A story of a practitioner, dreaming back to Las Vegas

Editor's note from Leifeng.com: As the two most famous hacker conferences in the world, Black Hat and Defcon are the top conferences that many security professionals aspire to attend.

When spring has a perfect ending, midsummer is about to begin in the gardenia. Everything is just right in July. The city is like a child with a high fever. The sun is always unwilling to set above the head. The tail of spring is hidden in the moving green leaves. The streets are still filled with hot air. Everything seems familiar. Sitting on the plane to Las Vegas, the fields, villages and time are constantly flying in front of me. In a trance, it seems to have returned to the spiritual journey many years ago. This is the hands and feet of time, and the story of memories. I once again remembered what I once said: Why not give yourself one last chance, run towards the ideal that may never be reached, and die on the road.

So, I embarked on the path of spiritual practice again, and in the name of safety, I once again set out towards my ideal.

To many people, Las Vegas is a desert miracle full of decadence and debauchery. Many years ago, when I was still young, I also labeled this city as such. However, due to two important conferences, this city has a different meaning. They are Black Hat and Defcon, which are the top conferences that countless practitioners in the security field aspire to.

This city, filled with the smell of alcohol and money, has become mysterious again due to the arrival of pilgrims from the security industry around the world.

The fatigue of flying cannot erase the yearning in the hearts of the practitioners. When they set foot on this land, they are greeted not only by the hot air mixed with the smell of sand, but also by the ideal that is within reach. No matter how many years have passed, every practitioner who comes here is young, full of the pursuit of advanced technology, and all the footsteps are the melody of youthful enthusiasm.

For someone obsessed with top security technology, every visit is of great significance. Everything I see seems to have just been salvaged from the sediment of memory, familiar yet full of the old and dilapidated flavor of history. However, the topics of the conference are so fresh and shocking. Every person standing on the podium is a hero who dominates the security world for a while. Everyone's ideal is to become such a person. After picking up the luggage, you can see the shuttle bus provided by HP for the Black Hat conference when you walk out of the airport. The bus is full of practitioners who come here to "learn from the scriptures". Everyone is looking forward to the most cutting-edge and top security technology. Because we are all learners, we had a great conversation during the period.

After getting on the car, we set off for the hotel where we were staying - Bellagio.

Bellagio, also known as Bellagio, is a high-end hotel, casino and shopping mall under the MGM Group. Facing the hotel is an artificial lake, so Bellagio is also the only resort hotel in the area with a large fountain. The fountain of Bellagio Hotel can be seen in any movie involving the gambling city.

Right above the hotel lobby is the famous stained glass ceiling, created by the famous artist Daru Zhiguli. Each glass flower is blown by hand, and it is a continuous piece, which is very spectacular.

It was already dark when we met the beautiful lady Garfield from Baidu Security BSRC. After running around for nearly a whole day, everyone looked a little tired, so we didn't plan our itinerary and prepared to go out for dinner.

As soon as we left the hotel, we caught up with a beautiful and spectacular musical fountain show. We stopped for a while to watch it. The hotel was brightly lit in the night, the streets were bustling and lively, the cheers of tourists and the hawking of merchants were in our ears, and the spectacular fountain also relieved a lot of fatigue.

After a casual walk, we had an authentic American fried chicken and French fries at a nearby restaurant. Although the local food is not as rich as that in China, it is also quite flavorful. The seemingly simple fried chicken is tender inside and crispy outside, which is plain and sophisticated. After the meal, everyone chatted together and discussed the schedule of the next few days' meeting. There were also some other high-sounding talks, which was very pleasant.

Due to the long journey, the group said goodbye after returning to the hotel, ending the simple itinerary of the first day.

The next day, everyone got up early and went to the main venue of Black Hat, Mandalay Bay Hotel. The hotel is located in the south of Las Vegas and is remote, so the group took a car to go there.

The hotel has the best swimming pool and artificial beach in Las Vegas. The magnificent exterior is a completely different world inside. Probably no one would have thought that such a place is the palace that countless people who seek safety seekers yearn for.

The venue was not difficult to find. After entering the hotel and following the crowd for about 2 minutes, we arrived at the entrance of the main venue of Black Hat. When we saw the familiar banners, everyone was filled with excitement. It is the dream of every security practitioner to be able to communicate with many top security experts in the industry. It can not only broaden your horizons, but also improve your own technical level.

I roughly looked through the conference agenda manual, which covers security issues in many fields such as Web security, smart cars, IoT, industrial control systems, etc. In recent years, topics such as IoT have frequently appeared at the conference. Black Hat is known as the temple of the security industry, and it must have its outstanding features. It has won this honor precisely because it can present high-quality topics that keep pace with the times.

Photography was not allowed at the conference venue, so we put away our equipment and started listening to the topic. We chose an industrial control system security topic. Currently, the domestic industrial control security architecture is still very immature and not highly concerned. Even in developed countries, it is still in the development stage and is not very popular.

In the security research in recent years, I have transformed from the initial research on Web security and client security to security architecture design and security solution design. I hope to learn from the experience of industrial control security experts from the topics, and then explore a more mature and reliable industrial control security architecture.

The topic detailed major industrial control security incidents in history, such as Stuxnet, Black Energy and other viruses that destroyed national energy infrastructure. The topic was very interesting because the speaker focused on how to perceive this type of network attack, and how to alert and protect against it, and boldly speculated on future attack methods and trends.

In my opinion, the security industry is developing gradually in constant confrontation. While we are researching new attack methods, we are also learning new defense methods. The two complement each other. Where there is attack, there must be defense. Therefore, such a comprehensive and multi-faceted analysis topic is very beneficial.

After the topic, the group went to the first floor to visit the exhibition hall of security vendors. Many world-renowned security vendors displayed their leading technologies, such as Cisco's ETA traffic analysis technology, RSA's identity authentication management technology, etc. It can be said that "a hundred flowers bloom" and it was eye-catching.

Before I knew it, the busy and exciting day was over. I dragged my tired body back to the hotel, but my brain was still excitedly replaying the day's scenes. I fell asleep with full expectations, ready to greet the arrival of tomorrow.

To be continued