ShmooCon 2013 Conference Summary

ShmooCon 2013 started this past Friday, February 15, 2013 at 2:30 pm EST with opening remarks from Bruce Potter (@gdead) and ended on Sunday February 17, 2013.

Although at a new venue this this year (Hyatt Regency Washington), the presentations were still of high quality with talks such as Generalized Single Packet Authorization for Cloud Computing Environments by Michael Rash.  Michael discussed that even with the benefits of clouding computing, the recent Microsoft RDP vulnerability (CVE-2012-0002) still points to security issues in the cloud environment and presented techniques to generalize Single Packet Authorization (SPA).  Other talks such as Malware Analysis: Collaboration, Automation & Training by Richard Harman and Crypto: You’re doing it wrong by Ron Bowes were also very popular and had many attendees continuing discussions about those topics in the halls.

Additionally, Hacking as an Act of War by G. Mark Hardy and Attacking SCADA Wireless Systems for Fun and Profit and Fixing by Atlas to name a few more interesting and very informative briefings were presented.

In fact, the only negative aspect associated with the conference was the party at the Ibiza Night Club.  Through various conversations with, I heard stories ranging from having to wait up to 30 minutes to get in, being grouped by the club security, unprofessional staff and a slow open bar service (I’m not sure if I missed anything, too many stories to remember).

ShmooCon 2013 had many interesting events; one in particular that caught my attention was the “Train the Trainer”.  This event provided tips, techniques and materials to technical instructors to help enhance their training program.  In addition, traditional events such as Lockpick Village, Ghost in the Shellcode, FireTalks and Hack Fortress we also well received.

I had the opportunity to speak with some of the vendors such as Sondra from SecurityUniversity and Rapheal Mudge from CobaltStrike as well as the folks at Silent Circle about their products and services.

This year charities were the Electronic Frontier Foundation (; they are the leading civil liberties group defending your rights in the digital world and Hackers for Charity (, which provides hackers with job experience while leveraging their skills for charities that need those skills.  These are some commendable charities with impactful missions, I ask you check them out.

I would like to thank Bruce (@gdead), Heidi (@heidishmoo), Chris (@ChrisJohnRiley) as well as the conference staff for a wonderful and well-organized event, and as always, we look forward to next year’s conference.

Please share your experiences with us by commenting below

About ShmooCon:

ShmooCon is an American hacker convention organized by The Shmoo Group. There are typically about 35 different talks and presentations, on a variety of subjects related to computer security and cyberculture.

1 reply

Trackbacks & Pingbacks

  1. Security ShmooCon 2013 Videos are now online | Christopher Penido says:

    […] ShmooCon 2013 Conference Summary ( […]

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.