GrrCON 2016

By Greenjam94

October 12, 2016

October 6th & 7th was GrrCON. For those that don’t know, it is a security conference in Grand Rapids, Michigan. 2015 was the first year I started going to conferences and GrrCON was my first. That year I volunteered because it’s really hard for poor students to pay their way for the fun stuff. This year, I have a job that actually pays for me to go and learn about security.

Since I wasn’t volunteering this time, I got to explore a lot more of the con and see what goes on for everyone who isn’t behind the scenes. Last year, I was helping set up, getting there early, and got stuck at one spot hours. This time I was able to visit with sponsors, go to all the talks I wanted to see, test out the lock pick village and more. One thing that never changes is that I always have fun at GrrCON.

After attending the keynote speech on Thursday, I met up with friends from MiSec. One of the best reasons for going to a conference is to network. Twitter is one of the best places to stay in touch with your favorite hackers. However conferences are where you get to see them in person.

After networking and visiting at the MiSec sponsor booth I stopped by the lock pick village. I can officially say that I’ve picked deadbolt locks now, I’ve moved up from just being able to open padlocks. GrrCON had some amazing villages this year. The lock pick village switched up the challenges this year. Instead of the cage escape there was a race to free yourself from being handcuffed to 3 other contestants.

The other villages included IoT hacking, car hacking, enterprise hacking, and an osint (open source intelligence) CTF. IoT and car hacking were set up as demo’s which looked really cool. There was so much going on that the booths were always busy. The osint CTF was a challenge to find out the most information about two con attendee’s. Finding information like their DOB by using social media and more was the idea being the CTF.

Hacker Family Feud was a lot of fun as well. Amanda (@Infosystir) invited me to play along with Aaron and Adrian. I had no idea what to expect for some of the answers… but I do know I won’t be forgotten any time soon. One of the questions was “Name a 2015 vulnerability that was big in the media” and I froze when it was my turn to answer. The only media I’ve watched lately is Netflix. What was my answer you ask? “The Target hack”. While I didn’t get any points for that answer, I got some free drinks and candy for my attempt and left a lasting impression on the con’s organizers.

There were some great costumes, mature jokes, inappropriate comments and more at the hacker family feud. Due to recording restrictions, I can’t tell you more… if you want to see what really happens at night during GrrCON I only have one word of advice for you, get a ticket for next year!

A lot of my friends and mentors gave talks throughout the con. I attended as many as I could. The rest are recorded and posted on Irongeek’s website. You should definitely check it out and see what you missed.

Hak4Kidz made another appearance this year. From what I heard, there was an awesome turn out. Hak4Kidz held a all day workshop on Friday to get kids involved with ethical hacking. They participated in tech destruction, crpytochallenges, an online CTF, and more. One of the goals of Hak4Kidz is to include hacking into STEM programs (vote STEHM). It’s great to see the interest in sharing the “hacker” mindset with kids, or really, seeing how kids are going to improve our hacker mindset tomorrow. If you have kids or are interesting in helping out, check out their website.

There was a lot of great content this year. GrrCON has a collection of amazing speakers, staff, and volunteers that knock it out of the park every year. I have a lot of good material that I want to bring into work on Monday and share with my boss. Hopefully it will be a means to getting work to help me attending even more conferences next year.

One thing I want to attempt at the next conference is to sit down and attempt some of the challenges. It’s great to attend the talks and get so much information. However they’re also recorded so you can see them on your own time. Networking is important but that also isn’t exclusive. It can even help you win a challenge by asking for help or by joining up to create a team.

Lastly I want to say thanks to everyone who helped make GrrCON 2016 a reality. It’s awesome to have con like this thats so close to home. I can’t wait for next year, it looks like GrrCON 2017 will be on Oct 26th and 27th. Plan now so you don’t miss out! (There may be halloween costumes, be prepared)