Right now I’m sitting in the airport bar, reflecting on the great weekend that Megan and I have had at BSides Canberra 2018. This was my first cybersecurity conference and the weekend ended up having a few firsts for myself. I don’t want to write too much about this so will try to keep it brief and categorised to include: the talks, people and villages.
Hacking the human black box at #BSidesCbr18 is one of the funniest talks so far. Very informative as well! #BSidesCbr pic.twitter.com/xD4yaKlroK
— Nick Hayden (@haydos585) April 14, 2018
Being a conference, the talks are what drew me in and brought me along. Every talk that I attended over the weekend was interesting, the presenter quality was very good across all areas.
My personal two favourites were “Hacking the human black box”, which discussed Freedom of Information (FOI) requests, how to write them, the problems people can have and how to get the most out of departments that don’t always want to help. Elliot has a fantastic presentation style and gave a lot of very interesting information that all citizens should learn. I look forward to hearing more from him in the future.
Operation Luigi was the title of a blog post written by “Alex” that I’d read previously. I enjoyed reading the process he followed on his mission to hack into his friend’s various online profiles. I wholeheartedly recommend reading the original blog post and after BSides, finding the presentation on YouTube.
I just asked Megan what she thought her favourite talks were and I received an unexpected answer. Yuval from Adelaide University presented a talk on Spectre and Meltdown and how the team found the exploits, along with how they work. Yuval was able to take a reasonably complex topic and bring it down to a level that was understandable, even by non-tech people.
The opening BSides keynote by redacted was another great talk that really set the tone for the conference. The keynote was presented by a member of the Australian Signals Directorate and covered the various problems facing the whitehat and blackhat security communities.
BSides had a few villages this year that were a great way to spend time when we couldn’t find talks that we wanted to see. The lock sport village is where we discovered that Megan is a master lockpicker. The lock sport team were very helpful and keen to get people started. Megan and I both learned how to pick our first locks thanks to the team there. By the end of the weekend we’d spent probably 3 or 4 hours in lock sport village.
Hardware village is something that I didn’t really know much about as most of my life has been spent in pure software land. We were both keen to put together our BSides badges and needed to solder the pieces together. We didn’t spend much time in hardware village because it was towards the end of the conference and we were cleaning up. We heard a talk about Internet of Things (IoT) lightbulbs and how they function while we received some help on how to solder, something I hadn’t done before! In the end we were able to put together our boards and get them ready for when we’re back in Melbourne.
There were other areas of the conference we didn’t spend much time in such as the Capture the Flag and Incident Response challenges. We visited briefly but weren’t interested in competing so didn’t hang around too long.
As with most conferences, it’s the people that take it from a bunch of talks to a great experience and BSides is no different. Megan and I both attended the HackerChix pre-event drinks on Thursday night when we arrived and had the opportunity to meet a few of the people we’d see throughout the conference.
Everyone in the lock sport and hardware villages was incredibly welcoming and helpful to a few people that didn’t really know what we were doing.
Conference staff were friendly and happy to help anyone that needed it. Big thanks to those guys.
The final party on Saturday night was a good chance to meet more people and say goodbye before headed back to Melbourne on Sunday.
Yesterday the fantastic @meglouise picked her first lock at #BSidesCbr18! pic.twitter.com/2UbkFHMlLS
— Nick Hayden (@haydos585) April 13, 2018
Overall, we’ll definitely come back next year and we look forward to catching up with the people we met and practicing our lock sport. As a person pretty new to the cybersecurity industry it was really good to see so many helpful attitudes and willingness to work and learn together.
This #BSidesCbr18 laneway goes alright. #bsidescbr pic.twitter.com/O3R7P4cabi
— Nick Hayden (@haydos585) April 13, 2018