How To Sneak In To a Security Conference

← Back to Stories (view on slashdot.org)

How To Sneak In To a Security Conference

Posted by Soulskill on Tuesday February 28, 2012 @10:51AM from the equip-yourself-with-a-fake-beard dept.

jfruh writes "You'd think that, of all events, security conferences would have tight security. But one anonymous human pen tester managed to sneak into the RSA conference without credentials, using tried and true techniques like waving a badge from another conference at security guards and slipping in through exits."

189 comments

Min score:

Reason:

Sort:

Body language is an effective tool by Anonymous Coward · 2012-02-28 10:54 · Score: 5, Interesting

It's easy to avoid notice if you act like you know what you're doing, where you're going and that you belong where you are. Never stand still or look around.
1. Re:Body language is an effective tool by SJHillman · 2012-02-28 10:55 · Score: 5, Funny
  
  This is why I keep my lab coat from college. A lab coat says you know what you're doing. Throw in a clipboard and you're gold.
2. Re:Body language is an effective tool by vinehair · 2012-02-28 10:56 · Score: 5, Insightful
  
  It's easy to avoid notice if you act like you know what you're doing, where you're going and that you belong where you are. Never stand still or look around.
  Bingo. Simple tactics and social engineering are usually all you need if you really want to get at something.
  The weakest link in any security chain is always the people, and people are easy to deceive.
3. Re:Body language is an effective tool by oakgrove · 2012-02-28 10:58 · Score: 4, Funny
  
  And should you find yourself at a construction site just put a 2x4 over your shoulder and walk purposefully with a stern look on your face. Works every time.
  
  --
  The soylentnews experiment has been a dismal failure.
4. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 10:58 · Score: 2, Funny
  
  Sometimes the weakest link is the default password.
5. Re:Body language is an effective tool by X0563511 · 2012-02-28 11:00 · Score: 2
  
  I certainly don't intend to, but it seems whenever I go out shopping for something I end up being asked "do you work here" - if someone doesn't outright assume I do and ask for help.
  It happens even when I'm wearing something completely different than the store's uniform. ... am I unintentionally giving that kind of impression, do you think? I wonder if I could put that into something useful :P
  
  --
  For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
6. Re:Body language is an effective tool by geekoid · 2012-02-28 11:02 · Score: 2
  
  Cause without the 2x4 those busy, tired, and afraid of losing their jobs construction people will call you out?
  
  --
  The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
7. Re:Body language is an effective tool by PatPending · 2012-02-28 11:06 · Score: 5, Funny
  
  A construction site... or when you're trying to go backstage at a Village People concert.
  
  --
  What one fool can do, another can. (Ancient Simian Proverb)
8. Re:Body language is an effective tool by oakgrove · 2012-02-28 11:06 · Score: 1
  
  Not necessarily. It just helps you look busy.
  
  --
  The soylentnews experiment has been a dismal failure.
9. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 11:07 · Score: 5, Funny
  
  whenever I go out shopping for something I end up being asked "do you work here"
  Do you always look bored and slightly retarded?
10. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 11:08 · Score: 0, Informative
  
  The important part is the union button.
  I've been called out on job sites when I'm there legitimately.
11. Re:Body language is an effective tool by Johann+Lau · 2012-02-28 11:13 · Score: 4, Interesting
  
  Exactly! As a hobby photographer it often amazed me how a decent camera and lens, plus the attitude you described, makes other people react sometimes or what it lets one get away with. Like stumbling into and through an area full of cops and only later finding out that civilians aren't allowed in there. Just act like you're on the way to something important, don't be a tourist, be light-hearted and content and focused. That is, even if you're just checking everything out, act like you're focusing on a task (it can even be just getting from A to B while checking your equipment (which in the case of this topic would be your mobile devices I guess :P)). Maybe even give a professional nod here and there haha. If nothing else, it's hilarious!
12. Re:Body language is an effective tool by CanHasDIY · 2012-02-28 11:24 · Score: 5, Interesting
  
  This.
  
  When I was doing gig work, I learned the easiest way to get backstage at a show is to appear on the loading dock a few hours before the event, wearing all black, and start helping the crew do their load-in (industry term for "take the shit off the trucks and set it up on stage"). Once load in is complete just hang around the backstage area until the show.
  
  The downside is, since you're dressed like a stagehand, you'll probably be treated like one, so don't expect to spend the whole show standing around with your thumb up your ass.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
13. Re:Body language is an effective tool by reason · 2012-02-28 11:27 · Score: 1
  
  If you move about about fairly slowly, but without seeming to be focused on something in particular that you are about to buy, that'd do it. Especially if you are about the expected age of an employee and wear clothes that look like retail work clothes: e.g. cheap button-up shirts coupled with slacks or a skirt.
14. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 11:27 · Score: 0
  
  You joke, but I often get the same thing. ESPECIALLY at electronics stores, where the employees are BSing to the customers why something is better, rather than going 'What do you need to use this for? Did your last computer do what you needed? Is there anything else it should be able to do.' Then you glance at the inventory, point them at a couple choices, plus a recommendation, and there leaves a happy customer.
  It's not rocket science, and it's really sad more salespeople don't spend an hour a day improving their sales literacy.
15. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 11:28 · Score: 5, Funny
  
  Getting backstage at a Village People tribute doesn't necessitate stealth, just willingness.
16. Re:Body language is an effective tool by Terrasque · 2012-02-28 11:28 · Score: 2
  
  I wonder if I could put that into something useful :P
  Like this? http://web.archive.org/web/20050412233112/http://lineman.net/node/270
  or ... more general stuff.. http://fr.thehackademy.net/madchat/esprit/textes/The_Art_of_Deception.pdf
  
  --
  It's The Golden Rule: "He who has the gold makes the rules."
17. Re:Body language is an effective tool by Beardo+the+Bearded · 2012-02-28 11:29 · Score: 2
  
  I get that a lot as well.
  The problem is I like to be helpful, so I'll answer questions if I can. Last couple of times I went shopping I was offered a job! I mean, seriously, can't a guy just go about his day without people begging him to take a job?
  I have also thought about moving from "helpful" to "grand theft" but then I realize that I could just buy the stuff for a lot cheaper than whatever my lawyer would charge.
  
  --
  
  ---
  ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
18. Re:Body language is an effective tool by AK+Marc · 2012-02-28 11:30 · Score: 1
  
  And when you ask firmly, people rarely refuse. "hold this" "smile" When you act like you belong, others act like you belong as well.
  
  --
  Learn to love Alaska
19. Re:Body language is an effective tool by crafty.munchkin · 2012-02-28 11:31 · Score: 1
  
  I often have the same issue. My standard answer is "No, but for $100 I'll answer your questions like I do!". Haven't had any takers... yet :)
  
  --
  ... wait, what?
20. Re:Body language is an effective tool by cptdondo · 2012-02-28 11:36 · Score: 5, Funny
  
  Long ago I learned that the best way to be invisible is to walk in dressed in overalls with a toolbelt, and announce "Plumber!" to everyone in earshot. You can walk into a women's bathroom, yell "Plumber!" and none of the women will even notice as you walk around....
21. Re:Body language is an effective tool by Delarth799 · 2012-02-28 11:37 · Score: 4, Funny
  
  If you shop at Wal-Mart everybody thinks everybody else works there.
22. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 11:37 · Score: 5, Informative
  
  You said this as a joke but that you're actually right makes it even funnier. Sometimes I wouldn't bother taking off my lab coat on my way home from work, and you wouldn't believe how much authority that granted me to those I passed into on my way home. People always think the most ridiculous things when they see a lab coat. Was I a rocket scientist, a doctor? A nuclear physicist? Or was I just just a guy who had to wear a lab coat and didn't really do anything that important? Except no one except those that realize how normal lab coats are thinks the last one.
23. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 11:39 · Score: 2, Insightful
  
  Carrying things is also good.
  I worked at a vending company, and let me say, if you're carrying a box of sodas with both hands while standing helplessly by the door, all you need to say is "I'm here for the vending machines" and someone will let you in for most places.
  Now, federal sites that doesn't work so well. At a delivery company I worked with, if you're going to a federal site (post office, airport, etc) if you're not wearing the right clothes, have the right badge, and come in the right vehicle, you're not getting in.
24. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 11:44 · Score: 1
  
  A dazzling smile, a stack of pizzas and a liter of coke, plus a tight, low cut tank top gets me through just about every secure check point.
25. Re:Body language is an effective tool by FatdogHaiku · 2012-02-28 11:48 · Score: 4, Funny
  
  If you look purposeful and/or busy at a construction site you run the risk of getting promoted...
  The whole sub-contractor structure avoids "Peter - Principling" everyone useful right off of the job site.
  Also, "a" 2x4 is a stone bust. At least 4 pre-cut studs or approximately 30 lin Ft of 2x4 is a load that will not single you out... at least until you toss it into your truck ;^)
  
  --
  You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
26. Re:Body language is an effective tool by BobZee1 · 2012-02-28 11:50 · Score: 1
  
  that is awesome!!! i thought i was the only one. i get this ALL the time. i read the few replies to your comment and maybe i am retarded and look dull.
  
  --
  dumber people are doing harder things everyday
27. Re:Body language is an effective tool by FatdogHaiku · 2012-02-28 11:51 · Score: 2
  
  The important part is the union button.
  I've been called out on job sites when I'm there legitimately.
  True Data
  
  --
  You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
28. Re:Body language is an effective tool by The+Mister+Purple · 2012-02-28 12:02 · Score: 4, Insightful
  
  Default passwords remaining at default is caused by people.
  
  --
  "For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." Feynman
29. Re:Body language is an effective tool by OhSoLaMeow · 2012-02-28 12:09 · Score: 1
  
  I got away with this at a concert back in '76. I happened to be dressed just like the security people (jeans, denim shirt - whoda thunk it) and a camera with a long zoom lens. I parked down in front of the stage and while the security people were booting other people out left and right, they left me alone.
  
  --
  They can take my LifeAlert pendant when they pry it from my cold dead fingers.
30. Re:Body language is an effective tool by Barbara,+not+Barbie · 2012-02-28 12:11 · Score: 1
  
  Or walk in through the loading dock of most companies with a clipboard and a white hardhat with the municipal logo on it - nothing says "surprise inspection" better.
  WARNING: Don't try doing the white hardhat thing on a construction site - you'll scare all the illegal/cash workers away.
  
  --
  Let's call it what it is, Anti-Social Media.
31. Re:Body language is an effective tool by Imrik · 2012-02-28 12:20 · Score: 2
  
  Sales people aren't there to help the customer, they're there to make sales, preferably of items with good profit margins.
32. Re:Body language is an effective tool by Tyrannosaur · 2012-02-28 12:34 · Score: 3, Funny
  
  spend the whole show standing around with your thumb up your ass.
  What kind of shows do you go to??
33. Re:Body language is an effective tool by gatkinso · 2012-02-28 12:38 · Score: 2
  
  Most techies who work with electronics don't wear lab coats they wear ESD smocks.
  
  --
  I am very small, utmostly microscopic.
34. Re:Body language is an effective tool by philip.paradis · 2012-02-28 12:40 · Score: 4, Funny
  
  That can be taken two ways.
  Wait, the previous sentence can be taken two ways. Crap, I think I just put this comment into an endless loop.
  
  --
  Write failed: Broken pipe
35. Re:Body language is an effective tool by Anne_Nonymous · 2012-02-28 12:42 · Score: 5, Funny
  
  If you wear Wellington boots, a jock strap, and a huge sombrero, people generally don't mess with you.
36. Re:Body language is an effective tool by element-o.p. · 2012-02-28 12:44 · Score: 3, Funny
  
  I rather suspect a tight, low cut tank top -- with or without pizzas and coke -- would get me thrown OUT of most places (at least those that I'd have any interest in going to, anyway)
  
  Then again, I'm a dude :)
  
  --
  MCSE? No, sir...I don't do Windows. Yes, I am an idealist. What's your point?
37. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 12:46 · Score: 4, Insightful
  
  Never stand still or look around.
  I find this, in general, to be a good guideline in life. If you stop to look around at the beauty and wonder of life people think there is something wrong with you.
  Yes! I've been asked if I'm alright, and know where I'm at. To the latter, I respond: "Yes. I'm right here!"
38. Re:Body language is an effective tool by maxwells_deamon · 2012-02-28 12:52 · Score: 2
  
  I have helped at conferences where I had a right to be there but the registration system missed me for one reason or another.
  Carrying something in which covers the bottom of the lanyard while they are setting up works like a charm. A couple of lightweight boxes works best.
39. Re:Body language is an effective tool by hot+soldering+iron · 2012-02-28 13:00 · Score: 1
  
  I *really* hope you're a girl. I need a pizza about now...
  
  --
  When you want something built, come see me. If you want correct grammar and spelling, get a F*ing liberal arts student.
40. Re:Body language is an effective tool by Zlotnick · 2012-02-28 13:03 · Score: 1
  
  A safe bet, this.
41. Re:Body language is an effective tool by msauve · 2012-02-28 13:05 · Score: 4, Funny
  
  "If you wear Wellington boots, a jock strap, and a huge sombrero, people generally don't mess with you."
  
  Especially if that's all you wear. Except in NYC, where you may get mistaken for the nekkid cowboy.
  
  --
  "National Security is the chief cause of national insecurity." - Celine's First Law
42. Re:Body language is an effective tool by murder_face · 2012-02-28 13:29 · Score: 2
  
  And should you find yourself at a construction site just put a 2x4 over your shoulder and walk purposefully with a stern look on your face. Works every time.
  All it really takes is a hard hat. The cleaner that you look and the less you are doing, the more important it makes you seem
43. Re:Body language is an effective tool by minkie · 2012-02-28 14:29 · Score: 3, Insightful
  
  Tell me about it. I used to work in a hospital (not as a member of the medical staff). I had a labcoat that I kept mostly to keep warm when the air conditioning got too cold. If I put it on and wandered the halls, there was pretty much nowhere I couldn't go. I'll bet if I hung a stethoscope around my neck, I could have walked into the OR and nobody would have said "boo".
  Adjust the costume to fit the venue. Hardhat at a construction site. Trial case in a courthouse. If you saw a guy with a pitchfork and covered in manure walking through a stable, would you stop him and demand to see his ID?
44. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 14:36 · Score: 0
  
  Maybe they don't think that you work there. Maybe they just think you might be able to help? I mean there are still such things as friendly people, right?
45. Re:Body language is an effective tool by Macman408 · 2012-02-28 14:48 · Score: 1
  
  Add a big lens hood and it works even better.
46. Re:Body language is an effective tool by flimflammer · 2012-02-28 15:11 · Score: 1
  
  Yeah, but most regular joes don't know that.
47. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 15:28 · Score: 0
  
  ...I could have walked into the OR and nobody would have said "boo".
  OR is easy, nobody really wants to go in there. Why would you want to? Try getting into a server room - not so easy. Pharmacy? Good luck with that.
  Security is all about keeping the good stuff away from the bad (or stupid) people. That's why getting into this security conference was about as silly as getting into an OR - it's not where an unauthorized person should be, but really nobody tries anyway so 'security' is rather lax.
48. Re:Body language is an effective tool by oldmac31310 · 2012-02-28 15:36 · Score: 1
  
  So you're saying that sometimes you do wear the store uniform? I don't know, that sound like imposture to me. You might want to stop doing that!
  
  --
  http://www.acetonestudio.com
49. Re:Body language is an effective tool by krept · 2012-02-28 16:02 · Score: 5, Insightful
  
  Find a pack of people smoking. They always know the easiest way to get out and back in quickly.
  
  --
  None of us know everything. Therefore we're all naïve.
50. Re:Body language is an effective tool by WalkingBear · 2012-02-28 16:14 · Score: 1
  
  And a lanyard with something that loooks like an employee id badge. Even better if the lanyard is from oen of the local media outlets or newspapers. You can usually pick up a handful when they sponsor charity events and such.
  The camera, good size lens and lens hood are good too. Also, make sure you practice with the gear so you really do look like you know what you're doing.
  Hesitation will get you caught every time. Focus on what you're doing, be professionally courteous, but act and assume you're going to get the shot. And 9 times out of 10, you will.
51. Re:Body language is an effective tool by jaymemaurice · 2012-02-28 16:33 · Score: 1
  
  Works really well at the auto shows too... The best piece of equipment to carry to make the effect work is an expensive tripod. Nobody stops or walks infront of the guy with the tripod.
  
  --
  120 characters ought to be enough for anyone
52. Re:Body language is an effective tool by davester666 · 2012-02-28 16:34 · Score: 1
  
  The same people who wear lab coats home from the office also wear trenchcoats to the supermarket...
  
  --
  Sleep your way to a whiter smile...date a dentist!
53. Re:Body language is an effective tool by mallyn · 2012-02-28 16:43 · Score: 2
  
  And to you folks who are the real crafts-people who set up conferences. . . .
  *PLEASE*PLEASE*PLEASE* Watch you damn tools!!!
  You would not believe how much potential for theft there is at these large conferences and conventions.
  Sometimes I just want to bang my head against the wall and scream as loud as I can when I see the amount of expensive tools and equipment left unattended in a convention hall during set-up or tear-down when *****anyone***** can walk into the place!!!!!!
  So, I beg of you all who are there legitimately, please, for God sakes, don't leave you stuff unattended. Especially laptops with sensitive personal or company data. And especially those $30,000 scopes and logic analyzers. As a minimum, get a lockable transport case to put those goodies in.
  
  --
  Most Respectfully Yours Mark Allyn Bellingham, Washington
54. Re:Body language is an effective tool by mug+funky · 2012-02-28 17:11 · Score: 1
  
  what kind of stables are high security?
  i suppose if you had a labcoat they'd be more likely to stop you, just in case you're doping the racehorses.
55. Re:Body language is an effective tool by AdamWill · 2012-02-28 17:58 · Score: 2
  
  presumably the stables of high-end race horses are rather high security when it comes to people who work with the *competing* high-end race horses.
  "let's see, a couple of ambien in the nosebag, and...there's one more competitor we don't have to worry about..."
56. Re:Body language is an effective tool by AdamWill · 2012-02-28 18:00 · Score: 1
  
  the problem is clearly that people don't wear hats any more, so you have nowhere convenient and immediately visible to stick your press pass.
57. Re:Body language is an effective tool by kubernet3s · 2012-02-28 18:23 · Score: 1
  
  More than likely, someone will stop you and harass you for wearing a lab coat outside of the lab, and wonder what they hell you're carrying a clipboard, instead of a lab notebook. No one who knows what they are doing thinks a lab coat says you know what you are doing (except in medicine, where lab coats are not safety equipment, but magical raiments invested with doctorly powers...f---in prodocs...)
58. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 18:39 · Score: 0
  
  I've had this happen to me at Fry's Electronics, at OfficeMax, at Blockbuster Video, and other stores I can't recall specifically. I was dressed somewhat professionally, but not similar to what store employees were wearing.
59. Re:Body language is an effective tool by Neil+Boekend · 2012-02-28 20:24 · Score: 1
  
  Only in some movies.
  
  --
  Well, I might have a way, but it only works on a semi spherical planet in a vacuum.
60. Re:Body language is an effective tool by rioki · 2012-02-28 20:26 · Score: 2
  
  The best are those with jeans, a shirt, a hard hat and a slim briefcase; puts you into the architect, structural engineer category. Workers might not like you, but they will definitely go out of your way, since you must be important.
61. Re:Body language is an effective tool by JWSmythe · 2012-02-28 20:30 · Score: 4, Interesting
  
  Yup.
  I've only circumvented security in places where I was allowed to be, but the people who were my innocent victims had no clue who I was. Much of the time, it's more bother than it's worth to get your badge.
  A lot of it depends on the type of event you're crashing. For something like this, being a member of the media is amazingly useful. I *do* run a news site. We never bothered with "legitimate" press passes. That is, there is no such thing. A stack of business cards is handy, but not required. Something printed on card stock with the name of your publication, laminated, and in a clip on or noose (err, lanyard) will open a lot of doors. The most important part is having a DSLR camera in your hand. You can get older ones pretty cheap on eBay. It's nice if it works, but just as an access pass, it doesn't need to.
  Dressing the part is a good idea. The media, unless they're to be in front of the camera, don't wear button up shirts or ties. T-shirt and jeans are perfectly acceptable, and actually preferred.
  Once you're press identity works, you can be pretty much lost, and get help. That includes getting in the back stage door for the better shots.
  I've walked on stage at concerts, right on the side lines at sporting events, and walked right up to the podium to take pictures. It can help to keep playing the part. I'm not sure if it's required, as I'm really taking photos for legitimate purposes. usually walking past security doesn't require any actual words to be spoken. Hold the camera up a little to show that you have one, and a nod are all it usually takes.
  It's a good idea to have some sort of dialogue planned out. It's usually just "who do you work for." It really doesn't matter who it is. Smaller is frequently better, especially if there's a chance the organization you say you are with may actually attend.
  If you don't want to go the press route, you can usually walk in with a crowd. Most events aren't secure enough to require every person to show their badges to go through every door. Blend into a crowd of 6 people or more going past security at the same time. Just make sure you're on the far side of security, so they don't notice that you didn't have a badge.
  Security generally has no idea who's suppose to be there at such events. The only way they have a clue is because you have the cool badge. For a lot of events, it's a piece of paper inside a generic plastic holder, sometimes on a lanyard. Some of us bring our own lanyards. That's no big deal. The problem with lanyards is, your badge can easily flip around, so all the see is the white back of it. That "accident" can let you right through, with a plain piece of paper in it. An empty plastic holder can be good too. "Shit it must have fallen out. Can I get one after this session is over?" Many events stop taking signups after the first few hours of the event, so getting a "replacement' is impossible, and your empty holder is just as good as a replica of the real thing.
  The biggest thing is, look like you belong there. Walk with a purpose. Ignore those commoners who are also attending. Have a good idea of where you're going, so you can walk directly there, without stopping. Wandering around like a lost attendee bulks you into the crowd of attendees, and you will likely e stopped.
  
  --
  Serious? Seriousness is well above my pay grade.
62. Re:Body language is an effective tool by Bazer · 2012-02-28 20:59 · Score: 1
  
  Yes! I've been asked if I'm alright, and know where I'm at. To the latter, I respond: "Yes. I'm right here!"
  If I got a response like that, from a person staring off in the distance I'd only feel reassured and head on my way and fast.
63. Re:Body language is an effective tool by iB1 · 2012-02-28 21:42 · Score: 1
  
  There was an article on the BBC a while back about a similar thing with Hi-Viz jackets. In the UK - virtually anyone doing anything remotely hazardous (unloading trucks, security etc. etc.) seems to need a high-viz jacket for 'elf and safety reasons.
  
  All you need to do is go to the pound shop, buy a hi-viz jacket and you could probably wander in and out of various buildings without security batting an eyelid
64. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 22:02 · Score: 0
  
  wait, that's not ture?
  dang, I always thought I was their one and only customer...
65. Re:Body language is an effective tool by L4t3r4lu5 · 2012-02-28 22:13 · Score: 1
  
  Mickey Flannigan did a skit on, I believe, Michael McIntyre's Comedy Roadshow where it stated that a cockney in a string vest walking down the high street with an open tin of Stella in one hand, another in his pocket, is given a very wide birth.
  
  --
  Finally had enough. Come see us over at https://soylentnews.org/
66. Re:Body language is an effective tool by L4t3r4lu5 · 2012-02-28 22:24 · Score: 1
  
  Try getting into a server room - not so easy.
  Turn up in a t-shirt, jeans and sneakers. Don't wash for three days. Tell the PHB you're here to rebuild the Transverse Array of Chronicled Objects on their Structured Hierarchy Instancing Test Suite. I bet he gives you root "in case you need it."
  
  --
  Finally had enough. Come see us over at https://soylentnews.org/
67. Re:Body language is an effective tool by Cant+use+a+slash+wtf · 2012-02-28 23:05 · Score: 1
  
  I'd say anyone who has ever been a teen looking to buy alcohol would know this.
68. Re:Body language is an effective tool by Anonymous Coward · 2012-02-28 23:12 · Score: 0
  
  I've been on plenty of construction sites legitimately as part of my office job, with no uniform or anything and no one asks any questions. As long as you have the safety gear you're fine.
69. Re:Body language is an effective tool by Ihmhi · 2012-02-28 23:21 · Score: 1
  
  A clip-on tie and look of utter defeat and misery in your eyes will get you into pretty much any government building.
  
  --
  Random Thoughts From A Diseased Mind (Not For Dummies)
70. Re:Body language is an effective tool by Ihmhi · 2012-02-28 23:23 · Score: 1
  
  "Oh, that's a nice apron! Are you, like, a baker or something?"
  This (and similar) statements have contributed to a high rate of suicide in lab-related techie work.
  
  --
  Random Thoughts From A Diseased Mind (Not For Dummies)
71. Re:Body language is an effective tool by Antique+Geekmeister · 2012-02-29 00:14 · Score: 1
  
  That happens to me in computer stores all the time. People will be hammering or confusing the overworked and underpaid sales staff, and I've bailed quite a few of them out with information about what the differences are between the cables, tools, or server characteristics. I do try not to interfere with the sale, but helping them get what they need quicker helps the sales person get free to answer _my_ question.
  It's especially amusing if I can reach into my bag and pull out the particular device they really need, which I carry around for emergencies, and show it to the salesperson instead of wasting time explaining it.
72. Re:Body language is an effective tool by St.Creed · 2012-02-29 01:17 · Score: 1
  
  In no company I've ever worked that would get you in. In at least two companies I wasn't even allowed near the service centre, even when I paid for the hardware. Data centres are usually guarded closer than a dragon's gold, and access is almost always doublechecked with the sysadmins.
  
  --
  Therefore, by the (faulty) logic you're using, you're just a cow with a keyboard - osu-neko (2604)
73. Re:Body language is an effective tool by St.Creed · 2012-02-29 01:22 · Score: 3, Interesting
  
  In The Netherlands there was a new government going to the Queen to be sworn in in July 2002, and at one point an additional minister nobody knew popped up :) He had rented an expensive car and a new suit, and announced himself as the "Minister of the Environment". The palace guards allowed him in. Unfortunately for them, there was no minister for the environment - he was an activist :)
  He tried the same trick 6 months later and got all the way into parliament, helpfully escorted by security :)
  
  --
  Therefore, by the (faulty) logic you're using, you're just a cow with a keyboard - osu-neko (2604)
74. Re:Body language is an effective tool by Phreakiture · 2012-02-29 01:52 · Score: 1
  
  Walkie-talkies are pure gold, too. They have to be the good ones, though, not the inexpensive ones you find in department stores and sporting goods places. I'm talking about the ones that are about 3" wide, 1"-2" thick and about 6-8" tall with either a 6" stinger antenna or a 6-8" rubber duck antenna. They should be completely black except for the display and the labels on the controls. In short, they should look like the ones carried by cops and firefighters; ones that are "obviously" professional and not consumer grade.
  They should not be obviously ancient (no chrome or grey in the colour scheme, for instance, no HF or VHF low-band antennas, which are excessively long, no telescopic antennas) and if you can get someone to generate some radio chatter for you, even better. Add a speaker-mic for your lapel, and the setup is complete.
  They don't pair well with a lab coat, but like the lab coat, they do pair very well with a clipboard.
  I have four of these as a ham radio operator and a MURS user.
  
  --
  www.wavefront-av.com
75. Re:Body language is an effective tool by Larryish · 2012-02-29 01:58 · Score: 1
  
  SO then it is not de fault of de password?
76. Re:Body language is an effective tool by Registered+Coward+v2 · 2012-02-29 02:10 · Score: 1
  
  It's easy to avoid notice if you act like you know what you're doing, where you're going and that you belong where you are. Never stand still or look around.
  Yup. One of the first things I learned when I was taking pictures form the old hands was "act like you belong there." I once did a race where I didn't have press credentials by noticing all the accredited press had a red armband. Bingo - some red tape and i was golden. Was allowed in everywhere, no questions asked.
  
  --
  I'm a consultant - I convert gibberish into cash-flow.
77. Re:Body language is an effective tool by alreaud · 2012-02-29 02:12 · Score: 1
  
  So I was living on the streets in Fort Collins around the early 2000's, and this is were Colorado State University is. I managed to convince the staff at some college buildings like the library and gym that I was a computer science graduate science student. It was great, I had the run of the place, and when I came in a little worse from the wear of the streets, they believed it was just a air-headed geek with his thoughts in the air having slept in his cloths again, LOL. Social engineering is a useful tool at times, and that experience lasted 2001-2005, BTW.
78. Re:Body language is an effective tool by alreaud · 2012-02-29 02:14 · Score: 1
  
  Four? Were you from? It better be at least 6 studs at 96"...
79. Re:Body language is an effective tool by daremonai · 2012-02-29 02:16 · Score: 1
  
  Actually, they get out of your way because they suspect you'll be annoying.
80. Re:Body language is an effective tool by Anonymous Coward · 2012-02-29 02:17 · Score: 0
  
  Works the same for a doctors white coat...
81. Re:Body language is an effective tool by Anonymous Coward · 2012-02-29 02:28 · Score: 0
  
  Having done some petty theft in my younger years, this is exactly how you steal stuff too.
  
  First you have to convince yourelf that you own the property. Once you've convinced yourself, everyone else believes it's yours too.
82. Re:Body language is an effective tool by CanHasDIY · 2012-02-29 02:36 · Score: 1
  
  The kind that require stagehands to work, apparently.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
83. Re:Body language is an effective tool by Anonymous Coward · 2012-02-29 03:06 · Score: 0
  
  I remember when I went for an interview at a fast food place, I showed up at the back door in slacks, a button up shirt, and carrying a briefcase, and they went and told the manager the health inspector was there. For the record, sanitation seemed up to par.
84. Re:Body language is an effective tool by Anonymous Coward · 2012-02-29 03:22 · Score: 0
  
  I actually got in trouble for asking some random for ID who was snooping around the office. He didn't want to show me and got quite irate when I asked him to leave. Turns out he was some dress shirt from the fifth floor, but I had never seen him before, and they decided to give /me/ the talking to. Sigh.
85. Re:Body language is an effective tool by tehcyder · 2012-02-29 03:22 · Score: 1
  
  And should you find yourself at a construction site just put a 2x4 over your shoulder and walk purposefully with a stern look on your face. Works every time.
  Don't forget to replace the lab coat with a hi-vis waistcoat though, or else you'll get some funny looks.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
86. Re:Body language is an effective tool by tehcyder · 2012-02-29 03:43 · Score: 1
  
  When I see a lab coat I think of doctors at a lunatic asylum, and so I try to kill them before they can sedate me.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
87. Re:Body language is an effective tool by tehcyder · 2012-02-29 03:47 · Score: 1
  
  a very wide birth.
  Sounds painful.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
88. Re:Body language is an effective tool by tehcyder · 2012-02-29 03:50 · Score: 1
  
  If you saw a guy with a pitchfork and covered in manure walking through a stable, would you stop him and demand to see his ID?
  Most horse owners I've come across wouldn't ask for ID if they didn't recognise him, they'd haive him a couple of barrels up the arse with a shotgun.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
89. Re:Body language is an effective tool by tehcyder · 2012-02-29 04:08 · Score: 1
  
  I certainly don't intend to, but it seems whenever I go out shopping for something I end up being asked "do you work here" - if someone doesn't outright assume I do and ask for help.
  It happens even when I'm wearing something completely different than the store's uniform. ... am I unintentionally giving that kind of impression, do you think? I wonder if I could put that into something useful :P
  You could always become a supermarket shelf stacker.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
90. Re:Body language is an effective tool by tehcyder · 2012-02-29 04:14 · Score: 2
  
  A dazzling smile, a stack of pizzas and a liter of coke, plus a tight, low cut tank top gets me through just about every secure check point.
  In fact, forget the smile, pizzas and coke.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
91. Re:Body language is an effective tool by tehcyder · 2012-02-29 04:20 · Score: 1
  
  They're probably too busy looking at the cop behind you about to hit the pervert on the head with his nighstick.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
92. Re:Body language is an effective tool by g0bshiTe · 2012-02-29 04:59 · Score: 1
  
  Same thing in a hospital and hard hat. I once walked straight into an OR, there was no operation at the time, but the staff that was in there said I couldn't be there until I told them I was in there evaluating for construction, then it was can I show you around? I was at the hospital installing window tint, it was a government job so hard hat was required.
  
  --
  I am Bennett Haselton! I am Bennett Haselton!
93. Re:Body language is an effective tool by g0bshiTe · 2012-02-29 05:00 · Score: 1
  
  Stop looking at my pants.
  
  --
  I am Bennett Haselton! I am Bennett Haselton!
94. Re:Body language is an effective tool by g0bshiTe · 2012-02-29 05:03 · Score: 1
  
  Over their lab coats?
  
  --
  I am Bennett Haselton! I am Bennett Haselton!
95. Re:Body language is an effective tool by JWSmythe · 2012-02-29 05:53 · Score: 1
  
  Yup. Execs from other offices and VIP guests are always likely people to get you in trouble.
  In places where I wasn't executive management, I've quietly asked "do they belong here". The answer is usually yes. Most people ignore the stranger who looks like they may belong.
  
  --
  Serious? Seriousness is well above my pay grade.
96. Re:Body language is an effective tool by Anonymous Coward · 2012-02-29 06:21 · Score: 0
  
  That can be taken two ways.
  Wait, the previous sentence can be taken two ways. Crap, I think I just put this comment into an endless loop.
  Which might not be what you'd want at a Village People concert.... but then again, maybe you would want it two ways there.
97. Re:Body language is an effective tool by Anonymous Coward · 2012-02-29 06:34 · Score: 0
  
  "Did somebody call for an extremely hairy plumber?"
  Also, don't forget to have half your ass crack hanging out =P
98. Re:Body language is an effective tool by cellocgw · 2012-02-29 07:09 · Score: 1
  
  I don't know, that sound like imposture to me
  If only that were intentional, I'd nominate you for "wordsmith of the week."
  
  --
  https://app.box.com/WitthoftResume Code: https://github.com/cellocgw
99. Re:Body language is an effective tool by kmoser · 2012-02-29 07:30 · Score: 1
  
  Just make sure to ditch the three-piece suit first.
100. Re:Body language is an effective tool by RivenAleem · 2012-02-29 20:59 · Score: 1
  
  What flavour are the Pizzas? And how do you expect a single liter of coke to suffice an entire stack of pizzas?
101. Re:Body language is an effective tool by davewoods · 2012-03-01 02:41 · Score: 1
  
  Tucker XD "I'm here to lay some pipe" "You say you have sisters? ... Who are twins?!"
102. Re:Body language is an effective tool by The+Mister+Purple · 2012-03-01 05:51 · Score: 1
  
  Well played, good sir. Well played.
  
  --
  "For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." Feynman
103. Re:Body language is an effective tool by si618 · 2012-03-01 13:34 · Score: 1
  
  Hey! You know Johnny too :)
  
  --
  Sometimes I doubt your commitment to Sparkle Motion
Quis custodiet ipsos custodes? by sehlat · 2012-02-28 10:57 · Score: 1

Like everything else, security is no better than the people implementing it.
1. Re:Quis custodiet ipsos custodes? by Anonymous Coward · 2012-02-28 22:18 · Score: 0
  
  In your attempt to sound smart did you forget that most people don't speak latin or were you trying to be an elitist asshole in general?
2. Re:Quis custodiet ipsos custodes? by tehcyder · 2012-02-29 04:24 · Score: 1
  
  In your attempt to sound smart did you forget that most people don't speak latin or were you trying to be an elitist asshole in general?
  That is one of the most well known Latin quotations in the world. It also features in Watchmen, which I would assume more or less everyone here has read.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
Security is about what you're securing. by Anonymous Coward · 2012-02-28 10:58 · Score: 5, Insightful

You'd think that, of all events, security conferences would have tight security.

No, I wouldn't think that. I'd think that a bank, or an event involving a US President would have tight security. Security is about what you're protecting, not who's involved in it. For the most part "stealing" admission to a conference is harmless, as long as a few people do it. The security only has to be good enough to make it so only a few people sneak in.
Security conferences aren't exactly a high profile event like, that appeals to millions (like say a Rock Concert), so people sneaking in is really not a big problem. If you didn't think you could sneak in to a conference before, you obviously haven't been paying attention.
1. Re:Security is about what you're securing. by Ruke · 2012-02-28 11:12 · Score: 5, Insightful
  
  Absolutely. There's no reason to have a conference be that secure. Spending an extra five-to-ten seconds per attendee checking badges would be a major disruption in crowd flow. The primary benefit of security at this event was to make the attendees feel special, and the secondary benefit was preventing overwhelming crowds. There's basically no reason to keep out any one person who's not supposed to be there; the panels are advertisements, and the information is as good as public. Security is in place to keep out crowds of people who aren't supposed to be there, and they seemed to do well enough at that.
2. Re:Security is about what you're securing. by ShakaUVM · 2012-02-28 11:32 · Score: 1
  
  I've been to enough conferences and simply walked into wrong rooms where other conferences were going on by accident, to be completely unimpressed by people "sneaking into" a conference that isn't the San Diego Comicon.
3. Re:Security is about what you're securing. by uncledrax · 2012-02-28 11:38 · Score: 2
  
  This.
  Plus the articles "guards" are near-min-wage employees hired by the conf organizer or the conf.center to just stand around and try and gate access some. They largely have no vested interest in the nature of the content or attendees.
  As for ComicCon, I think you'd have a harder time sneaking into a room at DragonCon since it's fan-run, not an industry show... those volunteers are putting in a lot of time for their badge, and if nothing else, they don't want to see someone getting what they have for free. (and yes, I've been one of those people)
  
  --
  ----- The internet has given everyone the ability to have their voice heard equally as loud.. even if they shouldn't be
4. Re:Security is about what you're securing. by ShakaUVM · 2012-02-28 11:48 · Score: 0
  
  Comicon is hardly impossible to sneak into, but they've stepped up security a lot in recent years. They check ID, put holograms on the badges, and the guards will most of the time demand you flip your badge over when you walk through the doors. And security really is all over the place. The con is a nonprofit and makes so much money, they can blow it on a thousand rent-a-cops.
  (The easiest way to get in is to buy one from a professional forger of badges on ebay, really.)
5. Re:Security is about what you're securing. by Mr.+Freeman · 2012-02-28 12:54 · Score: 3, Insightful
  
  Exactly, the entire point of a conference is to make things public, not exactly a security issue.
  
  And the author mentions something about "I could have installed keylogging software on a demo computer". Who cares? I guess he could have stolen the generic "admin/admin" and "tester/tester" accounts from all the machines. Unless someone is stupid enough to hook their demo computer into a real set of confidential data, this isn't a problem. And if that is, in fact, the case then it's the company's issue, not the conference's.
  
  --
  -1 disagree is not a modifier for a reason. -1 troll, flaimbait, redundant, overrated are NOT acceptable substitutes.
6. Re:Security is about what you're securing. by todd_is_not · 2012-02-28 13:24 · Score: 2
  
  Last year, my son (16 at the time) went to San Diego to see his mom. He went to Comicon every day for free. His mom, her BF, and my son's younger half brother all went at one time or another.
  They just asked people exiting for their badges. He thought it was pretty funny getting in with a girl's badge.
7. Re:Security is about what you're securing. by WalkingBear · 2012-02-28 16:17 · Score: 2
  
  Good point. If you wanted a security conference that secure, don't make it a conference. Just gather at a local bar and take over the back half of the place. Sometimes the best places to have private conversations is in a crowd.
8. Re:Security is about what you're securing. by Bazer · 2012-02-28 21:08 · Score: 2
  
  Security is in place to keep out crowds of people who aren't supposed to be there, and they seemed to do well enough at that.
  In my opinion this guy earned his way into the conference fair and square. If I were organizing a security conference and someone got past the security undetected then I'd assume they are part of my targeted audience. A booth with badges "If you got this far you get a free pass." would be a fine touch on an event like that.
9. Re:Security is about what you're securing. by aaaaaaargh! · 2012-02-28 22:29 · Score: 2
  
  Absolutely. There's no reason to have a conference be that secure.
  I can confirm that security is usually not very tight, but I'm not so sure whether I agree with your suggestion that this is also not needed.
  A long time ago I once worked at the IFA for a big telco company---not as a promoter or salesman but as the guy who cleans LCD screens. (They weren't touch screens but apparently people still love to touch them with greasy fat fingers.) There was no security at all. As long as you were wearing a T-shirt with the right logo on it, you could do just about anything and go just about anywhere. Nobody ever checked our security cards and at the time we arrived everything was wide open.
  I'm an honest person but other people stole just about anything from bumber stickers, over watches, to several expensive laptops. They also had this bar were you could have a drink mixed by staff hired from the best and most expensive bar in Berlin. After work everybody went there and the guys continued to mix anything you wanted for hours. The head of the marketing agency responsible for the event was not amused when they found out what was going on near the end of the show. As it turned out, every single drink was billed and the marketing company blew their budget by something like 30000 Euro in drinks only. Still, nobody really cared. The only consequence was that the bar was closed earlier during the two days and there was a sign somewhere saying "Take care -- deconstruction crew is stealing laptops."
10. Re:Security is about what you're securing. by jmv · 2012-02-29 02:25 · Score: 1
  
  You don't get it. It requires no special skills or anything. When I go to conferences, there's almost always a day when I forget my badge and get in without anyone asking questions. No need to even hide behind others or anything. They just trust that the people who want to attend will pay the registration.
  
  --
  Opus: the Swiss army knife of audio codec
11. Re:Security is about what you're securing. by Anonymous Coward · 2012-03-06 15:49 · Score: 0
  
  Wouldn't work. I'd scoop up a stack of free passes, then walk outside and sell them.
  Yes, I'm one of *those* assholes.
Why? by hipp5 · 2012-02-28 10:59 · Score: 5, Insightful

You'd think that, of all events, security conferences would have tight security.
Why?
I suspect the cost/hassle of doing more than basic security outweighs the benefit of catching a few people who didn't want to pay the $100 conference fee. I doubt the information being presented is secret and needs protecting. And I imagine of all conference organizers, the organizers of a security conference would have best grasp on this security cost/benefit.
1. Re:Why? by slew · 2012-02-28 11:26 · Score: 4, Informative
  
  You'd think that, of all events, security conferences would have tight security.
  Why?
  I suspect the cost/hassle of doing more than basic security outweighs the benefit of catching a few people who didn't want to pay the $100 conference fee. I doubt the information being presented is secret and needs protecting. And I imagine of all conference organizers, the organizers of a security conference would have best grasp on this security cost/benefit.
  Of course in many conference venues (like the moscone center where the RSA conference is held), you must use the approved contractors that use local union labor to handle things like setup, teardown, electrical, network installation, theatrical services, and security. You don't really get to customize stuff like this too much, so security is probably exactly the same as any other conference at the same venue.
2. Re:Why? by TubeSteak · 2012-02-28 11:38 · Score: 2
  
  I doubt the information being presented is secret and needs protecting.
  He got onto the expo floor while it was still being set up.
  If he had walked off with laptops unattended booths, that could represent a major security threat to whatever company he was targeting.
  If he had walked off with the laptop of a presenter, that could easily represent unpublished exploits ripe for immediate use.
  
  And I imagine of all conference organizers, the organizers of a security conference would have best grasp on this security cost/benefit.
  The organizers have very little to lose from thefts, because they don't have much that can be stolen.
  Their risk profile is very different from that of any particular presenter, booth owner, or attendee.
  
  --
  [Fuck Beta]
  o0t!
3. Re:Why? by Kagato · 2012-02-28 12:28 · Score: 1
  
  Spot on. Conferences have notoriously bad security. The guys manning the door are usually temp workers or low wage security guards. They have very little incentive to go the extra mile. If anything, they are there to challenge entrance by anyone who doesn't look like they belong. (i.e. Homeless vagrant, teenagers who keep walking on the lawn, etc.) Your average rock concert will have much better security.
4. Re:Why? by Anonymous Coward · 2012-02-28 20:26 · Score: 0
  
  I have worked confernces where the hotel provides a locked room with security cameras. "Don't worry it will be safe in here". Guess what responce you get when everything of value is gone and you catch people with keys (probably hotel staff) cleaning the room out at 3 AM on the cameras?
  Sorry, we are not responcible for your items
5. Re:Why? by Anonymous Coward · 2012-02-28 20:34 · Score: 0
  
  You'd think that, of all events, security conferences would have tight security.
  Why?
  Well, obviously the entrance guards will require using public-key authentication. If you forgot your private key, you aren't getting in.
6. Re:Why? by ggraham412 · 2012-02-29 02:04 · Score: 1
  
  They need to protect all of those bagels and cream cheese.
7. Re:Why? by hipp5 · 2012-02-29 13:15 · Score: 1
  
  I suppose that's a little worse, but even if they had stopped him would that have solved that particular risk? I mean, if the risk is of a laptop walking off from an unattended booth, someone who WAS permitted to be there (say another booth operator) could just as easily take it.
Large Concerts by war4peace · 2012-02-28 11:01 · Score: 5, Interesting

You can easily sneak into large concerts, gigs, expos, whatever if you have a cap with a TV station logo, dress shabby and carry a large video camera. If you don't have a camera, a set of cables or a tripod would do just fine. Badges? No need.
I used to work for a local branch of a known TV station, I had access to an old training video camera at all times. Every time there was a gig I wanted to attend to, I went to my workplace, grabbed that camera, went to the gig, got in, left the camera in one of the the tech rooms, achievement unlocked. Sometimes I brought my girlfriend in by letting her carry a microphone. We even interviewed a security dude just for the kicks.
So yeah, it's easier than expected.

--
...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
1. Re:Large Concerts by Hentes · 2012-02-28 11:14 · Score: 1
  
  But why bother when a ticket is much cheaper than a camera?
2. Re:Large Concerts by oodaloop · 2012-02-28 11:17 · Score: 1
  
  Badges?
  We don't need no stinkin' badges!
  
  --
  Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
3. Re:Large Concerts by camperdave · 2012-02-28 11:24 · Score: 2
  
  But why bother when a ticket is much cheaper than a camera?
  Who says its cheaper? I bought an old over the shoulder video camera for a couple of bucks at an auction. Tickets to some venues can cost ten times what I paid for the camera.
  
  --
  When our name is on the back of your car, we're behind you all the way!
4. Re:Large Concerts by CanHasDIY · 2012-02-28 11:26 · Score: 1
  
  But why bother when a ticket is much cheaper than a camera?
  Or even better, a clipboard and a black t-shirt that says STAFF on the back.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
5. Re:Large Concerts by Anonymous Coward · 2012-02-28 11:30 · Score: 0
  
  Because a (valid) ticket only works once.
6. Re:Large Concerts by AK+Marc · 2012-02-28 11:35 · Score: 1
  
  They look at the tickets. The "Pink" ticket doesn't work for "Lady Gaga" but the camera works for both.
  
  --
  Learn to love Alaska
7. Re:Large Concerts by k6mfw · 2012-02-28 12:44 · Score: 1
  
  , I had access to an old training video camera at all times. Every time there was a gig I wanted to attend to, I went to my workplace, grabbed that camera, went to the gig, got in,
  This may work for another five years or so. I can access events with my over the shoulder ENG camera, or attend choice spots at parades. However, cameras even for news stations are getting smaller. More of them are packing the "Fisher Price" cams and getting same size as consumer cams. Old school of large camera = expensive-ENG-must-be-a-real-newsguy, new school large camera = old technology. Yes, pack a $60K Panasonic with P2 cards and the techies will say "old technology!" It may become packing a shoulder cam would be interpreted as archaic as packing a CB radio.
  I recently saw an anchor and his ENG person, anchor was a large old guy and ENG person was a young small lady. Opposite of what you would find from a news station. I asked her about trends of cameras getting smaller, she said small cameras don't have the stability. Let's see what five years will bring. But bring a tripod, ***required*** for good shots with small HD cameras.
  
  --
  mfwright@batnet.com
8. Re:Large Concerts by LurkerXXX · 2012-02-28 13:44 · Score: 1
  
  But bring a tripod, ***required*** for good shots with small HD cameras.
  You should try one of those mini-steadycam rigs.
9. Re:Large Concerts by evil_aaronm · 2012-02-28 14:07 · Score: 1
  
  Not all events are the same. I've experienced "camera man rock star" treatment for a number of events, but some, like NYS wrestling finals, have a list of approved camera men, photographers, etc, and you have to beg for credentials to get on the list because they do check. Even if you're on the list, some places hassle you, anyway.
10. Re:Large Concerts by war4peace · 2012-02-28 14:23 · Score: 1
  
  Um, you buy ONE camera for 300 USD and can go to say 50 concerts with it. That's a shitload of saved money on tickets, my friend.
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
11. Re:Large Concerts by mug+funky · 2012-02-28 17:53 · Score: 1
  
  i think until the current crop of camera folks are all dead, it's going to be shoulder cams.
  but given what gets broadcast, you could ENG today with an iphone.
12. Re:Large Concerts by k6mfw · 2012-02-29 04:10 · Score: 1
  
  >large concerts
  I think some concerts will stop you as they may not want video recording of performances outside their own staff. Although there are others (i.e. up and coming bands moving out of garages) will want you to record and get their name out into the masses.
  
  --
  mfwright@batnet.com
13. Re:Large Concerts by Anonymous Coward · 2012-02-29 09:11 · Score: 0
  
  They look at the tickets. The "Pink" ticket doesn't work for "Lady Gaga"
  Oh, are those different things?
14. Re:Large Concerts by war4peace · 2012-02-29 12:11 · Score: 1
  
  The idea is that their "own" staff is so large that you fall unnoticed. Everyone seems to think you're in the other team (like main team, backup team, roadie, groupie, whatever).
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
Security by geekoid · 2012-02-28 11:01 · Score: 1

is about risk.
There is no black and white demarcation.
An important lesson many people in the modern security business seem to forget.

--
The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
1. Re:Security by mallyn · 2012-02-28 17:24 · Score: 1
  
  Risk management is one of the key elements of the CISSP exam. Yes, that boring stuff is very important in the corporate security world. Don't minimize it.
  
  --
  Most Respectfully Yours Mark Allyn Bellingham, Washington
The security you're talking about... by Anonymous Coward · 2012-02-28 11:01 · Score: 0

The security you're talking about it's not the type you think.

Now, if it were a bodyguard conference, maybe. But it's network security not building security or police security. It's also a conference, not a classified meeting. So I don't understand why they should have very tight policies, then it's an event open to public.

Just saying.
1. Re:The security you're talking about... by Sulphur · 2012-02-28 12:21 · Score: 1
  
  The security you're talking about it's not the type you think.
  Now, if it were a bodyguard conference, maybe. But it's network security not building security or police security. It's also a conference, not a classified meeting. So I don't understand why they should have very tight policies, then it's an event open to public.
  Just saying.
  This is not the security you are seeking. Nothing to see here. Move along.
2. Re:The security you're talking about... by oldmac31310 · 2012-02-28 15:54 · Score: 1
  
  That's what I thought!
  
  --
  http://www.acetonestudio.com
3. Re:The security you're talking about... by Anonymous Coward · 2012-02-28 16:11 · Score: 0
  
  These are not the droids you are looking for...
Snuck into Defcon once by Anonymous Coward · 2012-02-28 11:04 · Score: 0

My first Defcon I didn't know what I was getting into, so I thought before paying the conference fee I would check it out. Checking it out turned into three days when I realized that anybody worth their social engineering salt was not paying :)
1. Re:Snuck into Defcon once by titanium93 · 2012-02-28 11:34 · Score: 1
  
  You should have just worn a tuxedo and said your Enrico Pallazzo.
  
  --
  Sigs are for losers
2. Re:Snuck into Defcon once by tnk1 · 2012-02-28 11:58 · Score: 1
  
  That or they got their company to pay for it and didn't care. In that case, it's actually better to pay, otherwise your finance department thinks you're just trying to get a free trip to Las Vegas.
OpSec by Anonymous Coward · 2012-02-28 11:05 · Score: 0

This is called "Operational Security" I am sure all the vendors were all about crypto and wireline/wireless security so it's not that embarrassing. A real achievement would be to access customer lists from one of the machines in the expo floor via the wi-fi network.
Like I once heard "SSL is like hobos sending letters via armored cars."
1. Re:OpSec by Anonymous Coward · 2012-02-28 13:12 · Score: 2, Funny
  
  PantSec- That's what I call my belt
not surprising at all by Anonymous Coward · 2012-02-28 11:07 · Score: 0

Really? this isn't surprising at all. the point of the conference is to share information, sell product, network with like minded and make a buck or two at the same time. what would you have them do, issue prox cards, setup access readers, post armed guards and install turnstiles? security measures are supposed to be commensurate with the risk based on the vulnerability to the value of the asset. value is low, vulnerability is moot, therefore risk is low. and this kind of press is actually free marketing, pure gold, you're a tool.
The RSA Conference isn't protecting secrets by DragonWriter · 2012-02-28 11:08 · Score: 3, Informative

The RSA conference, like most industry conferences, is in very large part a sales conference for industry products. There's no reason for it to be particularly secure (obviously, they want to maintain some security to maintain ticket prices and the marketing value of the information gathered along with those sales), a few extra people coming in without paying isn't a huge deal (whereas intrusive security measures that inconvenience legitimate ticketed attendees would be.)
Its not like the conference presents eyes-only sensitive material that only ticketed attendees are cleared for and that there is some danger to the conference sponsors if anyone outside gets wind of it. Just because its a conference about security practices and products doesn't mean that it somehow has any particular high-security needs.
1. Re:The RSA Conference isn't protecting secrets by Anonymous Coward · 2012-02-28 11:26 · Score: 0
  
  However, in this case they are selling something *else*.... security. If someone can sneak in like that what does it say about your product that you are selling?
2. Re:The RSA Conference isn't protecting secrets by Anonymous Coward · 2012-02-28 11:37 · Score: 1
  
  That's like saying that if I'm in the business of selling guns, and I don't shoot my customers, I'm demonstrating my guns are low quality.
3. Re:The RSA Conference isn't protecting secrets by ThatsMyNick · 2012-02-28 12:10 · Score: 3, Funny
  
  Says guy who has never tried shooting a customer! Try it next time and I can guarantee people will swarm for your guns.
4. Re:The RSA Conference isn't protecting secrets by colinrichardday · 2012-02-28 12:10 · Score: 2
  
  Are the people who organize the conference the same as the people who sell the products?
5. Re:The RSA Conference isn't protecting secrets by DragonWriter · 2012-02-29 14:11 · Score: 1
  
  If someone can sneak in like that what does it say about your product that you are selling?
  Since an important part of security planning is usability and scaling defenses -- especially those that impose significant costs, whether direct monetary costs or impositions on legitimate use -- appropriately given the probability and scale of harm expected from a breach, what it says that you don't go overboard in hermetically sealing your sales conference is that you have some clue about security planning.
"sneak" into a sales presentation? by mindcandy · 2012-02-28 11:21 · Score: 5, Insightful

RSA 2012 is basically a big sales presentation.
To suggest sneaking in is a big achievement is like saying you got into BestBuy a few minutes early one day to shop for TVs.
Journalist tricks by jjp9999 · 2012-02-28 11:22 · Score: 1

Journalists do this all the time (good ones at least). My favorite is holding a walkie talkie to your ear and waving in acknowledgment to the guards (with a slight nod) while walking in. It's better to wear dark glasses for this one.
1. Re:Journalist tricks by colinrichardday · 2012-02-28 12:19 · Score: 1
  
  What would the Evil Overlord say?
  http://www.eviloverlord.com/lists/overlord.html
Researchers != Security Folks by systemeng · 2012-02-28 11:22 · Score: 1

The security researchers inside the conference are no doubt very aware of security. The security hacks that implement the security for such conferences: not so much. Same problem with security everywhere.
Duh. by Anonymous Coward · 2012-02-28 11:27 · Score: 0

The "security" at the RSA conference is the same "security" at CES. They aren't RSA people..they are event location employees. I go by them all the time for reasons..just say you are a speaker or something like that. They'll wave you right by...
It's a marketing event by Anonymous Coward · 2012-02-28 11:35 · Score: 1

We're not talking the internals of a bank here. It's just a big marketing event. The whole idea is to get more people in to see what's for sale.
"Breaking in" to a marketing event isn't something to get excited about.
pt barnum? by dirty_ghost · 2012-02-28 11:35 · Score: 1

fooling some of the people all of the time.
lost and confused some times can get you past peop by Joe_Dragon · 2012-02-28 11:43 · Score: 1

lost and confused some times can get you past people or if you get caught just act like you have the wrong building, wrong date, wrong conference.
Security responsibility by eyenot · 2012-02-28 11:45 · Score: 1

I think security guards should be ready to be assertive and aggressive in securing a portal. If you're one of two guards and you've been given a post at two propped-open double doors, or any other very wide entryway, you should tell the boss to gather you up some form of corraling and queueing the incomers or else a way to partially block the entry, with a nice covered table perhaps.
Also, security guards should sign to responsibility for losses or threats incurred due to someone slipping past.

--
"Stratigraphically the origin of agriculture and thermonuclear destruction will appear essentially simultaneous" -- Lee
Umm.. no security conferences should not be by Anonymous Coward · 2012-02-28 11:47 · Score: 0

Security is everyone's responsibility. It's a common misunderstanding that techniques, methods etc should be kept a secret. /oldbie Infosec manager with a lawn to protect
even the subway may not check that close with big by Joe_Dragon · 2012-02-28 11:55 · Score: 1

even the subway may not check that close with a big group moving though.
A stadium just let out the station was packed and I like could of flashed a out of date / used ticket and they would likely not seen it or would of not tried to stop you if you did have a bad ticket.
Some times even on trains where you pay / check tickets on the train they can get so packed they don't even get to all the people.
When you have a big crowd moving in a small space some times fully checking cards / badges takes to much time.
All you need is a clipboard by MrEricSir · 2012-02-28 12:00 · Score: 4, Funny

I used to carry my shopping list on a clipboard, but I had to stop because people kept asking me questions about various products or where to find things. It was funny the first few times, but after a while it started to get old.

--
There's no -1 for "I don't get it."
1. Re:All you need is a clipboard by veganboyjosh · 2012-02-29 08:25 · Score: 1
  
  I live in Boulder, CO, and there's a walking mall downtown, where lots of tourists and locals congregate to shop, eat, hang out outside. Which brings about the petition signature solicitors. It's completely legal to ask folks for signatures, but as a local who has spent more time there than most tourists, it starts to get old being asked by every petitioner on the block if you have a minute for their cause.
  
  One local business has started offering clipboards that one can check out for free, with some papers clipped on and a pen attached via a ballchain. This is for locals who want to walk down the mall for short errands or to grab lunch or whatever, and not be hassled by the other petitioners.
The homeless often get into RSA too. by xxxJonBoyxxx · 2012-02-28 12:45 · Score: 2

I've been going to RSA now for many years, both as an attendee and as an exhibitor. By Thursday you'll see the occasional homeless woman (almost always female) going up and down the aisles grabbing all the candy, clothing and electronic widgets she can find.
Furthermore, I've never had to pay to get in. Simply mention an IT job title to a sponsoring vendor or sign up on a sponsoring vendor's web site and you can get a free pass months in advance.
Color me unimpressed by this article.
1. Re:The homeless often get into RSA too. by Anonymous Coward · 2012-02-28 15:05 · Score: 0
  
  occasional homeless woman (almost always female) p>
  
  I'd think the male homeless women would be worthy of their *own* conference.
2. Re:The homeless often get into RSA too. by Anonymous Coward · 2012-03-08 09:44 · Score: 0
  
  By Thursday you'll see the occasional homeless woman (almost always female)
  It'd certainly be unusual to "see the occasional homeless woman (almost always male)...
Re:even the subway may not check that close with b by maxwells_deamon · 2012-02-28 13:02 · Score: 5, Interesting

I was on the commuter train in San Diego. It was run mostly on the honor system but you can get a ticket if you can't show you have paid. It was packed and there was bairly room to stand
Two police officers jumped on and about 1/2 of the people (most looked like students) suddenly remembered it was their stop. Suddenly you could even sit down,
He pen tests what? by nitehawk214 · 2012-02-28 13:12 · Score: 2

he is in the business of "pen-testing humans"

Is that not called "rape"? :)

--
I'm a good cook. I'm a fantastic eater. - Steven Brust
Easy if you know what to do by autocracy · 2012-02-28 13:12 · Score: 2

Hell, I joined the Ops team at Shmoocon this year without any credentials or signup. I tell you that isn't part of their plan. http://storyinmemo.com/?p=48
I spent a day at my first DEFCON missing my badge and managed to keep going all over the conference. Every year at DEFCON I make it a point to get into a guest-listed party that I didn't have access to. Why would RSA be different? I guarantee the DEFCON goons care more and the RSA ticket funds aren't going to making the conference more secure.
Their cost / benefit for tightening things down would be basically nothing.

--
SIG: HUP
It was the doctor by oldmac31310 · 2012-02-28 15:30 · Score: 2

It wasn't just any old 'badge though, it was psychic paper...

--
http://www.acetonestudio.com
Sometimes just just suck you in. . . by mallyn · 2012-02-28 16:34 · Score: 3, Interesting

Folks:
It gets worse.
You don't even have to voluntarily sneak into a conference
Some of these conference security folks are such a joke and hotel layouts are messed up that you can end up in a conference even if you never intended to go to that conference.
I booked a night at a hotel in San Francisco once. I arrive on my bicycle after a long trip. I just wanted to check in, go to my room, and shower and *crash*.
Well, I ended up at this stoopid keynote reception with a bunch of suits. I was in lycra shorts and tee shirt.
***No one*** challenged me nor asked me if they could help me. I looked **utterly lost, tired, and miserable**.
After about 1/2 hour, I finally found the darn reception desk and checked in.
After a shower and a 6 hour nap, I got up to get something to eat.
And ended up in their stupid **banquet reception**.
I gave up and found a restaurant outside and ate
Sometimes I wonder if these conferences actually want to suck you in and get lost.
Just a tired bicyclist after 50 miles of 95 degree dusty heat wanting a little cool rest.

--
Most Respectfully Yours Mark Allyn Bellingham, Washington
1. Re:Sometimes just just suck you in. . . by Skapare · 2012-02-28 17:10 · Score: 1
  
  ***No one*** challenged me nor asked me if they could help me. I looked **utterly lost, tired, and miserable**.
  You were obviously seen as a non-threat in that condition.
  
  --
  now we need to go OSS in diesel cars
Bears anyone? by Anonymous Coward · 2012-02-28 22:04 · Score: 0

Mwahaha, who thought that the real honey pot would work. Smoke and mirrors, smoke and mirrors...
What does this job involve? by Muros · 2012-02-29 01:38 · Score: 1

Human penetration tester? Sounds interesting...
PHBs should never ever have root credentials by Medievalist · 2012-02-29 02:20 · Score: 2

Tell the PHB you're here to rebuild the Transverse Array of Chronicled Objects on their Structured Hierarchy Instancing Test Suite. I bet he gives you root "in case you need it."
Are you mad? Never let a PHB have root. Give him a fake account and password and tell him it's better than root, only the VIPs can have it because it's so powerful.
I love your body, Larry. by Anonymous Coward · 2012-02-29 04:28 · Score: 0

Everything I need to know about disguises and being where I don't belong I learned from Fletch...
"I'm afraid I'm gonna have to pull rank on you. I didn't want to have to do this. I'm with the Mattress Police. There are no tags on these mattresses."
check-guards per hallway instead of per room by peter303 · 2012-02-29 05:13 · Score: 1

to cut costs. And if you look like you belong- the right age and clothing for the meeting- they may ignore you. I've snuck in to hear single talks by a friend. I didnt want to pay a multi-hundred dollar fee for that priviledge. I do pay if attend more of a conference.
DEFCON badge hacking "honorable mention" by Anonymous Coward · 2012-02-29 06:34 · Score: 0

I remember when DEFCON first moved to the Riviera and had large, white badges with LED arrays (the first of DEFCON's electronic badges, I think). Some guy got an honorable mention at the "Hack the Badge" contest because he'd been able to get by the hotel-provided guards (union rules or something prevented the goons from performing this function) with his own "badge." That "badge" consisted of a rectangle of white plastic with the work "HUMAN" written on it in with a black Sharpie.
Sherlock Holmes by pgpalmer · 2012-02-29 12:01 · Score: 1

"The art of disguise is knowing how to hide in plain sight." http://www.youtube.com/watch?v=mgJonrtCk0M