After visiting several computer security events and being impressed by the energy and the open exchange of knowledge, a small group of people dreamed of creating a hacker conference of their own. After much hard work, BruCON was born.
Benny K., one of the organizers, comments that an event like this was absent from the “land of beer”. With all other Belgian information security gatherings having a strong commercial undertone and, according to some, missing balanced research, the BruCON announcement was met with enthusiasm both online and offline. Soon volunteers began gathering in Brussels and organizing the minutiae of what was to become an important event for the European hacker and security research community.
It’s worth noting that this conference is made by the community, for the community and everyone’s input is taken into consideration. Some may think that this approach can alienate sponsors and make sure that the presented is not up to scratch with other security conferences that have rich corporate backing, but as I’ve witnessed first hand, this couldn’t be farther from the truth.
Months of hard work and coordination came to an end last week, when BruCON opened with two days of workshops followed by two days of lectures, lightning speeches, classes and informal gatherings of like-minded individuals interested in the intricate details of the world of information security.
Unlike other events that are largely shaped by commercial sponsors that even have the power to prevent certain presentations, BruCON intends to welcome technical speeches that may be turned down at some events. In a conversation with Eric Filiol, who presented on cyber attacks, I realized how much some speakers welcomed this sort of gathering. With their studies being rejected at other events where organizers brim with fear that sponsors are not going to like them, BruCON has the unique possibility of bringing together cutting edge hackers that may not even want to submit to events that are enshrouded in a corporate veil or predictable talks.
The event was held at the Surf House in Brussels, a monumental concrete dwelling that evocates images of Orwell’s grim 1984. On the inside, it is one of the most comfortable and visually pleasing conference venues I’ve visited in the past decade. Since BruCON had one track this year, all of the talks took place in the main auditorium.
BruCON was definitely an international conference, with 300 attendees from all over the world. The talks covered a lot of different ground and topics, including cryptography, social engineering, SQL injection, cyber warfare, botnets, hackerspaces, kiosk hacking, and a lot more. Some of the material has been prepared exclusively for this event and won’t be available elsewhere which is definitely another good reason to attend next year.
Between talks, attendees gathered in the Hacklounge, a one-of-a-kind area that looks like like a set for a movie about hackers. Those of the old school certainly appreciated the retro feel of the space where you could play arcade games. The same space hosted our meals, the EFF charity auction, and served as an all-around meeting place where attendees met many of the faces they only knew in the virtual world.
It was a distinct pleasure to meet some seriously clever individuals who I knew mainly through Twitter. Social networks do help people meet and stay in touch, but there is still nothing that can replace real-world interaction. To that effect, BruCON delivered (and then some!) as the networking possibilities proved to be first-rate.
What would a hacker conference be without a challenge? PDF analyst extraordinaire Didier Stevens was one of the designers of the Hex challenge, where the first prize was an Asus netbook. The quiz was intended for all levels of expertise and included topics such as the history and culture of hacking, penetration testing and reverse engineering.
BruCON is a gathering of security aficionados that shows towering promise. For those who attended, the air in the halls was filled with curiosity. Finally, a European event that delivers well-crafted information security knowledge in an informal atmosphere where the only important things are knowlege and networking, no commercial strings attached. Don’t you dare miss BruCON next year!
For more photos from BruCON see our coverage: part one and part two. To be informed with details of BruCON 2010, consider joining their announcement mailing list.