On Thursday night Megan and I travelled to Canberra for our second BSides Canberra event. We attended our first BSides in April last year and had a great time. It’s also how we discovered locksport and it’s what got Megan interested in security more generally.
BSidesCBR had a different venue this year and we couldn’t have been happier with it. This year BSides was hosted at the National Convention Centre. We aren’t from Canberra so being able to stay close to the venue while not being stuck in the middle of no where was really good for us too.
The venue itself functions like any other convention centre, big halls, small side rooms and plenty of amenities including a cafe and bar. The chairs and tiered seating was significantly better than last year’s single level, less comfy chairs.
Overall we were impressed with the venue and look forward to going back next year.
The talks at BSidesCBR are always great with a core focus on technical topics. The talks and tracks were structured differently this year with there being one main track and only a few smaller talks in the Hardware Village. I didn’t enjoy this as much because it felt like if I wasn’t interested in a main track talk I didn’t have a lot of other options. I spent a few hours in the lockpicking area because of this, which was fun but I enjoyed the wider range of talks across multiple rooms that were offered last year.
Two of my favourite talks from this year were on reverse engineering and analysing malware behaviour.
On the first day I found “Deobfuscating JavaScript malware” by Adrian Herrera to be really interesting.
Day two had another good reverse engineering and analysis talk called “Sample 78: Deconstruction Of A Linux Adversarial Toolkit” by Christian Giuffre.
These two were informative, interesting and easy to follow given the content. If you get a chance to see these talks in the future, I recommend them.
A special mention must go out to Martin Hron for his talk about installing ransomware onto his coffee machine via forced updates.
Megan and I were both sick, her on the first day, me on the second. We didn’t get along to either of the after parties but I did hear good things. The people at BSidesCBR were friendly and welcoming last year and maintained that reputation this year.
Neither of us entered any of the competitions on offer but we did lurk around the CTF, Pwn2Drone and Incident Response challenge. All the reviews from people competing in these was positive and they sounded like a lot of fun.
Once again we enjoyed BSidesCBR and we’re looking forward to going back next year.
