Interview with Tom “Cooper” Wirschell
Here we are, back again with Security-BSides in Hamburg! Last December’s event was an overwhelming success, and encouraged by the participants we felt we needed to offer a second conference whilst 32c3 was in town. Minimum time-frame, scarce resources, but yet again some awesome people around us made it happen!
This is why we want to introduce some of them to you. We’re currently interviewing sponsors, speakers, participants, workshop-leaders, supporters, and community members who spread the word even if they can’t make it to Hamburg. So join us in meeting our great BSides family!
This is one of our speakers and supporters, Tom “Cooper” Wirschell - Tom’s been a professional software developer for the past 20 years, initially developing software for the finance sector and more recently for a company that makes software for the mental healthcare sector. In his spare time he helps out people on the Hak5 forum, likes to take part in programming competitions like the NLJUG Masters Of Java, goes to heavy metal concerts and he’s a volunteer for the Dutch OWASP chapter.
1. BSidesHH is by far not your first BSides, right?
I’m actually quite new to the whole conference thing. Sure, I’ve watched plenty of talks on Youtube, SecurityTube and what have you, but until may of this year I had actually never been to a security conference. Obviously IT security has always been an important element of my job but with most security talks I found so focussed on attacking software rather than discussing how these attacks could be prevented from the application-side of things I used to think there wouldn’t be that much for me to take away from a conference. Back in late 2014 I asked a friend from the Hak5 forum, Robin “DigiNinja” Wood, what would be a good conference for a dev like me. In the subsequent discussion he said he organised SteelCon which I thought was such a cool thing of him to do that I offered to come over and volunteer for the next one.
SteelCon 2015 turned out to be nothing short of amazing. The talks were great, the atmosphere was fantastic, the attendees had surprisingly diverse backgrounds (hardware, software, attack, defense, new to the field, experienced professional) and everybody wanted to share what they knew and learn from others. I loved every second of it and got totally hooked. Since then I’ve been to quite a number of conferences both as attendee and as volunteer.
2. You are coming all the way from the Netherlands to make BSidesHH an even fancier event than it already is! You will be recording both the talks and the presentations! How awesome! What gave you the idea to do this?
When I volunteered at SteelCon I was assigned as the happy helper for Cal Leeming, who acted as the A/V guy that day. We had an absolute blast getting everything set up and doing the recording as best we could. Unfortunately when the event was over we found that there were various problems with the recordings that took a massive amount of post production time to fix up. The end result was that most of the videos for the talks didn’t go public until september and a few were basically lost. So me and Cal started talking about what should be done differently next year to make sure that won’t happen again. We’ve worked out what we think is a setup that will allow us to reliably record such presentations, and I started assembling the hardware to assess if it does what we expect it to the way we want it to.
Now back during SteelCon, one of the speakers was F1nux who not only did a really cool presentation but whom I also had the pleasure of talking to the day after over a lunch shared with a small number of other attendees who were still in town. He just struck me as a sincere, clever and genuinely nice, down to earth kind of guy, so I started following him on Twitter. This November I see him tweeting about BSidesHH so I checked it out and noticed that he was in fact helping to organise it, and that the plan thus far was to not record the event. So I got in touch with him and offered to volunteer for the event regardless, but if he wanted I should be able to do some recording too with this video rig I’m assembling, an offer he gladly accepted.
This put me in a bit of a bind because at this stage I only have 1 video rig and even that wasn’t yet fully assembled. In fact, the computer I’m using for this has thus far not recorded a single thing, so I’m frantically trying to get everything set up and working such that I can properly record 1 track. There are 2 tracks for BSidesHH, so the other track gets just a camera and the various slides will need to get edited into the footage during post production. That’s going to take a while, so please bear with me on that one.
3. What do you like about the BSides idea?
What I really like about events like BSides is that they are decidedly low-cost or free, meaning that those who want to learn about computer security basically only have to show up. I feel this is important because the topics themselves can be difficult enough for regular people comprehend and the goal I see with these events is to educate as many people as possible. Any barrier to entry is a setback to the community as a whole. It’s one of the things I like about the concept of recording these talks - even if you can’t show up you can see and hear the presentation and learn something. And unlike what you might expect from a free event, these presentations are still very much high quality. They would fit quite nicely in the schedule of the rather more expensive conferences and people know this so those who are already quite experienced and/or active in the field come and attend too.
The end result of these two things combined is that you get attendees from all walks of life to show up, they will learn from the presenter and it’s my experience that they’ll learn even more just by interacting with one another. And once that starts, magic happens.
4. What are your hopes & wishes for BSidesHH this year? What would make the conference a successful one to you?
Well first and foremost I hope with every fiber of my being that I can get this video rig sorted in time otherwise I’m going to have to do a lot of post-production work to put the presenter slides in for BOTH tracks. Once I’ve got these video rigs done I want to take them out to any event that would like to see their presentations recorded so the smoother the recording is, the happier I’ll be.
From the event itself I hope to learn a few new things from the presentations. Looking at the short write-ups for in particular the talks on SSL, backdoors and especially the ElasticZombie one I’m quite confident that’s going to happen. I’m also really looking forward to just interacting with the crowd. I made some fantastic new friends during SteelCon and I’m hoping I get to make a few more here at BSidesHH. And finally I hope the conference will be enough of a success for there to be another one next year, which I’ll hopefully be allowed to record again.
How to book tickets
You can book tickets to the conference, via our Eventbrite page.