Sacred cow, karma and mustache: how and why Indians are not indifferent to IB

    Recently, he has become frequent in India. Apparently, my mustache has such karma: the Indians love me, and to me, in general, India also likes me. Today we’ll talk about how rich the world of information security is in this country, which conferences are held in major cities, and, by tradition, we can’t do without small sketches from everyday life.

    Delhi (GroundZero 2013)

    Delhi, or New Delhi (even the Hindus themselves are confused here), is the capital of India. I was invited there to the Ground Zero conference, a completely new event, made extremely high quality not only by the standards of India, but also by world standards. The organizers have chosen the most correct approach to organizing such events. UBM Media, the company that owns many IT and IB conferences in the United States and, more recently, in the world, was responsible for the commercial part. Their assets include such well-known conferences as BlackHat and Interop, as well as the DarkReading online resource ( Organizers of local conferences and local security parties, including NullCon, Malcon, Clubhack, Cocoon, Innefu, were also responsible for the content. The result was a kind of killer mix. The only obvious minus of the confession was its strict focus on Indian gosov,

    However, in general, everything was quite competent: about half of the reports and workshops were purely advertising in nature and were sponsored, while the second half was quite interesting from a technical point of view. The program consisted of 4 days, with the first two reports “stacked” and the other two consisting of workshops lasting 4-8 hours. Unfortunately, this year the first 2 days intersected with ZeroNights, so I only managed on the last day exactly to my workshop.

    Traditionally, I will not go into the details of my and other people's performances, since they can be viewed on the site. I can only say that after the night flight and the past ZeroNights I was a little out of shape, so I asked for the help of the organizers for help to bring a jar of redbow to the report. As a result, every half hour of a four-hour performance they brought me a redbul. For the fifth time, the audience applauded almost standing up. But in general, it was an unremarkable mini-training on the basics of SAP security.

    The main feature of the conference, in my opinion, was that they managed to invite John McAfee himself as keynote speaker. The legend man, my idol, the crazy founder of McAfee, which is always accompanied by various rumors. They say, for example, that he was hiding in Belize from the American authorities, was accused of killing his neighbor in the jungle, and owned an underground laboratory for the manufacture of psychostimulants. All his life, McAfee was fond of extreme sports and was characterized by crazy antics. By his seventieth birthday, he had not lost his sense of humor and even released a video on how to remove McAfee antivirus.

    All these colorful details are for the sensitive public. Professionals appreciate McAfee for his original and tough approach to business. He took a fee for his speech, but he was unable to come personally due to visa problems. As a result, visitors were content with a video of his performance, where he PR for his new startup for 30 minutes! This is aerobatics in marketing. Briefly outline the essence of his new "tricks". At such a young age, he moved to Portland, the capital of hipsters, where I’m flying, describing this story, and became interested in the “incredible” idea that the whole world will soon hear about. Namely, for all this hype with privacy and Snowden, he decided to make his Internet, with soft toys and pink unicorns, pooping butterflies, with a special device through which access is made, so that no one can “as if” be able to trace or decrypt the traffic, and in general can’t do anything with it. A kind of hardcore TOR, which the "good Robin Hood" John will give to everyone to escape from the evil NSA.

    Naturally, the conference was held at the coolest hotel in Delhi, where the Gos stay. There is even a hyper-fashion club for golden youth, where for the first time in my life I met a normally dressed pretty Hindu. Unfortunately, like many hotels in India, their owners are sure that it’s enough to just build a palace, decorate it with gilding, hang a plate “5 * hotel”, and you can do nothing more. And the fact that after 20 years the walls begin to bubble, the gilding to rust, and the shells to crack, they are of little concern. However, me too.


    Attendance: 500–600 people
    Visitors: 90% - Indian states, foreigners - no more than 5%
    Format: 4 days (2 days reports in 3 tracks, 2 days workshops in 2 tracks)
    Price: $ 67–134

    Mumbai (CISO Platform Summit 2013)

    After Delhi, I flew almost immediately to Mumbai for another newly-minted CISO Platform Summit event. Organized by the CISO Platform Professional Community. An extremely interesting format: in general, it’s not even a conference at all, but rather a platform for the exchange of experience.

    The speakers included about 80 people with a total number of visitors of about 200. For the most part, short TED-style performances and demonstrations of 10-15 minutes were presented about some significant project that one security guard wants to share with others. The result was such a concentrated exchange of experience. In addition, there were round tables at the conference where security managers discussed various issues.

    Mumbai is a city of contrasts, the craziest place. You can love and fiercely hate him, but it is extremely difficult to remain indifferent. A place where polished luxury intersects with unimaginable dirt and poverty, a place where the line between the rich and the poor turns into an abyss. This is not at all like in Russia. Only here, you can probably get out of the most luxurious hotel, where in the toilet a maid opens the door to the restroom and see a family living in boxes right at the fence.

    In Mumbai, I managed to walk a little more, and I went straight to the slums of Dharavi. The taxi driver looked at me for a long time, trying to decide: I made a mistake with the address or was damaged by the mind. In his opinion, we had to go to the gates of India or beautiful gardens, beaches. “God, man, you can download“ beauty ”on the Internet, drop it, go to the slums,” I said.

    So, Dharavi are known for being the largest slums in Mumbai and about half a million Indians live in them. Not so much. For comparison, the population of the black townhouse of Kayelish in South Africa has exceeded one million, but what about Mitchell's Plain, a suburb of Cape Town, where people live in color and where Die Antwoord hangs out and shoots his clips, I generally keep quiet. But Dharavi became famous all over the world thanks to the film "Slumdog Millionaire". It was there that the famous pipe was located, along which residents walked in the absence of a road buried under meter-long layers of garbage. Now the pipes are gone, and the area itself has become much cleaner. I went there to photograph the locals, but in the end I myself became the subject of a “photohunt”. As the Indians explained, a new Bollywood blockbuster Ram Leela was recently released, the main character of which I reminded them.

    It's funny that the boys from the slums for 5 meters immediately recognize the latest Lumia model, while adult IT people from the same CISO Platform think that this is a Samsung. Generally, Indian children are very advanced. I even presented one with a ZeroNights T-shirt - let it popularize the theme. According to a local security official, I found the best place to advertise the conference, as it turns out that the coolest specialists grow out of these slums.

    It was there that I had the idea to spread the attributes of ZeroNights all over the world and photograph people from around the world in clothes with our emblems, leave flags in the most remote places in the world. The initiative was supported by our entire team, and we will also be glad to your participation. So far, only about 10 countries have been gathered, but I want to jointly fill, of course, the whole world. You can track the movement of ZeroNights using the hashtag #ZeroNightsWorld. The rules are simple: take photos of people in whom it’s easy to guess the locals in the attributes of ZeroNights (for example, a taxi driver in Bangkok or a seller of kebabs in Turkey), and tweet with the hashtag #ZeroNightsWorld, indicating the country, city and a brief description. Authors of the best works will receive free tickets and will go down in the history of this megaproject.


    Attendance: 200–250 people
    Visitors: 80% - security managers of Indian companies
    Format: 2 days, about 80 mini-reports
    Price: $ 125

    Goa (NullCon Goa 2014)

    Well, we got to the most famous Indian conference, which celebrated this year its 5th anniversary. Somehow I could not get there before. And finally, in mid-February, I ended up on a business trip to Goa. That sounds good. As expected, the atmosphere at the conference is extremely relaxed. But how else, if from the venue of the event to the beach only a few meters, depending on the tide (then 5, then 20, it’s true, I counted).

    Probably only ShakaCon in Hawaii can compare with this conference, but I haven’t been there, not in the know. This year, NullCon had the most people, about 500 people. Even in my two-hour workshop, held in parallel with two reports, there were 50 Indians, which is quite a lot for such a specific topic as SAP Security. Although it should be noted that in India now this direction is actively developing. There are more and more Indians among SAP consultants, the topic is actively “warming up” (by the way, we are aggressively recruiting people again, write, even if there are no specific vacancies posted).

    The conference was held on February 14, in connection with which there was a big Tory in the shape of a heart for lunch, and the slogan of the conference “let's spread love not viruses” testified to the increased mimicry of the event. The conference is mainly inhabited by pentesters and consultants from all over India, but I even met a couple of Europeans from Copenhagen who came as visitors.

    As for the reports, the keynote from the BlackHat organizer should have been interesting, but, unfortunately, I overslept it, went to the Qualys report about SCADA, “I learned a lot.”

    In general, most of the time I spent in communication. There I met my followers, one guy promised to grow the same mustache by next year. Check it out.


    Attendance: 500 people
    Visitors: Pentesters and consultants
    Format: 2 days reports (2 tracks) + workshops (1 track), 2 days trainings
    Price: $ 115–288

    As for Goa itself, I’m a little disappointed. Well, yes, it’s warm, cheap, beaches, but the same thing can be found in other places of the world, and it’s warmer, cheaper, cleaner and without a crowd of absolutely wild Russians from Tagil and dead drug addicts from around the world. Yes, and no nightlife there has long been gone: most clubs close at 3 o’clock, and the main occupation of local ones is sticking to the ceiling.

    Of course, we can’t do without animal species again. Unfortunately, it is more difficult to find a dead cow in India than a dead child, because here they practice the rituals of burning. Therefore, here's a goodbye to you alive.

    That's all. Follow Twitter on @ZeroNights, watch new photos, participate in the #ZeroNightsWorld project!

    Also popular now: