It may be the lack of sleep but I’m unimpressed by the keynotes so far this year.

Bill Gates + Craig Mundie, MS

• We’ve made mistakes in the past but now we get it.
• Acronym overload: SDLC is also Secure Design Life Cycle, not just Software Development Life Cycle.
• IPv6 is going to enable micro trust domains and put users in control. No mention of the massive pain managing the various rights over time will be.
• Vista has a lot of neat security features. For example, it will help you manage multiple online personas and payment profiles.

Art Coviello, RSA/EMC (and later Joe Tucci)

• The bad guys are really smart and capable but don’t panic. There is a $1B industry in trading stolen identities.
• Now that we are part of EMC we really care about securing not just perimeters but also the data. Please buy Centera, Symmerix, etc. Also, EMC just acquired Valyd Software.
• Security will move from static to dynamic with more intelligence in grant/deny policy decisions. Patterns analysis (EMC’s SMARTs technology) will become very important in decision making.
• Defense in depth means you can never buy enough security products.

I was looking forward to Thompson’s keynote but had to leave for a meeting.