Here are some of my planned conference submissions that I thankfully abandoned early in the process:
"Increasing Security Awareness Using Wall-to-Wall Counseling"
Most security awareness training is less effective than it could be. Introducing a physical reminder component boosted our compliance levels up to 450% (but did necessitate a new carpet from time to time).
"Zero-Day Exploits For CP/M"
There are critical risks to data integrity for every enterprise using WordStar. Help us get the word out about these frightening vulnerabilities that have been around for DECADES.
"A Meta-Discussion on Meta-Talks at Security Conferences"
A disturbing trend in security conferences is meta-talks that have nothing to do with, like, pwning stuff. Burnout, sexism, career advice, economics, recruiting, food, exercise and other presentations, usually on what's wrong with the security industry, are replacing actual knowledge transfer involving shell scripts, cookie abuse and lockpicking. Our whole community is in danger of extreme navel-gazing. This presentation aims to point out the meta-risks of meta-talks.
"On a New Certification For Security Professionals"
We can't possibly take ourselves, or each other, seriously in the security industry without certifications. The current ones are not fine-grained enough to depict the exquisite subtleties of arcane knowledge that make us so proud to be in this business. In this presentation, we will propose a new certification model with 25 levels and over 18,000 separate certifications to remedy this granularity problem. (And all of them start with the letter C!)
After many years of research, we have discovered a new weapon in the battle against intruders: musical ports, in which services migrate every few seconds to new port numbers so that they can't be found and exploited. This is done to the system administrator's choice of music (or you can leave it on the default setting, which uses streaming dancehall reggae). Every so often, when the music stops, one service that can't find an open port is arbitrarily terminated. The end effect is a much more secure infrastructure.
"The Original Internet Privacy Threat: Your Mom"
You think you can still fight for your privacy? Privacy is deader than you know. Your mom built the Internet, punk, and not only has she been monitoring all your activity, she's got Google alerts on you and has a network of other moms planted where you least expect them. She thinks it's really cute how you change pseudonyms every so often, by the way. And since you're reading this, she'd like to remind you to take out the garbage and brush your teeth.
"It's Probably Okay, Don't Worry About It"
Security isn't the problem that people think it is. Chill, folks. It's just ones and zeroes. You're just getting everyone upset with all this bogeyman talk about APTs and insider threats and whatnot. Relax, open up the firewall to let it breathe, and embrace the Internet.
Cross-posted from Idoneous Security