I did miss BlackHat this year (argh!!) and DefCon (ARGH!!), so I am reading all the trip notes that various folks are posting with 2x (4x, if you count DefCon :-)) interest. Thus, here is one fun post-BH post on Security Incite blog: Black Hat: The Sessions Security Incite: Analysis on Information Security
"Finally it's also clear to me that we need to start some discussions about how to blow up the status quo of security. If there was one thing that was abundantly clear is that fixing holes is not the answer. The people presenting their research can break networks and applications in MINUTES. We've got to start from a blank slate and really rethink the problem space. "
I often feel the same way nowadays, but many solutions that are proposed to 'address this' are kind of naive (like, "let's educate software developers and/or users", etc) So, will this blog post present an answer? No, but it is something I am thinking about :-)