Defcon review

This weekend I went to Defcon 0xF with psifer and inferno0069, and it was a blast.

  • I stopped at Arby’s for lunch on the way there. I wanted two roast beef sandwiches and a small fries, the total of which came to $7.63. I then looked at their menu, and saw they still do the “5 items for $5.95” thing. So I canceled my original order and instead got two roast beef sandwiches with cheese, a medium fries, potato cakes, and a small shake. My new total: a mere $6.44. I ate about half this food, and threw the rest out. This doesn’t seem like a good business model to me, since I’m giving them less money and taking more of their food (half of which was wasted).
  • On the way there, I passed the exit for Zzyzx Road. I also drove past signs for Death Valley, which was kinda cool.
  • In order to raise money to help combat AIDS in Africa, the Hacker Foundation was selling red T-shirts which said
    HAXO(RED)

    on the front. I wanted to get one, but they were already sold out of my size. Another shirt was too nerdy even for me: it read “chown -R us ./base” Dorks!

  • I became a member of the EFF! They had a wonderful panel that covered all kinds of things they’re doing. Unfortunately, this weekend a new law was passed that makes warrantless wiretapping legal, which is something the EFF has been fighting since 2005. I’m not sure how this will fit in with a ruling last year that said that warrantless wiretapping is unconstitutional, but this is certainly a dark day for freedom.
  • I watched macdaddyfrosh, mtbg, and magicpacket valiantly lose at Hacker Jeopardy. but I won a T-shirt from Hack A Day.
  • Mike Andrews was there incognito, but I recognized him and talked to him for a bit. He might come to give a talk at my office at some point.
  • I entered the lockpicking contest and picked 15 of the easier locks (so I finished the contest in the middle of the pack with 71 out of ≈300 points). I’m pretty proud of myself, since I had never picked a lock with “real” tools before the con (though I have raked Masterlocks with a safety pin and street sweeper bristle).
  • Bruce Schneier held a Q&A session! That’s right: Bruce “I am a security fucking god” Schneier. [1] It was as amazing as I had hoped. That guy is so cool. I should point out that his blog has an RSS feed on LiveJournal, to which you can subscribe.
  • There were several talks this year discussing the influence the hacker community has on mainstream perception of stuff, which was pretty cool. Besides the annual “internet wars overview,” there was a talk which reviewed the recent cyberwar waged against Estonia by the Russian mob. DarkTangent himself (creater of both Defcon and the Black Hat security conventions) gave his account of the infamous Ciscogate scandal. Jennifer Granick (author of that article) also gave a talk about legal case studies; she is leaving her work at Stanford next month to join the EFF. There was also a talk about the effect that the locksport community has had on improving lock mechanisms.
  • There were so many amazing talks, I’m not going to discuss them all. but here’s a list of some of the cooler topics that were discussed: encrypted VoiP clients, timing attacks for botnets, digital forensics, social engineering and NLP, stopping jerks online, the basics of hardware hacking, and XSS in social networks.
  • Michelle Madigan was found to be an undercover reporter (link includes video of the incident) with a secret camera. She was outed from the conference. I wasn’t there when she was caught, but I did hear about it later that day. Press at Defcon are fine when they wear their press badges, but Michelle was apparently trying to covertly get anyone at the con to admit to a felony on her secret camera so she could do a shock report on the horrible, criminal hackers at the con (I don’t think there were many criminals there, but some reporters seem to have a penchant for fabricating stories/threats to get ratings).
  • I saw an OLPC XO-1 (more information on Wikipedia). It’s smaller than I expected, but the keyboard is child-sized, which makes sense. The screen is very readable (but very small). The touchpad/stylus area is pleasantly large, though.

[1] Yes, he’s so awesome that even his tmesis gets tmesis. [2]
[2] I admit, I’ve been looking for an excuse to use the word “tmesis” for a while now.

Leave a Reply

2 Comments

  1. mikasaur2000 says:

    The Windows box at Palomar observatory with all my diagnostics software was hacked two weeks ago. If the guy who hacked it was at Defcon I would have poked him right in the eye. It was an extremely stressful and laborious two weeks trying to get that thing up and running again.

    Cool that you went, though. I’m afraid I wouldn’t understand a thing.

    • Alan says:

      As a general rule, it seems that the people who go to Defcon are the “good guys” out there: Federal agents, security specialists, enthusiastic amateurs. Despite what Michelle seemed to think, I strongly doubt there were many criminals there. It’s mainly the people learning what vulnerabilities are out there so they know what needs to be defended/fixed. Criminals don’t usually want to spend $100 to hang out with Feds for a weekend.

      Hands down, the simplest change you can make to improve security is to stop running Windows (which doesn’t fix all security problems, but it does get a lot of them).

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>