MoMusings

As some of you may have noticed this blog has been rather quiet over the last month or so, why? Well this posting should give you some idea why I haven’t been able to find much ’spare’ time to post here. Hopefully things should get back to something resembling ‘normality’ [if there is such a thing], at least for a while.

The EMEA SecureWorld conference was held in the beautiful city of Prague in the Czech Republic between the 21st and 24th of November at the Prague Hilton about a mile from the historic centre of Prague.

I arrived late in the afternoon on the day [Sunday] the before the conference started, and was rather surprised that it had snowed; in fact it was snowing most of Sunday which made it a cold trip from the airport to the hotel.

Having been to Prague before and knowing that the taxi drivers are notorious for:

• Speeding
• Driving like maniacs
• Over-charging tourists

I decided to have a ‘mini-adventure’ and try and get to the hotel via public transport; bus and then metro. I must admit I was feeling rather daunted by the prospect, but apart from the bus driver being rather brusque and awkward, the trip was fairly simple and I arrived about an hour after leaving the airport. All for the cost of around 1 UK Pound [40 Czech Crowns] instead of the 600-1,300 Czech Crowns [Koruna] it would have cost by taxi.

But, don’t just take my word for it. Here’s a picture from the Virus Bulletin 2001 conference featuring Graham Cluley from Sophos with a slide about the ‘risk’ levels of certain things:

The text below the ‘Meteor Strike’ image that he is obscuring, says ‘ LOW, but pretty nasty’, so you can see that if you willing use Prague taxis you are considered to have a ‘Death Wish’, or just don’t know any better!

On the subject of Prague taxi drivers being notorious, they even tried to rip-off [over-charge] the Mayor of Prague when he was disguised as a tourist!

Anyway, back to EMEA SecureWorld:

I was invited to present on the following:

• DI09 - IDS and IPS Another piece of Protection Puzzle [1]
• DI10 - Outsourcing Security, Why and What? [3]
• TM18 - Bots and Botnets: Risks, Issues and Prevention [2]

Two of these presentations [DI10 and TM18] were repeated on the last day of the conference; so I ended up doing five one hour presentations. Not only that but I also was interviewed by a journalist for the Czech version of one of the technology magazines [Professional Computing] and I also participated in a ‘radio interview’ for the Czech republics largest radio station. The radio ‘interview’ will be translated into Czech and will be broadcast in January 2006.

Both of these were about ‘bots and botnets’ as well as SPAM and Phishing.

Representing the US Virus Cert was Chuck Springer who gave a number of presentations on malware related topics.

• TM01 - Introduction to Malware
• TM02 - Worm Wars
• TM03 - First Aid Virus
• SGC04 - Corporate Threat Assessment Model
• TM04 - Will International Law Stop Virus Writers?

Other things to be aware of in Prague are: the pick-pockets, beggars and the the infamous scam where you get approached by someone asking for change, next thing you know a ‘policeman’ is demanding to see your passport, and then proceeds to conviscate it. Next, both the ‘change’ requestor and the ‘policeman’ disappear. Guess what, the policeman was not a policeman and you have been scammed and are now without your passport!

How do I know about this scam? Well I have been to Prague before, to present at the Virus Bulletin 2001 conference and the paper I was doing that year was all about hoaxes, scams, urban legends and related things. So, before I went I did some research in to local ‘known’ scams, hoaxes. etc.

Don’t get me wrong I really like Prague, it really is a very beautiful historic city with some amazing architecture, and I would happily go there again, in fact my Son is very keen to visit as soon as I can be surgically removed from my computers and my desk .

Right, back to the EMEA SecureWorld conference:
There were a number of other interesting presentations which I managed to attend, including a very good one on ‘Secure DMZs’ presented by Jeff Crume. However, it was not possible for me to attend all of the ones I was interested in as I was often presenting at the same time as they were being run, typical!

All in all, this was a useful conference to attend and the feedback we’ve received so far indicates that it was a hit with the delegates too!

On the Friday, the day I was travelling back to the UK, it started to snow again, quite heavily. So I arrived to snow, it didn’t snow during the conference [although it was bitterly cold] but started to snow as I was leaving Prague.

I decided to repeat my ‘mini-adventure’ and try and get to the airport via public transport; metro and then bus. I allowed extra time, however I needn’t have worried as the whole trip was painless and I was at the airport in under 45 minutes and as I bought a ticket for the metro and bus in advance it cost me about 50 Pence [20 Czech Crowns].

[1] This presentation is based on the paper written for the EICAR 2005 conference and can be dowloaded from http://arachnid.homeip.net/papers
[2] This presentation is based on the paper written for the Virus Bulletin 2005 conference and can be dowloaded from http://arachnid.homeip.net/papers
[3] There is no paper for this.