BSides RDU Live Stream

uh North Carolina there are other really great conferences around here um uh also awesome um Charlotte is actually happening tomorrow and on Sunday so check out those conferences so check out those conferences so quickly [Music] this is the main track next to us in this room this is where our sponsors our ocl and community orgs room two is basically catacorner for where we are that is where lunch will be served drinks and snacks are going to be in this room directly next to us along this wall there is a hallway and there's track two three our green hat Wireless Solutions shoot house and our ever sex CTF all those will be along that wall so we have some special thanks that we want to give today for all the people that help organize this as well as everybody that is involved with uh setting up you know different stuff that we have so Patrick Wiley uh green hat uh Solutions Wireless shoot house thank you um Renee she's done our AI design which is beautiful and I love it and I loved it the moment she sent it to us um Josh demoling was helping with sponsorships Bill Harrington our website hoshon Marshall you'll see him running around today he's helping with our volunteers Susan Paskey she is our basement con organizer um Tyler you'll see him he's at registration he's been uh doing core team he's also managing the catering and the after party Joe shotman who's over here in the corner helping out with avian networking Chuck Kessler he's been a godsend this year thank you um and then me but don't worry about that part that's not it I would like to invite Steve Myrick Jeff and Patrick up to the stage we have some very these are very special people and if you've been to b-sides before besides argue you know that every year we have a CTF and every year we have a lockpick Village and every year we have a hack of Jeopardy and it's because of these guys right here so thank you thank you you guys are amazing part of this so b-sides RDU has changed throughout the years and we've had a number of designs and different things so this is just you'll see these on the slides throughout the day but these are some of our logos artwork Etc that we've had throughout the years we have some great pictures here these are just more pictures throughout the years but ultimately um what we want to say is that b-sides has been wonderful our community is wonderful we want to continue to grow keep coming back thank you guys so much with that being said we have one more special guest that we'd like to introduce Jack Daniel who is one of the co-founders of security b-sides warning no slides you get slides later I thought about it but yeah you don't need slides um this is the 10-year anniversary 10 years ago a group of people made b-sides RDU happen and it has continued to happen that year Army trained reminded me last night that year besides RDU shared the spotlight with two other events to be the 100th b-sides event today you are all part of the 883rd b-sides event since we did what we thought was a one-off event in 2009 and it's worth kind of stepping back and thinking about how that happened and how we got here by the way if you haven't had enough coffee we're here right places I'm going to give you the really short version of why I do what I do and have done it decades ago I was a mechanic and I ended up in the parts department because it's one of the first apartments that got computers in the car business first it was accounting because of money and second it was Parts because of inventory decades ago and I wasn't afraid of the computers so over the course of years because more and more computer crap until one of the first Apartments because of inventory decades ago the computers if your infrastructure was built on Windows 98 and Windows NT you learned about security whether you wanted to or not um and if you had a you know an aptitude for it you probably drifted in that direction and if not um well who knows if not you found something else to do because yeah you uh you went elsewhere and I had no budget so I discovered some user groups in the area one in Providence and then one in the Boston area and uh the old-timers there helped me out a lot and then I would do something like an upgrade to exchange and tell what went wrong and what went right and we'd answer questions and then one thing leads to another and I started sharing what I was learning once I was you know further down my path and that just snowballed into more and more user groups and getting engaged with conferences because I couldn't do what I was doing and I wouldn't be where I am if it weren't for the people that helped me along the way and shared what they knew and that's how we get to where we are today that's how you move forward um you know one of the things you will always hear me say is um you know we're in this together there are a lot of things that make us compete uh we have a lot of ndas and other silos that keep us from sharing as much as maybe we would like to but we're all in this together so anyway with a backdrop of you know what most people understand is in 2009 people were whining on Twitter um that was it was actually kind of cool back then um it was already on the downhill slide but anyway uh about the talks that got turned down and that's what a lot of people know is talks got turned down we looked at them and said there's too bad there's no place for these but you need to know there was a background to that which was that a lot of us were really frustrated with uh the larger more commercial conferences um RSA used to be a hardcore photography comedies right it was privacy cryptography and it evolved into what it is now which is important for the industry but it's not our Vibe for those of us that have more of a hacker mindset even if we are securing Industries securing businesses working in Vendor Landing uh black hat Jeff had always called the sellout conference and it was designed to be a commercial conference he had just sold it to ubm who was struggling to figure out how to maintain a community Vibe worked with volunteers um but the commercialization that was back when they were still at Caesars and so the venue was a real challenge so with that backdrop we saw talks that didn't quite fit elsewhere but we thought this will be interesting to some people maybe not hundreds um too bad there isn't a place for them to talk hey this is a great kernel of an idea but it shouldn't be on the stage the big stage yet too bad there isn't a place for someone to give this talk get some feedback maybe even mentorship and do something cool with it right we also saw some that were just you know Val Smith gave a great uh hacker Saya tribe that was wonderful I don't know where it would fit maybe skytalks at death when it was like these things don't fit elsewhere we made it happen we made what we thought was a one-off event happen and it happened because people came together I had not met most of the people there in person we just got together and we made it happen and shared what we knew and learned from that and people wanted more uh so a little bit about that you know um can we see again anybody's for how many people in your first b-sides event this warms my heart it really does these sides should be welcoming these sides should be growing I used to do something corny I will not do the full thing now but a lot of events talk about their Founders Circle well besides is a growing organization if you expand your house you expand your building you need to expand your foundation so everyone in this room whether it's your first time or your 50th is part of the Founders Circle you're the foundation of b-sides you should feel welcome here you should make others feel welcome here pretty straightforward right right and then you should have conversations you should feel like you're here to participate in the community in the conversation and if you do that then you further strengthen the community which this crowd as you've seen Ashley put up there has a tight-knit community bring more people in that's one of the challenges some of us old farts have is we start to get a little insulated with the people we know and love and uh you gotta rumor kind of open it up by the way warning I'm a hugger I don't hug without off but without okay but if uh if anybody needs hugs today when you see me cool I also do you know fist bumps handshakes uh gentle knot of the head if you're not into contact UM so that's that's pieces I wouldn't be you know people wouldn't know who I was if it weren't for b-sides I I you know used to Vlog several dozen people would read my blog um I get far too much credit because it's people like the crew that you saw up here and a lot of people that helped make this happen that are at the registration desk and elsewhere it's the sponsors speakers volunteers and it's everyone that comes to be part of the community so I'm going to give you a little bit of a rundown of where besides is um the short version is b-sides has been everywhere except right here the blowhole of the globe um Antarctica uh We've yet to do that but what what is b-sides done um earlier this week Belfast Northern Ireland St John's up in Canada Talon in Estonia that was their second event Oslo Norway at events today uh Tirana and Albania Singapore Idaho Falls and right here that's the the multi-way tie for event number 883 from what we thought was a one-off event um 227 cities in 62 countries around the globe they're a handful of Firsts on the line and it's because people hear about this they enjoy it they share the word bring it to their local community the the idea is this should be easy to run if you're thinking about starting a b-sides reach out to us uh reach out to me and and I'll guide you and the one thing I will tell you is start small and grow into it uh if you look around if you're not familiar with what it takes to run a conference uh ask people who've done it uh you grow into it but it's because people have thought I'd like to do this here right that's that's how this started over a decade ago and the first one happened a decade ago is there's a conversation it's like well why don't you do a b-sides and well here we are um that's probably enough to say I will you know I will just say that there are um event 900 will happen next month event 1000 will happen by the end of next year doesn't matter um this event is here today you're here today so it won't be in Cambridge and England tomorrow we'll be in joyle fasola and Brazil you're here today make the most of it share learn uh and then I will leave with a typical Uncle Jack closing the tech is cool but take care of yourselves and take care of each other we're all we've got and I don't know if you've noticed but life seems to be getting a little more challenging lately past few years has been a little weird on a whole bunch of fronts uh and that the final bit of advice I will give you is that um I said take care of yourself and take care of others in that order it's best not to focus all your efforts on taking care of others to avoid taking care of yourself it works for a little while but you just put off taking care of yourself and that's really bad um don't ask me how I know but believe me I do with that I'm gonna get off the stage for somebody who actually has cool stuff to say I'm going to take my globe and go no um I'm gonna sit down and listen the opening you know Alyssa thank you all hey everybody before we get to the cool stuff Alyssa um I just wanted to jump up here real quick I'm Chuck one of the conference organizers and thank you everybody for being here it does take a tremendous amount of effort to put something like this together literally a Year's worth of work leading up to today and um yeah we just have some amazing sponsors amazing sponsors amazing volunteers making this happen so uh yeah okay and I'm sure as we go through today we're going to have a few little uh bumps along the way so just be patient with us as we get through that um but again just thank you for everybody being here thanks to our sponsors and thanks for our volunteers so yes I was just going to do a really quick intro for Alyssa and uh just read your bio officer everybody knows who you are so Alyssa is a hacker who in her pre-teens bought her first computer in hack her way into paid dial-up Community platforms she grew up in a hacker culture finding her hacker family in IRC Channel starting her Idol losses um when an I.T while in it was not her original career plan she ended up working as a developer and later a pen tester in the financial services industry it's amazing how that works a lot of us never started out in infosec or cyber security and you know our past lead us there over time so that's one of the things that's always fascinating to me about how people get into this industry there's no one way to do it but as she moved into Consulting her focused defending technology systems in personal privacy grew to a point where she was advising Fortune 100 companies on how to build comprehensive Security Programs Melissa is now at a New York based at new based epic Global she's very much a hacker to this day and she's built on that identity to grow career she is an internationally recognized public speaker and author of the cyber security career guide and she's an advocate for helping others make a career out of their passion for hacking and security I think as a lot of us are here today she's also proponent for the open sharing of ideas and perspectives on improving our technology technologically connected world so with that yes we're officially going to start the cool stuff and bring Alyssa up here so thank you and I think you're just plugging into that yes well first of all thank you I mean I think after the length of that bio that I don't even need to give a [ __ ] um let's find enough cord to plug in on the right side of it simply says a laptop no one knows there's two monitors maybe oh good not what we wanted this is the problem when we you know this is why we love technology right because well you know it never really does what we really want the first time around and there's a reason for that somewhere someone told me there was a reason for that so all right so first of all hello let's do this the right way hey b-sides or like there I know it's early I know one more time hey b-sides Jack they need drinks we'll get there all right so first of all I'm excited to be here I'm kind of sweating this impending storm we've got I don't know how much that's gonna do here but I saw this morning now they're talking 45 mile an hour winds that sounds fun this is what I came to Raleigh for but uh so you heard the long bio but I want to actually dive into this I want to talk to you guys a little bit about yo as Doug mentioned you know kind of the ever we all have our own unique story we all go different places and it's interesting how we get here so I'm going to start with a little bit of an origin story I was that kid how many of you were that kid you know what I'm talking about right four years old you're taking apart all of your toys because why why'd you take them apart you wanted to see how they work why not because it's there yeah like I mean that was cool look there's like a circuit board and there's some wires and a bell I wanna I wanted to see what that was how does this how does this phone thing work how what is the magical thing that I can hear someone's voice on the other side so that was me like many of us you know it took apart my toys my family's technology which my parents loved when they brought home that brand new VCR and it wasn't pieces the next week hey it went back together it worked just fine there were only three extra screws all right come on I did okay but it's that mindset that drives kind of that hacker mentality we hear about and you know one of my good friends Jason Street talks a lot about how you know hackers aren't criminals all right you know we're we're artists and in creatives and inventors it's what we do because we want to understand technology we have this driving urge and that was me so at 12 years old I got my first job like a lot of people it was a paper route now there's probably some people in here have no clue what I'm talking about people we used to like deliver newspaper Ed up at your doorstep and someone somewhere thought it was cool let's pay a bunch of 12 year olds to run around at six in the morning and put these on people's doorsteps I see some handsome people did this yes so I saved up a bunch of money I had over a thousand dollars now imagine a 12 year old with a thousand dollars what can a 12 year old with a thousand dollars do lots of things but I went to Best Buy that was my first computer this was 1989. okay so you can do the math you can figure out how old I am I got it I know I dated myself but we were already there with the newspapers right so 12 years old bought my first computer why because I love technology I wanted to see how this stuff works I saw Mr Wizard on TV doing you know different science experiments on computers and drawing pictures and things it was I wanted my own computer we had computers at school but you know in 1989 people did not have these things in their homes today we carry three of them around in our pockets at once so it didn't take long you know I had the computer well then I I bought a modem to go with it because I heard about all this these cool dialogue communities in fact you got the little discs you all remember these are most do you remember them the AOL Prodigy Etc so I found my way into prodigy cool 25 free hours and what's the problem for 12 now you know almost 13 year old when those 25 hours run out well back then and I think even now most 12 and 13 year olds don't have credit cards it's kind of hard to sign up for an online service but I liked taking technology apart so I went to the library and started reading up on books about uart and reading about serial comms and modem communication long story short it ended up finding what today we would call vulnerability in the client side of this and basically discovered that the only validation for your sign it really happened on the client side once you were logged in cool so that was easy to bypass we were in Golden 12 year old found our way to get free prodigy so that's where it started but then the internet came along and I now a teenager was one of those teenagers who was kind of the the freakets at school you know not a lot of people to talk to who really understood why the heck I was so interested in computers and ones and zeros and all that stuff but I found my way into IRC and you want to talk about my formative years spent in Undernet various channels doing various things including slapping people with large trout I found my hacker Community there we talked about all the stuff we were playing with in the coolest part of the whole damn thing nobody knew who anybody was didn't know your gender didn't know your ethnicity didn't know any of that we didn't care we just were all into technology we had that driving desire that we just wanted to know how this stuff works we wanted to play with it we wanted to talk about it we want to talk about all the cool things we did to it yes some of it by today's standards would have been criminal activity I mean you could argue at 12 years old that was probably engaged in some criminal activity talking about this community that we see at b-sides it stems from these worlds and that is a community has meant the world to me my entire life because in those years when I had few friends I was I was bullied at school like a lot of us were they were the people that got me and we understood each other so now let's fast forward a little bit I go off to college I think oh I'm gonna get into pre-med so I go to Marquette University three semesters of college level chemistry said Melissa pre-med's not