So, It’s been quite some time since ExcaliburCon has been concluded, and I have been delaying this post due to some other work related activities that jumped on me right as I landed back home. Anyway, I’ll try to cover as much as I can remember (thanks to a cumulative photographic memory of all the speakers I can “remember” where we have been…).
Conference first: It was just great! No-nonsense, I have been speaking at quite a few conferences around the world, but this one really was special. From the organization, through the location and hospitality, down to the fact that we basically were less than a dozen (western) speakers hanging around all day (and night) which really was a great opportunity to make some new friends and strengthen existing friendships.
Talk wise, I have really enjoyed Nathan Hamiel’s “weaponizing the web” talk which I missed at BlackHat earlier this year – right up my alley of the past year’s research on MalWeb, and a great person in general to hang around with.
Later on Steve Topletz has been discussing intelligence on the internet and the superpowers that are engaged in it (with a strange kudos to a little country called “Israel”? Thanks Steve!) which was I’m sure an eye opener for a lot of people who were not privy to some of the data presented.
I also watched the Joe McCray deliver his “this is so easy” advanced SQL-Injection attack talk with the style we always expect Joe to deliver. Adam Laurie (Major Malfunction) has been wrecking havoc with his RFIdiots talk as usual (and in several other places where we hung around). Jordan Wiens made all this Capture-the-Flag stuff look like a big game (don’t think it is for a minute – the skill-set that a team needs to possess is just brutal, and the challenges are as hard as they are fun!). Jayson Street has been juggling with organizing the conference but managed to smoothly present his talk as well, and I can only say I’m really disappointed for missing out Chris Nickerson’s red-team testing talk (close to my heart and business), as well as Wim Remes’ Open Source Security one (one of the few true Unix guys out there and a swell chap overall 😉 ). FX did not miss his mark either as he delivered a riveting router exploitation talk (riveting for English speakers – not sure how the somewhat direct language translated to Chinese…).
Other than the conference, China has been a great experience – culturally, politically (don’t get me started), culinary (we got pictures – not for the faint of heart), and technologically (I told you not to get me started…). I have learned a lot (which should be the case for every trip and conference) and am sure to come back for more next year after WuXi will recover from the can of pawnage we have opened up there.
The rest of the stories may not be SFW and deserve a been to be divulged, so until then, keep safe!