Tone DEF: a DEF CON Love Story

In which a DEF CON N00b , Max, tries to be more extroverted while attending a Skytalks session. Drama ensues.

I never really cared for saunas, and the early-August Las Vegas atmosphere was far worse – 104 oppressive degrees with a thick, distasteful aroma of…some ungodly New York City subway-esque mixture best left unexamined. I tried not to breathe too deeply, as John and I exited the Flamingo and waited for the walk signal across Las Vegas Boulevard toward Caesar’s Palace. John looked down at me, a bit concerned.

“Max, you OK? You look kinda out of it”

“No, I’m good. Very excited to be attending DEF CON!”

Full story here

DEF CON for N00bs [non-fiction]

dclogo

(Making Sense of the Wonder and the Chaos )

DEF CON can be overwhelming, with a tremendous variety of talks, activities, and
parties from which to choose. In order to help you make sense of the con, and get the most out of it, I’ve put together this brief guide. It’ll be helpful for those of you attending DEF CON for the first time, but perhaps even experienced attendees will get something from this guide.

Updated July 22: Added Social Engineering Village link

TL;DR: Three key tips

  • Do a little homework
  • Stay hydrated
    • Bring a water bottle and keep refilling it
  • Talk to people (and be respectful!)
    • Make new friends while standing in the (many) lines. There are some incredibly intelligent and interesting people at DEF CON (in addition to yourself, naturally)

Overview

DEF CON has so many dimensions to it, that any summary will necessarily fall short of encompassing its full scope. Nevertheless, we’ll attempt it here.

There are several main “tracks” (I use this term loosely) within DEF CON, more or less broken down as follows:

  • Workshops
  • Speakers
  • Contests and Events
  • Capture the Flag
  • Demo Labs
  • Villages
  • Parties

Workshops

DC26 Link: https://www.defcon.org/html/defcon-26/dc-26-workshops.html

These are intense, hands-on technical sessions – each running 4-6 hours – held throughout the con. These are free for conference attendees, but they fill up VERY quickly – typically just a few minutes after registration opens.

Speakers

DC26 link: https://www.defcon.org/html/defcon-26/dc-26-speakers.html

In many ways, these are the heart of DEF CON – an enormous number of presentations on topics that span technology, security, research, society, politics, and economics. These include large keynote presentations as well as smaller sessions.

Read through the list, make note of which ones you want to attend – and arrive early. There will be (long) lines to get in, and some sessions will be full!

Villages

DC26 link: https://www.defcon.org/html/defcon-26/dc-26-villages.html

Social Engineering Village Details: https://www.social-engineer.org/sevillage-def-con/
(includes schedule, and will hold the SE CTF scoreboard during the con)

One of the most amazing aspects of DEF CON is the huge spectrum of educational and hands-on activities. These are organized by topic area, or as DEF CON calls them, “villages”. Each village is located in a certain area of the convention center, easily found on the maps. This year’s DEF CON features more than 20 villages, including:

These villages have different setups – some of them – especially the more technical ones, tend to be very hands-on (bring your computer). Some are a series of lectures & discussions – for example Biohacking, and Ethics – with a detailed scheduled listed on the DEF CON village site.

I recommend visiting as many of these as you can, at least to get a sense for what’s going on in each. There’s a remarkable variety of topics, and some incredibly intelligent and passionate people working at each. Go, talk to them, and learn something!

Contests and Events

DC26 Link: https://www.defcon.org/html/defcon-26/dc-26-contests-events.html

DEF CON provides a huge array of Contests (and a few non-competitive Events) to choose from.

Events include an early morning bike ride, hacker karaoke, laser shooting, and a Mohawk hairstyling station (fundraising for the EFF).

But hackers are naturally competitive, and as such DEF CON offers an incredible variety of contests. Many of these are highly technical, while others stress different skills – such as Hacker Jeopardy, Hacker Spelling Bee, Scavenger Hunt, Drunk Hacker History, and the legendary Beard and Mustache Competition.

Most of the technical contests provide serious (but fun) challenges which require considerable skill, but also typically demand a considerable time commitment during DEF CON. I won’t attempt to enumerate the technical contests here – take a look for yourself at the link above.

Capture the Flag

DC26 Link: https://www.defcon.org/html/defcon-26/dc-26-ctf.html

Capture the Flag (CTF) is a highly overloaded term at DEF CON. Used generically, it refers to any of a number of the contests listed above, which are structured around obtaining (capturing) information. For example, The Social Engineer CTF (one of my personal favorites to observe) tasks contestants with obtaining information about a target organization.

But “the” CTF contest at DEF CON – referred to as simply “CTF” – is arguably the most prestigious hacking contest on the planet, one which requires teams to earn a spot through a series of qualifying rounds throughout the year.

Demo Labs

DC26 Link: https://www.defcon.org/html/defcon-26/dc-26-demolabs.html

These are technical demo stations dedicated to researchers and hackers who have something new and interesting to demonstrate. These are highly technical, but even if they’re beyond your depth, I encourage you to stop by to talk to the motivated and intelligent people behind these tools.

Vendor Room

Updated with DEF CON 26 link: https://www.defcon.org/html/defcon-26/dc-26-vendors.html

The vendor room – notoriously crowded – features selected purveyors of books, tools, and hacking paraphernalia. It’s definitely worth a visit to see what’s new and interesting, and to chat with the EFF folks.

Parties

DC26 Link: https://www.defcon.org/html/defcon-26/dc-26-parties.html

There are many parties at DEF CON. Have fun but please don’t overdo it!

Follow on Twitter for the latest.

 

Badges

No DEF CON overview would be complete without discussing the badges.

First – the official DEF CON badges are the ones that get you entry to the conference, and for which you pay $280 cash. You’ll be required to wear these throughout the conference,. These are not your normal conference badges — these have no identifying information or barcodes on them, and you’re not “scanned” by vendors.

There are several different varieties of official badges – including Human, Press, Speaker, Vendor, Goon, and the rare Black Badge . Goons are the volunteers who help run DEF CON (treat them nicely, and talk to them – most of them are experienced infosec practitioners). Most of us will be attending DEF CON as Humans (sorry!). Most years the badges are electronic (and hackable), and there’s a rich history of tinkering with them.

In addition to the official badges, there is also a fun subculture called badgelife, comprised of people who make electronic badges for fun, or to support specific organizations ( e.g. QueerCon ). Some of these are available via Kickstarter, for direct purchase, or only onsite. Here is the semi-official list in GoogleDocs.

Food

I might have mentioned once or twice that DEF CON is crowded! The food service in the conference center can be unreliable in quality and availability (I’m being diplomatic here), and the hotel restaurants can have very long waits (Caesar’s Smashburger 50-person line, I’m talking to you!).

Bring some snacks (and water) with you, and you’ll have a lot more flexibility in terms of eating schedules. And share to make new friends!

DEF CON: The (Scheduling) App:

Thanks to the @_advice_dog we all have free access to the HackerTracker app (iOS and Android) — the official DEF CON Scheduling app.

Some Final Thoughts

  • Be patient (it’s crowded), be inquisitive (there’s a ton to learn), and be respectful of the presenters and attendees (please)
  • Plan your con – write down your top activities (especially those that are time-constrained, such as the speakers) but don’t overplan it. Some of your best and most memorable DEF CON experiences will be serendipitous
  • Security – Turn off Bluetooth and Wi-Fi on your devices, lest you end up on the Wall of Sheep.  The conference does offer Wi-Fi (see here) which might very well be secure. Personally, I will not be using it. Bring a phone power pack and avoid plugging your phone into any public charging cables
  • Be respectful of people! Read the official Code of Conduct here. Relevant quote: insulting or harassing other participants is unacceptable. It’s also bad karma, people.

Most of all – have fun! DEF CON is an incredible experience – one that we’re lucky to be able to participate in – so make the most of it.

Resources:

DEF CON Fiction:

And if you’re interested in some short DEF CON fiction, check out my story:

Tone DEF: a DEF CON Love Story (in which a DEF CON N00b, Max, tries to be more extroverted while attending a Skytalks session. Hilarity and drama ensue!)

Feedback

DEF CON is a complex beast, and I can’t hope to give you a complete picture here. But do let me know what’s missing (or incorrect), and I’ll work to improve this.

See you at DC26 in just a few weeks!

@DavidHashMiller

An Open Door

architecture-daylight-door-239853

Whereupon we get introduced to our main characters, reflect upon the ease by which skids could cause trouble, and ruminate on the morality of ethically motivated gray-hat hacking,

I texted 8bit as soon as I arrived at the front door of his apartment; the bottom floor of a creaky blue two-family house between Harvard and Alewife. He often wore noise-cancelling headphones while coding, and both knocking and shouting had proven ineffective at getting his attention. Fortunately I’d only had to climb in through his window once, when a cold New England winter day had depleted my phone.

Read the full story here

Smudge

This story asks the question “what does it mean to be human?”, contrasting a robot that’s becoming more human against some boys who are, perhaps, becoming less human.

POST...ROM BIOS 5.0.2.5713
Memory Check...OK
Boot Loader...OK
Ronix 9.2.73p11
Signed: Certificate Authority is City Robot Services
Initiating hardware boot sequence...

Sunita’s hands were tired and achy after several hours’ work modding Smudge. She stretched, and used the front edge of her wheelchair’s armrests to peel off the tight-fitting programming gloves. Their electrical contacts left rectangular imprints on her fingertips, and five lines that traversed fingers and palm before converging at her wrists; two brown circuit boards. While waiting for Smudge to restart, she wordlessly rubbed her hands and forearms together to dispel the uncomfortable but familiar combination of numbness and dull pain. Smudge was an older model robot — a refurb was all they could afford with the small insurance payout from the accident — and it took him a few minutes to fully boot. Sunita closed her eyes and slowly inhaled the aroma of her Amma’s cooking. Saag Paneer, her favorite. This, at least, was one advantage of a small apartment – always knowing what’s for dinner.

Finally, Smudge completed his startup process, pale blue eyelights illuminating from within his translucent white head. His hydraulics whined quietly as back, neck, and wheels all extended, bringing him to his full four-foot height.

She looked over and greeted the robot. “Hello Smudge!”

“Good afternoon, Miss Sunita!”

Click here for the full story

Welcome!

Thanks for joining me, and for reading my stories. I created this site to share my thoughts and perspectives, and to garner an audience for my writing.

While I’ve written many, many technical documents and reams of marketing collateral over the years, I still consider myself a beginning writer of fiction. So bear with me on this journey, and I welcome your feedback on what my assuredly rough (but hopefully consistently improving) work.

boat island ocean sea