MadSec1 report

* by popular demand - in two weeks we will not have MadSec2. We might have MadSec0 or MadSec1.4 but not MadSec2.

* otherwise the meeting went fine. It seems that cat5 and weirdo tshirt are not good enough (esp. when I seat in a corner and it's dark), as quite a few people could not find us. Also, getting table for 2-15 people is hard at The Old Fashioned - we are relocating to the Angelic Brewing Co.

* about 10 people showed up. We had people working in hospitals, university, utility, healthcare, manufacturing and internet infrastructure (like CAIDA, just cooler).

* topics (rough)
- web app testing
- content filtering
- funny travel stories
- access enablers (developers, sysadmins) vs. us (IT Security Roadblock Dpt) vs. users
- futility of technological measures to prevent information leakage
- funny car breakage stories
- password guessing
- beer is good
- java sucks, perl is horrible (Ed. no it's NOT!), Python rules
- what do we want pylint to do
- How MapReduce is cool, but Hadoop sucks
- Misc other stuff

* references, the ones I remember
- assessments: wikto and the rest of sensepost's warchest
- wireless work: Matador consulting
- site and mailing list covering security metrics securitymetrics.com

More to come.