So you've been home from DEF CON for a week now - probably settled back into your normal routine. In the back of your mind, though, there's probably a little voice that wishes you could have DEF CON-style hacker camaraderie and learning opportunities all year long.
The good news is, you can. You can join a DC Group in your area. If there isn't a DC Group in your area, you can start one. The instructions for starting a group are at the link below, as well as a listing of the hundreds of groups that already exist around the world.
And when you get involved, be sure to keep in touch with us on social media. Let us know when you're meeting and we'll share it. Tape your presentations and we'll share those, too. Let's make this the fastest trip from one DEF CON to the next by keeping the ball rolling all year.
Legitimate Business Syndicate has placed the final results of the DEF CON 22 CTF Finals on their website.There's scores, some shout-outs and even an explanation of their fancy radio badge and the cool contest visualization they debuted this year.
Congratulations to all won the right to participate, and extra respect to Plaid Parliament of Pwning, HITCON and Dragon Sector for taking 1st, 2nd and 3rd respectively.
What a difference a year makes. At DEF CON 21, Major Malfunction and Zac Franken created a Kickstarter for the RFIDler in a room at the Rio. At DEF CON 22, they returned with a mature and very impressive tool and even bigger plans for the future.
In this video, Major sits down with DT to talk about the RFIDler project.
One of DEF CON's secret weapons is LosT, our resident Puzzle Master and Lord of the Badge. You can see his work all over DEF CON, from the insanely hackable badges to the secret codes and messages hidden all over the program and the venue.
Dark Tangent interviews him here about all of his various DEF CON activities, his process and even gets a few hints dropped for next year's puzzles.
This was an amazing year, and we've got a lot to share about it. Tons of stuff coming down the wire very shortly. In the meantime, enjoy this VERY thorough walkthrough of the DEF CON Badge Challenge from Team PotatoSec (Warning: Spoiler alert for those still trying to solve):
And just so you know, DEF CON 23 will be held August 6-9, 2015, at Paris/Bally's on the strip in Las Vegas!
The hackening is in full swing at DEF CON 22. The Rio is abuzz with all manner of high-octane geekery. If you're here, you're probably too busy leveling up to keep an eye on the press surrounding the event, so we bring you this mini-roundup of press links to see what the rest of the world is saying about us.
DEF CON is in full swing - so there’s a million things going on. Here’s a few recent news items to tide you over while we get the party set up.
If you’re one of those people that enjoys being entertained by entertaining entertainers, you’re going to want to check out our newly minted ‘Entertainment’ page. So much music - it’s like Coachella for people who people smart enough to test out of Coachella.
For lawyers, judges and law students, there’s a Lawyer Meetup this year. DEF CON General Counsel and Chief Legal Raconteur Jeff McNamara invites all with a connection to the practice of law for a relaxed low-key meet up followed by a spirited trip to the Voodoo Lounge.
Don’t forget to stop by Track 3 at 9pm on Friday and Saturday for Movie Night with Dark Tangent. Friday we’re showing ‘The Internet’s Own Boy’ - a moving bio of internet hero Aaron Swartz. Director Brian Knappenberger and Aaron’s brother Noah will be in attendance for Q&A. Saturday, we’re showing ‘The Signal’. Directed by Will Eubank (who will also be in attendance), ‘The Signal’ is a mind-bending new scifi film that starts with some hackers on the road to DEF CON.
A few pro tips: stay hydrated, remember to eat and sleep. Keep the program handy - it’s like the Galactic Encyclopedia of DEF CON. Bring extra socks. Make new friends. Hack 100% of the things.
The challenge? Defuse a bomb. I feel like I don't have to say a lot more than that. Bring your own tools, have an action hero moment for yourself.
Reg begins Friday in the Tamper-Evident Village, and it's probably wise to expect a bit of a queue.
Full info in the Forum:
One week, people. All that stands between all of us and DEF CON is a few measly days. To help get you amped up, we offer the SomaFM preview stream. Like last year, SomaFM will be manning the chill room and providing luscious, rejuvenating audio delights whenever you're looking for a recharge or a welcoming nook amidst the chaos. Fire up the stream and close your eyes. It's like you're already at DEF CON. http://somafm.com/defcon/ One week, people!
Rootz Asylum (formerly DEF CON Kids) has a full schedule of goodness planned for your padawan hackers. Learning, competition, fellowship with other hackish youth. It's pretty great. Back-to-school will definitely be cooler for the kids who spent their summer vacation winning DEF CON. http://www.r00tz.org
The sci-fi mind bender ‘The Signal’ centers around hackers on a road trip to DEF CON, so we can be forgiven for being a little biased in its favor. But from that promising starting place, the escalating weirdness and suspense take the movie everywhere but where you might expect. We don’t want to spoil anything - you’re gonna thank us if you go in with a clean slate. We’re proud to have ‘The Signal’ for Saturday’s ‘Movie Night with the Dark Tangent’, and we’re prouder still to have director Will Eubank on hand for Q&A after the screening. The last reel will definitely make you want to talk to Mister Eubank. Make it a point to be there!
Saturday the 9th at 21:00, Track 3
For even faster leeching pleasure of the conference media server we have invested in hard drive duplication towers, and next year DT plans to launch the Data Duplication Village.
Too busy to pick and choose what you want from the server and want it all?? This year we have three sets of 4TB drives that contain the same data as the media server, just split up and color coded. If you want to duplicate a particular drive you need to show up at the INFO BOOTH with your drives at the start of each day. First come First server. It will take about 8 hours to dupe a 4TB drive so a set will start in the morning and a set in the evening, to finish overnight.
There should be six 1:11 duplication towers (If they show up in time), with two for each drive color. That means we can dupe 66 drives at a time. Once enough people show up to fill a station the duplication process starts.
As of this writing it is sorted like this:
BLUE Drive = Conference Archives 1 of 2, including DEF CON
GREEN Drive = Conference Archives 2 of 2
ORANGE Drive = Podcasts, Cryptome, 1.5T of the Hak5 archives, FOSS Operating Systems, all other content
There will be an updated list at the infobooth.
Want in on it? Go buy some 4TB SATA II 7200 RPM drives (internal drives, not usb). Buy three if you want to try for the complete collection this year. I'd do it in advance, I think the local Frys will sell out! Duping should start Thursday!
You better have just done that spit-take. That's right. Electronica/Trip-Hop/IDM/dub music classics and pioneers: The Orb. They're here. They're kicking. And on the 3rd day of DEF CON (Saturday night/Sunday morning 00:00-01:00) their divine presence shall bless the glorious attendees who... attend their glorious and divine performance. Those who do not attend will be forsaken and cast into the dystopian landscape known as "the rest of Las Vegas." And so this event shall henceforth be written into the Dark Tangent's Book of DEF CON, Volume 22 - also referred to by some as "the conference program." So say we all.
A major announcement right here. We're bringing you the legendary DJ Spooky (That Subliminal Kid), a.k.a. Paul D. Miller. His CV runs deeper than the Mariana trench and is more Renaissance than the Teenage Mutant Ninja Turtles combined. Perhaps originally and best known for his artisinal music crafting (collaborating on projects with Meat Beat Manifest, Slayer, Chuck D.) and turntablism , he's become a university music professor (EGS, Switzerland), author (too much stuff to list), and an executive director of Origin Magazine. He's had his works featured in major museums like the Warhol, The Whitney, the Museum of Contemporary Art (Chicago), blahblahblahblah the pseudo-anonymous writer of this announcement could go ad infinitum. The point is, he's attained legendary-levels of awesome, and is coming to DEF CON to drop some hip-hop (perhaps with orchestral accompaniament) on Thursday Night in Track 1 (22:00-23:00)!
A favorite from DEF CON XX (he dropped the killer set after The Crystal Method), we're bringing the near-mythical adrenaline-inducing Elite Force back for another sonic pummeling. Many of you may also recognize one of his prior projects, Lunatic Calm, which had music featured on films like The Matrix, Mortal Kombat: Annhilation, Drive, and tooons of others. We're extraordinarily excited to have Elite Force back, and we'll all need to be sure to keep our collective cholesterol levels in check to ensure we can survive his performance. Catch him Saturday night in track 1 (23:00-00:00)!
Another throwback to DEF CON XX, we're bringing back one of the grandmasters of Nerdcore hip-hop, MC FRONTALOT. His prolific lyrical stylings have been proverbially known to knock socks off, so shoes (as always) are encouraged (we'll let sandals slide too). He's also the star of the acclaimed documentary Nerdcore Rising. Catch him Friday night in Track 1 (23:00-00:00), alongside other hard-hitters and partners in nerdcore-crime Dual Core and ytcracker!
Today we announce eccentric retro electro video game chip-tune-inspired dance-rock that is purveyed by ANAMANAGUCHI. Not only is their music video game-inspired, their music actually HAS appeared on video games (like Rockband and Scott Pilgrim vs. The World). The real deal! Check 'em out at the Friday festivities in track 1. (set time: 00:00, Saturday AM)!
Also be sure to check out their totally rad and typically incredibly neon music videos:
Do you remember the giant projection-mapped DEF CON exploded face? Or maybe the dragon installation? Or how about the DEF CON sign installation in the chillout lounge last year? These are the epic works of Zebbler's design team, who have also developed installations for the likes of Shpongle, EOTO, and a number of other class acts. But Zebbler doesn't just excel at design. He also excels, along with his comrade Encanti at music. Together, they form an incredible audiovisual duo that goes by Zebbler Encanti Experience, and they will be purveying this experience to you at DEF CON 22! Take delight in their glorious bassy weirdness at DEF CON's official Saturday evening event in track 1 (set time: 01:00, Sunday) !
Most of their music is free/pay-what-you-can too! Check it out:
Attention all accepted DEF CON speakers! The deadline for getting your materials in for inclusion on the conference CD is Tuesday, July 15. Pencils down. Pass your paper to Nikita. Thank you.
Registration is now open for those willing to push their Cyber Traffic Analysis skills to the limit, you can compete in the latest Cyber Analytics and Network Forensics Challenge. Now in its fifth year ! Capture the Packet has brought more APT’s, Trojans, Malware, Web and Red team attacks, network issues and sneaky covert channel coms to one event ! Do you know when important data is leaking out of your network and who is doing it - Can you handle the Advanced Persistent Threat ? Can you spot that nasty bug your neighbors workstation contracted from visiting an infected website ? Can you spot a networking configuration issue with routing, spanning tree, BGP or OSPF ? Do you know how to count your IPV6 lucky stars ? Do you speak VOIP, MGCP or H323 ? We welcome everyone to try their hand at the most intense live network traffic analysis and forensic challenge, who knows you could be our next grand finals winner. You must bring your own laptop/computer to compete in this challenge, remember while this is not an attack game, it is a hostile network.
This year, the completion is handled in three Challenging phases:
Pre-Qualifying Rounds Start Thursday August 7th at 1:00pm and End Friday August 8th at 1:00pm
Those that have the highest scores “overall” from all rounds combined, essentially 40 teams will move on to the qualifying rounds
The Qualifying rounds are held starting Friday August 8th at 2:00pm and end on Saturday August 9th at 1:00pm
The top 10 teams from the Qualifying rounds with the highest over-all move on to the finals held on Saturday at 6:00pm
The Final round will consist of the top 10 scoring teams to survive the qualifying rounds,
These 12 teams will compete in a two hour long finals competition to determine the winner
Register your team of two – at https://www.capturethepacket.com/ctp_dc_signup.html, or sign-up onsite.
Capture The Packet will be hosted in the “Packet Hacking Village” at the DEFCON Entrance Area !
Just a little over a month until we rendezvous at the Rio for DEF CON 22! Are you ready? We hear it's eleventy-one degrees there today, so bring weapons-grade sunscreen if you're one of those 'goes outside' kind of hackers.
You'll also want to know who's talking about what and when so you can plan your DEF CON experience. To that end, we proudly present the DEF CON 22 Speaker Schedule! Get yourself familiar, people. The key to maximum DEF CON is maximum planning. Or no planning. The key to maximum DEF CON has been in your heart all along. SCHEDULE IS LIVE!
We’re trying something new. Friday, June 27th at 11am Pacific Time, we’re hosting our first Google Hangout on Air. The guest is Jennifer Granick, DEF CON CFP Review Board member, preeminent hacker defense lawyer and Director of Civil Liberties for the Center for Internet and Society at Stanford Law School. The subject is her recent article for Wired regarding the verdict in United States v. Davis and what it could mean for the future of mass surveillance.
If you’ve got good questions about the intersection of law and ‘metadata’ collection, either leave them here in the comments or ask them live at the Hangout tomorrow.
If you’re not following us on Google Plus, the link is here:
Join us, and as always, spread the word.
‘This talk is amazing!’ You say this to yourself (inside voices) while watching someone awesome say and demonstrate awesome things. ‘How does DEF CON consistently pick so many great talks? They must have a team of borderline superheroes slogging through hundreds and hundreds of proposals for months! Who could those paragons of determination and insight BE, exactly? How could I learn their handles and perhaps show my appreciation by buying them many beers?’
Here’s an answer key to these questions you’re asking yourself:
1.)This talk probably is amazing. Not really a question.
2.)Lots of caffeine and eyestrain. Also dedication and love.
3.)They do have a team of borderline superheroes, and there is no DEF CON without them.
4.)They are known as the DEF CON CFP Review Board.
You can check out their page here. And maybe show them some love.
The 10th Annual EFF fundraiser, hosted by Vegas 2.0, has VIP tickets to event on sale now! Get early access to an intimate meet and greet with the Speakers of DEF CON! Also, get special schwag and extra raffle tickets exclusively for VIP guests!
This is it. The speaker list for DEF CON 22 is now locked and complete. This means two things: DEF CON is really almost here, and we are now hard at work creating the Tracks and the Schedule (watch this space, buckaroos). We're very proud of the lineup we've assembled, and we think you will find a lot of good stuff to choose from. Whether you're coming to Vegas or not, we'd love it if you'd take some time to check out the speaker list and give us some feedback about what talks have you the most excited.
55 days, people. Get psyched!
Panel - Diversity in Information Security
Jennifer Imhoff-Dousharm, Sandy “Mouse” Clark, Kristin Paget, Jolly, Vyrus, and Scott Martin
The Cavalry Year & a Path Forward for Public Safety
Joshua Corman and Nicholas J Percoco
Mass Scanning the Internet: Tips, Tricks, Results
Robert Graham, Paul McMillan, and Dan Tentler
Hack All The Things: 20 Devices in 45 Minutes
CJ Heres, Amir Etemadieh, Khoa Hoang, and Mike Baker
Raspberry MoCA - A recipe for compromise
Ladar Levison and Stephen Watt
Attacking the Internet of Things using Time
Open Source Fairy Dust
Generating ROP payloads from numbers
Panel: Ask the EFF: The Year in Digital Civil Liberties
Kurt Opsahl, Nate Cardozo, Mark Jaycox, Yan Zhu, and Eva Galperin
Panel - Surveillance on the Silver Screen- Fact or Fiction?
Nicole Ozer, Kevin Bankston, and Timothy Edgar
Measuring the IQ of your Threat Intelligence feeds
Alex Pinto and Kyle Maxwell
Detecting and Defending Against a Surveillance State
Advanced Red Teaming: All Your Badges Are Belong To Us
Eric Smith and Josh Perrymon
The Internet of Fails: Where IoT Has Gone Wrong and How We're Making It Right
Mark Stanislav and Zach Lanier
Domain Name Problems and Solutions
Dr. Paul Vixie
RED ALERT TOP SECRET WIKI LEAK SN0DEN LEAK GAMMA GAMMA ZF0 P0SSE DOC DROPPER
The previously sooper seekret media.defcon.org server project has leaked out on the twitter and the face book. No use hiding behind our press secretary any longer, It's better to just admit it and let everyone make up their own minds.
WHAT LEAKED? The Dark Tangent is collecting as much open source security conference footage, training materials, podcasts, white papers, videos, and anything else haxors may be interested in. He plans to make it all available at DEF CON 22 in August and let anyone download it, or even direct HD copy it.
WHO LEAKED THIS SECRET PROJECT? The Dark Tangent. Oops.
WHAT NOW? A huge burden has been lifted off of DT and he no longer has to live two lives. He can now focus on getting as much content as possible from the community.
That's where you come in.
HOW CAN I HELP?
Send links to content you think everyone should have access to that is related to the hacking and infosec scene somehow. It can be an rss podcast, a .torrent of academic journals, and ftp link to text files, a web site to mirror full of source code, an svn operating system repository, a YouTube channel, whatever!
Send your links in an email to email@example.com, or tweet them to @thedarktangent and he will start the leeching.
HOW DO I GET MY HANDS ON THE DATA?
At DEF CON 22 you will be able to get to the gigs in a couple different ways. The con Wi-Fi network (at 802.11g speeds), through wired switches on 1 gig links in different areas, or by bringing your own 4TB SATAII or III hard drive(s).
We will have HD duplicators running all con copying drives for people who just want to drop off a drive and pick it up later.
Please help out with links, and we'll see you at con!
Do you think you can code? Do think you can code while drinking? We're not talking about coding in the warm safe confines of your cubicle. No, this is programming for sport. It's live competition, against the clock, and the other teams. And we don't make it easy. Have the smarts to solve our programming challenges? Good. We want you to show us that programming is not only about laying down some sweet sweet code, it's about the style in which you do so. Sound fun? We think it is.
Crash And Compile is a ACM-style programming contest crossed with a drinking game, where teams of two people try to solve as many programming problems as they can. As teams compile and run their programs, each time their code fails to compile, produces the incorrect output, or seg-faults, the team must drink. Meanwhile, our lovely Team Distraction will be doing what they can to make the job of programming while intoxicated all the more difficult and/or enjoyable.
Registration is now open. Sign up over at https://dc22.crashandcompile.org
It’s getting pretty real, people. The speaker selection process is almost complete, the party and event planning is in full swing - DEF CON 22 is just a little over two months away!
To celebrate, another round of speaker announcements. Twenty-five more abstracts to help you create your DEF CON battle plan. We anticipate one more round of announcements before the roster is locked, but by now you should have a pretty good idea how much good stuff we have on tap.
Detecting Bluetooth Surveillance Systems
Dropping Docs on Darknets: How People Got Caught
Is This Your Pipe? Hijacking the Build Pipeline.
Kyle Kelley and Greg Anderson
Home Automation and Defensive Security Measures
Android Hacker Protection Level 0
Tim Strazzere and Jon Sawyer
I am a legend: Hacking Hearthstone with machine learning
Elie Bursztein and Celine Bursztein
NSA Playset: DIY WAGONBED Hardware Implant over I2C
Josh Datko and Teddy Reed
Check Your Fingerprints: Cloning the Strong Set
Free and Lachesis
Shellcodes for ARM: Your Pills Don't Work on Me, x86
Svetlana Gaivoronski and Ivan Petrov
Blowing up the Celly - Building Your Own SMS/MMS Fuzzer
Brian Gorenc and Matt Molinyawe
Panel: Ephemeral Communications: Why and How?
Ryan Lackey, Jon Callas, and Elissa Shevinsky
Catching Malware En Masse: DNS and IP Style
Dhia Mahjoub, Thibault Reuille, and Andree Toonk
Old Skewl Hacking: Porn Free!
A Survey of Remote Automotive Attack Surfaces
Charlie Miller and Chris Valasek
Acquire current user hashes without admin privileges
Impostor — Polluting Tor Metadata
Charlie Vedaa and Mike Larsen
Manna from Heaven: Improving the state of wireless rogue AP attacks
Dominic White and Ian de Villiers
The Open Crypto Audit Project
Kenneth White and Matthew Green
Practical Aerial Hacking & Surveillance
The Cyber Grand Challenge asks some simple questions - can you create a fully-automated system to detect, thwart and mitigate network attacks? Can you build one so effective that it can win an all-computer tournament without human intervention? Would you like 2 million dollars?
If you have a great proposal but lack the funds for a 2-year competition, you can pitch DARPA for funding - they’re already backing seven of the registered teams. Teams that survive the quals in June 2015 are eligible to compete in the final tournament at DEF CON in 2016. Grand prize is $2 million dollars.
Competitors will need a dizzying array of skills and an encyclopedic understanding of every form of network kung-fu. They will also need a pretty serious amount of free time, but the winner gets a nice check and an answer to the question of what to put first on a resumé.
We believe that such a team must exist in the DEF CON family. If you think you’re up to the challenge, more information awaits you at the DARPA CGC page.
You’ve had the thought: “DEF CON is super fun, but how much cooler would this be if there was a little corner devoted to my weird niche interest?” ‘From Dusk Til Con’ is your chance to realize that overly specific dream. Got a mini-village idea? Want to run an Inception style Con-within-the Con? Want to play strip Settlers of Cataan? Shoot us your ideas for themed mini-events on the Crawl and we’ll make the best ones happen.
Find out more and how to submit at: https://www.defcon.org/html/defcon-22/dc-22-fdtc.html
DEF CON 22’s Vendor Area is a great opportunity to get your geek-centric product in front of a highly focused, upwardly mobile and possibly drunk audience of over 10,000 vacationing tech enthusiasts. Share your business with people passionate about technology, make sales, even make friends.
To sign up, head over to the vendor site, read the FAQ and get the forms filled out. Don’t delay - August is closer than you think.
Got something cool to share on the DEF CON network during DC22? Could be almost anything - a game, a stash of vintage K-Rad textfiles, whatever you think Con goers might wanna download. Submit your idea online, and if it's approved you'll get a couple of bonded gig ports and some promotion in the program and on the site. Sharing is kinda our thing - and we're counting on you to add some fun content. Apply today. Operators are standing by.*
* actual operator count may be as low as zero.