I was fortunate enough to attend ShmooCon with some coworkers this last weekend. This was my first ever cybersecurity conference, so I wasn’t really there with a purpose, mostly just to see what these things are like. One thing I immediately noticed was everyone’s attitude toward the challenges. It seemed that everyone was overwhelmed by how many different challenges there were and how you could really only pick one to complete successfully due to the short duration of the conference.
Some challenges were technical, others were not. One challenge in particular was hosted by Polarity. Essentially, each conference attendee was handed a card when they arrived. The card had a “hash” (really just a long random-looking hex string) and a message saying that seven cards with your hash exist. If you find someone else with a matching hash (hash collision), you can go to the Polarity booth to each claim a prize.
Since the antisocial stereotype of hackers holds true to some extent, I noticed that very few attendees actually approached strangers while seeking their hash collisions. Instead, most posted a picture of their card on some online platform (Twitter, Mastadon, Slack, etc) and hoped someone with a matching hash would see their card and contact them. Since so many different platforms were used, it was next to impossible to monitor social media to find your match. This is what inspired Hackermatch, a piece of software I wrote during the conference.
The idea behind HackerMatch is that a user visits the site, enters their hash and an email address, and waits for an email alert. When another user with a matching hash enters their information, the system sends an email to each of them, connecting the two parties. From there, it is up to the users to coordinate their visit to the Polarity booth.
This was really a simple idea to implement, but one that may pay off at future conferences. Due to current open source contribution limitations at work, I won’t be publishing the app for now. However, maybe I’ll set it up for next year!
If you are reading this and work at Polarity, I am sorry if I spoiled your challenge for future years. Although, what else do you expect at a hacker conference? :)