Binaries and Brews: Jailbreak Security Summit convenes hackers on NSA’s doorstep
Of the countless security conferences held across the globe, only one combines craft beer and malware analysis in the National Security Agency’s backyard.
Every year, federal contractors and analysts at Beltway cybersecurity companies gather for a day at Jailbreak Brewery’s Laurel, Maryland, headquarters to trade specialized knowledge in digital forensics.
“The training is really good; the beers are even better,” said a Department of Justice employee sipping a Lemon Meringue Berliner Weisse.
The DOJ employee, who declined to speak on the record, has been coming since the summit’s inception in 2015. “I learn something new every year,” he said, before descending from the bar and taking a seat in front of the presentation stage.
That is the comfort zone that Kasey Turner, a former NSA employee, sought to create when he opened the brewery in 2014 with cybersecurity contractor-turned-entrepreneur Justin Bonner.
“We wanted this to be everybody’s own jailbreak,” Turner told CyberScoop. “Whatever drama is in your life…while you sit here and drink a beer, we hope that you don’t think about that for a few minutes.”
The brewery’s name is a nod to the cybersecurity definition of a “jailbreak”: using a vulnerability to gain “root access” to a device and install whatever programs you like on it.
“It’s more about the freedom of the jailbreak, so to speak,” Turner said. “You’re setting your phone free from the network and all of the constraints that are put on it.”
It was early Friday evening and Turner and his colleague Tom McGuire, another ex-NSA-er, were taking a break from the exertions of running the brewery to reflect on how their project had progressed. Around them, glasses clinked as attendees lingered long after the last speaker had finished to share stories and exchange contact information. 0Day IPA was available at the bar, the walls were adorned with Big Lebowski-themed art, and 90s grunge hummed through the hall.
Before cybersecurity became a multibillion-dollar and endlessly hyped industry, security conferences had this low-key feel.
“They were small, they were intimate, and you pretty much went to them because there wasn’t anywhere else to talk about this stuff,” Turner recalled. “This was your opportunity to meet with these people and talk with them and put a face to a handle.”
Sarah Edwards, a Mac/iOS forensics specialist who, fittingly, presented on jailbreaking tools at the conference, said the event was fertile ground for collaborating with others in her niche. It helped drive home the many positive reasons to jailbreak a phone, she said, including to study the device’s interactions with its applications in order to make them more secure.
Staying low-key
While previous summits focused on SCADA systems or Internet of Things devices, this year’s theme was reverse-engineering malware.
“We need to make reverse engineering accessible to more people,” proclaimed a presenter from the Johns Hopkins University Applied Physics Laboratory, in between meditations on binary static analysis. Carbon Black’s Erika Noerenberg riffed on the ability of a threat-hunting tool to decrypt payloads, while Google Project Zero’s Maddie Stone walked attendees through how she deconstructed a vulnerability exploited in WhatsApp.
“Each of us in this room may have a different reason for analyzing [a bug],” Stone said.
Mike Bell, a longtime NSA contractor, presented on Ghidra, the reverse-engineering tool that the NSA publicly released earlier this year.
Looking relaxed in a sailor hat after going out on a boat the previous night with fellow presenters, Bell talked about his hope that Ghidra would be a valuable resource for academic researchers. Bell, who had helped write some of Ghidra’s algorithms, stood at the bar, his chin raised slightly, exuding an eagerness about where the project would go next.
“The simple fact is the team can’t keep up with all the changes in industry,” Bell said, explaining one reason why the NSA released Ghidra publicly.
The camaraderie on display is one reason Turner and McGuire say they want to keep the conference small and unassuming, a contrast to the pomp and glitz of other industry events. What started for Turner and McGuire as a means of catching up with former colleagues will stay that way, they said.
“Having a conference at a brewery gets people going,” Turner said. “They talk to one another.”