Update: The winner of the Brucon 2014 lightning talks was @tunnelshade (Bharadwaj Machiraju) for his fantastic talk on Project Flashbang - an "open source Flash-security helper with a very specific purpose: Find the flashVars of a naked SWF and display them, so a security tester can start hacking away without decompiling the code..". He wins a free ticket for BruCON 2015 - well done Bharadwaj!
Grab the code here: https://github.com/cure53/Flashbang
TL;DR Give a 5 minute informal presentation on a concept, tool, project or research-in-progress to a room of fellow practitioners - sign up below by editing this page.
"Don't wait for perfect" is the unofficial slogan of the Brucon Lightning Talks.
A Lightning Talk is a 5-minute talk given by someone that looks a lot like you. For precisely 300 seconds, you get the podium to talk about and show off your hacking/infosec related idea, concept, policy, tool, technique, exploit, countermeasure, survey, statistical analysis, visualization, architecture, blueprint, or hardware.
Perhaps you've found a clever use for an existing tool, or you've automated something that usually takes forever...or maybe you've started up a security related project and you're looking for volunteers...or you discovered an attack, defense or response technique you hadn't seen anywhere else (or you saw it but feel others would benefit from hearing about it).
If so, a lightning talk at Brucon gives you the chance to "get the word out" to fellow security geeks at an informal conference. You may get valuable feedback, find some volunteers to help take your idea further, overcome a difficult hurdle, discover you have a "bigger talk" on your hands (a future CFP submission) or free beer from attendees with questions...
Time and date to be decided. But they will be happening, we assure you.
- Moderator1: Craig Balding
- Moderator2: Matt Erasmus
|1||HSTS(HTTP Strict Transport Security)||Nikos Danopoulos|
|2||Reality check, really -- wat for?||Kristo aka Shiliu|
|3||Derpin' around with fancy MySQL forensics||404 (@JQuePublic)|
|5||Automating 802.1X MitM||Jan Kadijk|
|6||available||please sign up|
|7||available||please sign up|
|8||available||please sign up|
|9||Either malware related or work related...||undeadsecurity|
|10||I am glutton for punishment||biosshadow|
|11||-- (reserve slot in case speakers don't show)||--|
|12||-- (reserve slot in case speakers don't show)||--|
|13||-- (reserve slot in case speakers don't show)||--|
- pick something that hasn't already been done to death (avoid over-exposed ideas)
- timing is everything: figure out your core messages and break down into time. Rehearse your talk to your mum, friend, colleague, homeless dude or hot chick/guy you want to impress at least a few times. You'll likely run over time when rehearsing which is a sign you need to cut back material or simply, say less :)
- 5 minutes means an absolute maximum of 10 slides for most presenters - more than that and you're probably trying to say too much.
- In terms of slides, less truly is more (for your audience...). Remember, a picture is worth a thousand words so don't "bullet point the audience to death".
- When designing your talk, think about it from your audiences point of view - assume they have a reasonable infosec background but don't specialise in the subject you are presenting. Limit introductory points to the "bare essentials" - if the "warm up" part of your talk is longer than 2 minutes, cut it back to give you enough "space" to talk about the meat of your idea (we can help if you ask us).
- What do you want your audience to walk away with after? What do you want them to remember? Loads of studies show audiences forget most of what you tell them...this again means focus on a few things rather than going into "firehose" mode.
- Got something concrete you can show? Then show it :). It does not have to be complete, it absolutely does not have to be perfect.
- Humour is a good way to catch the attention of the audience ;-)
- The most important tip: don't let the biggest thing stopping you giving a lightning talk be "you" :).
Talks must be of a non-commercial nature. Sales or vendor pitches will bring forth the wrath of a few hundreds geeks.
If you're nervous about presenting, we'll even offer some free coaching if you ask for it. Brucon is most definitely a con without attitude. Don't be shy about asking for help - it won't cost you anything...
To sign-up to give a lightning talk you only need edit this wiki page - enter your name and talk idea/title in a free slot in the table below for the day of your choice. We watch this page so will see your update - there is nothing further you need to do to sign-up.
If all the free slots have gone, fill in a reserve slot (last year a handful of people didn't show up so all the reservists got to give their talk).
If the reserve slots have gone, sorry but you'll have to wait til next year.
Is each talk really limited to a maximum of 5 minutes?
Oh yes. We have a special lightning talks gong created by Didier Stevens that generates real lightning bolts in the general direction of the podium. Any carbon based life-form present 1/1000th of a second over their allocated 5 minutes receives a "very special tap on the shoulder". OK, OK, there is no lightning bolt, but there is a gong, and it was made by Didier and when it signals your time is up (which it does so with alarming accuracy), your talk is over and the next victim^H^H^H^H^H^Hspeakers' time starts... By the way, if your talk is less than 5 minutes, that's OK too.
Can I use my own laptop?
You can if you want but your 5 minute slot includes your "setup time" (i.e. plugging in your laptop); i.e. if it takes 5 minutes to get your laptop talking happily to our projector, Didiers' gong will vaporise you. Failing that, the lightning talks moderator will be unplugging your laptop ready for the next presenter. You can therefore avoid possible incompatibility issues and losing valuable time by using a Brucon volunteer supplied laptop.
There are reasons you might need to use your own laptop to present your lightning talk; e.g. specific software stack/configuration for a demo, non-free licensed software, intellectual property concerns etc.
We will provide a shared laptop running Windows 7 with Microsoft PowerPoint viewer, a PDF viewer, Windows Media Player and any other freely downloadable software you specifically request in advance (please provide name, version and a download link). If you want to use your own laptop and its not an Apple Mac, we strongly recommend you test it with our projector during lunchtime the day you are giving the talk (or before).
Is there a deadline for providing my slides?
All slides must be provided at least 1 hour before the lightning talks session starts. You can email your slides to craig.balding/gmail.com (yup, replace the slash) and they will magically appear on the lightning talks laptop. Alternatively, bring a USB stick during lunch - we'll be hanging around in the room during the break proceeding the lightning talks. We will then load your slides onto the shared laptop.
Do I need to provide slides the day before if I'm going to use my own laptop?
Yes, absolutely. If your laptop dies just before - or $DEITY forbid - during your talk, we'll have your slides on standby on the shared laptop. Yup, we've got your back...
Which room will the lightning talks be held in?
The lightning talks will be held in the Westvleteren room
Does Brucon give any financial or expense related incentive for giving a lightning talk?
No. Brucon is a volunteer run, non-profit conference. What we give you is 5 minutes in the spotlight to showcase your thang in front of a kick-ass and savvy audience.
Got a question? Unsure about something? If you've read this far and have a question, please contact craig.balding who receives his email at gmail.com or matt at zonbi dot org.
Sign-up below to give a lightning talk. One slot per topic!!
Feedback is very important to people, especially those who are doing lightning talks in order to improve their presentation skills. So if you saw something you liked, please fill in some feedback for them!
Please list the name of the presenter, the theme, or the name of the presentation so we know who to fwd the feedback to...