When I was asked to come out to Quebec City for a conference called Hackfest.CA, I was interested because this isn't a conference I had heard of, and it wasn't on my radar normally. Additionally, the name suggests it's geared towards the 'hackers' and quite frankly, I'm fairly out of practice from that category... let me tell you though, I'm so glad I went and spoke.
Hackfest is in Quebec City, although not the friendliest to native English speakers (it's like going into Paris, for those of you who have been there, you'll understand what I mean), it's still a beautiful place if you can manage. Let me frame it for you this way, they translated the "stop" signs ... they're not even translated in France! Moving on ...
The conference was a great success, growing year-over-year, and packing the hotel venue. There were two tracks, one in English and one in French, and both rooms were packed for most of the talks, which was cool. I'll have to give the organizers kudos for finding interesting talks, which has proven difficult these days. Having speakers that are both interesting, and have good content is a trick not many conferences, particularly niche and local conferences, have mastered.
What really impressed me was the war games scenario on Friday night. I've seen several implementations of 'capture the flag' over the years coming from Interzone in Atlanta years back, all the way to some of the more complicated Defcon and the likes... but this was awesome in a new way. I recorded a podcast with Martin who was one of the guys who set it up, but here's a quick summary of the scenario.
I walked in to the room to where the Wargames was being set up to see several long tables filled with laptops, the lights down, and electronica music pumping. Each of the tables had a flag of some nation, and some servers/services on virtual machines in the back room. It was EPIC cool.
The way it was laid out is that each team was a country. They had to split into two groups, attack and defense, which were going to win points off the board. On the blue side, the defense, there were a few services like FTP, critical infrastructure and a web server (and others) which needed to stay up and available to maintain their points. They needed to learn how to harden and defend that infrastructure. On the red side, the teams needed to go out and take over the services of other countries to claim points off those other teams.
The team who built the wargames scenario went nuts, including having BGP setup, hidden Onion networks and services and all manner of cool stuff... the game ensured that the new folks learned and the experts taught and managed. The environment was friendly, welcoming, and the competition was intense - and I was impressed.
First, I recommend you get out to Hackfest.CA if you can make it next year. If you can, submit a paper, and help that conference grow... and if you're trying to learn what REAL security is like in a crazy, in-the-heat-of-the-moment environment, go play their war games.
Check out some of the photos from Hackfest.CA here, on my FaceBook page.
Great job guys, fantastic.
Cross-posted from Following the White Rabbit