~$ Halfway through 2021: A brief recap of what I've been up to

Posted on Jul. 20th, 2021.

Tags:Personal


Saying that 2021 has been a hell of a year so far is a bit of an understatement. We are mostly halfway through it, so I thought it would be a fantastic moment to have a little hindsight and recap what has happened, in the world surrounding me and also in my own personal and professional lives.

The 2020's Arc main antagonist: COVID-19

It is hard to believe we have been living with COVID-19 for the last year and a half, more or less 70 weeks, since restrictions came into place to prevent the spread of one of the deadliest pandemics in recent history.

These restrictions meant that I could not go to university to study as I had for the previous 1.5 years and forced me to adopt a more digital lifestyle. I made new friends, a lot of which are still my friends today, joined communities and was involved in various events, all of which would not have happened if not for the pandemic. COVID-19 was a pillar in my transition into the domain of infosec, so it is not all bad (it can end any day now, please).

The road so far

In the months preceding the new year, I participated in my first TraceLabs OSINT CTF and gave my first public talk in October, at BeerCon2.

In November, I gave a variation of that talk at BSides Islamabad and at some point later on, I joined the Digital Overdose and Gateway communities as a moderator.

When December rolled up, my academic semester was entering recess before the late January exam period, but I had the time to float an idea for a rookies-only conference, hosted in Digital Overdose.

January

Starting right off the bat on January 3rd, I gave a small talk in the Gateway server on procedural OSINT, which went well, except for the recording.

On January 7th, I became an "Admin" (now called Community Manager) in Digital Overdose, where I'd help steer the ship.

In the midst of the WhatsApp Privacy Policy crisis I took a while to read through the documentation and wrote an article that showed a few of the issues therein, which I then discussed with Christo and Ibad (Bee). Someone at eNCA -- South Africa's primary news broadcaster -- caught wind of it and a few days later I was invited to discuss this on eNCA. Considering I had very little media training (see: none), it went astonishingly well, although I definitely need to work on background and discussion skills.

On January 17th and 31st, I gave a talk on the recommendations on IoT security provided by the EU's Cybersecurity Agency (ENISA) at the Leeds Ethical Hacking Society and DEFCON 441905 Worcester respectively.


As you can see, the month of January was in fact quite complicated and full of events, but I also needed to work a bit on the academic side of things.

February

In February, I had my exams, which related to Design Science, Information and Communication Technologies, Transversal Projects and the like. It was a bit harrowing, but I got through it mostly unscathed (92.5% compound average score).


In the meantime I had also built the Digital Overdose website, and we announced Digital Overdose Con and opened its Call For Participants (CFP).

Later in the month I participated with team Hack South in the TraceLabs OSINT CTF, wherein we came 17th, which felt nice.

Since this year's CircleCityConference was virtual, I helped out with CFP reviews, which was a lot of fun.

February was a bit of a hectic month, but it was overall a better and calmer experience.

March

In comparison to the above, March was a "slow" month.

Most of March was basically starting a new semester, and learning things, as well as starting my Bachelor's project (I'll write a post on that soon).

With Digital Overdose Con, we finalized our CFP, proceeded to a blind review, and then announced the speakers, with a number of bumps in the road.

Later on, I helped out at the PlaySecure Conference, moderating the Gather space it was taking place in.

To finish the month, I became a "Hacking is NOT a Crime" (HINAC) advocate.


To summarize, March was a bit chaotic, but not too much, which is good. In that time I also learned a bit more about myself and how being driven by the wrong motivations can backfire, which wasn't fun but definitely immensely valuable.

April

April was one of the most chaotic months I'd ever experience, mostly surrounding Digital Overdose Con.

From the mentoring, planning the schedule of the conference, building up stream assets and testing the infrastructure, it was definitely a wild ride.

The day of, I was totally stressed (which viewers will have seen), but once I saw it was going well I relaxed a bit and went along for the ride.

A few accidents later, one involving replacing an empty slot with a panel of ex-rookies, we finished up the conference with an after-party hosted by none other than Dan Conn.

A few days of A/V later, and all the videos became publicly accessible on YouTube.

Then I went back to the academic life to catch up on all the stuff I'd missed out on.

If I'm co-organizing anything like that again, I will definitely do it with more people, because it really helped redefine an insane schedule.


Another fun thing that I participated in that month was the CentralInfosec CTF, where the Advanced Persistent Team managed to place in the top 10!

May

May was more relaxed, and I mostly only got involved in moderating DEFCON's AppSec Village Discord server and building a few challenges for their CTF at RSAConference.

June

June was a pretty standard month, with a few community engagements and a university exam session.

Mid-june I helped out at CircleCityCon as a member of the Safety Operations crew.

I later went on to give a talk at the Open Security Summit, as well as spawn an idea for a table-top asymmetric card game (which is another topic for another time).

I then did another run at the TraceLabs OSINT CTF with Team HackSouth, and we managed to place 7th in quite challenging circumstances! That was my best attempt so far, and I wonder what it will look like the next time we play.


Finally, I had some exams, which related to Security of Information Systems, Object-Oriented Concepts and Languages, a project and my Bachelor's project thesis to present. It was once again a bit harrowing, but I managed to get a 98.7% compound average score.

This was my final semester for my Bachelor's degree in Information Systems and Services Science, which I can now say I've acquired -- pending the piece of paper -- with a compound average score of 89.7%, something I'm quite proud of.

Conclusions

This first half of 2021 was quite exciting, and I have a few interesting things in the pipeline for the second half, but I guess you'll just have to discover it mostly at the same time as I am.

And yes, I am planning on taking a break to recharge my batteries.

What's next?

Well, I'm starting my Master's degree in Computer Systems Science in September. In the meantime I've started familiarizing myself more with AppSec and DevSecOps, applying it in complement to my Bachelor's project, and that is mostly it. Perhaps some CTF's, perhaps some community projects, perhaps learn GoLang and perhaps take a few days to be a tourist!

Thanks

My thanks go out to:

  • Lennaert, for putting up with me and being a fantastic friend.
  • Scott, for being a no-bullshit voice of reasonand fantastic to hang around and hack with.
  • Gerard, for being fun to hang around and hack with!
  • Skelli, for putting up with my shenanigans and trusting me with their execution, and letting me help them to run Digital Overdose.
  • Abby, for being a (red-)pandaemonium summoner and all-around fun.
  • The Happy Hour gang, my infosec family!
  • Night, David, 3t3rn4l P4r4d0x, Fawley, Stacy, Sable, JK, Gh0stProtocol, S4T4N, Affine, Nerdy and Luna, y'all help make Digital Overdose a fun place to hang in.