My next in-person tech conference will have to wait a little longer

Next week was going to feature a conference badge and triple-digit temperatures, and now the only way I’ll get any of those things is if the forecast for D.C. turns out to be completely off.

Barely a month after I’d booked flights and a (refundable) hotel room for the Black Hat security conference, convinced that this security gathering in Las Vegas would represent my first in-person conference since February of 2020, I cancelled those bookings this week. Instead of flying to Nevada to take notes in the middle of a physical audience and then network in person at a series of receptions, I’ll follow the briefings online and then connect with nobody new as I have dinner at home.

It wasn’t any one thing about this conference happening in the middle of a not-yet-over pandemic that led me to bag this trip, even though I’ve been fully vaccinated since late May; it was all the things.

First, while I would expect most information-security professionals to evaluate their risks intelligently and therefore have gotten vaccinated long ago, there’s always going to be the exceptions.

Second, Black Hat is like everything else in Vegas in August in that it must exist in a series of air-conditioned bubbles. And while I wouldn’t have a problem wearing a mask while watching briefings, staying masked-up is a lot harder at a conference reception.

Third, Vegas has a giant tourist demographic that self-selects for poor risk management, raising the odds of me sharing an elevator or check-in line with some hard-partying idiot who has made pandemic denial part of his personal political brand.

Fourth, the city itself has a depressingly low vaccination rate, with only 41% of Clark County residents fully vaccinated. Seeing that many people spend that many months declining to use the best tool we have against the pandemic does not make me want to go to their city and spend my money.

The odds remain pretty low, as I understand them, that I would pick up the Delta variant of the novel coronavirus over those two days and change in Vegas. But when one of the people I’d see afterwards would be my not-yet-vaccine-eligible 11-year-old daughter, I can’t justify the risk posed by what strikes me as an especially bad scenario compared to any of the events I’m contemplating for later this year.

So even while I have resumed some business travel, it’s going to be a little while longer before I come home with a new conference badge to add to the collection that’s now been collecting dust for a year and a half.

Weekly output: Black Hat hacks and security fixes, T-Mobile news, self-driving-car security, voting-machine security, fear of robots

Most of this week’s copy was reported and written the previous week at the Black Hat security conference in Vegas. Considering my own frequently-elastic interpretations of deadlines, I can’t complain about editors with their own crowded calendars taking a day or two to give their full attention to my own work.

8/13/2018: Hacks of Macs, Microsoft Cortana are two more reasons why you should install updates, USA Today

I used this column to synthesize my notes from a few different Black Hat talks that intersected to yield the same lesson: You are safer overall if you install security fixes for your apps and devices when they arrive instead of playing IT department and deciding which ones should wait.

8/13/2018: What could T-Mobile uncap for its next Un-carrier news?, Fierce Wireless

I wrote this curtain-raiser for T-Mobile’s Wednesday announcement twice when a late reply from one analyst and my tardy queries to others led me to file a 1.0 version that would make it into Fierce’s mid-day newsletter. The one you can read now includes quotes from those additional experts–none correctly forecasting that T-Mobile would make its next big push better customer service.

8/13/2018: How two car hackers plan to keep GM’s self-driving cars safe, Yahoo Finance

The single most entertaining talk at Black Hat was this presentation from Charlie Miller and Chris Valasek. You may remember them as the guys who hacked a Jeep Cherokee in 2015 to seize control of it with Wired writer Andy Greenberg at the wheel. The two now work for the GM subsidiary Cruise Automation, and at Black Hat they explained how they plan to stop the likes of them from remotely exploiting Cruise’s fleet of self-driving vehicles–in part by removing such attack surfaces as Bluetooth wireless and the FM radio.

8/14/2018: There’s more to election integrity than secure voting machines, The Parallax

Another Black Hat talk gave me one more chance to take a whack at the WinVote voting machines that infested polling places across Virginia–mine included–for a decade. This time around, I checked back with a couple of the experts I’d consulted for earlier coverage of electronic voting machines and learned that both wished they’d paid more attention before to such separate election-integrity issues as voter registration systems.

8/15/2018: Robot workers or human employees, Al Jazeera

I got a request from my usual guy in AJ’s D.C. bureau asking if I could talk about the prospect of robots taking human jobs–both in the private and defense sectors. I was in Boston at the time visiting family, but that proved to be no problem. Instead of them sending a car to my house to take me to their D.C. studios, they ran me over to a studio in downtown Boston, where I did my talking-head duty (overdubbed live into Arabic) wearing one of my brother’s jackets. Since I knew I’d only appear on camera from the torso up, I didn’t bother changing out of the shorts and sandals I’d put on that morning.