M³AAWG 58 Meeting in Dublin

By Peter Lowe
Friday, June 30th, 2023

Sadly, this year I wasn't able to join everyone at the Annual FIRST Conference in Montreal. By all accounts it was a brilliant time and I'm genuinely jealous of everyone who got to be there - especially the DNS Abuse SIG members who got to meet up in person.

However, this did leave me free to accept the generous invite I received recently to the 58th Messaging, Malware and Mobile Anti-Abuse Working Group (M³AAWG) Meeting in Dublin as a guest speaker, to talk about the DNS Abuse Techniques Matrix that was published earlier this year by the DNS Abuse SIG from FIRST. And it was absolutely great. I met a ton of people, learned a lot of new things, and had a blast at the social event.

M³AAWG is different to a lot of organisations I've been involved with in the past: it's more industry-focused, and has strict rules about sharing information outside of the events. I spoke to a lot of people about this, and I have to confess that at first I found it a bit surprising because of my background at some of the more open technical events I’ve participated in previously. But after talking to quite a few people, I can see that it makes a lot of sense (and actually isn't too far off how the DNS Abuse SIG itself operates): by creating an environment where confidentiality is a priority, people are more free to talk openly about privileged or sensitive topics without worrying about having to guard themselves. And in commerce, this is definitely something to be concerned with.

This held true throughout the meeting. Without exception, everybody I met there was friendly and happy to engage. I chatted to representatives of all sorts of organisations, and the number of subjects the sessions covered was really impressive. There were lots of hallway conversations, and I ended up making a lot of new connections and have several things to follow up on with people in the future - call me old school, but I do like exchanging business cards and I ended up giving out nearly half the stack I brought with me.

Some highlights for me covered abuse desk handling (which, although I'm not personally involved in that area, does have a particular relevance to FIRST), an overview of the current state of quantum computing in Domain Name System Security Extensions (DNSSEC), an impactful keynote on Child Sexual Abuse Material (CSAM), and ransomware. There were also some sessions covering a main focus of M³AAWG -- messaging -- which brought up a past life in the world of Email Service Providers (ESPs) for me.

The event organisation was very professional, and there was a lot of attention to detail from the excellent snacks and lunches, to the adjustable lanyards with handy pouches (and that didn’t flip around!), and even the helpful guides given out that fit neatly into a pocket. New attendees were well cared for - I had an assigned guide and at the first lunch (which I was late for) some of us got to meet each other at a table set aside for newcomers. Honestly though, the atmosphere was so inclusive that I didn’t feel like a newbie most of the time. I certainly did get the “first day conference fog” at the end of day 1, though!

One thing I liked in particular was the “Open Round Table” session format. This is where attendees pick a certain subject and allow people to rotate between areas where it can be discussed. It felt a little bit like technical speed dating (is that a thing?) where you got to discuss something for a short time and then go onto the next area. As a way to collect a range of opinions from a diverse group of people, this seems like a great idea and not something I’d seen before.

M³AAWG and FIRST recently announced the signing of a Memorandum of Understanding - basically recognising each other’s work and missions, and pledging to work together in the future. Part of my goal at M³AAWG 58 was to further this - establish better lines of communication between the respective groups, and help foster collaboration in the future, as well as just let people know a bit more about FIRST if they weren’t already familiar. We’re all on the same side, working to make the internet more secure for everyone and act as communities for people to band together, and I do feel that we’ve been making important progress on these fronts.

Overall, it was a valuable experience and I am very grateful to have been invited. If I ever get the chance, I’m certainly going to attend again - and I’m considering signing up as an individual member just for myself and future events.