2025-10-24 –, Talk 1
A lot has changed since the 80s. Gone is the boom box with a cassette tape. You have a Flipper Zero instead of a magstripe writer. Forget ISDN: you can get better than an OC-24 at your house for less than your long distance bill. Viruses don't put random text on your screen, they shut down hospitals. But you know what hasn't changed? The CFAA. It's about time we look at how our laws can transform the incentives and move us beyond the cyber-vandalism era to respond to real threats with real defenses. Let's stop wringing our collective hands about evil hackers, and get real about how it actually works.
I'm sending a policy talk here mostly because Sen Wyden has established Portland as one of the most important constituencies in infosec policy. But this is also near to the heart of any hacker who hated what happened to everyone from Aaron Swartz to Marcus Hutchens to Paige Thompson and beyond, and anyone who's watched security programs get cut to the point of ineffectiveness and then experienced a preventable breach. I previously briefed democratic congressional staff on this topic.
Falcon (MBA, M.Sc., B.Acc.) is an infosec generalist currently managing product security at Aiven.io, and has over a decade of purple team experience at dozens of firms across a variety of industries. He does systems work, whether the systems are human or computer, and is as at home setting up a security program as figuring out how to verify application code, show immunity to an attack class, or model attackers across the value chain. He will be starting a PhD this winter at Dartmouth working on practical applications for LangSec.