CactusCon 2018

This weekend, I attended our local hacker conference in Phoenix, CactusCon. While this might not be one of the big ones, it is really starting to grow. The organizers expected around 1,000 attendees this year, but ended up with final numbers around 2,200, with about 350 of those being kids.

Investing in Our Future

The kids were a big focus at CactusCon this year, with a separate CactusCon Kids area in a smaller building across the parking lot. In the Kids building, children were given the opportunities to build computers, learn to solder, write computer programs, and even pick locks. After successfully completing several of the challenges, they were able to participate in an escape room, where they had to use the skills they had learned in order to get out of the room.

I appreciated the measures they took to secure our children as well, although they may have been a little more extreme than what was really needed. Parents and children were given a blacklight stamp on their hand, with matching numbers that were only used once. It wasn’t possible to get into the Kids area without one of these stamps, which may have been overkill, but they were also not letting children out of the area without an adult whose stamp matched the one on the child’s hand.

Getting in the Door

My only real complaint about this year’s conference was the way they handled registration. With the Kids area in a separate building, they had registration set up in two locations, and only one of those had the badges for the kids. This just created confusion on the part of both the attendees, and the volunteers. In the end though, if this is the worst problem they had, I’d call it a successful conference.

What About the Adults?

As much as there was for the kids, there was plenty of conference to go around for the adults, too. There were two main panel rooms, with talks on topics ranging from red and blue team tactics, to cryptomining, and even mentoring those who want to get into the community.

One of my personal favorite talks was Weaponizing Your Pi presented by John Freimuth. While I didn’t get to see the whole talk (see above mention of confusion at registration), it was a lot of fun seeing some of the ways you can use, and conceal, a Raspberry Pi for various intrusion and data collection operations.

Automation and Open Source: Turning the Tide on Attackers was another interesting talk I attended, in which John Grigg went over some open source tools you can use to automate cybersecurity. This talk covered aspects from detection, to analysis, and remediation, and how various tools can be used to free up your engineers and analysts for the “human touch” aspects they need to focus on.

HeatSync Labs hosted a hardware hacking village, where you could assemble and mod your electronic badge, if you were lucky enough to get order one before they ran out of paid registrations. For the second half of Saturday, they could flash your badge to install the game for the year, which had a leaderboard displayed in the hardware hacking village.

In the room next to the hardware hacking village was a lockpicking village, which was definitely one of the most popular places to be. I never got the chance to try my hand at any of they locks they had, although I got pretty good with the ones in the CactusCon Kids building as I was teaching my kids to pick locks.

There were a number of other great talks this year, some that I had to make the hard decision not to attend in order to listen to another talk. I will definitely be attending again next year, and am interested to see how the conference grows. This year saw almost twice as many attendees as last year, and it wouldn’t surprise me to see that kind of growth again next year. In a few years, I could see CactusCon competing in size with the likes of DerbyCon and even DefCon.

Like what I have to say? Share it!

Leave a comment

Your email address will not be published. Required fields are marked *