If your interested in physical security, red teaming, lock picking and being with some friendly and inspiring hackers and infosec people then OzSecCon is for you. Everything about this conference was well run and I had an immensely enjoyable time. A huge thank you to conference organizers, ill be making the trip every year its on <3.
It was mentioned in the opening notes that the OzSecCon conference was pleased to be attracting and including in the more "digital" security folks and sharing the red team and physical security world together . It got me thinking a bit that besides the odd talk and a lock pick table at some of the security conferences I have been too there isn't much bringing these two groups. Well mission accomplished! From hanging out at the breaks and after parties it definitely attracted a wide range of people from all professions and interests :)
The conference was run at the Melbourne Polytechnic West Heidelberg campus and allowed the conference attendees access some exceptional spaces including workshop facilities and tools which would normally be well out of reach for the average hobbyist lock picker all with then right supervision and people to help you use the facilities safely and learn if you were new.
Conference talks wise I was super amped to see @HydeNS33k from Walmart keynote and Auras Logan Woods & David Tredger talks on red teaming. Its super valuable for someone on a blue team to hear these war stories and get a better insight into the mindset and tactics employed by a red team during an audit.
Having this perspective helps me especially think about how I talk to other people if we are doing security awareness messaging / training being armed with some real world examples of things to be looking for.
@attacus_au gave an excellent talk about facial recognition technology and some of the initiatives people are working on to defeat it. Beyond camouflage (I was happy to hear the Vaporwave aesthetic is great for this) and other techniques this included a call to action to speak out against using this technology in ways that overreach and hurt our rights to privacy.
I had gone to OzSecCon get some learns as a 'newbie' lock picker but never once picked up an actual lock. That's because aside from the talks I ended up spending a significant amount of my time at the Google tamper evident seal challenge.
I've not done many CTF's like this before and was instantly hooked. There was an exceptional vibe of people working on different ways to beat tamper seals, steal items from mail bags or move seals from one place to another undetected. It was so much fun!
I was pretty happy to have placed 10/70 contestants in the tamper seal CTF and in awe of some of the people further up the ladder especially (including a few fellow Kiwi's , congrats on 5th @Phage_NZ).
There is a fantastic write up and walk through by conference speakers Mos and Boo you should checkout if you were playing too.
A huge thank you to Google and hosts who were on their feet all weekend making this a great competition and event. Kudos goes out to: Ben Low, Grace Nolan, Evengy Shatokhin, Tom Hennen, and David Wearing, you made my conference!
Well done OzSecCon. It was fun, safe and I learned stacks and had a absolute ball. Also shout out to the team who put a huge effort into the electronic badge, as a ex hardware guy I know this was huge ... its my first electronic hacker con badge so its hanging somewhere special at work. See you next year.
Much love @SparkleOps