skip to main content

DEF CON Hacking Conference

NEWS


Flashback Friday: Early Release of Mike Walker and Jordan Wiens' "Machine vs. Machine: Inside DARPA’s Fully Automated CTF"

DARPA CTF talk screencap

As you may know, DEF CON 24 is hosting the finals of the DARPA Cyber Grand Challenge - a CTF played by fully autonomous systems, developed over two years for that specific purpose. Attack, Defense, complex gameplay all without human intervention. The team whose creation dominates this all-metal Thunderdome walks away with $2,000,000.

This #defconflashbackfriday is a presentation by Mike Walker from DARPA and Jordan Weins from Vector35 all about the CGC, the tech that's being created for it and what it means for securing the IoT we're all connected to.

Bonus: There's a cool reveal in the final few minutes about an additional contest where the winner of the machine vs. machine battle might stick around for a little more CTF action, Humans against Toasters style.

https://youtu.be/gnyCbU7jGYA

You can meet the finalists and learn more about the Cyber Grand Challenge on the CGC website:

http://www.cybergrandchallenge.com/index.html#home

T.D. Francis X-Hour Film Contest entries from DEF CON 23!

TD Francis image

The The T.D. Francis X-Hour Film Contest was back for its second year at DEF CON 23. In case it's new to you, the X-Hour Film Contest is a guerilla-style moviemaking challenge where the participants have to write, shoot and edit a short film during DEF CON.

To make it even tougher, the crews don't get the requirements until they're on site. It's a pretty hard task, but DEF CON people pay little respect to the impossible and show open hostility to the merely difficult. The difficult gets done.

You can see all of this year's entries, and learn how to participate on the X-Hour site :

https://www.xhourfilmcontest.com/defcon-23-films.html

Think you can do better? Get in the ring at DEF CON 24.

Here's the winning entry 'The 23rd Badge' by Team Lake State Studios.

Early Release Video: Ryan Castellucci's 'Cracking Cryptocurrency Brainwallets'

brainwallet talk scrren capture image

Let’s start the week off with another early release video from DEF CON 23. This one is entitled ‘Cracking Cryptocurrency Brainwallets’ by Ryan Castellucci. In this talk, Castellucci explains, in crystal-clear terms, why brainwallets in their current form are a terrible way to secure your crypto-cash. Like, terrible.

Ryan's presentation is a high-info, low-hype tour of the security issues around the safeguarding of your Bitcoin fortune, with some fun white hat adventures thrown in for entertainment value. You will probably learn some cool stuff. You will also learn about Ryan’s Brainwallet-cracking tool/awesome name for a metal band – ‘Brainflayer’. Please enjoy, make whatever wallet changes you need to, and pass it on.

More CTF Goodness from DEF CON 23!

torrent image

More fun CTF stuff released by our esteemed associates at the Legitimate Business Syndicate - a data dump of goodies from the 2015 CTF Quals:

"Much like our 2014 data dump, this release includes JSON dumps of categories, challenges, notices, teams, and limited user information, and more importantly, offline-browsable HTML pages about teams, challenges, and more!"

DEF CON 23 Photo Corps Torrent!

torrent image

The first of our DC23 torrents has arrived! This time it’s about 18 gigs of pictures from the DEF CON Photo Corps. View them, share them, recreate them in papier-mache. They are yours to use, provided that you attribute them to DEF CON. Watch this space for more torrent-based goodies in the near future.

You’re probably going to want to free up some drive space.

DEF CON 23 CTF Results on LegitBS.net

ctf image

Congratulations to DEFKOR, PPP and 0daysober for coming in the top three places in this year's DEF CON CTF. Thanks also to the pillars of the community at the Legitimate Business Syndicate for putting it all together again this year. For more info and a schedule of data releases from this year's game, hit up the LBS blog: https://blog.legitbs.net/

Press Page updated for DEF CON 23!

car hacking image

If you’re interested in reading/watching some of the press DEF CON received this year, you can check out our press archive page. Like everything, it’s a work in progress, and we’ll update as new press mentions come to our attention. If you see something (that should be on the list), say something (to press at defcon dot org). 

Flashback Friday: Early Release of Charlie Miller and Chris Valasek's, "Remote Exploitation of an Unaltered Passenger Vehicle"

car hacking image

#defconflashbackfriday this week is another popular talk from DEF CON 23. It's Charlie Miller and Chris Valasek and their presentation entitled 'Remote Exploitation of an Unaltered Passenger Vehicle'. The vulnerabilities discussed in this talk led to a pretty big recall you might have seen covered on the nightly news.

Enjoy, pass it on and if you're looking for a less connected vehicle, we hear good things about the AMC Gremlin. That thing never connected with anyone.

DEF CON 23 Archive Page is Live!

DEF CON 23 archive image

The DEF CON 23 update train rolls on. Looking for speaker materials, the program or the official receipt? Want to spend some time with the recently decommissioned website? The DEF CON 23 Archive page has what you're looking for.

We'll be updating it as more stuff comes in, so check by often.  Also, if you need a little bit of time sink to get you through a long day at work, remember that that archive page contains similar infoz from the other 22 DEF CONs as well. Productivity kill achievement unlocked.

Early Release: And That's How I Lost My Other Eye

Zoz at DEF CON 23 image

Another DEF CON 23 Early Release video: "And That's How I Lost My Other Eye: Further Explorations in Data Destruction by the fearless Zoz. From the abstract:

" While purging incriminating material residing on spinning disks remains the focus, the research has been expanded to encompass solid state storage and mobile solutions to your terabyte trashing needs. With best efforts to comply with the original constraints, the 2015 update features more analysis of the efficacy of kinetic projectiles, energetic materials and high voltages for saving your freedom at the potential cost of only a redundant body part... or two."

https://youtu.be/qRr3QFUZPqU

Contest Results from DEF CON 23 are Live!

Gambling image

It took a while to collect and assemble, but we are now ready to present to you the contest results for DEF CON 23

The contests at DEF CON are community generated, and we want to thank all the people who give their time and energy to think them up and bring them to life. We're proud of how varied and challenging and creative the contest scene has become.

We also appreciate all of the contest participants who wade into the fray and get involved. That enthusiasm keeps us working to make every year better than the last.

And of course, congrats to the winners. These things can be pretty demanding of your brain and your energy and your sleep bank. Take a moment to bask in your glory, victors. You have done well.

Just know that while you enjoy your victory, somebody somewhere is in the dojo, working on their crane kick for DC24.

DT Interviews Jayson E. Street at DEF CON 23!


Jayson E. Street is famous for his awkward hugs (that is so for real - you can google it). He is also famous for speaking at Cons and spreading the hacker gospel around the globe. His new mission? Revitalizing the DEF CON Groups.

This is an interview from DEF CON 23 – DT talks to Jayson about his DCG plans, his thoughts on the scene and his collection of lanyard-centric Con bling.

If Jayson's ideas about Groups sound cool to you, visit the website at defcongroups.org and find out about joining or starting a DC Group where you live. Momentum, people. Keep it going and spread the word.

Flashback Friday: Early release of "I Will Kill You" at DEF CON 23!

Chris Rock talk screencap image

Today’s #defconflashbackfriday is from the recently completed DEF CON 23, and it’s kind of a paradigm shifter in the world of identity theft. Chris Rock from Kustodian shows how it’s possible to exploit the systems that record our births and deaths to create and destroy ‘life’ at will. The possibilities are wide-ranging: get an enemy declared dead, get a fictional person declared born and sell them as a whole-cloth identity or get them declared dead for the insurance payout. Start your whole life over with an anonymously created, brand-new identity. It’s a fascinating and troubling presentation that should generate much-needed discussion about how we secure the entire digital lifecycle.

Coming Up: All the Things from DEF CON 23!

DEF CON 23 image

DEF CON 23 is a wrap. We hope all of you found your way safely to your various abodes and domiciles and smoothly resumed your between-con lifestyle.

We took a couple of days to refill the life bar, and now we’re back online ready to hit you with the post-DC wrap-up. Watch this space for early-release video, contest results, pcaps, pictures, press reports and all that good stuff.

We heart you, DEF CON community. Thanks for making DC23 so much fun.

New tonight for DEF CON 23: Drunk Hacker History!

Drunk Hacker History image

Check out the new Contest, Drunk hacker History tonight in Track One at 19:00! What is it, you ask? From the DEF CON Program:

New this year for DEF CON 23, we bring you a contest unlike anything you've ever seen before (and may never see again). The DEF CON community has a rich history. It is a history is filled with colorful adventures, half-truths and angry hotel managers. This contest will brush the dust off some of the most celebrated, obscure and redacted moments in Hacker History through the interpretation of a group of pre-selected contestants with the help of C2H6O. Each contestant will be "prepared" for their participation by our contest staff before being brought in front of a panel of judges. A topic will be randomly selected pointing to a moment of hacker history and the contestant will have 5-7 minutes to provide their account. Points will be given for accuracy, level of "focus", and other areas just made up on the fly by the judges, and in the end the contestant with the most points will be crowned the "Drunk Hacker History" champion for 2015. Note: This is not a Black Badge contest (yet).

Update: DEF CON 101 has Moved!

101 sign at Gold image

In order to ease some of yesterday's congestion, DC101 track is now located in the Gold Room in Bally’s. The Demo Labs that were located in the Gold Room are now in the Grand Salon area just outside of the Gold Room. Pass it on!

The DEF CON 23 Media Server is Live on the Con Network!

Media Server image

When you're weary of walking the conference floor, feel free to take a moment to leech the daylights out of the DEF CON 23 Media server, available to everyone onsite at dc23-media.defcon.org! All of this year's con materials and gigs and gigs of other conference videos to watch on the plane home. Enjoy, and pass it on.

Book Signings At DEF CON 23!

entertainment image

Attention millenials : in the olden times, we put our information on slices of tree skin. We still do, a little bit. Some of the sages who write these 'books' will be available to meet you and squirt Sharpie juice on your copy in the shape of their name. You should visit them in the following locations and times:

Friday, August 7

14:00 - Michael Schrenk: Webbots, Spiders, and Screen Scrapers, 2nd Edition
15:00 - Violet Blue: The Smart Girl's Guide to Privacy
16:00 - Bruce Schneier: Data and Goliath

Saturday, August 8

13:00 - Jon Erickson: Hacking, 2nd Edition
14:00 - Eric Weinstein: Ruby Wizardry
15:00 - Georgia Weidman: Penetration Testing
16:00 - Chris Eagle: The IDA Pro Book, 2nd Edition

All signings will take place at the No Starch Press table in the vendor area.

Peter Kim will also be signing his book Hacker Playbook 2: The Practical Guide to Penetration Testing, Saturday at noon, at the Hacker Warehouse table.

DEF CON 23 Program Error: Music Events

entertainment image

From the DEF CON corrections department:
    A typo in the program attempted to rob you of a few precious hours of musical entertainment. Please know that music events start at 21:00 tonight and 20:00 friday and saturday, not 22:00. We apologize for any confusion. We now return you to your regularly scheduled hacker conference.

THE DEF CON 23 FILES

Files image

If you're here onsite, you're gonna get a printed program, physical CDs with con materials and the official DEF CON soundtrack, among other goodies. Which is great.

But if you aren't so into the whole analog trip, or you're playing along with DEF CON at home, is there a way to just download all this stuff?

Of course there is. Here's a heaping helping of links to get you started.

Program
Direct Download: https://media.defcon.org/DEF CON Conference Programs/DEFCON-23-Program.pdf

Conference CD
Direct Download: https://media.defcon.org/DEF CON Conference CD DVD/DEF CON 23 Original Hacking Conference DVD.rar
Directory of Files: https://media.defcon.org/DEF CON 23/DEF CON 23 presentations/

Music CD
Purchase the Soundtrack (pay what you want) to benefit EFF: http://music.gravitasrecordings.com/album/def-con-23-the-official-soundtrack
Torrent: https://www.defcon.org/html/torrent/DEF CON 23 music CD.torrent
Music CD Files Directory: https://media.defcon.org/DEF CON 23/DEF CON 23 music/DEF CON 23 music CD/

DEF CON WiFi Reg is Up and Running!

NOC image

Get registered for the DEF CON Secure WiFi now, even if you aren't here on site yet!

DEF CON WiFi Network

2.4 & 5 Ghz

DefCon-Open : Type: Open
DefCon : Type: WPA2/ 802.1x

Once again the DEF CON NOC worked hard to provide you the internetz via WiFi access throughout the Paris & Bally’s convention centers.

There are two official ESSIDs to access the conference network: the encrypted and cert/user-based authentication (DefCon) and the unencrypted free-for-all one (DefCon-Open): choose wisely.

Most of the devices these days should are 802.1x compatible, despite the corks some of them still present without an MDM solution behind it, and no one really want your devices managed by us.

https://wifireg.defcon.org is where you can create your credentials, download the digital certificates and fingerprints, and read our awesome support documentation. Remember, practice safe internets: make sure you pick a credential that is not used anywhere else (aka: your Windows domain) and double check your fingerprints. As always, this is a hacker conference.

http://www.defconnetworking.org is your stop for stats, data, and important updates about the network during and post-con.

And, believe it or not, we want your feedback: noc@defconnetworking.org

Tamper Evident Village Contests: Sign Up Now!

Tev image

The Box - Electronic Tamper / Bomb Defusal Contest

The challenge? Defuse a bomb. I feel like I don't have to say a lot more than that. Bring your own tools, have an action hero moment for yourself.

Reg begins Friday in the Tamper-Evident Village, and it's probably wise to expect a bit of a queue.

Full info in the Forum:
https://forum.defcon.org/forum/defcon/dc23-official-unofficial-parties-social-gatherings-events-contests/dc23-villages/tamper-evident-village/220837-the-box-dc23-tamper-challenge

DC 23 Tamper Evident Contest

Signups are now live for the Defcon 23 Tamper-Evident Contest! Your task is to gain access to a package and all of it's contents without leaving any evidence that you did so. Sound easy? It's harder than you might think! Make sure to sign up to guarantee you get a package - space is limited for this contest!

Rules and signup page in the Forum:
https://forum.defcon.org/forum/defcon/dc23-official-unofficial-parties-social-gatherings-events-contests/dc23-villages/tamper-evident-village/221715-dc23-tamper-evident-contest

Special Guest Announced for License to Pwn Panel!

License image

The US Govt proposed new export controls that could change the way we talk about security and Defcon has two sessions on the issue. We are very pleased to announce that Catherine "Randy" Wheeler of the BIS will be joining the "Licensed to Pwn" panel as a special guest.

Randy has been the Director of the Information Technology Controls Division in the Bureau of Industry and Security’s (BIS) Office of National Security and Technology Transfer Controls since June 2006, and is currently tasked with implementing the Wassenaar Arrangement’s new export controls on surveillance and intrusion software. Randy will join Dave Aitel, Matt Blaze, Nate Cardozo, Jim Denaro, and Mara Tam to discuss the weaponization and regulation of security research on Friday, 7th August at 11h00 (Track Two).

From Dusk 'Til Con at DEF CON 23!

Nightlife image

At DEF CON, we know that after a long day of having your mind-grapes blown, sometimes it feels good to shut it down a bit and party. That’s why we provide so many party options. Need some reckless booty-shaking? We got you. Need to drunkenly howl top40 tunes with friends? We got you. Need to put your feet up and watch a movie while your life bar fills back up? We got you, too. We are a full-spectrum hacker summer camp, people. We got you because we get you.

Check out our nightime offerings here

Thursday Contest signup at DEF CON 23!

Contest signup image

A bunch of DEF CON Contests have agreed to set up an early registration between 1100 and 1400. The idea is achieve optimum contest smoothness with contestants ready to hit the ground running at 10am Friday.

The contests involved (so far):
Hacker Jeopardy
Hackfortress
Scavenger Hunt
TD Francis XHour Film Contest
warl0ck gam3z
Beverage Cooling Contraption Contest

Where you need to be to get in on the action:
Bally's Grand Salon, Thursday 1100 to 1400.

Kali 2.0 Dojo at DEF CON 23!

soma image

Interested in Kali Linux? Want to get yourself up to speed on the new hotness of Kali Linux 2? Enter the Kali 2.0 Dojo.

In Skyview 2 on Friday starting at 1:00PM there will be two Kali workshops to get you up on things, with custom Kali USB sticks provided to attendees.

Workshop One: Learn how to master Kali Linux Recipes and easily build images such as the Kali Linux ISO of Doom or Instant Evil Kali Access Point.

Workshop Two: Learn how to make a sleek Kali Bootable USB stick, which contains several persistent storage profiles, both regular and encrypted. Protect your encrypted data using the Kali LUKS Nuke feature destroy and restore your data with confidence.

Workshop Three: Pentest the Planet. *

*There isn't a Workshop Three. But with your new skills and training, you will probably be pretty stoked to get your Kali 2.0 on.

SOMAFM is Back in the Chillout Lounge!

soma image

SomaFM returns once more to bring delicious and relaxing sounds to the Chillout Lounge for its third year running. Known best for its legendary Groove Salad radio station, SomaFM is one of pioneers of streaming internet radio, with dozens of curated, diverse, and compelling channels for listeners across the globe. DEF CON Radio, a project of SomaFM, is included in that incredible list, a playlist including much "Music For Hacking" and a unique daily schedule that goes with the flow of the DEF CON experience.

Find more information about the listener-supported SomaFM and DEF CON Radio at
http://somafm.com/defcon/

DEF CON radio (player link):
http://somafm.com/player/#/now-playing/defcon

Welcome Back, Queercon!

Queercon image

After a few years 'off-campus', the legendary Queercon is back in the main DEF CON venue - and they return in grand style. Not only is Queercon throwing a giant pool party with DJs from all over the world, functionally endless booze, and an OPEN pool,  but they're also hosting a  mixer every day of the con at 4pm for friendly conversation, chillaxing and cocktails.

To celebrate their return, DEF CON has created a limited run of DEF CON pride t-shirts, shown here on a model with alarmingly subtle facial features. They're a fine addition to any wardrobe and you can find them wherever DEF CON swag is sold.

Basic Details:
Pool Party - Friday 8pm to 3am at the Bally's pool. No badge required.
Mixers - 4pm Thursday thru Sunday at a Courtesy Suite (#TBD) in the Jubilee Tower of Bally's

The full rundown is available at queercon.org  

DEF CON Groups Reloaded!

DEF CON Groups reloaded image

From The Dark Tangent:

"As DEF CON 23 nears, I am proud to unveil the launch of the new DEF CON Groups website, defcongroups.org!

Defcongroups.org will provide a centralized place to socialize, learn new skills, collaborate, and show off recent projects to DEF CON Groups around the world . It will include a directory to make it easier to find like-minded hackers in your area, as well as showcase featured DEF CON Groups, guest blogs, videos, tutorials, and more."

Read all about it at defcongroups.org. Whether you wish you were coming to Vegas next week or you are and you just want to feel that Hacker Fresh™ feeling all year round, it's time to join your friendly neighborhood DEF CON Group. If you live somewhere that doesn't have a DEF CON Group, it's time to start one.

There's really no limit to the cool stuff that can be accomplished with a global network of smart, inspired,hacker-minded humans. Together, we're basically Voltron. Let's make this the year we prove it.

DEF CON Village Talks Page, Now with More Villages!

Village Talks image

The Villages are growing - almost all of them have their own speaker tracks, contests and events. How crazy is that? Most of the villages are bigger than the first bunch of DEF CONs! To help you keep them sorted out, we’ve created a page on the DEF CON 23 website that lists all the talks going on in the villages (that we know about at this precise moment in time - we’ll add and update if things change). It’s like one of those Country Buffets, only the offerings make you smart instead of nauseous and regretful.

DEF CON 23 CFP Review Board Revealed!

Review Board image

In a $3cr3t chamber behind a purely ornamental bookcase in DEF CON Manor, a shadowy cabal works for months selecting DEF CON talks. It’s a grueling, thankless job. 

Until we thank them, which is now. 

This is the post where we drag the willing members of the cabal out of the shadows so you can learn their names and buy them a drink at the con. 

Not shown: Several reviewers who have spent so long in the $3cr3t chamber that they’ve become permanently shadowy. 

SE Village surprises for Thurdsay at DEF CON 23!

SE Village image

The Social Engineering Village has a brand new contest this year- Mission SE Impossible! It takes place on Thursday and you need to sign up on-site but it sounds like fun. Contestants are 'arrested', put in a locked room and forced to use their SE skills to get the codes and free themselves.

Read all about it. If you've the SE chops to talk your way out of a locked box, you probably won't want to miss this contest.

http://www.social-engineer.org/social-engineering/the-sevillage-at-def-con-23/

Sign up for DEF CON Workshops Now!

Workshops image

Good news, everyone! Well, unless you secretly love waiting in a queue. Then it’s less good, and you’re weird.

The DEF CON 23 workshops will not require you to rush from the reg line to a workshop reg line. We’re going to allow online pre-reg for the DEF CON Workshops. The seats are limited, and we’re granting them on a strictly first come, first served basis.  To sign up, check out the Workshops Registration Page!

We’ll send a receipt when you’re registered (within 2 biz days), and we’ll announce any new openings @_defcon_ on Twitter. Good luck!

Roll on down to the Car Hacking Village at DEF CON 23!

Car Hacking village image

At DEF CON, we agree with you that it's kinda bogus that in 2015 we still don't have flying cars. But you know what makes up for that? Cars you can hack.

So this year, we bring you Car Hacking Village - a little bit of paradise for people who long to invalidate a connected car's warranty without jeopardizing their commute.

The CHV will have several 'Zones' for your education and entertainment:

Pull-apart Zone: learn how to get physical access to car controllers by removing panels and bolts.

Buck Hacking Zone: open hack car controllers and systems using a Buck (system on a bench).

Learning Zone: drop-in sessions of 15-30 minutes to teach specifics of vehicle networks and hardware.

Chill Zone: meet the CHV team in a more informal setting. Meet other interested con-goers. Meet no one and just meditate on what you've learned so far.

OEM Zone: we're probably going to rename this, but it's for dialog between OEMs and their users.

Vendor Zone: if the Car Hacking Village has inspired you, you can pick up some study material and even some hardware.

We hope to see you there.

Warning: objects in the CHV are closer than they appear.

Find Crew Members and Sign up for the T.D. Francis X-hour Film Contest at DEF CON 23!

TD francis X-hour poster image

If you find yourself interested in the The T.D. Francis X-Hour Film Challenge but you don't have a big enough crew, let people know in the Forum thread linked below or in on their facebook page https://www.facebook.com/xhourfilm

If you find yourself interested in the The T.D. Francis X-Hour Film Challenge but you don't have a big enough crew, let people know in the Forum thread linked below or in on their facebook page https://www.facebook.com/xhourfilm

There's a limited number of slots, and they're filling up, so don't dilly-dally. And remember us when you get that Oscar.

You can also check out the Contest website at http://www.xhourfilmcontest.com/

T.D. Francis X-Hour Film Contest on the DEF CON forums

DEF CON 23: The Trailer


Today’s date - 7/17/2015. Add the digits. Can you feel that? The phantom hand tugging at your sleeve, the voice in your ear right before sleep takes you? There’s no sense in resisting, friend. The Enigma has you, and the only way out is straight through. Join us in Las Vegas! Closing ceremonies are in 23 days. 

Get involved on the DEF CON Forums! Now with no wait period!

DEF CON forums upgrade image

We have upgraded the DEF CON Forums - new iron, new paint, new can-do attitude. We've removed the annoying wait between signing up and posting, and the whole thing runs faster. Also, you can't beat the new forum smell - like ascii and toasted hazelnuts.

The Forum is also where the most granular, immediate and interactive information about DC23 is being hashed out. Looking for someone to share ae ride from San Diego? Want to ask a question directly to the Crash and Compile organizers? Head on over to the Forum. Got a killer salsa recipe? Probably no one cares, but its a forum. So get involved.

DEF CON 23 Speaking Schedule is LIVE!

speaking schedule image

It's beginning to feel a lot like DEF CON, everywhere you gooooo...

You can tell it's for real now, because we have a live speaker schedule. Familiarize yourself, plot your optimal path for cranial embiggening, tell the others. This year's lineup is crazy great, and knowing your 'must see' talks greatly enhances your chances of maximum DEF CON.

We're in the home stretch, people. One month and counting. 

Caesar's rooms still available for DEF CON 23

Caesar's room block image

DC23 Booking Pro Tip:

The DEF CON group rate isn't available at the main venue hotels anymore - our block is sold out in Paris and Bally's. This might cause you to think about paying the full freight at those hotels to be close to the action. Reasonable idea, except....

We have a discounted block at Caesars, and it's still got some rooms available. Caesars is only 800 air-conditioned steps from the Con space. You save some hard-earned skrilla, you get a few minutes of walking to thumb through your program and get your various plans/plots/schemes together.

Look, if you've got bread like that, do what you feel. But for those of us balling on a budget, the Caesars plan deserves some attention.

DEF CON After Dark, Part One - Thursday Night’s Music Lineup is LIVE!

DEF CON after dark image

Some of you, we have heard, enjoy vigorously oscillating what your maternal unit bequeathed to you. Some of you like to wave your hands in the air, as if you could not be less concerned. We understand. We get you, and we got you.

We have artisanally curated a flight of audio bliss merchants for your enjoyment on Thursday night. For staters, we’ve got An Hobbes, Dee Kaph, Johnny5 and Spherex.  After midnight we have DJ %27 and DJ AliKat. Many styles, many flavors. Join us, and amuse your bouche all over the place.

DEF CON Vendors are LIVE!

Demo labs image

The official vendor list for DEF CON 23 is finalized and live on the intertubes. That money burning a hole in your pocket? It's dangerous if it goes unchecked. You can avoid the hazard of fire by turning that money into temperature-stable, safe goods and services with the smiling merchants of the vendor area. For those of you inclined to the games of chance, payouts in the vendor area hover very close to 1:1 - you're not gonna get those odds on the casino floor.

Don't become a pocket combustion statistic. The vendors are here to help.

DEF CON Demo Labs Schedule is LIVE!

Demo labs image

We asked for demo submissions, and boy howdy did you people ever answer! For the first time, we have a whole community-powered demo area - five different sessions of your projects and demonstrations to share with the attendees. You're definitely gonna want to make some time to check this out.

The schedule is live, and of course there are links to all the abstracts there. We're amped about this - and we hope you will support the Demo Lab and spread the word.

This is gonna be so cool.

Crash & Compile at DEF CON 23!

Crash & Compile image

Crash and Compile? What's that?

Crash and Compile is an ACM-style programming contest crossed with a good old fashion college drinking game.

You get a problem, and have to code a solution to it. The catch is that if your code doesn't compile, seg-faults, doesn't produce the correct output, you have to take a drink... All this takes place on the contest stage. It's chaos meets coding. As the night progresses, you are either a really good programmer, really drunk, or a bit of both.

Official announcement on the DEF CON forums

Final Round of DEF CON 101 Speakers!

Final round speakers image

As promised, here's the final additions to the lineup for DEF CON 101. Make yourself familiar, maybe pick out a couple.  Nobody likes to be standing in line for an SRO talk only to get stuck in the hallway, missing all the goodness because of a failure to plan.

Well, there's probably a rule that says someone must like that, and probably mods a subreddit about it like /r/missedyetanothercoolDEFCONtalk. But that someone is weird. Weird and possibly dangerous. Don't be that someone. Read ahead and make some plans.

Hardware and Trust Security: Explain it like I’m 5
Teddy Reed and Nick Anderson

A dive through the origins, evolution, and weaknesses of cellular networks
Effi and Tom Palarz

Seeing through the Fog
Zack Fasel

Hacking Web Apps
Brent White

Hacker in the Wires
Dr. Phil Polstra

Secure Messaging for Normal People
Justin Engler

Sorry, Wrong Number: Mysteries Of The Phone System - Past and Present
"Unregistered436" Patrick McNeil and ”Snide" Owen

Forensic Artifacts From a Pass the Hash Attack
Gerard Laygui

Alice and Bob are Really Confused
David Huerta

Introduction to SDR and the Wireless Village
DaKahuna and Satanlawz

Hackers Hiring Hackers - How to Do Things Better
Tottenkoph and IrishMASMS

Beyond the Scan: The Value Proposition of Vulnerability Assessment
Damon Small

Backdooring Git
John Menerick

Final Round of DEF CON 23 Speakers!

Final round speakers image

The great work is complete! Behold the final round of selected speakers for DEF CON 23!

Thanks to all the submitters for sharing their work, and to the selection committee for poring over all that work. We think we’ve created a pretty phenomenal list of talks here!

Check this space tomorrow for the final round of DC101 speakers as well.

It’s getting real, people. Really real.

DIY Nukeproofing: a new dig at "data-mining"
3AlarmLampscooter

Key-Logger, Video, Mouse - How to turn your KVM into a raging key-logging monster
Yaniv Balmas and Lior Oppenheim

Who Will Rule the Sky? The Coming Drone Policy Wars
Matt Cagle and Eric Cheng

Why APTs focusing on Telco Networks: Dissecting technical capabilities of Regin and its counterparts
Omer Coskun

Do Export Controls on “Intrusion Software” Threaten Vulnerability Research?
Tom Cross and Collin Anderson

Licensed to Pwn: The Weaponization and Regulation of Security Research
Jim Denaro, Dave Aitel, Matt Blaze, Nate Cardozo, and Mara Tam

REpsych: Psychological Warfare in Reverse Engineering
Chris Domas

NSA Playset: JTAG Implants
Joe FitzPatrick and Matt King

Abusing Adobe Reader’s JavaScript APIs
Brian Gorenc, Abdul-Aziz Hariri, and Jasiel Spelman

WhyMI so Sexy? WMI Attacks, Real-Time Defense, and Advanced Forensic Analysis
Matt Graeber, Willi Ballenthin, and Claudiu Teodorescu

I want these * bugs off my * Internet
Dan Kaminsky

Let's Talk About SOAP, Baby. Let's Talk About UPNP
Ricky "HeadlessZeke" Lawshae

Tell me who you are and I will tell you your lock pattern
Marte Løge

Separating Bots from the Humans
Ryan Mitchell

Docker, Docker, Give Me The News, I Got A Bad Case Of Securing You
David Mortman

NetRipper - Smart traffic sniffing for penetration testers
Ionut Popescu

"Quantum" Classification of Malware
John Seymour

Hacking the Human Body/brain: Identity Shift, the Shape of a New Self, and Humanity 2.0
Richard Thieme

DEF CON 23 Workshops Schedule is Live!

Workshops image

These are brand new - intensive, deep-dive workshops on topics like Android reverse-engineering, Honeypots and Crypto for Hackers!  They’re free, but you’ll need to register onsite. Space is obviously limited, so if one of these topics really grabs you you’re gonna want to make signing up a priority when you get to the venue. There will be overflow lists, too, in case not everyone shows up. It is Las Vegas, after all. Sometimes you lose someone for a while.

Spread the word - we’d love these workshops to have a great first year.

DEF CON 23 Speakers: Round Four is Live!

Speakers image

The DEF CON CFP Review Board is composed entirely of Champions. Only a few days after Round 3, they are ready to present you with Round 4 of DC23 accepted speakers. Look on their work, ye mighty, and despair.

When the despair wears off, you should probably starting making notes about which ones you want to see. It's looking like a pretty goodie-packed schedule.

How to secure the keyboard chain
Paul Amicelli and Baptiste David

How to hack your way out of home detention
AmmonRa

Canary: Keeping Your Dick Pics Safe(r)
Rob Bathurst (evilrob) and Jeff Thomas (xaphan)

Attacking Hypervisors Using Firmware and Hardware
Yuriy Bulygin, Mikhail Gorobets, Alexander Matrosov, Oleksandr Bazhaniuk, and Andrew Furtak

Harness: Powershell Weaponization Made Easy (or at least easier)
Rich Kelley

Inter-VM data exfiltration: The art of cache timing covert channel on x86 multi-core
Etienne Martineau

Ask the EFF: The Year in Digital Civil Liberties
Kurt Opsahl, Nate Cardozo, Mark Jaycox, Corynne McSherry, Nadia Kayyali, and Peter Eckersley

DefCon Comedy Inception: How many levels deep can we go?
Larry Pesce, Chris Sistrunk, Adam Crain, Chris Blow, Dan Tentler, Amanda Sullivan Berlin, and Katie Moussouris

Chigula - a framework for Wi-Fi Intrusion Detection and Forensics
Vivek Ramachandran

Knocking my neighbor’s kid’s cruddy drone offline
Michael Robinson and Alan Mitchell

How to Hack a Tesla Model S
Marc Rogers and Kevin Mahaffey

Drinking from LETHE: New methods of exploiting and mitigating memory corruption vulnerabilities
Daniel Selifonov

Scared Poopless – LTE and *your* laptop
Mickey Shkatov and Jesse Michael

Angry Hacking - the next generation of binary analysis
Yan Shoshitaishvili and Fish Wang

High-Def Fuzzing: Exploring Vulnerabilities in HDMI-CEC
Joshua Smith

Security Necromancy: Further Adventures in Mainframe Hacking
Philip “Soldier of Fortran” Young and Chad "Bigendian Smalls” Rikansrud

Announcing the DEF CON Call for Parties!

Call for parties image

'From Dusk 'til Con' is back with more space, more opportunities and more DEF CON-provided bartenders. If you've got an idea for a party, shindig, hullabaloo, Esperanto-based MUD, you know, whatever, you should share them with us. If your idea is one of the winners, you'll get to throw your party at DEF CON. The main requirements are a well-thought out idea and a quick e-mail trigger finger. You can find the full story on the Call for Parties page. Go there, make a plan, become a party legend.

DEF CON 23 Room Blocks Nearly Full!

Hotel infographic image

Still hoping to stay in the DEF CON hotel block at our group rate? It’s time to get a move on. Our block at LINQ has sold out, and Flamingo and Planet Hollywood are close to capacity. There’s still some rooms at our rate Caesars, but the window is closing fast, and the risk of getting stuck with an overpriced room in the uncharted wastelands of the Strip grows with every passing day. Fortune favors the bold action, friends. Book soon, or brave the outer darkness. 

Announcing the DATA DUPLICATION VILLAGE at DEF CON 23

Internet of things village image

New for DEF CON 23 is the evolution of the last years DEF CON Media server drive duplication into the data duplication village.

HOW IT WILL WORK

DEF CON will provide a core set of drive duplicators as well as content. It will be a first come, first served situation. Bring and label your 6TB SATA blank drives, and put them in the queue for the data you want and 14 hours later it is done.

WHAT TO BRING

_ 6TB SATA3 new drive(s) - If you want a full copy of everything you will need three.

_ Any data you want to contribute to be shared, in USB, HDD, or DVD format

You can both contribute data to be duplicated, as well as bring blank drives to get copies and help spread the knowledge.

Those who want to share their own collections or help with duplication are encouraged to bring their own collections and drive dupers. If your collection is smaller we are thinking of getting some USB thumb drive duplicators for smaller batches. We also will have a DVD duper tower, so bring those legacy DVDs.

Full details in the DEF CON forums

IoT Village "Call for X"

Internet of things village image

The ISE and the IoT Village announced ‘Call for X’, a call for presentations for an open-format presentation track at DEF CON 23. From the announcement:

“Call For X’ is a play on the mathematical construct of X as an unknown variable,” explains Ted Harrington, one of the lead organizers of IoT Village and the Executive Partner at ISE. “The Call for X is an open-format track for the IoT Village. We want researchers to make suggestions about innovative ways to teach workshops, tutorials, games, or anything else related to the Internet of Things. We are trying to open the platform of learning to dynamic innovation that will help deliver exciting, new and effective ways to reveal solutions for the emerging IoT security problem."

The Call for X CFP is open until June 30, and the information you need to participate is at www.IoTVillage.org . Get your ideas together and spread the word.

DC23 Link Roundup!

Here's a few things you might want to know about that are going on in the Contest/Event/Village-osphere:

Robocalls contest image

Gentle, non-automated reminder: You only have until June 15 to register for 'Robocalls: Humanity Strikes Back' and grab your share of the 50K in prizes!

Strike at the heart of the robocall menace and possibly get a fistful of greenbacks by creating a crowd-sourced honeypot. But step lively, because June 15 is right around the corner.

Biohacking Village image

In case you didn't know, DEF CON 23 is soft-launching a BioHacking Village, and there's still an open CFP for it! If you've got some knowledge or expertise in bio-hacking, this may be your moment to shine. Follow the link and submit by June 30.










Short Story Contest image

The DEF CON 23 Short Story contest entrants are in, and it's time for judging. Your input counts! You can read them all in the forum and give us your vote. As always, thanks to the DC literary community for being dope and sharing their genius with everyone.

DEF CON 101 Talks, Round One!

Speakers round 3 image

We've got more speakers to announce - this time it's for the DEF CON 101 track. As avid con-goers will know, DC101 is a series of talks geared for attendees looking for grounding in new skills and to looking to broaden their basic skillset.

Check 'em out, mark your calendars accordingly and spread the word.  The official DEF CON 101 track is running throughout the Con this year, so there will be more speakers added soon!

Game of Hacks: Play, Hack & Track
Amit Ashbel and Maty Siman

Abusing XSLT for Practical Attacks
Fernando Arnaboldi

RFIDiggity: Pentester Guide to Hacking HF/NFC and UHF RFID
Francis Brown and Shubham Shah

It's The Only Way To Be Sure: Obtaining and Detecting Domain Persistence
Grant Bugher

Ubiquity Forensics - Your iCloud and You
Sarah Edwards

Crypto for Hackers
Eijah

Extending Fuzzing Grammars to Exploit Unexplored Code Paths in Modern Web Browsers
Saif El-Sherei and Etienne Stalmans

Linux Containers: Future or Fantasy?
Aaron Grattafiori

How to Shot Web: Web and mobile hacking in 2015
Jason Haddix

LTE Recon and Tracking with RTLSDR
Ian Kline

Are We Really Safe? - Bypassing Access Control Systems
Dennis Maldonado

Hacking SQL Injection for Remote Code Execution on a LAMP stack
Nemus

Chellam – a Wi-Fi IDS/Firewall for Windows
Vivek Ramachandran

Bruce Schneier Q&A
Bruce Schneier

Applied Intelligence: Using Information That's Not There
Michael Schrenk

I Am Packer And So Can You
Mike Sconzo

NSM 101 for ICS
Chris Sistrunk

The Bieber Project: Ad Tech 101, Fake Fans and Adventures in Buying Internet Traffic
Mark Ryan Talabis

Hijacking Arbitrary .NET Application Control Flow
Topher Timzen and Ryan Allen

QARK: Android App Exploit and SCA Tool
Tony Trummer and Tushar Dalvi

Round Three of DEF CON 23 Speakers is now Live!

Speakers round 3 image

More approved presentation goodness - round 3 of DEF CON 23’s accepted speakers is now LIVE. Our team of dedicated reviewers has been hard at work finding the best talks in the mountains of entries, and you are now free to read through the abstracts and start formulating your info-hoovering plan for Vegas.

Three rounds of speaker selections down means that DEF CON really is starting to get close.There are a few more updates to come before the roster is complete, but it’s already clear it’s gonna be a heck of a Con, presentation-wise.  Remember to watch this space and we’ll update you as soon as we have new speaker selections.

Another thing to keep in mind is that there’s more going on, speaker-wise, than just the Official DEF CON tracks. The Villages have their own speakers throughout the con - you can find links to all the individual village websites at http://defcne.net/villages/22.

Malware in the Gaming Micro-economy
Zack Allen and Rusty Bower

Fun with Symboliks
atlas

Cracking Cryptocurrency Brainwallets
Ryan Castellucci

Stagefright: Scary Code in the Heart of Android
Joshua J. Drake

Unbootable: Exploiting the PayLock SmartBoot Vehicle Immobilizer
fluxist

Rocking the Pocket Book: Hacking Chemical Plant for Competition and Extortion
Marina Krotofil and Jason Larsen

F*ck the attribution, show us your .idb!
Morgan Marquis-Boire, Marion Marschalek, and Claudio Guarnieri

Hacking Smart Safes: On the "Brink" of a Robbery
Dan “AltF4” Petro and Oscar Salazar

Title TBA
Peter Shipley

Machine vs. Machine: Inside DARPA’s Fully Automated CTF
Michael Walker and Jordan Wiens

Pivoting Without Rights – Introducing Pivoter
Geoff Walton and Dave Kennedy

Stick That In Your (root)Pipe & Smoke It
Patrick Wardle

Investigating the Practicality and Cost of Abusing Memory Errors with DNS
Luke Young

DEF CON 23 CTF Quals Write-Ups!

CTF image

The last qualifying event for DEF CON 23’s CTF competition is in the rear view. For those of you who didn’t compete but want an idea of what a high-level CTF competition looks like, we offer links to some quality write-ups. The write-ups not only give you insight into the competition, but the careful reader can also learn something of the mindset that succeeds at this kind of contest. If you’re on the fence, it’s time to read up, level up and get in the arena. CTF glory awaits.

The 2015 DEF CON CTF Qualifications are complete!

CTF image

From the upstanding citizens of the Legitimate Business Syndicate:

"Thanks for being a part of our biggest DEF CON CTF qualifiers yet. We're still very excited at how well the 4407 players, 1472 teams, and over 4000 unique IP addresses performed in our game, and have some preliminary results and other information to share with you."

The contest ended with a three-way tie between PPP, DEFKOR and 9447. As the LBS sorts through the data, they'll post everything at https://blog.legitbs.net.

For those of you who'd like to get a close-up view of the action, you can find a whole bunch of writeup goodness at https://github.com/…/…/tree/master/defcon-qualifier-ctf-2015

If you competed and have a write-up to contribute, that's a great place to put it.

Thanks to all the competitors and to the Legitimate Business Syndicate for making everything happen. Good luck to the groups moving on to the big showdown in Las Vegas, where it shall be on like the proverbial Donkey Kong.

There Are Still Speaking Opportunities at DEF CON 23!

Speaker image

The main CFP is closed, but that doesn't have to mean you can't speak at DEF CON 23.

Several of the Villages are still looking for speakers in their specific subject areas. If your idea is about Crypto/Privacy, IoT, SE or Packet Capture, quick action could still secure you a speaking opportunity before an audience that's passionate about the topic at hand.

Crypto and Privacy village - Deadline June 30

Internet of Things village - Deadline May 26

Social Engineering Village

Packet Capture Village

Let the DEF CON 23 CTF Quals Begin!!

CTF image

The time has come. The final qualification opportunity for CTF at DEF CON 23. Team size - ∞. Registration - open, and available all the way until the contest ends. Battle begins at midnight UTC, May 16 and runs until midnight UTC May 18. If you think you deserve a spot at the Vegas finals, this is your last opportunity to prove it.

For up to date info on the contest you can follow the scoreboard at 2015.legitbs.net/scoreboard or keep an eye on @legitbs_ctf and @_defcon_.

Prepare your team. Reach for glory. Godspeed, one and all.

Reminder: DEF CON 23 Call For Suites and Call for Demo Labs are Open!

Demo lab image

If you've got a project, a gadget or a tool that you'd love to show off to DEF CON attendees, there's still time to sign up for the DEF CON Demo Labs! You bring your wares, and we provide you with a dedicated time and location to show them off. It's a great opportunity to get your project some user testing, cultivate some collaborators or get an idea how your idea rates with the hacker demo. The information you need to sign up is here: https://www.defcon.org/html/defcon-23/dc-23-demolab.html

What would you do with a whole penthouse suite at DEF CON? Throw a party the bards will sing about until the end of days? Film a security 'Shark Tank' reality show? Roomba Thunderdome? Come up with a cool concept, event, or party that will be open to all attendees from Thursday to Sunday and if you are selected DEF CON will release to you or your group one of the suites at a cost of $500 per night - so $2,000 for the con. They usually go for $1,500 to $2,000 per night. You can read the whole announcement on the DEF CON 23 site: https://www.defcon.org/html/defcon-23/dc-23-cfsuites.html

DEF CON 23 Paris and Bally's Room Blocks are Sold Out! Nearby Hotels at DEF CON Rate Still Available!

Hotels Infographic image

The DEF CON block at Bally’s and Paris is officially sold out. There’s still some good news for procrastinators, though - there’s still room at our con-goer rates at the nearby Flamingo, Link, Planet Hollywood and Caesars. At least, there is room right now. You’re gonna want to act briskly if you want to get the DEF CON group rate.

Here’s the reservation link:
https://aws.passkey.com/g/32601197

And here’s the direct lines to the hotels still offering the DC23 rate:
Flamingo 888-373-9855
Caesar's 866-227-5944
Linq 866-523-2781
PH 866-317-1829

DEF CON 23 CFP Closes This Sunday!

CFP Closing reminder image

A friendly reminder from DEF CON HQ:

If you're waiting until the last possible moment to submit your talk proposal for DC23, please be advised that we have arrived at that moment. Sunday May 10 is the last day we'll be accepting entries, so it's time to stock up on Code Red, take a few deep breaths and get that sucker done. We're looking forward to seeing what you've got.

The FAQ is here: https://www.defcon.org/html/links/dc-speakerscorner.html#leah-cfp-process

You've got this. Just make sure we've got it by Sunday.

New IoT Village at DEF CON 23!

Internet of Things Village image

Brand new addition to the DEF CON Villages this year - IoT Village! Lots of workshops on hacking off-the-shelf connected devices, live talks and even some contests.

There's also a CFP. If you have a good idea for a talk about the Internet of Things, you've got until May 26 to submit to them at the link below. Topics they're looking for include:

Raiding Internet of Things - Show us how secure (or insecure) IP enabled embedded systems are. Routers, network storage systems, cameras, HVAC systems, refrigerators, medical devices, smart cars, smart home technology, and TVs -- If it is IP enabled, we're interested.

IoT Device Management – Discuss best practices for deploying and building security into IoT devices.

Anything else awesome that involves IoT devices!

https://www.iotvillage.org/#cfp

New Speaker's Corner: CFP Process FAQ!

Speaker image

This is the home stretch for getting your talk submitted for DEF CON 23. The submission deadline is May 10. If you still have unanswered questions about the process of submission or selection, Leah has created a pretty exhaustive and very useful FAQ on Speaker's Corner!

The DEF CON 23 Call for Contests,
Events, & Villages is Open!

Call for Contests image

We know you have ideas. We know you’ve walked the floor at DEF CON and thought, “I know what kind of contest or event this place needs. One day I’m gonna get MY idea for Roomba Thunderdome to DEF CON and rule this place."

That one day is today (but not if your idea is Roomba Thunderdome - that’s mine). It’s time to take your great idea for a DEF CON contest or event and submit it to us. If it’s good enough, and you get it submitted by May 30, you may get to see your idea become a glittering Las Vegas reality.

The information you need to manifest your brilliance has a Forum thread. Go there and make us proud.

The DEF CON 23 Vendor Application is Open!

vendor application image

The DEF CON 23 Call for Vendors is now open, so if you have a product or merchandise you want to put in front of thousands of hackers you should check out defconvendors.com . It’s all there – all the info, the vendor area layout and even a surprisingly thorough FAQ. As always, we run out of vendor space pretty fast, so it’s a good idea to get yourself registered as soon as you can. The early bird catches the worm, and the late bird has pallets stacked with regret.

Call for Papers Reminder...


May 10 will be upon us in less than a fortnight - is your submission prepared? Tarry no longer, friends. Fortune favors the bold.

Submit to the DEF CON 23 CFP before glory slips from your grasp.

DEF CON 23 Speaker Page is Now Live!

speakers noir microphone image

Our speaker selection elves have been hard at work, sifting through the proposals for DEF CON 23, and they have a Friday present for you. The first round of Speaker Selection is done!

 

Did you feel that? That’s DEF CON 23 getting REAL, people. August 6 is closer than it sounds.

The selections are available for your inspection on the Speaker Page. More will be posted in the coming days, so check back from time to time. Also, if you have a talk you want to see on this list, you only have until May 10 to submit it to us. That is hella soon, so get on it!

Noir Science, Part Two: Neo-Noir

While the classic Film Noir period happened in the 40s and 50s, the style and preoccupations of Noir are alive and well. Sometimes referred to as Neo-Noir - here’s five notable takes on the genre that will get you up to speed:

Blade Runner: The undisputed champion of sci-fi flavored Film Noir. Hard-boiled private investigator, rain-slicked streets drowning in neon and depravity, a secret so dark we keep it from ourselves. Add to this the insanely detailed and haunting visual design - still maybe the most beautiful dystopia ever committed to celluloid - and you have a permanent chart-topper.





Blood Simple: The Coen Brothers' debut film about small-town jealousy and betrayal is both a love letter to Noir and a darkly comic blast of adrenaline that still stands up over 30 years later. The plot is an ever-tightening noose of bad faith and personal corruption.






The Killer: John Woo. Chow Yun-fat. Doves, the Hong Kong skyline and So.Many. Bullets. A grimly beautiful tale of underworld honor and devotion with operatically insane actions sequences that are still being copied around the world.






Brick: Underappreciated high-school noir starring Joseph Gordon-Levitt as the dogged investigator determined to find the truth, damn the consequences. The setting and the distinctive slang make it unique, the performances make it a first-ballot hall-of-famer.






The Yellow Sea: 2010 film by South Korea’s Na Hong-jin about an ethnic Korean (Joseonjok) taxi driver in Yanji, China. His twin obsessions with gambling and his estranged wife lead him into a murder plot that’s way out of his depth. You might watch some of this through your fingers, but it’s compelling cinema and steeped in Noir style.

 

Honorable mentions: To Live and Die in L.A, Shallow Grave, Oldboy, The Last Seduction.

Announcing the DEF CON Demo Lab

call for workshops image

Announcing yet another cool way you can participate in DEF CON: the DEF CON Demo Lab!

New for DEF CON 23 we are adding an place for you to show off your tools, projects, and tech to attendees - much like a poster board session but with computers.

The DEF CON Demo Lab is a dedicated area for hackers to show off what they have been working on, to answer questions, and even convert attendees into trying of giving feedback on their projects.

Presenters will be given a dedicated time and location to present a tool or project of their creation; show what it does, how it works, and why we need it in our arsenal.

Got something you’re itching to share? Get involved!

Full details at: https://www.defcon.org/html/defcon-23/dc-23-demolab.html

DEF CON 23 Call for Workshops!

call for workshops image

On the 3rd floor of Ballys South tower, The Jubilee Tower, lay seven rooms [1], each one 1,400 sq feet. That's enough space for about 55 people in classroom format. What to do with all that space away from the main action of the convention? I've wanted to try workshops and trainings for years but we have never had the room once we filled up the Rio. Now we finally have some space at the new hotels so I am calling on the community to tell us what we should do with the rooms.

Check out the Call for Workshops for full details!

DEF CON Villages make an appearance at the Tribeca Film Festival!

tribeca film festival image

For the first time ever, DEF CON is teaming up with the Tribeca Film Festival to bring a few of its famous Villages to New York. The Villages – interactive spaces stocked with gear, projects and brilliant humans – immerse the visitor in particular nodes of hacker culture. Hands-on activities, eye-opening presentations and open-ended experimentation combine to bring out the hacker in everyone.

Join us April 23 - April 25th, 2015 in Studio X of Spring Studios and you will:

• Learn to pick a lock in the Lock Picking Village.

• Make your devices and identity more secure by seeing how the bad guys operate in the Privacy/Crypto Village.

• Study the noble art of voiding all your warranties in the Hardware Hacking Village.

• Get schooled in the hacker's most important skill in the Social Engineering Village.

• Discover what it takes to open that weird security envelope without leaving a trace in the Tamper-Evident Village.

https://tribecafilm.com/festival/springstudios

New DEF CON 23 Call for Suites!

Call for Suites image

On the top floor of Ballys are four penthouse suites, and we are calling for people or groups who are interested in renting them and throwing something cool for the hacking community. Here is the deal:

Come up with a cool concept, event, or party that will be open to all attendees from Thursday to Sunday and if you are selected DEF CON will release to you or your group one of the suites at a cost of $500 per night - so $2,000 for the con. They usually go for $1,500 to $2,000 per night. You can read the whole announcement at:

https://www.defcon.org/html/defcon-23/dc-23-cfsuites.html

The DEF CON 23 Call for Music is Open!

DJ turntables image

We’re looking for performers. If you’ve got a band, or some righteous DJ skills, or you are crazy good at Tuvan throat singing, we want to hear from you. DEF CON is a big event, and our rocking requirements are substantial. Even if you just want to spin some chilly beats for con-goers on a caffeine comedown - we want your application.

If you have the goods to rock the people, fill out this form. Get in the ring. Win DEF CON.

DEF CON 23 Call for Music

Today’s list: 5 Must-See Classics of Golden Age Film Noir

To get you in the mood for DEF CON’s Noir theme, we offer some Film Noir knowledge and recommendations.

Noir is a slippery category, but it’s generally taken to mean films with a cynical worldview, moody, stylized cinematography and stories that turn on darker human impulses: lust, greed, vengeance.  They are stories of the desperate and the doomed, the outsiders who will never really belong to polite society.

 

The golden age of film noir is the 1940s and 50s, but the genre left its mark all over popular culture and great noir (or neo-noir, if you’re not into the whole brevity thing) is still being made today.

Double Indemnity: Arguably the film that kicked off the genre. All the elements are present. The lighting is dramatic, the dialog is sharp and the plot turns on murder for easy money. Directed by the great Billy Wilder and written by detective fiction immortal Raymond Chandler. Double Indemnity is the heavyweight champ of golden age noir, with 7 Oscar Nominations.

Kiss Me Deadly: Adapted from the Mickey Spillane novel of the same name. Starts with a disreputable private eye picking up a terrified hitchhiker escaping from a mental hospital wearing only a trench coat, and then things get weird. A Cold War parable with a breakneck plot, a mysterious box and as pitch-black an opinion of the human condition as you could put on screen in 1955.

Out Of The Past: To create the mood of a good noir, you need actors with moodsetting skills - lurking, looming, smoking with intent. No one has ever been better at doing those things than Robert Mitchum. Pay close attention to his looming work in this film. 10/10 would cross the street to avoid. Bonus: You can check out Mitchum being extra foreboding in 'Night of the Hunter'.

D.O.A: Some of the plot tricks in this movie might seem familiar, but only because directors borrow from it all the time. D.O.A. was pretty avant-garde in its time.

Our protagonist is dying - soon. He uses the remainder of his rapidly expiring time to find out who murdered him and see justice done. Lots of newer movies use the forced clock, the backwards storytelling, the inside-out murder mystery but very few of them do it any better.

Touch of Evil: The opening shot - a long, unbroken meander through the scene of our intrigue - is a clinic on mood-setting. Questionable makeup choices aside, this is the platonic ideal of what a dark melodrama should look like.

 

Honorable mentions: The Killers. The Asphalt Jungle. The Big Sleep.

Friends of Bill W Meetings at DEF CON 23!

Poker chips with AA token image

Sin City is a lot to take in. Friends of Bill W. joining us for DEF CON 23 are invited to take a break from the Vegas of it all with meetings at noon and five p.m., Thursday, August 6 through Sunday, August 9. Your hosts will be Jeff Mc and Edward B. The location has yet to be determined, so keep an eye on this space and we’ll update as new information becomes available.

You can mail us any specific questions at info at defcon dot org and we’ll get what answers we can for you.

Go sign up for Capture the Flag at DEF CON 23!

Capture the Flag DEF CON 23 image

CTF Season is in full swing - the final qualifying event is May 16-18. For those with the skills, the drive and the energy drink tolerance, glory awaits.

Screw your courage to the sticking place, step into the light and embrace destiny. Let the battle be joined!

Also, register on the Legitimate Business Syndicate website. Then, embrace destiny.

https://2015.legitbs.net/

The DEF CON Lawyer Meetup is back for 2015!

lawyer image

If you’re a lawyer (recently unfrozen or otherwise), a judge or a law student please make a note to join your host Jeff McNamara at 6pm on Friday, August 7th for a friendly get-together, followed by dinner/drinks and conversation. The location of the meet is still to be determined, but we’ll post as soon as the details are settled. If you’d like to help out with the event or have questions, contact jeff at jcmclaw dot com.

The Wall of Sheep is Calling, They Want Your Papers!

wall of sheep image

The WoS Packet Village returns for DEF CON 23 and they're looking for speakers. If you can cobble together a riveting 1-hour presentation on topics like network sniffing tools, or incident response, or Python programming for security practitioners, you can get selected to speak in the wildly popular Packet Village. Whether you're looking to dip your toe into speaking at security cons or you're a seasoned pro with an idea that fits perfectly into the Sheep demo, you owe it to yourself to check out this opportunity.

The full details are available at their site.

http://www.wallofsheep.com/pages/call-for-presentations-at-def-con-23

DEF CON CFP Privacy Policy, Now Live!

policy pages image

As you know, the DEF CON 23 Call for Papers is open. If you've ever been curious about how your sensitive research information is treated once we get it, who gets to see it, whether we put coffee mugs down on it - the CFP Privacy Policy we've added to the Policy Page has your answers.

New FTC Contest, Robocalls: Humanity Strikes Back

FTC Contest, Robocalls: Humanity Stikes Back image

Rachel from cardholder services is back and there's a price on her head.

Fresh off the popular 'Zapping Rachel' contest at DC22, the FTC is returning to DEF CON this summer with a brand new contest and a big wad of prize money. Called 'Robocalls: Humanity Strikes Back', it challenges you to create a tool that allows mobile and land-line users to identify and block robocalls or deflect them to a honeypot for great justice.

The qualifiying round is open now and closes June 15. Qualifiers compete at DEF CON 23 for cash prizes, including $25,000 for the winner. You can find all the rules and regs on the contest website.

http://www.ftc.gov/news-events/contests/robocalls-humanity-strikes-back

Contests, Events, & Villages, Oh My!

contest image

We're a little past the halfway point between cons, but DEF CON 23 is already taking shape nicely! Cool stuff with intention to return for DC 23 includes:

Contests:
Black Bag
Crash and Compile
Capture the Flag
DEF CON Bots
Darknet Project
Scavenger Hunt
Short Story Contest
Schemaverse

Events:
SkyTalks
DEAF CON
DEF CON Shoot
Ham Radio Exam

Villages: Crypto/Privacy Village
Hardware Hacking Village
Lockpick Village
Packet Hacking Village
Tamper-Evident Village
Wireless Village
Social Engineering Village

And there's lots more to come.

In the coming days, we'll be highlighting different individual contests, events and villages in this space, so keep an eye out. If your favorite thing isn't yet on the confirmed list, you can keep tabs in the Contests & Section of the DEF CON forums. It's never too early to start planning how you're gonna get involved this year.

The DEF CON 23 Call for Papers,
and Social Engineering CFP are NOW OPEN!

DEF CON 23 CFP Graphic

It’s getting real, people. The DEF CON 23 Call for Papers is now officially open! If you’ve got some good stuff to share, it’s time to start getting your pitch together. You’ve got until May 10th to submit, but don’t get too comfortable. May will be upon us faster than you probably think.

To learn the requirements for a DEF CON talk, take a look at the CFP form and get an idea of the suggested topics, we’ve put together a handy guide at https://www.defcon.org/html/defcon-23/dc-23-cfp.html. Get yourself up to speed, get your forms filled out and get your proposal in front of our selection committee. This is going to be our biggest DEF CON yet, and there’s a lot of opportunities for speakers, both experienced and brand new. We’re hoping one of them is you.

As if that wasn’t enough CFP excitement, we’re also happy to announce that the Social Engineering Village CFP opens today! The requirements and submission form are online at http://www.social-engineer.org/sevillage-call-papers/. The SE Village is very popular and it’s going to be even bigger and more ambitious this year.

SE Village also has a bad-ass Capture the Flag contest happening. Check out the Rules and Registration page (http://www.social-engineer.org/ctf/def-con-23-sectf-rules-registration/). If you want to play, read the whole thing. For real. They’re very clear on this point.

Capture the Flag qualifying events announced!

CTF Monument graphic

Begun, the DC23 CTF has!

Legitimate Business Syndicate, the shadowy organization that provides the hustle and the muscle behind the DEF CON CTF tournament, has announced its list of qualifying contests for the 2015 showdown in Las Vegas.

If you have the team, the drive and the raw skills, it's time to start making plans. To pluck the flower of eternal glory from the Nevada desert, you must first prove yourself in the crucible of a qualifier.

Assemble. Register. Qualify. Prevail. The road to victory is now open.

https://blog.legitbs.net/2014/12/announcing-def-con-ctf-qualifying.html

DEF CON 23 Theme Announcement!

DEF CON 23 Theme image

We’re announcing the theme for DEF CON 23 early. Like, hella early. Right now early.

The theme will be ‘The 23 Enigma - a Hacker Noir’.  Fedoras and rain-slicked streets. Smoky back rooms and numbers that show up too often for coincidence.  While the good people of Everytown dream away the dark hours, the data wars rage without ceasing. Sleepless vigilantes fight for the users, though the users may never know. No matter. A bottle of the good stuff, a fast connection and the room to do a righteous night’s work, that’s enough. It’s gotta be. It’s all that’s left.

Hackers, start your imaginations.

The Dark Tangent’s announcement is here: https://forum.defcon.org/showthread.php?t=14096