
Security Conventions - Zeklandia
https://grugq.github.io/blog/2014/05/11/the-episode-17/
======
epicaricacy
Personally, I don't mind when security researchers go "on tour" and redo their
Defcon talk at smaller Cons. Not everyone can afford to travel to Vegas. Not
everyone wants to spend their limited vacation time on it. Watching it on
YouTube is not even close to the same thing as being in the audience and
getting to ask questions.

Con talks should not be presentations. They should be conversations. If I just
wanted the content I can watch the replay on YouTube or you could have saved
us all a lot of time by writing a whitepaper.

Cons are not all about the talks. I love a good CTF. I love going out for
drinks and just bullshitting with like minded security professionals for a
couple hours. I love meeting new people in the field. I love when people do
dumb shit like hack the menu at the restaurant that was dumb enough to use an
iPad for their menu in a town full of hackers.

An hour talk is the format for giving someone a high level introduction to a
new topic or technique or technology that they have little to no experience
with. It's deeper than a blog post, but lighter than a white paper. If you
really want to turn a newbie in a reverse engineer, or something similar in
scope, that depth probably should be a one week bootcamp, or a structured
multi-week course (online or in class room).

