Editor's Blog: Grey areas, honesty and naivety

silicon.com editor-at-large Will Sturgeon is blogging from the InfoSecurity show at London Olympia.

Some interesting goings on at InfoSec. The insider threat is preying on people's minds and this morning I've seen a very compelling demonstration of 'pod-slurping' (even though the removable media used was a USB key rather than the eponymous iPod).

Without touching a colleague's PC and doing nothing more pernicious than apparently asking the colleague to print a file from the key, Andre Muscat from security vendor GFI Software was able to steal all manner of data and passwords. Scary stuff, I'm sure, for some of the audience who no doubt see iPods, SD cards and USB keys knocking around their employees' desks each day.

Of course, the vast majority of staff might take a few liberties here and there with network resources but they're generally not acting maliciously.

Security of course has more grey areas than John Major's wardrobe (I'm nothing if not topical) and it's likely the hacker panel this afternoon will prove interesting.

One of the people due to attend, extradition permitting, is 'Nasa hacker' Gary McKinnon. It will be interesting to hear what could be his final contemplations on his fate before his open-ended trip to the States. silicon.com will be reporting on any interesting news out of that event.

Elsewhere, day three smacks a little of desperation - those who haven't enjoyed the coverage or the visitors to their stand they had hoped for are taking matters into their own hands. One vendor just broke into the press room and took his opportunity to tap up a few hacks.

"We've got probably the only genuinely new thing here and we really think you should write about it," he said - sounding for all the world like every other product manager who hasn't dealt much with the press.

"It could change the world..." he said, before adding somewhat counter-intuitively: "Seriously."

And of course it's a competitive show floor down there. The guys on the Clearswift stand haven't missed an opportunity to point out how lonely their closest rivals (both in industry terms and proximity on the show floor) have looked on what appears to be InfoSec's Marie Celeste stand.

The problem seems to be it is well enclosed with large leather seats - more akin to a fancy waiting room than the kind of stand you could quickly breeze through. So a word of caution: when planning your stand for any trade show the 'stop and sit a while' look doesn't bring in the punters.

And speaking to many vendors here it surprises me the level of enquiry from potential customers.

Shoppers could be forgiven perhaps for only now addressing problems such as securing IM or wireless but many are still at the baby steps stage.

For example, one shopper touring the stands has realised it's probably time he invests in 'some security' having thus far managed without. And this was apparently the IT manager at a company significant enough in size to be moving into a large central London location and planning a security 'upgrade' to coincide with the new premises.

Starting with desktop antivirus and working his way up he was keen to know exactly what he might need.

I imagine a number of very happy sales managers welcomed his enquiry, like a naïve shopper entering Blacks outdoors outfitters and saying 'I'm off camping in Dorset and have never been before, what do I need?'. I picture the poor soul being convinced of the need to buy the security industry equivalent of sub-zero sleeping bags, a tent fit for the peak of Everest and Calor gas stoves that would put the kitchens of The Savoy in the shade.

There's no part of me that thinks he will have been recommended the reasonable bare minimum.