July 26 – 29th, 2012


All 4 days just $200 USD!

at the Rio Hotel in Las Vegas


Cash only at the door.

Press Roundup

A sampling of the press coverage of DEF CON 20. If you find something we missed, let us know on Facebook or Twitter.


Keynote

National Security Agency Director Gen. Keith Alexander calls Defcon the "world's best cybersecurity community" and asks for their help. Read more

The U.S. Internet's infrastructure needs to be redesigned to allow the NSA to know instantly when overseas hackers might be attacking public or private infrastructure and computer networks, the agency's leader, General Keith Alexander, said today. Read more

The head of the U.S. government's secretive National Security Agency took the unprecedented step on Friday of asking a convention of unruly hackers to join him in an effort to make the Internet more secure. Read more

General Keith Alexander, head of the National Security Agency, addressed an audience at the Defcon hacking conference in Las Vegas Friday, saying the Internet needed fundamental defenses against foreign incursion. Read more

NSA chief Gen. Keith Alexander, appearing for the first time at the DEF CON hacker conference, told the crowd of hackers and security professionals that his agency “absolutely” does not maintain files on Americans. Read more

Badge News

Every year, the world's hacker population descends upon Las Vegas to trade notes, sit in on informational talks and compete in friendly contests -- all in the name of Defcon. But this time out, it's the conference's ever-evolving smart badges that've caught our eye, owing mostly to what lurks beneath... Read more


Aviation

A hacker attack that leads to planes dropping from the sky is the stuff of every cyberwar doomsday prophesy. But some security researchers imagine a less sensational, if equally troubling possibility: Hundreds or thousands of aircraft radioing their approach to an air traffic control tower, and no way to sort through which are real and which are ghost plane signals crafted by a malicious hacker. Read more

What happens when a hacker gets bored and curious about airplane tracking systems? In the case of Brad “RenderMan” Haines, aka @ihackedwhat, a very interesting Def Con 20 presentation happened called “Hacker + Airplanes = No Good Can Come Of This.” Read more

SCADA

The much-anticipated "SCADA Strangelove: How I Learned To Start Worrying And Love The Nuclear Plants" talk was quietly replaced a week ago with another presentation by researcher Wesley McGrew on HMI interface vulnerabilities in process control systems, much to the surprise of attendees. Read more

The Cloud

Researchers this week will release new, free, search engine-based data mining tools that can identify and extract sensitive information from many popular cloud-based services, potentially enabling enterprises to identify potential security vulnerabilities before cybercriminals do. Read more

Consumer Protection

Nobody likes to read the tiny, legalese-ridden warranty statements that come with tech products. But a 17-year-old hacker at Defcon has been doing so, and has advice for consumers and companies alike. Read more

Event Reviews

When you finally arrive at a long-anticipated event, there's such a high excitement in the air that if it were contagious like a virus then it would have spread through more people than some small towns have in their entire population. This intense excitement may be what 'regular' folks feel when arriving at Disney World, except this is better; this is bit like a magical Disney but for hackers... Read more

The infamous security convention has wound up, leaving hackers of all hat colors bemused, befuddled, and bewildered. Read more

When Jeff Moss founded the Def Con hackers convention in 1993, he never imagined that two decades on, one of the key speakers at the annual Las Vegas event would be four-star General Keith Alexander, head of the U.S. National Security Agency. Read more

Looking for a high-grade door lock? How about a satellite phone? Or maybe you've been craving a Wi-Fi Pineapple? Whatever gadget you desire, chances are you can buy it in the vendor room at Defcon. Read more

Routers

A security researcher for German security firm Recurity Labs has disclosed several critical vulnerabilities in router products made by Huawei at the annual Defon hackers conference on Sunday. Read more

Security researcher Michael Coppola demonstrated how small and home office (SOHO) routers can be compromised and turned into botnet clients by updating them with backdoored versions of vendor-supplied firmware. Read more

German security researcher says the Chinese government doesn't need to demand back doors on Huawei routers because there are already major holes in their firmware. Read more

VPN Security

Security researchers released two tools at the Defcon security conference that can be used to crack the encryption of any PPTP (Point-to-Point Tunneling Protocol) and WPA2-Enterprise (Wireless Protected Access) sessions that use MS-CHAPv2 for authentication. Read more

Moxie Marlinspike, the security and privacy researcher known for his SSLStrip, Convergence and RedPhone tools, has released a new tool that can crack passwords used for some VPNs and wireless networks that rely on encryption using Microsoft's MS-CHAPv2 protocol. Marlinspike discussed the tool during a talk at DEF CON over the weekend, and it is available for download. Read more

The exploit successfully compromised a legacy authentication protocol, MS-CHAPv2, which was created by Microsoft years ago. But the vulnerabilities of this protocol (and other similar ones) are well known, and Wi-Fi Protected Access 2 makes use of additional mechanisms to protect them. That protection is still in force, according to both the Wi-Fi Alliance and a wireless architect, who blogged in depth on this issue after the Defcon exploit was reported. Read more

Physical Security

Is a plastic drinking straw from McDonald’s the only thing keeping a thief — or worse, a child — from accessing the loaded weapon in your closet safe? Read more

A gun safe's purpose is obvious in its name, but many readily available models fail to deliver, as this 3-year-old safe-cracker is quick to demonstrate. Read more

The Singularity

If you could become the bionic man or Robocop, would you graft biomechanical interfaces into your body? Here's an interview with two Def Con 20 presenters who believe we are indeed on the cusp of hacking humanity and human augmentation. Read more

Freak incident leads to cell phone battery lighting a real fire under a man's backside. Hotel room key-card saves him. Read more

DEF CON Kids

When you think about hacking conferences with about 15,000 hackers attending, 8-year-old kids might not be your first thought. Yet Def Con Kids was so amazing that I cannot encourage you enough to enroll your kids next year. Read more

Last year at DEFCON 19, a 10-year-old girl hacker known only as CyFi, announced her discovery of a security flaw in iPhone and Android games. That year, CyFi co-founded DEFCON Kids as a companion event to DEFCON, with contests and sessions so kids could safely participate in all the hacking fun. This year at DEFCON 20, the contributions of CyFi and her adult hacker pals were officially recognized by NSA Director General Keith Alexander. Read more

The not-for-profit conference is dedicated to teaching kids about white-hat hacking, security, privacy and hardware skills. The learning starts at DEFCONKids.org, where they define a white-hat as “someone who enjoys thinking of innovative new ways to make, break and use anything to create a better world.” Read more

I've been posting lightly around here for the past week, as I've been at DEFCON, where I gave a speech. I brought my whole family -- wife, daughter, and parents -- and the kid got to do some lockpicking workshops at DEFCON Kids, the astoundingly bad-ass kids' computer literacy program run alongside the main event Read more

Many social games have measures to prevent cheating by mucking around with the date settings. But kids are too smart to be stopped that easily. PC Magazine's Sara Yin reports on a brilliant exploit discovered by CyFi, a 10 year-old Girl Scout who presented her findings at Defcon. Read more

DefCon, the long-running, annual hacker conference in Las Vegas, lowered its age restrictions this year for the inaugural "DefCon Kids Village." Read more

Ninja Tel

The annual Defcon hacking meetup produces its share of unique creations. You know you're in for something special when even your entrance badge is an adventure. Defcon 20 might be winding to a close, but about 650 guests may just have the fondest memory of all: access to a private, ad hoc GSM carrier from Ninja Networks. Read more

Inside an otherwise unremarkable room in a Las Vegas hotel, a hacker group known as Ninja Networks has set up a mobile command center complete with ominous red lights and computer screens that allow the technologists to monitor every phone call on their network. Read more

Def Con's much-loved Ninja Badge game has become a staple of the world-famous hacker convention, taking place this weekend in Las Vegas. In the past, the hackable circuit board badges acted as invitations to Def Con's annual VIP Ninja Party, allowing guests to socialize and earn points and virtual items by "attacking" others in close proximity. This year, the team of volunteers behind the game have taken it several steps further: they've built Ninja Tel, their own pirate cell phone network that runs out of a van parked inside the Rio's convention center. Read more

Social Engineering

A Wal-Mart store manager in a small military town in Canada got an urgent phone call last month from "Gary Darnell" in the home office in Bentonville, Ark. Read more

Usually, I feel like the smartest guy in the room. Maybe I’m truly clever or maybe I’m dumb and egotistical, but either way, I walk around seeing idiocy like Haley Joel Osment sees dead people. Read more

In a contest at the hacker conference Defcon, security specialist Shane MacDougall successfully penetrated Wal-Mart. "Social engineering is the biggest threat to the enterprise, without a doubt," MacDougall said after his call. Read more

Movie Night

As a college senior in the early 1990's, Mike Aponte was invited to join the MIT Blackjack Team. Over its long and storied history, the team had developed sophisticated strategies for gaining an advantage over the casinos, combining team play with card counting — tallying the dealt cards to calculate whether the remaining cards favor the player or the blackjack dealer. Card counting techniques have been in use at least since the 1960's and can give players a small but crucial advantage over the house. Read more