BSides Knoxville 2018: The Guide

What you need to bring: Nothing! Not even a QR code — we’ll register you by the name you used when you registered for a ticket.

What you might want to bring:

  • Business cards — this is a good opportunity for networking or job hunting!
  • A small notepad and pen for any ideas or reminders you want to jot down during talks. Of course, you could just use your smartphone for this.
  • A laptop, if you want to participate in BSides’ first CTF. More details below.
  • A small backpack or bag for swag. Sometimes our sponsors provide bags, but we’re not 100% sure of that at the moment.
  • Some cash to donate to Fox Pick’s fundraiser! More details below.

Talks and Schedule

Sched, as the name implies, is the key to the event’s schedule! You can log into your account, create your own personal schedule and even leave ratings and comments for speakers. You can even rate breakfast and lunch on Sched. The talks are color-coded by category and Sched will allow you to filter by the track (we have three tracks), category or technical level.

Sponsors

A big thanks to our corporate sponsors! Tickets cover less than 50% of the costs of the conference, so you have these businesses to thank for covering the rest. We’ve been very fortunate in that nearly every sponsor this year has been a sponsor in the past!

Cisco and Optiv, who are supporting us at the top tier, as platinum sponsors this year!

Thanks to Sword and Shield and Tek Systems who are back as gold sponsors!

Rapid7 lends its support as a Silver sponsor this year!

Logistics

There are many parking options near Market Square. Unsurprisingly, the Market Square Garage is close, as is State Street Garage. Both will run you $7 for the day.

The tracks are indicated by the green markers with house symbols.

Registration will be in Preservation Pub. Each attendee gets a poster and a badge. Depending on what our corporate and community sponsors ship us, you may get a swag bag at registration as well. While our posters are awesome concert-style posters on thick stock, they’re a bit of a burden to carry around all day. We’d recommend registering early to give yourself enough time to walk back to your car and drop off your poster.

Additionally, CyberSecJobs was kind enough to send us some of their bracelets. There’s one bracelet for folks looking for a job and another for employers looking to hire. If you are looking for a job or are actively hiring, ask at the registration desk!

Our luck with the weather has generally been good, but there is always a chance of May showers. Moving between tracks requires walking outside on the square, so check the weather and prepare appropriately.

We feed our attendees breakfast (donuts, don’t tell our parents we called it breakfast) and lunch. If you have dietary restrictions, please tell us as soon as possible so we can prepare. We also make water, soda and coffee available all day. Take advantage of it and stay hydrated! Two drink tickets are included with every BSides ticket and can be reimbursed in Scruffy City Hall or Preservation Pub for an alcoholic drink. Don’t drink? No problem — donate them to a friend or just leave them at the registration desk.

Note, however, that alcohol is not permitted on the square! If you get a drink at Scruffy, you have to keep it on Scruffy premises. Ditto for Preservation Pub. There is no alcohol available in Track 2, which is the Knoxville Entrepreneur Center.

The Badge

This year’s badge is possibly the best yet. It’s certainly the most prepared and well-tested. The process of designing it started not long after the end of last year’s BSides. This year, Jed had a whole team working with him on design, code and testing. We hope you like rochambeau!

A rendering of the badge with only the microUSB connector populated.

Never played the lizard/spock variation? Here’s the instructions in a handy graphic. Each choice wins over two other choices and loses to two other choices. For example, Spock smashes scissors with his mind and vaporizes rock with his phaser. However, Spock is poisoned by lizard and disproved by paper.

Courtesy SciFiCat at DeviantArt for this graphical depiction of the rules

CTF

Last year, we hosted a fox hunt that utilized last year’s badges to find three radio beacons. This year, the DC865 crew offered to run a CTF and told them to go for it!

This is a Jeopardy-style CTF, but what does that mean? A Jeopardy-style CTF has multiple categories to choose from. Some flags under a category may only be opened by solving the previous flag (but not all). In this case, we have four different categories. Each category will also have four flags. Each flag will have a small hint that may help give away its location. NOT ALL FLAGS ARE EQUALLY SCORED.

Requirements

  • Team of four (you can work solo if you wish)
  • Laptop(s) w/Wireless capability
  • Favorite virtualization platform (.ovf format)

This CTF revolves around the workstation of Frank. Frank is an admin at ACME Corp, which is unfortunate for them. Frank has a few bad habits when it comes to systems administration. Bad for ACME, but good for you. Your goal is to gain access to Frank’s workstation and locate key pieces of information (flags) he has laying around.

Categories

  • Web Application
  • DFIR (Digital Forensics and Incident Response)
  • Steganography and Cryptography
  • Miscellaneous

Rules

  • CTFs are meant to be fun. Please refrain from attacking the CTF infrastructure.
  • Do NOT attack other players.
  • Guessing a flag # is not allowed.
  • Most flags do not have to be collected in sequential order.
  • We respect fair play, we ask that you do not publish the location of the hidden flags.
  • If in doubt, come see us at the DC865 table.

For information on registration, please come to the DC865 table.

Fox Pick

Last year was the first year we didn’t have a lock-picking village. We just didn’t have time to plan it. This year, we’re lucky — we’re not only going to have a lock-picking village, we’re going to have the ultimate lock-picking village run by a dedicated, experienced crew! 

Fox Pick has a electronic lock-picking challenge called Felix’s Breakout. The best times will win prizes!

The folks at Fox Pick do this to raise money for an organization, Hak4Kids, that puts on hacking events for kids. Let’s show them some generosity and see if we can raise over $1000 for them at BSides Knoxville. With over 300 attendees, that should be an easy goal!

Code of Conduct

Borrowing from BSides Atlanta a bit:

Our “Code of Conduct” is "Be Excellent to Each Other" AKA the Golden Rule. Don’t be a jerk (Staff reserves the right to determine what constitutes “Being an Jerk).

Asking questions of a speaker during their talk, to get clarity or debate a point is NOT being an jerk — heckling the speaker IS. If you are not sure, ask, or err on the side of common courtesy. If what someone is doing would not be acceptable to have done to you, your best friend or anyone else that you know, do not let them treat anyone else that way — whether you know them or not. If someone asks you to stop — stop.

Alcohol is served at this event. Track 1 (Scruffy City Hall) and track 3 (Preservation Pub) are bars. This is our fourth year and we haven’t had an issue yet. Let’s continue that streak!

If you see or experience something you’re concerned about, please, let us know, regardless of whether it’s an attendee, venue staff or someone hanging out on the square. Market Square is a popular downtown destination and police regularly patrol on foot.

Contact the Organizers

Email info@bsidesknoxville.com

DM on Twitter @bsidesknoxville

Or just find one of us or a volunteer — staff will be wearing RED badges.