Reflections on Ekoparty 2021

Ekoparty began as an underground hacking event, but has grown into one of the foremost cybersecurity conferences in Latin America. This year was the 20th anniversary of the incredible infosec event, which takes place every year in Buenos Aires. In order to discover insights from this year’s conference, we talked with two experts from Core Security who attended, and also served as trainers at the Hackademy portion of the event.

Could you tell us a little bit about your background and your day-to-day as a cybersecurity professional and how you got involved with Ekoparty?

Ricardo:

I started reverse engineering in the mid 90's as a hobby and in 2000 I founded CracksLatinos with some friends, a group dedicated to the study of software protection and reverse engineering. The group is still active and fully functioning, teaching and learning with thousands of tutorials, as well as creating videos, holding regular meetings, etc.

Given my knowledge and practice in reverse engineering I started working at Core Security 15 years ago as an exploit writer and have been there ever since. I focus on reverse patching software, writing exploits, etc.

I first became familiar with Ekoparty when I was required to go along with the other exploit writers at Core Security. Later on, we started to give live trainings every year and I have participated ever since.

Ekoparty has even honored me with the lifetime achievement award with greats like Gerardo Richarte, Ivan Arce, and Nicolas Economou for sharing knowledge and helping those who are starting out.

Esteban:

I started with reverse engineering around 2000, removing the protections to programs out of curiosity and to entertain myself. Shortly after that, I joined the CracksLatinos group Ricardo helped to found, where I gained and shared even more reverse engineering knowledge.  Later, I became part of some "teams" on the cracking "scene."  All of this was always purely for entertainment, since I was dedicated to something totally different for my day job (I had a business).

This all changed in 2008, when I got a job offer with Core Security, and went to an interview mostly out of curiosity.  They ended up offering me the job of exploit writer and I accepted the challenge because I was excited at the prospect of working in a field that, until that moment, was purely an enjoyable pastime. From then on, I started to participate in conferences like Ekoparty, building relationships with people working in cybersecurity.

How does Ekoparty work? What were your biggest takeaways from this year’s event?

Esteban:

Ekoparty is the most valuable cybersecurity conference in Latin America that takes place over five days. It basically consists of two main segments: trainings and talks covering a vast number of cybersecurity topics.  It is attended by people from many countries, especially South American countries such as Chile, Peru, Colombia, Ecuador and Brazil. Since the pandemic, Ekoparty has moved everything online, which takes away some of the warmth. However, there are always interesting talks and trainings.

Ricardo:

Ekoparty always has a good vibe and went smoothly this year, but since it was a virtual event, it was certainly a different kind of experience. People seemed to really miss the face-to-face interactions with like-minded people. Hopefully next year it will be back to full in-person!

Were there any trends you noticed—certain topics that came up more than they have in the past?

Ricardo:

There were so many great topics, but I noticed a lot more attention on security in general and fewer topics related to exploits, bugs, and exploitation techniques than we’ve seen before.

Esteban:

Each year of Ekoparty is quite different—all the talks and trainings are very diverse and deal with a wide variety of topics. Interestingly, while all the sessions are related to security, it is not exclusively computer systems—for example there is also coverage of physical security, including trainings on lock picking.

What’s your favorite part about attending this conference?

Ricardo:

It’s typically the face-to-face trainings! This year I did online trainings, but it made me a little sad and long to do in-person sessions again.

Esteban:

I like to participate both as an instructor in some trainings, as well as attending the talks that pique my interest and curiosity.  It is also a good place to meet up with former colleagues and friends.

What kind of training takes place during the Hackademy?

Ricardo:

We take a group of people and they go through different courses on varying security topics in order for them to explore and decide which topic they like the most. It is like an orientation—from there they can decide to follow a particular course that they can also take at Ekoparty.

Esteban:

Hackademy is an academy that consists of several modules in which different topics related to security are taught, including forensics, reverse engineering, web security, ethical hacking, pen testing, information management, etc.

What advice do you have for those new to this community?

Ricardo:

I have a novel’s worth of advice! In the articles that I write, I always point out certain differences between what it was like when I began this career, when the information was more difficult or impossible to find against the present time when everything is easy to find. While this seems great on the surface, there is a downside. It creates a feeling that if you don’t find something in a few minutes on Google, it is not worth wasting time with it. Whereas before if we did not find it (which was almost always), we kept experimenting, trying things until we learned it ourselves. This persistence is something that is still so important in cybersecurity and is worth cultivating.

Additionally, now there is almost too much information! It can be overwhelming and make it difficult to know where to start. There are so many resources it can be impossible to read it all, whereas, before the information was so scarce that you grabbed what you could.

Esteban:

For anyone who wants to start in the security area, you should know that you’ll never finish learning! It can be a constant challenge, but those who are curious and persevere will be rewarded. While anyone can learn about the subject, these attributes are fundamental.