Saturday, May 6, 2023

BSides Austin 2023

After a Covid hiatus, the BSides Austin computer security conference returned as an in-person event. We enjoyed meeting people we had not seen in two-and-a-half years. The conference ran three parallel tracks and I blocked out some talks to attend but I spent the day near Laurel’s table supporting Kids First Uganda. It was time well invested, visiting vendors and watching attendees. I even met a recruiter who gave me a QR code to upload my resume. 

Three tracks with 24 sessions included cloud-focused phishing,
containing smishing incidents, attacking Microsoft Cloud,
mitigating malvertising, and "Don't Let Your Roomba
Sell Your Bank Login."


There was a BSides Austin virtual meeting on 2 December 2022 that I did not attend. In the past 30 months, I have been in several virtual conference chatrooms and they are a poor substitute. It is much easier and more comfortable to stand in an open hall just watching and waiting than it is to be in a chatroom by yourself. 



The conference featured a day of training on Thursday. (Laurel attended; I did not.) In fact, this year's theme was "Never Stop Learning." 


Organizer Janice Daquila-Pardo told me that they had 600 sign-ups and about 500 in attendance. The last full-scale event in 2019 tallied 700 attendees. We signed up late but got t-shirts nevertheless because of the no-shows. 



Locksporting (above) had two tables this time.
In addition to a wide range of key locks, there were combination
locks and even ziplocks to try your skills on (bottom right).
Next to them were the hardware hackers (bottom left). 
IT managers worry about clouds as services and they
seldom see the more obvious weaknesses.

History of BSides Austin

“The very first BSides in Austin was organized in 2010 by Jack Daniel and Ben Tomhave. This was the fourth BSides ever to be held, and it had about 30 attendees. In 2011, Michael Gough stepped up and took over organization of our local event. Even as he continued to manage the BSides Austin events through 2015, Michael also helped kick off BSides Texas in 2012, and was heavily involved in BSides throughout Texas (including Dallas, San Antonio and Houston). 

“Matt [Pardo; @ultraslogger] and Janice [Daquila Pardo; @bsidesaustin] have been running BSides Austin since 2016. BSides Austin has grown in that short time into a two-day event with around 750 participants. Our goal is to continue providing a fantastic event with great content and training for the information security community.” -- https://bsidesaustin.com/about/

Security Innovation sponsored this year's capture the flag contest. 
The website of this fictional bank had 30 vulnerabilities
and prizes went to those who found the most.
The overarching comment was: "It was harder this year
and the scores were lower."


Laurel and I have volunteered at BSides Austin and LASCON, the Lonestar Application Security Conference, both created and maintained largely by members of the local OWASP chapter. Laurel worked registration and I monitored the presentation rooms, taking head counts and thanking the speaker with a Starbucks gift card. We also presented. Laurel delivered on securing your home network with a Raspberry Pi and I spoke on physical security for data centers. 

For their conference swag, Blackhills Information Security
brought several games including interactive comics
and a complex card game (three decks). 

Our first computer security conference in Austin was BSides 2013 and then the benefit outreach was Hackers for Charity delivering to Uganda. Just about every white hat hacker gathering has some social engagements supporting local or international communities not usually served well by others. Laurel met Kids First Uganda through a cousin. She had quilts made from t-shirts from previous computer security conferences and those were offered for donated sale at BSides.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.