COAR Attends DEF CON 24

28821925312_a7758ea297_bWe’re a little late posting about this, but wanted to share the experience… DEF CON is a conference tailored to “hackers”, but grabs much attention from security professionals, students, and many hobbyists. The conference was founded in 1993 by Jeff Moss and has been held in Las Vegas, Nevada ever since. DEF CON has evolved to arguably the largest “hacking” and computer security conference in the world with over 22,000 attendees, according to Paul Szolda in his article “Here’s what happens when 20,000 hackers invade Las Vegas for a week of hacking, booze, and debauchery”.

DEF CON hosts four days of various content, including:

  • Speakers that present on a broad range of topics. Multiple tracks for talks give attendees options at all times what talk they may want to attend.
  • Workshops where attendees can learn new skills and techniques step-by-step from an instructor. There are also multiple workshops at the same time, depending on the day and the time.
  • Villages that house a specific type of focus where attendees can hone their skills in a wide range of areas from the Crypto and Privacy Village, Lockpick Village, Internet of Things Village, etc. The villages have their own specialized tracks for talks directed for each village environment.
  • A vendors section where attendees can purchase a plethora of items from t-shirts to the up-and-coming technological tools.

People interested in putting their ethical hacking competition skills to the test can participate in contests and challenges, including a Capture-the-Flag ctf competition, lock picking challenges, and even “hacking” the badges given to attendees at the door.

badge

A personal perspective from recent experiences as a first time DEF CON attendee has left a desire to return next year. I was not sure what to expect, where to go, or what to see. While at DEF CON I was able to attend a couple of the lectures. Two talks of interest were “Backdooring the Frontdoor” by JMAXXZ, and “How to Overthrow the Government”, by Chris Rock. The “Backdooring the Frontdoor” lecture detailed various vulnerabilities in a specific brand of electronic door locks, and “How to Overthrow the Government”, detailed on past events that have that affected the standing of governments around the globe, and defined a theory that could potentially be the most efficient solution in overthrowing a standing government. Having attended my first workshop, “Writing Your First Exploit” instructed by Rob Olson, I left a bit disappointed. The content of the workshop was detailed and kept my interest, there was an issue with having no power strips or outlets for anyone attending to charge their machines. Halfway through the course most people lost power to their machines and could no longer participate. Most of my time was spent exploring what the conference had to offer and participating in the OpenCTF challenge. Participants can work in teams or by themselves to solve various ethical hacking challenges with increasing levels of difficulty.

img_0199

Takeaways:
Newcomers to DEF CON should be aware that nearly every event will have a standby line, so plan according, show up early, and relax, because seats will fill up and items will sell out. A recommendation to those interested in participating in any cyber defense competition should bring a laptop with a freshly partitioned hard drive, a switch, at least one Ethernet cable for connectivity, a power strip, and some patience.

The next conference, DEF CON 25, will be held at Caesar’s Palace from July 27-30, 2017. There is no pre-registration to get into the conference, there is only a cash payment of $240 at the door.


This post was written by: Steven Day, Mike Thompson, Jennifer Fowler, Roland Varriale, Alec Poczatek, Shannon Ott, and Nate Evans

https://www.defcon.org/
http://www.businessinsider.com/defcon-24-2016-8