Open Web Application Security Project Conference NYC 2008
One thing immediately apparent at the Open Web App Security Project (OWASP) introductory presentation is true adherence to the description of "openness". I am very impressed by the freedom of information presented so far. Books, white papers, even event recordings and video, are made freely to the public. There is no hindrance of copyright, of licensing, of disclosure agreements.
I spoke earlier in another conference of author/speaker Paul Glen and my brief conversation with him after his keynote speech. What I didn't share was the fact that I recorded his speech. I told him this and he explicitly asked me to not distribute it. I found this as a minor bummer because his speech was so enjoyable and interesting. Instead he asked me to refer people to his site and for them to obtain CDs from there. No problems with making money, and I still hold his work in high regard, but limiting disclosure at the cost of the larger public benefit?
I use this as an example only because it was so recent in my experience. There are many others whose work and help is stifled by the concept of "ownership". Nevertheless, I am very excited about the topics to be discussed at OWASP NYC, and I will be sharing select (read: interesting) recorded audio from this conference shortly.
I feel like I have finally found a security professional association that cares less about identity or profit and more about strengthening the overall security of our industry. I was pleased to see that the majority of users were on Macbooks (can you really call yourself "security conscious" running Windows and freely connecting to public wifi?) And every time I go to these things, the message is always dismal: Security is broken, we are in trouble, we need to act. At least they're realists.
