44CON 2015

DSC_4703 (1)

I’ve not stopped since 44CON this year; I had to use every trick in the book to get the 2 days off (even though it’s a long standing commitment and was known when I started in this new job).

A month ago with work looking back to back I booked the 2 days off as holiday; that still hadn’t been agreed until the Tuesday before the event so it was right up to the wire; I only got tacit agreement to take the time off by ensuring a key delivery was made; so with that almost in the bag I spent Wednesday in the depths of a colo in central London racking, stacking and configuring production and test systems like a demon. I left that site at 21:30, drove the hire van back to Chiswick (dropping off some stuff at the office en route); I knew Chiswick was somewhat quiet and options to get back were limited so I blagged a collegues £10 uber voucher and used Uber for the 1st time. I am sold on the concept of Uber, the booking and payment etc was painless, the driver took me to 44CON via the office to collect my camera’s and I got into the community evening around 23:00.

Alas by that time I’d missed some friends I was hoping to catch up with (Ben I owe ya for the great T Shirts) and a few other peeps as well. I managed to continue my sober September that night and sneaked off to bed around midnight to try and catch some ZZz’s.

Thursday morning started with a nice breakfast (44CON food is most welcome if not calorific!) so a fried selection + danish or 2 later & a caffeine hit I was ready to start taking pics.

I’ve got to say from the start this years 44CON was much more refined than before; the team have got this down to a fine art and have taken on board so many lessons learned from previous years. So it was a much more relaxed environment and as such I found it hard to concentrate on the job at hand (to capture the event on camera [still]); There was a couple of presentations on both days I epically failed to get into due to my the frequent and in depth conversations with many friends and InfoSec associates from many far flung places.

Lunch on both days was welcomed and my only (trivial) complaint was there was no water jugs on the table, that really was my only issue, food was tasty and plentiful and company / conversations of an equally high standard.

There was a welcome change to last years DJ / MWR party, the bar was again well funded by the great MWR peeps but instead of the noisy and selfish DJ there was evening presentations #FuckFireEye! and also a couple of film options (the 2nd being bladerunner in blueray with a kicking sound system).

DSC_8007 (1)

The Fireeye presentation was eagerly awaited by many and it didn’t let anyone down; whilst it was limited by legal moves late in the day the presenter demonstrated (without infringing on their precious copyright of their interface)(cough GPL cough) and strung together a fantastic demo of bringing their kit to a root shell by sending two emails through it (it was such a blast from fail in the past many were shocked); the simplicity and the depth of the breach impeded only by fireeye being so heavy handed with the researcher and their failed attempts to play down the vuln to a DOS not drive by root exploit only reminded many of us of the fragile ecosystem that many of us live in; I commend the research and the ability of the 44CON event to ensure the presentation was allowed (even if not allowed to show the interface) and some of the system internals (no big loss).


I settled in after that to watch the first third of Bladerunner with fresh popcorn and a couple of beers before heading to bed to ensure I was capable of functioning on Friday.

Fridays talks were great and again due to having flit in and out of the talks (the downside of being the photographer) and again I managed to have some sensible conversations with friends (both new and old) and learned more in passing than I infer from a lot of the rest of the year elsewhere.

I couldn’t stay on in the evening (which is a shame) due to the pressing requirement to get home to $wifey and $offsprings but again want to say a massive thankyou to the core 44CON team for their efforts in the run up to the event plus the hard working crew who between them made the conference the best 44CON yet (imho).


Here are a random selection of some of the pics from 44CON (I cannot take credit for some of them, I had helpers!)

DSC_7989 (1) DSC_7955 (1) DSC_7951 (1) DSC_7945 (1) DSC_7931 (1) DSC_7914 (1) DSC_7904 (1) DSC_7900 (1) DSC_5421 (1) DSC_5408 (1) DSC_5393 (1) DSC_5377 (1) DSC_5333 (1) DSC_5326 (1) DSC_5311 (1) DSC_5299 (1) DSC_5291 (1) DSC_5284 (1) DSC_5281 (1) DSC_5261 (1) DSC_5254 (1) DSC_5239 (1) DSC_5237 (1) DSC_5235 (1) DSC_5229 (1) DSC_5193 (1) DSC_5192 (1) DSC_5186 (1) DSC_5184 (1) DSC_5171 (1) DSC_5160 (1) DSC_5136 (1) DSC_5133 (1) DSC_5125 (1) DSC_5117 (1) DSC_5108 (1) DSC_5101 (1) DSC_5096 (1) DSC_5087 (1) DSC_5049 (1) DSC_5024 (1) DSC_5023 (1) DSC_5019 (1) DSC_4991 (1) DSC_4988 (1) DSC_4985 (1) DSC_4980 (1) DSC_4964 (1) DSC_4953 (1) DSC_4948 (1) DSC_4939 (1) DSC_4936 (1) DSC_4933 (1) DSC_4929 (1) DSC_4915 (1) DSC_4909 (1) DSC_4904 (1) DSC_4866 (1) DSC_4861 (1) DSC_4860 (1) DSC_4851 (1) DSC_4842 (1) DSC_4836 (1) DSC_4832 (1) DSC_4831 (1) DSC_4810 (1) DSC_4778 (1) DSC_4772 (1) DSC_4758 (1) DSC_4750 (1) DSC_4723 (1) DSC_4721 (1)

Till next year!




Posted in #44CON, InfoSec | Leave a comment

SteelCon 2015

I sadly missed Steelcon in it’s first year and wasn’t going to make the same mistake this year so within minutes of the release I’d bought mine and registered Olly (my son) for his + afterparty tickets.


The cost was *really* low, I really didn’t expect very much in return apart from an opportunity to catch up with friends and colleagues, watch a few presentations and if lucky have a couple of beers with infosec mates.


I was massively and very gratefully blown away with what I/we got in return for a trivial ticket price!

To save some cash I pinged a very old mate (thanks Nathan!) and he was able to put us up for the event close to Sheffield, Olly and I drove up on Friday afternoon and apart from random traffic on the M1 got there in good time to head into the city for beers and initial catch up with SteelCon peeps.

A few beers later we got to the Roebuck Tavern and had a quick catchup over a burger and another pint; we didn’t stop out late as Olly had games to play and we wanted to be in a semi-sensible state for Saturday so didn’t make it a late night.

Saturday started great, the boy (for a change) let me have a bit of a lie in and we grabbed a great coffee before heading to Hallam Uni for the event.

We managed to enter via the back doors (who needs front doors!) and enjoyed a great bacon & sausage buttie before grabbing our shwag bags.

Robin had mentioned that I’d probably be envious of the boys haul, he wasn’t wrong..

I was chuffed to get a flat cap (badge for the evening fun) and a nice hand finished set of picks from Mad Bobs plus an rfid blocking wallet and sweets; the boys bag .. well …

He got a raspberry pi(B) plus a bag of bits (n00bs distro, wifi for the pi, keyboard, shield, hdmi cable & power & heat-sinks) sweets, more lockpicks for his kit and a wallet plus hat, stickers and couple of other bits. I was really impressed, it got better in that after the opening keynote Olly went with the other kids and joined the kids track to learn some basic python with the pi; I thinks it’s great to have a dedicated & educational track for the young hackers, I can’t show enough appreciation for Robin and the team making sure there is something for the kids, not just a crèche but an actual track laid on with great goodies to boot.

I managed to offload my prized MWR T-Shirt to this dubious chap


Who is somehow still allowed into Merika where he’s planning a road trip which will allow him to give the TShirt onto Jayson who in return has promised a selfie wearing it :)




I managed to watch a couple of full presentations before being grabbed by the boy to help him out. I spent the rest of teh day popping into other presentations (sadly missing Arron’s / Mo’s and a few of the others I was hoping to see) but I still had a blast; A great time helping Olly & other kids with their python then small programmable robots (good kit!) plus lock picking in the afternoon (Olly was a great teacher as well, he’s got a few years picking experience behind him now plus a few sets of picks of his own).







I’ve got to mention a great lunch laid on of sarnies, crisps, fruits and drinks plus ice cream. Good food goes a long way at hacker cons and SteelCon was up there with #44CON in setting a high standard for feeding the masses.

Yet another great thing was the book swap table, simple idea; bring your old books (primarily infosec or tech) and swap them or leave them and donate to a worthwhile charity, a great way of recycling and I applaud the concept.


The finishing Keynote from FreakyClown & Jessica was fun and we then went to the evening party for a coke or two for the boy and a red bull for me (I’d chosen to drive home rather than get pissed with peeps to avoid traffic and not be hung over on Sunday), we were treated to a fun bar with great northern fodder (pie, chips and t’gravy)(omnomnom), had a few good chats then alas departed during/missing FC & Jess’s quiz.



I really appreciate the effort by Robin & the crew plus fine sponsors and helpers to make SteelCon a shining example of a weekend, cost-effective and very friendly infosec conference tup north, it was awesome & then some! – very very highly recommended!

I look forward to next years as does the boy.







Posted in InfoSec | Tagged , , | 2 Comments