Papers and presentations are now being accepted for DEF CON ELEVEN, the largest underground "hacking" convention on the planet. Papers and requests to speak will be received and reviewed from NOW until June 15th. The sooner you submit with the appropriate materials, the sooner we can review your materials. We select on a first some, first served basis.
Presentations that are of particular interest to us are demonstrations, new technology and tools, the release of unique research, the announcement of a new project, or the screening of new videos. These get priority during the selection process.
As you can see we want new material, demonstrations, and involvement by the organized hacking community if possible.
There will be nine broad categories of talks this year, each with their own track plus the breakout area for talks that are more specialized or experimental in nature.
In order to expedite the review and selection of speakers and topics this year, and to simplify the submission process, we are requesting that potential speakers complete a CFP Submission Form. Forms should be completed and submitted to talk at defcon.org
No real names are necessary, but we do need a way of checking out if you are for real or just a good social engineer.
The convention CD ROM each attendee gets will include a copy of your presentation, tools, white papers, and other stuff you want the audience to know about. We encourage you to include each tool or paper you refer to in your talk. Once you are selected, you will email us a .zip or .tgz of everything you want on the CD, and we will un-zip it into a directory named after you on the ROM. For example, if you are giving a talk on "Wireless packet data using an HF radio" you would send us your presentation and include copies of programs used for encoding / decoding data from your radio, copies of articles talking about your subject, a list of URLs people should check out, etc. Basically give the attendees a good starting point from which they can better learn about your topic.
The focus of the speaking tracks is as follows:
This track is for either those people new to the scene or those who want to get into a new area. These are overview talks that give the audience exposure to all the areas of a particular technology skill. For example "An overview of phone switching technology" or "An introduction to network attacks' could be descriptions of talks in this category.
PRIVACY AND ANONYMITY:
This track explores privacy issues, both physical and technical. What technical means can be used to protect your network communications? How would you know if you are being followed? What does a "bug sweep" entail? What are the limits of computer forensics? These are just suggested topics, but you get the idea!
Before you can attack or defend it helps to know what is on your network. This track covers the tools and techniques used to explore and map a network as well as passively and actively identify nodes on that network. Suggested topics could include "How to scan an IDS protected network" or "The limits of Passive O/S Detection."
THE BIG PICTURE:
While all this technology is cool, what about the bigger picture? Will you go to jail if you try any of it? Will China kidnap your ass and chop off your hands? Have we helped create a surveillance state? What does the future hold? This track explores the legal, political, moral, and media side of both legal and illegal hacking.
It is always easier to attack than defend, and you're going to show why. These talks will cover new attack methods and tools. Talks could cover protocols, applications, embedded devices, and operating systems. Demonstrations, for any talk, are always well received by the audience.
WEB and DATABASE HACKING:
With more and more people looking at database integration to web middleware, new problems have been found. This track will cover issues like SQL injection, specific attacks against different web servers and database engines. Example talks might cover both sides of the web and database threats.
AGENTS, TROJANS & VIRUESES:
Distributed attack and DDoS agents, evil Trojans, super smart viruses, and hybrid tools that combine aspects of all the above. What is the state of the art in this area, and what can be done to defend against them? In the last year much work has been done in this area; let's try to shed some light on them.
This is the more difficult piece of the security puzzle. Talks could cover everything from "How to lock down your FreeBSD install," "Using IPSEC and S/Wan to help protect your network communications," "Using free fire walls, O/S, IDS, and Logging tools to defend on the cheap," or even "Building a web server that is as immune to attack as possible" are all of interest.
You can see where I am going with these talks. Practical talks that people can go and mess with once they leave the DEF CON.
The Breakout area was a new idea at DEF CON TEN, and will be done again at DEF CON ELEVEN. The purpose of the break out area is for people who want to a) speak on a topic that will not draw the large numbers needed to take up a big speaking area, or b) who want more of a classroom setting to deliver their materials (eg want to conduct a mini tutorial). The seating for these talks will be on a first come, first served basis.
If you want to give a breakout talk please submit just as you would for any other talk, but instead of telling us what track you want to speak in, tell us that you want a break out space. Then tell us in detail about the subject, how many people max you can have in the class (For example, if the rooms hold 100 but you only have tools for 50 people to use, set the class size at 50.) and any special requirements the attendees should plan for.
Make your talks as technical as possible, unless you are submitting for the 101 or the Big Picture Track. DEF CON wants to increase to quality and content of the presentations, and that is why we pay speakers. If you are selected to speak on some uber topic, and then give a weak talk or don't show up, don't expect to get paid.
NOTE: The examples of topics used above are to give ideas and direction to potential speakers, and is not the ultimate list.
Because of the unique nature of this conference, the emphasis is on where the rubber meets the road, what is new and cool, major announcements (al la BO2k), and topics hackers wouldn't normally come across.
Talks will be either 60 minutes or one and 90 minutes in length. It is expected the speaker will make time for audience participation and Q&A.
By speaking at DEF CON you are granting DEF CON Communciations, Inc. permission to duplicate, record and redistribute this presentation; including, but not limited to, the conference proceedings, conference CD, video, audio, hand outs(s) to the conference attendees for educational, on-line and all other purposes. Send submissions to talks at defcon.org.
Submissions that are not selected will not be distributed or reproduced by DEF CON Communications in any form.
We can accommodate most any request if it enhances your presentation. Current tools made available to speakers include LCD projectors, overhead projectors, and slide projectors.
This year there may be up to two LCD projectors in a session. If your talk requires any sort of demonstration we encourage you to set up a network and have each machine projecting on one of the LCDs. Audience members will be able to follow along what is occurring on each node as the talks progress, or the speaker may provide different information on different screen, etc.
This year the 802.11b network will extend to the speaking areas, so if you need to include net access to your presentation, plan on bringing a WI FI card, or asking for wired (10Bt) network access.
Please forward any additional resource questions to talks at defcon.org. Speakers will be subscribed to a mailing list that includes the other conference speakers in an attempt to allow a level of collaboration between presentations.
We are going to continue last years goal of increasing the quality of the talks by screening people and topics. I realize you guys are speaking for basically free, but some talks are better than others. Some people put in a bit more effort than others. I want to reward the people who do the work by making sure there is room for them.
After an outline is received speakers will be contacted if there are any questions about their presentations. If your talk is accepted you can continue to modify and evolve it up until the last minute, but don't deviate from your accepted outline.
Talks that are more technical or reveal new vulnerabilities are of more interest than a review of firewall technologies and will be given more consideration, as will original content or research that have been created for DEF CON and has not been seen before.
If you are selected we will mail you with information on deadlines for when we need your presentation to be burnt on the CDROM as well as information for the printed program.
Speakers get in to the show free, get paid $200 (AFTER they give a good presentation!), get a coolio badge, and people like you more. Heck, most people find it is a great way to meet people or find other people interested in their topics.
MORE CONVENTION INFORMATION
Please visit http://www.defcon.org/ for previous conference archives, information, and speeches. Updated announcements will be posted to news groups, security mailing lists and this web site.
DEF CON ELEVEN will take place at the Alexis Park, in Las Vegas, Nevada, USA August 1-3, 2003.
Thank you for your time. Any questions please email The Dark Tangent, CFP Submission Forms should get mailed to talks at defcon.org
The Dark Tangent
Organizer, DEF CON