Northsec: The Nosebleed Section. 

It’s interesting what can happen when a shared dream and uncompromising attitude is combined with selfless commitment.  In this kind of situation, even failure is an opportunity.  Northsec was built from the ashes of a local Capture The Flag (CTF) competition. A group of participants and organisers  from the event came together with the goal of creating the most difficult competition for the community, by the community.  With this as its foundation, the non-for-profit organisation for the Northsec conference was created.  Within a few short years the CTF has grown to be a landmark event for Canada and the global security community, selling out tickets to hundreds of participants and dozens of great presentations each year. “We never made it so it would stay small” recalls Gabriel Tremblay, President of the Northsec board, “Since the conference is in English and we are trying to bring speakers from all over the world it’s easy to see how it could get out of control, which is a good thing.”  This year the conference is doubling in size with more presentations and workshops than ever before “we had so many good proposals” related Conference Vice President Pierre-David Oriol.  The organisers used to quip that Montreal’s Northsec was a “security festival”, but now that it lasts a week the joke has become real.  The event is designed to cater to security professionals and students looking to stay at the cutting edge of technical developments in security.  The conference talks provide insights into what is happening in security from the perspective of experts from technical, legal and civil society backgrounds.   Presentations are all about the application, content and the craft with the organisers setting a high bar for the presentations for the benefit of the community.  Tremblay dispels my concerns about commercialisation plainly, “We don’t do sponsored talks, so you really have to have good content in your talks even if you are a major sponsor”. The training sessions and workshops are there to provide a hands-on format to allow presenters and trainers to share their skills in a practical way, for better participant learning outcomes.  Although there is nothing that offers the same range of learning opportunities in Montreal, the biggest attraction at Northsec is the CTF. Not only is the difficulty turned up to eleven, so is the scale of the event.  The CTF sees more than 400 participants in 50 teams working at 200 challenges for 48 hours.  Supporting this is an infrastructure of around 12,000 Linux containers using 10,000 BGP routers and almost four million IPv6 routing entries simulating an Internet for each team.

 

“It’s hard to know, but based on our research, there isn’t another event in the world where you have as many people on site trying to break security challenges for 48 hours straight” said Pierre-David Oriol.

The conference is organised and run on an entirely volunteer basis, none of the funds raised are spent on salaries so the community can be provided with the best event at the least cost.  A team of thirty-five international volunteers puts on the event with the kind of jovial enthusiasm that Canada is known for. The organisers are clearly passionate about providing learning experiences for their peers and this can be seen even in the event’s participant badges. The badges are electronic with an ARM chip that you can modify and learn more about hardware and embedded development. “Northsec is a place that celebrates technical excellence,” states Tremblay proudly, “Nothing is there just to be cool …. apart from the beer”.   Unsurprisingly for an event in Montreal, the social aspect of the conference has not been overlooked. Last year’s event saw participants migrating from the onsite micro-brewery to an arcade bar to continue conversations and debate solutions. The openness of Montreal culture is also on show, “two years ago we implemented a code of conduct” explained Oriol, “We have never really had any issues but we implemented a code of conduct as part of an ongoing effort to improve the gender diversity and the inclusiveness of the community and we are very strict on that code of conduct. It is on the main page of the website for that reason.”

The high-level of the conference has resulted in a very professional atmosphere with companies sometimes sending entire teams to attend and take part in the event.  Rubbing shoulders with the pros are plenty of students also enjoying the applied nature of the event and aspiring to the atmospheric heights demanded by the leaders in the CTF.

Northsec is the kind of event that happens when people dream big and work together.  The founders are keen to see the event attract more competitors and participants from across Canada. They hope not only to see the event grow but also to bring together more people from Canada’s cybersecurity community to share their love of the craft and join the climb to the dizzying heights of technical excellence.

“The level is super high so there is definitely a lot of nose bleeds.” smiles Tremblay, “If you sign up for the whole package, it is going to be a long week.”

 

 

Northsec runs from May 14 to May 20, 2018 and is located in Montreal’s Old Port.  Tickets and further details are available for the Conference, the CTF or both at https://www.nsec.io. Some opportunities for event sponsorship are still available, visit https://www.nsec.io/become-a-sponsor/ .