kennedy said. “A conference is a direct representation of the people that put it on, and we luckily were able to establish a culture early on that was sorely needed in the INFOSEC space.”
April C. Wright, security consultant at ArchitectSecurity.org, said in her years attending, DerbyCon provided a “wonderful environment with tons of positivity and personality.”
“I met my best friend there. I can’t describe how much good there was going on, from raising money for charity to knowledge sharing to welcoming first-time attendees,” Wright said. “The quality of content and villages were world class. The volunteers and staff have always been friendly and kind. It was in my top list of cons worldwide.”
Eric Beck, a pen-tester and web app security specialist, said the special part about DerbyCon was a genuine effort to run contrary to the traditional infosec community view that “you can pwn or you can’t.”
“We all start somewhere, we all have different strengths and weaknesses and everyone has a seat at the table. Dave [Kennedy], set a welcoming tone and it meant that people that might otherwise hesitate took that first step. And that first step is always the hardest,” Beck said. “DerbCon was my infosec home base and where I recharged my batteries and I don’t know who or what can fill its shoes. I have a kiddo I thought I’d share this conference with and met people I assumed I’d see annually. I’m personally determined to contribute more in infosec and make the effort to reach out, but I have a difficult time imaging being part of something that brought in the caliber of talent and the sense of welcoming that this conference did.”
Danny Akacki, senior technical account manager with Gigamon Insight, said his first time attending was DerbyCon 6 and the moment he walked in to the venue he “fell in love with the vibe of that place and those people.”
“I still didn’t know too many people but I swear to god it didn’t matter. I made so many friends that weekend and I had the hardest bout of post-con blues I’ve ever experienced, which is a testament to just how profound an effect that year had on me,” Akacki said. “I had to skip 7, but made it to 8 and 9. Every year I went back, it felt like only a day had passed since the last visit because that experience and those people stay with you every day.”
For Alethe Denis, founder of Dragonfly Security, DerbyCon 9 was her first time attending and she said the experience was everything she expected and more.
“The atmosphere was like a sleepover, compared to the giant summer camp that is DEF CON, and I really enjoyed that aspect of it. It felt like it was a weekend getaway with friends and the lack of casinos was appreciated. But I don’t feel that the quality of the talks and availability of villages was sacrificed in the least,” Denis said. “Even as small as Derby is, it was really tough to do everything I wanted to do because there were so many interesting options available. I feel like it brought only the best elements of the DEF CON type community and DEF CON conference to the Midwest.”
Micah Brown, security engineer at American Modern Insurance Group and vice president of the Greater Cincinnati ISSA chapter, echoed the sentiments of brother/sisterhood at DerbyCon and the cheerfulness of the conference and added another key tenet: Charity.
“One of the key tenets of DerbyCon has always been giving back. During the closing ceremonies, it was revealed that over the past 9 years, DerbyCon and the attendees have given over $700,000 to charity. That does not count the hours of people’s lives that go into making the presentations, the tools, the training that are freely distributed each year. Nor does it factor in the personal relationships and mentorships that are established and progress our community,” Brown said. “It was after my first DerbyCon I volunteered to be the Director of Education for the Greater Cincinnati ISSA Chapter and after my second DerbyCon I volunteered to be the Vice President of the Chapter. DerbyCon has also inspired me to give back by sharing my knowledge through giving my own presentations, including the honor to give back to the DerbyCon community with my own talk this year.”
Xena Olsen, cyberthreat intelligence analyst in the financial services industry, attended the last two years of DerbyCon and credited the “community and sense of belonging” there with encouraging her to continue learning and leading her to now being a cybersecurity PhD student at Marymount University.
“The DerbyCon Communities initiative will hopefully serve as a means for people to experience the DerbyCon culture around the world,” Olsen said. “As far as a conference taking the place of DerbyCon, I’m not sure that’s possible. But other conferences can adopt similar values of community and inclusiveness, knowledge sharing and charity.”
Wright said she has seen other conferences with similar personality and passion, “but none have really captured the heart of DerbyCon.”
“There are a lot of great regional cons in the U.S. that I think more people will start going to. They are affordable and easily accessed, with the small-con feel — as opposed to the mega-con vibe of ‘Hacker Summer camp’,” Wright said, referencing the week in Las Vegas that includes Black Hat, DEF CON, BSides Las Vegas, Diana Con and QueerCon plus other events, meetups and parties. “I don’t think anyone can fill the space left by DerbyCon, but I do think each will continue with its own set of ways and personality.”
Akacki was adamant that “no other con will ever take Derby’s place.”
“It burned fast and it burned bright. It was lighting in a bottle, never to be seen again. However, I’m not sad,” Akacki said. “I can’t even say that its vibe is rising from the ashes, because it would have to have burned down for that to happen. The fire that is the spirit of DerbyCon still burns and, I’d argue, it burns brighter than ever.”
Alethe DenisFounder, Dragonfly Security
Denis said it will be difficult for any conference to truly replace DerbyCon.
“I feel like the people who organized and were passionate about DerbyCon are what made Derby unique. I’m not sure any other con will be able to truly capture that magic and fill the space left by Derby,” Denis said. “But I guess that remains to be seen and hope that more cons, such as Blue Team Con in June 2020 in Chicago bring high quality content and engaging talks to the Midwest in the future.”
Wright noted that some of her favorite smaller security conferences included GRRcon, NOLAcon, CircleCityCon, CypherCon, Showmecon, Toorcon and [Wild West Hackin’ Fest], and she expressed hope that the proposed “DerbyCon Communities” project “will help with the void left by the end of the era of the original DerbyCon.”
The organizers saw DerbyCon growing fast, but “didn’t want to turn the conference into such a large production like DEF CON,” Kennedy told SearchSecurity.
“We wanted to go back to why DerbyCon was so successful and that was due to three core principles: Posivitiy and Inclusiveness, Knowledge Sharing and Charity. There is a direct need for a community to help new people in the industry and help charity at the same time,” Kennedy said. “The goal for the Communities initiative is to bring people together the same way DerbyCon did for one common goal.”
Kennedy also confirmed that there will be some involvement with the Communities initiative from the “core group” of organizers, including his wife Erin, Martin Bos and others.
Akacki said that with the local Derby Communities initiative, “the spirit of Derby has exploded into stardust, covering our universe.”
“You can’t kill what we’ve built, you can’t contain it and you can’t stop it,” Akacki said. “I’m not crying because it ended, I’m smiling and laughing … because it just became bigger than ever.”
Ultimately, Kennedy told SearchSecurity he wants new groups to “be welcoming and accepting of new people and making a difference and impact in their local communities or worldwide.”
“Our hope is that not only do DerbyCon Chapters spawn up, but other conferences and chapter groups will join forces to create a DerbyCon network of sorts to grow this community in a positive way.”
Go to Original Article
Quick note: These pictures show a GTX 1060 Strix. I will update them tomorrow in the light. Just to confirm the card in the machine is an ASUS ROG Strix GTX 1080ti Gaming 11G.
Personal delivery by me included. ~150 preferred but if you’re further ask me.
Pleeeeeeeeeeeeease for the love of satan don’t ask me to split
Intel i7 7700k
ASUS ROG Strix GTX 1080ti Gaming 11G
Team Group Delta 16GB RGB 2666Mhz
ASUS Strix z270f Gaming RGB motherboard
Kingston A400 240GB SSD
Seagate 1TB HDD
NZXT x62 Kraken Liquid Cooler
NZXT H500i RGB Case
NZXT 5 port Internal USB Hub
NZXT HUE+ Advance Lighting Controller
EZDIY-FAB PCIe Vertical Flexible Cable Extension
Corsair CX850M 80+ Bronze PSU
TP-Link N900 Dual Band WiFi Card
2x NZXT 140mm intake fans (front x62 kraken)
1x NZXT AER RGB 140mm case fans (top)
1x NZXT AER RGB 120mm case fans (rear)
Windows 10 Pro (activated with key)
Price and currency: 1250
Delivery: Delivery cost is included within my country
Payment method: bt / cash
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference
DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.
Go to Original Article
Students around the world are using their Microsoft Office Specialist (MOS) certification to show colleges and future employers that they have a true mastery of the Microsoft Office suite. In fact, some talented students even go on to compete in a world competition for Microsoft Office.
Each year, Certiport, a Pearson VUE business, and the leading provider of learning curriculum, practice tests and performance-based IT certification exams that accelerate academic and career opportunities, hosts the MOS World Championship. This event is a global competition, testing top students’ skills on Microsoft Office Word, Excel and PowerPoint.
Are you a hard-working student, looking to show the world your Microsoft Office skills? Check out these four easy steps below to find out how you can get involved in the Microsoft Office Specialist Championship.
To represent your country at the MOS World Championship, you’ll need to first be named your nation’s champion by competing in a regional competition hosted by Certiport’s network of Authorized Partners. You can see the full list of partners and nations that compete here. In addition, each country has its own selection process, so make sure to connect with your local Partner to find out how you can prepare to compete in the MOS World Championship in 2020.
Interested in learning more about the MOS World Championship? Connect with us at [email protected].
Go to Original Article
Author: Microsoft News Center
Preliminary results of a new Microsoft study show teenagers around the world are increasingly turning to their parents and other trusted adults for help with online problems — an encouraging development as the new school year begins.
More than four in 10 teens (42 percent) from 22 countries who encountered online issues said they asked their parents for help, while 28 percent said they sought advice from another adult such as a teacher, coach or counselor. Those figures are up an impressive 32 and 19 percentage points, respectively, compared to last year’s findings which showed only 10 percent of young people turned to their parents for advice and just 9 percent asked for help from other adults. In addition, adults and teens across the globe say parents are by far the best placed of any group to keep young people and families safe online. Results show parents have both the greatest potential — and were deemed the most effective — at promoting online safety among young people, teens and families.
The findings are from the latest research associated with Microsoft’s work in digital civility — encouraging safer and healthier online interactions among all individuals and communities. The study, “Civility, Safety and Interaction Online — 2018,” polled teens ages 13-17 and adults ages 18-74 in 22 countries[i] about more than 20 online risks. This latest research builds on similar studies conducted over the previous two years, which polled the same age groups in 23 and 14 countries, respectively. A total of 11,157 individuals participated in the latest research.
Online risk exposure, consequences and pain higher for teen girls
Teenage girls were more likely to ask for help from their parents (44 percent of girls vs. 37 percent of boys) and from other trusted adults (29 percent of girls vs. 26 percent of boys), the study shows, likely because life online in general is harder on girls than boys. Indeed, the data demonstrate that girls have a higher level of online risk exposure than boys; they suffer more consequences and “pain” from online ills, and the online risks and abuse that they experience are more emotionally charged. Moreover, as online risks have grown in severity — think “sextortion” and “swatting”[ii] — young people are perhaps more inclined to seek advice from the older generation.
“Civility in cyberspace has become a ‘must’ as we understand so much more about how harmful simple type and images can be,” said Dr. Sharon Cooper, a U.S.-based pediatrician, who works with survivors of cybervictimization. “The immediate, seemingly universal, distribution of unwanted materials can wound both youth and adults.”
Based on her experience, Dr. Cooper spoke of chronic anxiety, depression and a rational paranoia as just some of the resulting harms from negative online experiences. “Sadly, research has shown that some link to cybervictimization has become the issue in nearly 50 percent of cases of suicidal thoughts resulting in seeking care in emergency rooms,” she added.
And, some of these consequences were borne out in our research. Two-thirds (66 percent) of female teenage respondents reported being exposed to online risks vs. 60 percent of male teenage respondents. Nearly three-quarters (73 percent) of girls reported negative consequences following an online issue compared to 67 percent of boys, and the level of pain associated with online risks and the intensity of the attendant emotions — namely fear, anger and sadness — were higher for girls.
New mix of countries in latest study
In 2018, Microsoft added Canada and Singapore to the survey, while three previously polled countries (Australia, China and Japan) were removed. Complete and final results will be made available on Feb. 5, 2019, to mark international Safer Internet Day along with a year-over-year comparison of the Microsoft Digital Civility Index. The Digital Civility Index measures the perceived level of online civility in a given country based on the reported level of risk exposure of individuals in that country. Between 2016 and 2017, the Digital Civility Index did not change—both years read 65 percent, despite the addition in the second year of nine countries and three risks. In the latest survey, the 21 polled-about risks break down as follows:
Back to school with Microsoft’s Digital Civility Challenge
We’re making this preliminary research available in the back-to-school timeframe to encourage parents, teachers, teens and young people to commit to Microsoft’s Digital Civility Challenge – four basic tenets for life online, namely:
We will post at least one other early look at some other key findings in the weeks ahead. In the meantime, to learn more about digital civility and how you can become a champion for these common-sense online practices, visit www.microsoft.com/digitalcivility. For more on online safety generally, visit our website and check out and share our resources; “like” us on Facebook and follow us on Twitter.
[i] Countries surveyed: Argentina, Belgium, Brazil, Canada*, Chile, Colombia, France, Germany, Hungary, India, Ireland, Italy, Malaysia, Mexico, Peru, Russia, Singapore*, South Africa, Turkey, the United Kingdom, the United States and Vietnam. (* Indicates the first time this country has been included in this research.)
[ii] In the study, “swatting” is defined as deceiving emergency services like police, fire or medical into sending an emergency response team, typically to a person’s home, based on a false report of an ongoing critical incident or crime.
The National Retail Federation’s annual trade show, NRF 2018, is the largest retail trade show in the US, and I’ll be there next week in New York City with some of our most innovative partners. NRF 2018 is the best place to experience the latest trends in retail, discover how brands of all sizes are approaching digital transformation, and get an early look at the latest retail technologies, innovations, and solutions. Thanks in part to Microsoft Azure, retailers are utilizing data, AI, and the Internet of Things (IoT) to optimize learnings and grow their businesses.
Microsoft understands that data-driven insights are key to a successful digital transformation for intelligent retailers. Leveraging data in smart and strategic ways helps retailers offer differentiated and personalized shopping experiences––and much more. Armed with the right data and solutions, retailers are transforming their online and brick-and-mortar offerings.
Here are the three Microsoft retail partners who will showcase their Azure-based solutions at NRF 2018:
Bunsar is based in Istanbul, Turkey, and created an Azure-based app that uses AI for visual search and product matching. The product is a real-time “recommendations mirror” that brick-and-mortar stores can use to draw foot traffic. The technology identifies the outfit you’re wearing, matches it to similar outfit options in its database, and makes recommendations for matching accessories and clothing. The Turkish equivalent of Macy’s, Boyner Group, has an affiliate application called Hopi that is now tapping into Bunsar’s platform.
Software developer Xenia Retail designed a seamless retail experience that eliminates shopping carts and check out lines. Shoppers use an app on their phone or on a tablet provided by the retailer. The app gives them tools and data that a sales associate would normally have, including crowd-sourced reviews, buying history, and suggestions for additional items. Shoppers simply hold the phone in front of the product, select the quantity, add it to their cart, and complete the purchase in the app or at a self-checkout terminal. There’s no scanning required, and employees in the back room fulfill the order. Xenia is based on Windows and runs on Azure. The company is integrating Power BI, Dynamics 365 and Outlook into its offerings.
Aprimo provides marketing operations and digital asset management technology to brands such as CVS, Pandora, IKEA, DICK’S Sporting Goods, and Samsonite. A major home-improvement retailer has also adopted Aprimo’s Azure-based solution to improve brand consistency and provide a single source for content. Role-based permissions control access to content, and users get advanced enterprise search to quickly find and reuse content.
Visit Microsoft and our partners at booth #2803 to gain inspiration, experience how retail is changing, and find out how we are collectively helping retail businesses transform to exceed customer expectations. I’ll also be speaking about Digital Leadership in Retail, joined by customers Luxottica and the Schwarz Gruppe on Monday, January 15 from 11:30 AM–12:30 PM. I look forward to seeing you there and exploring the exciting technology innovations that are powering the retail industry.
Join the conversation at the Microsoft Partner Community here.
In this episode of the MVP Show, Seth met with Iris Classon in her hometown of Stavanger, Norway. At a quaint coffee shop in the charming Fargegaten/Øvre Holmegate (Upper Holm Street/Color Street), Iris talked about microservice deployment models, security, and multitenant authentication. After talking about the cloud, Seth felt awe-inspired to deploy to the cloud himself! Up to the clouds above, Iris took Seth to Preikestolen (Pulpit Rock) where they talked about her life before becoming a developer, some of her first projects, and Seth’s fitness abilities.
Software steals the show when it comes to tech innovation today, and it overshadows any improvements to hardware. But get ready for the future data center: Hardware transformation will happen with dynamic random access memory, or DRAM, a data center staple for more than 20 years. Looking ahead, there are various options that promise increased efficiency, persistence and lower cost.
To address some of these innovations, SearchDataCenter sat down with Danny Cobb, vice president for global technology strategy at Dell Technologies. Cobb has witnessed a lot of change through the years — in his current role; at EMC, where he was a former CTO; and as a longtime technologist at Digital Equipment Corp. Cobb outlined various infrastructure technologies that will vie for IT pros’ attention in future data center plans.
You have spoken publicly about the single-level cell to multi-level cell memory evolution in the data center. What technologies will be essential to the future data center?
Danny Cobb: There is this notion of using artificial intelligence (AI) and machine learning techniques to optimize the infrastructure in real time. We are actively involved in work that thinks of these new compute models — graphics processing units, tensor processing units, field-programmable gate arrays (FPGAs), etc. — fundamentally as a service available on the fabric. You use machine learning and AI techniques to schedule workloads against the available resources in your data center. Three or four years ago, every single workload ran on this homogenous row upon row of homogenous virtualized x86. That’s the homogenous computing world.
This new world is heterogeneous computing. It is offload engines, it is accelerated AI, FPGAs being dynamically programmed in the data center. The infrastructure itself has to take on more knowledge, and we see the progression of that style of infrastructure and that style of computing and workloads in our platforms as they evolve.
Disaggregation and composable infrastructure seem to be the on-premises answer to cloud computing. What is its future in the data center?
Cobb: As an IT professional, the idea is to get the most jobs run and get the most value and process the most data per unit time and per unit cost on that infrastructure.
The very first problem that converged infrastructure solved was that I could now buy an entire stack of IT that works together … I can predict the performance of [that], and I understand the cost of [it] and my guys don’t have to do that for me.
Now, I want to deploy these things in finer-grained, more consumable chunks of capacity. That took us to hyper-converged. Now, I can buy smaller units — a single 1U server worth of stuff, put some management and orchestration capability around that to make the hardware manageable, and put a shared storage software stack on it and have a single, consolidated storage footprint that scales out.
Today, whether it is from Intel or AMD or other architectures, fundamentally, we have tightly coupled memory to processing via DDR [double data rate] — that’s a tough interface to break into if you want to pool and disaggregate memory. But there are examples in the industry and the technology roadmap that are getting us there. There is bus technology such as Gen Z, OpenCAPI and C6. That is one area where we have begun to separate the traditional memory hierarchy from the processing model that will enable flexibility.
Technology like PCIe [PCI Express] has fundamentally been the I/O bus for so long and done such a great job at doubling bandwidth every two years and [cutting] latency [in half]. That’s a great single system bus, but a terrible multisystem bus. It is not truly a fabric, and it does not have the ability to configure itself and tolerate having devices coming and going in real time like other fabric technologies. In the space of new buses, that is where RDMA over Ethernet and the capabilities of using that as a new intersystem fabric come into play. That also bleeds into some of those memory buses I mentioned before, whether it is C6 or Gen Z.
Those areas — Remote Direct Memory Access over Ethernet networks following Ethernet technology, 25 Gb to 100 Gb and the new memory bus technology — represent an entirely new innovation surface for systems.
What emerging technology has everyone’s attention?
Danny Cobbvice president of global technology strategy, Dell Technologies
Cobb: One that is top of mind is emerging memories. Imagine you have a cost-effective, very high-performance DRAM class memory that is persistent. How does that change every place you have an IoT [internet of things] sensor out there? If I can start to buffer that in a very low-cost, persistent device, now I have elements of persistent storage out on the edge, which today I really can’t do. If I put flash out there, that’s too slow. If I put DRAM out there, then I have to put a battery with it to keep it from losing state. This will enable a whole new class of architecture that will be enabled by persistent memory living in all these dirt-cheap, fingernail-sized processing solutions that go out in all these IoT devices.
A true DRAM-replacement persistent memory — that is the disruptive step. If we make it persistent, we start to change the way we write software. We don’t write software to do POSIX reads and writes to a file system with a volume manager. Instead, I do loads and stores from a processor into memory, and that is my application. These memory-native or memory-centric workloads will start to accelerate in their adoption. We already see pieces of that today with the move to SAP HANA and in-memory data management applications that come from the transactional world into this new world.
Those are largely evolutionary steps. The revolutionary step — at least one as revolutionary as the move to multithreaded programming 20 years ago — is this persistent memory model for applications. New software and a new programming language will be written for that.
Robert Gates covers data centers, data center strategies, server technologies, converged and hyper-converged infrastructure and open source operating systems for SearchDataCenter. Follow him on Twitter @RBGatesTT or email him at [email protected].