Attention, luminous humans of the DEF CON Community! We bring you tidings of great joy - the first batch of accepted speakers are LIVE on the DEF CON website for your immediate perusal. Stay tuned to the DEF CON frequencies for more announcements - message output will increase from here on in.
Check it out, start your planning, and pass it on.
We’re getting into the home stretch, people! Less than two months until the doors open on DEF CON 27.
Please stop by our newly revamped DEF CON Forums for info, answers and discussions of all things DC27. While it’s true that the forums are still in beta, they’re also the perfect place to connect directly to the event organizers and attendees with your specific concerns or recommendations. You’ll be helping us smooth the rough edges, and we’ll help you get the most out of your Con experience. Wins all around.
A new feature you might find useful is the con calendar, with the dates of major DEF CON deadlines like calls and village CFPs, all right there to keep you on track!
Two months is nothing, Welcome to DEF CON season!
Need a handy guide to which DEF CON 27 Village CFPs are still open? Look no further. /r/defcon has you covered.
TL:DR; there's still a bunch of open CFPs but they're closing really soon. Don't get left behind!
Another successful DEF CON China is on the books! Check out this Twitter collection of photos from DEF CON China 1.0!
The DEF CON China 1.0 materials will be available on the DEF CON Media server just in time for the opening of the conference - (10am May 31, Beijing time). While you’re there, feel free to check out the materials and resources from all of DEF CON’s history. Download to your heart’s content, and peruse at your leisure. Just remember to pass it on.
After a hectic day of hacking and mind expansion, it can be very therapeutic to clear the head by vigorously shaking the booty. 4 out of 5 doctors recommend the DEF CON China Live Music lineup to their patients.* It’s all going down the night of June 1, and the lineup is awesome. Prepare for a "crossover experience involving sound and light installation, immersive stage, technology and art.” You can learn all about the artists participating on the DEF CON China Entertainment Page.
If you can be there, be there.
*Ok, the doctors didn’t say that, but probably just because we didn’t ask. If we did, we feel pretty sure all five would have told you to join us.
Friendly reminder for DEF CON 27 - The Call for Services is up and running. We’re looking for fun and interesting servers/services to hang out on the DEF CON onsite networks. That old-school MUD you’ve wanted to share, the impenetrable server you want to test on the DEF CON crowd - all good ideas are welcome. The rules and regs can be found on the DEF CON site, and you should read them. Show us what you’ve got, everybody.
The Android version of the DEF CON Forums app is in beta - you can grab it in the Google Play Store if you want to help us work out the kinks before DEF CON 27. iOS users hang tight - yours is on the way.
DEF CON China update! Online registration closes May 28 at 23:59pm Beijing time, and that’s only a few days away. Don’t worry, though. You’ll still be able to purchase a badge onsite when the event opens.
Registration link: https://ticket.4hou.com/en/web/index.php?r=api%2Findex&activity_id=89
Attention DEF CON China 1.0 attendees! The Workshop Schedule is LIVE and Workshop Registration is OPEN.
We're excited about the lineup of workshops and we think you will be, too. Remember, they will fill up fast so act quickly. Attendees can register for one workshop per day.
Workshop Schedule:
https://defcon.org/html/dc-china-1/dc-cn-1-workshops.html
Registration:
https://ticket.4hou.com/en/web/index.php?r=api%2Findex&activity_id=89
DEF CON is well known for its technical side, but there is a vibrant artistic side as well. Each year, DEF CON invites live musicians and DJs from within the community to perform, and we hold contests for short stories and art to help us bring the year's theme to life.
We expanded the art contest to DEF CON China, and were delighted to find that every entry was amazing! DEF CON thanks everyone who shared their work with us. Extra special congratulations to the winners:
1st place: “Search” by Zhao Mengxi
2nd place: "Pursue the Sun" by Li Yuxuan
3rd place: “Ching Ming Festival Rain" by Arvin Dong
All three winners took their inspiration from our theme “Technology’s Promise” and delivered technically beautiful and personal artworks. If you’re in Beijing for DEF CON China 1.0, keep an eye out for our display of the winning pieces.
You can check out all the entries on the DEF CON Forums
Got questions about DEF CON China 1.0? We have some answers for you, wrapped up all tidy-like in a web-based FAQ. If your particular question isn’t included, please head over to the forums or @defcon to get your answer - we want to handle infrequently asked questions, too.
May 31 is right around the corner. We hope we’ll see you in Beijing!
Attention CTF warriors:
The majestic hive mind of @oooverflow have been working on #MaximumSecurity and the time to register is upon us. Sign up and compete for glory next week! Winner gets to test their mettle at the uniquely prestigious DEF CON CTF!
To celebrate DEF CON 27’s CFP closing we present you with this S3KRET PHOTO of the DEF CON China badge details, smuggled out by The Dark Tangent
We’re excited that you’re joining us for DEF CON China 1.0. If you will require lodging during the conference, there are many options in the area of 751 D Park. These are a few that are close by and well served by local public transportation.
DEF CON China 1.0 Hotel Guide
Disclaimer: This hotel guide is provided as a courtesy for DEF CON CHINA 1.0 attendees to have an overview of the closest hotels to the conference site. All information provided was obtained on or before April 22, 2019 via each hotel’s website. For specific amenities available during your stay, please verify with the hotel. DEF CON or its partners do not endorse any specific hotel.
The DEF CON forums are returning, spiffed up and streamlined. You can help us beta test them by to https://forum.defcon.org.
While you’re there, we’d love it if you could stop by the DEF CON China Art contest thread and vote for your favorite artist. The entries are unanimously jaw-dropping and we could use the help deciding.
Really. The submissions are astounding.
Stay tuned for the official launch of the forums as your hub for imformation and feedback about villages, events, contests and other community goings-on. We’re excited to see how you’ll make use of them.
We have a bunch of exciting announcements about DEF CON China 1.0!
The first round of accepted speakers is live! We’re excited about how the lineup is developing, and we encourage you to take a moment to get familiar with it.
We’ve also got the first round of accepted Workshops and Demo Labs online for your perusal. We hope you’ll be as excited as we are about the DEF CON China content offerings. Please check our website frequently for updates as soon as we have them.
If this taste of the DEF CON China program has you interested in attending, just head over to our registration page and prepare to join us.
Press Registration for DEF CON 27 is now OPEN! As always, we have a limited number of badges available, so act quickly to reserve your spot. You can get all the relevant details on the press registration page. Make sure to read it carefully as there have been some changes in policy that might impact your operation. Feel free to drop us a line if you have questions - we look forward to hearing from all of you!
If you’re unfamiliar, Demo Labs is a space we set aside for the community to show off what they’re working on. The requirements are simple: it’s gotta be something interesting to your fellow hackers and it’s gotta be open-source. We give you a table and a time slot, and you get to share your new hotness with a pretty ideal demographic. Get feedback, find collaborators, impress complete strangers. Wins all around.
If you’ve got the goods, head over to the Call for Demo Labs and get the process underway. Show us what you’ve got, fam.
The Villages for DEF CON China are officially locked in! Attendees will have a bunch of fun options to choose from - we'd suggest setting some time aside to sample as many as you can - all DEF CON Villages are full of interesting talks, hands-on learning and friendly experts who are passionate and informed about their subject.
Guests of DEF CON China can enjoy:
Lockpick Village
Car Hacking Village
Recon Village
Hardware Hacking Village
Packet Hacking Village
Bits & Blocks
VXCon Village
AI Village
BugZee Soldering Village
Black Window
Blockchain Village
Register for DC China now to make sure you don't miss out!
DEF CON Voting Village has an open Call for Papers! We're looking for people with something important to say about the issue of Election Security - if that's you let's talk. You have until July 12 to get your submissions in.
Come help us secure the vote!
Big news for DEF CON China 1.0 - the dates have changed! At the venue’s request we’re moving the dates up from June 4-6 to May 31-June 2.
While we regret any disruption this change might cause, we are pleased that the new dates fall on a weekend. It’s our hope that this will mean more people will find it convenient to attend.
We will be getting in touch with people who’ve requested visa assistance to make sure everyone gets their application updated. Please reach out to us if you have any questions.
We haven't done this one since DEF CON 22, but we're asking for your services! So if you want to put a box with something super cool on the DEF CON network, find out all about it on the Call for Services Page!
You can begin placing orders at 1800 on March 11 Beijing time (GMT +700). We’re taking everything we learned in the DEF CON China Beta last year and putting together an even more exciting, informative and enjoyable event. We hope you’ll join us.
The spirit of hacking is the desire to extend the technological horizon by bending existing tech in new and unexpected directions. We build the future by rethinking and reshaping the present.
So it’s fitting that DEF CON China 1.0 will be held in the Beijing’s iconic Arts District at 751 D Park.
It’s an open location full of modern creative spaces carved from a foundation of 20th century industrial architecture. A perfect place to meet up with a few thousand hackers and discuss ‘Technology’s Promise’, don’t you think?
That, friends, is hacker.
We are very excited to begin the transformation of the 751 D Park space for DEF CON China 1.0, and we hope you’ll be able to join us there.
DEF CON China 1.0 is getting closer, so it's time to get involved! Here are the many Calls for Participation that opened today:
Workshops: If you've got teaching skills and some cool hacker knowledge to share with the DC China attendees, pitch it to us. We're looking for technical, unique content, and we know you're out there.
Demo Labs: This call is for anyone with an open source project you'd like to demonstrate to the public. It's a great way to get feedback on your work, find collaborators and see your ideas in use by the target audience.
Villages: Villages are all-day, hands-on spaces dedicated to a specific area of hacking.
Contests and Events: Hackers need to have fun, too. If you have a clever competition idea or an entertainment proposal, this is for you. Some of the more famous previous contests and events at DEF CON are the Scavenger Hunt and the Wireless Capture the Flag contest. If your idea is good, we'll help you get it realized.
DEF CON belongs to the community, and the best way to feel a part of that community is to join in and help build. We can't wait to see what kind of ideas you've got!
NEW this year, if you submit to the Call For Papers and are selected to speak, DEF CON will cover three hotel room nights per talk! This is in addition to the existing speaker payment method you choose.
I hope that making speaking at DEF CON more affordable will bring in more submissions from a broader range of applicants, increasing both quality and diversity of topics.
The DC27 CFP is open, and we can’t wait to see what you’ve been working on.
- The Dark Tangent
t’s time to start thinking about DEF CON parties, people. DEF CON 27 is getting closer every day and our Call for Parties is officially OPEN!
This is a golden opportunity for everyone who has always wanted to try their hand at throwing a hacker party in Vegas. Submit your dream party, and if it’s cool (and possible, obvs) enough we will help you make that dream a DC27 reality.
We’ve got a lot of space and a lot of people looking to party. Let’s put our heads together and make this amazing. Are you in?
Boom! Another DEF CON 27 Call goes live!
Our wildly popular Workshops are back for DC27, and if you’ve got a fire abstract you could be leading one!
The details and submission guidelines are on the workshops page, but the tl;dr is this:
You (singular or plural) have he perfect idea for a DEF CON training.
You take this idea and submit it to us before May 1, with all the information we ask for in the workshops page.
We are psyched about the magnificence of your idea and we maybe ask for some more info.
We allot you a projector, a whiteboard and a time slot to make magic with at DC27.
Dozens of hackers pick up what you’re putting down, depart the Con wiser and embiggened.
You feel awesome. They feel awesome. Your Speaker badge looks awesome.
Sounds good, right? If you’ve got the goods, get busy submitting.
Attention merchants and purveyors of quality hacker-centric products and/or services: the Call for Vendors is now Open! Let’s get your goodies and gear in front of many thousands of hacker types, many of whom enjoy shopping for cool stuff.
There are a few rules to learn and an application process, so please head to the vendor application and get familiar. Please also note that we have a limited amount of space to offer, so the early birds have an advantage.
Operators are standing by, metaphorically speaking. Act now!
Yes, hacker fam, the Season of the Con is upon us all. Our elite team of reviewers is standing by, ready to examine your proposals for DC27 talks, offer feedback and begin shaping the speaking tracks.
The details are here. Follow directions carefully to stay in the good pile.
Some pro tips:
Link to the theme if you can. We are giving a little extra consideration to proposals that can link DC27’s 'Technology’s Promise' motif.
Get on it ASAP. The reviewers can sometimes help get a worthy though undercooked idea over the finish line, but only if it arrives early enough. Once we get in the red zone you’re kind of on your own, so don’t wait until the last minute.
However it feels right now, summer will be upon us sooner than you think. Get your best ideas together and let’s get busy proposing.
Pencils up!
中文
DEF CON China was a great success, and we’re happy to announce that DEF CON is returning to Beijing for DEF CON CHINA 1.0 on 31 May - 02 June 2019!
Today we are opening up the CFP for DEF CON China 1.0 If you’d like to apply to be a speaker, https://defcon.org/html/dc-china-1/dc-cn-1-cfp.html has all the information you’ll need to make a submission. We look forward to your proposals.
The DEF CON China 1.0 website will launch soon, with more information about the venue, and more ways to participate.
We’re very pleased to be bringing DEF CON back to Beijing, and we hope to see you there!
去年办DEF CON China的反应如此热烈,我们将凯旋而归,在今年5月31日至6月2日号举办DEF CON CHINA 1.0!
我们今日郑重地发布此会议的征文启事(CFP)。https://defcon.org/html/dc-china-1/dc-cn-1-cfp-cn.html有所有投稿所需的资料。我们佷期待大家的投稿。
DEF CON CHINA 1.0的官网将会有对于会议更多的详情及参与的资料。请拭目以待!
我们很荣幸能回到北京,也期盼再次重逢!
Hope all the teams looking for a bite at the DEF CON 27 CTF are in the dojo working on their fitness: next automatic qualifying event is #0ctf on 23-25 March. Oooverflow.io @oooverflow
It’s officially DEF CON 27 Open Call season, and we have a nice big one for you today: the Call for Villages is officially open!
Did you look at last year’s 20+ villages and say to yourself, “You know what Village they really need”? Have you been sitting on an idea you know could change the Village game? This is your moment. Share it with us, and if we agree with you we’ll help you make it happen.
A word to the wise, however. The Villages are a lot of work. They require a lot of planning and thinking through, and a lot of personnel support. If you want a chance at getting your idea on, it’s in your interest not to wait until the deadline. The sooner you get in touch, the more we can help. Procrastinating entrants will be fighting for limited space and limited attention from the team making the decisions. Don’t let that be you.
The rules and regulations are available online, and our operators are standing by. Get your ideas together, assemble your team and let’s do this one big.
That rumble you’re feeling? It’s the DEF CON machinery coming online for 2019. Feel free to get psyched.
Attention, singers of songs, players of instruments and spinners of records, both real and imaginary!
The DEF CON 27 Call for Music is live, and your services are urgently required. DC27 has a great deal of space, and where possible we want to fill it with music and merriment. If you’ve got the requisite crowd-moving skills, we want to hear from you. Thousands of hackers are depending on you to bring the beats - do not let them down.
Your move, bards and troubadours.
Happy 2019, everyone! The DEF CON 27 train is picking up speed, and today’s milestone is the Call for Contests and Events!
If you want to host a new Contest or Event or renew an ongoing, you have until March 1 to get your proposal emailed to contests[at]defcon.org. For a list of the questions you’re required to answer, head over to https://defcon.org/html/defcon-27/dc-27-cfce.html.
Don’t procrastinate - March 1 will get here faster than you think, and the more time we have, the more chance we can work with you to get your proposal over the finish line.
We can’t wait to see what you’ve got cooking. Let’s light this candle!
Tidings of comfort and joy, luminous humans of DEF CON! It’s almost 2019, which means we’re that much closer to DC27.
In anticipation, we’ve created a little 'Technology’s Promise' ePub with homework assignments for the eager, and color and style suggestions for those of you looking to create themed content.
There will be plenty more prompts and inspirations in the coming days, but we encourage you dig in and start preparing. Marinate.
As always, we thank the whole community for the love and enthusiasm you bring to all things DEF CON. We love you right back.
Big things are brewing, y’all. Let’s get it underway!
Preparations are well underway for DEF CON 27. Meetings are being met, plans are being planned, and the theme is ready for its unveiling.
DEF CON 26 was about the inflection point between disorder and dystopia - the moment before point of no return. This year's theme, in a way, responds to '1983' with new questions. What does it look like when we make the better choice? What kind of world do we hack together in the sunniest timeline? How does our real best-case scenario compare to the future we've been dreaming of for generations?
So, we offer you 'Technology's Promise'. It's a break from the dystopian imagery into a major-key, blue-sky thoughtscape, full of color and light. It's a future where we have tamed some of the more intractable problems that plague us in the present, where technology supports and inspires instead of controlling and surveilling.
To get you in the proper mindset, here's some media to sample:
Star Trek TOS - because the series is based on a future Earth that has learned to manage itself, make working alliances with neighbors and turn its attention to the disciplined exploration of the broader universe. Also LCARS is still cool.
Asimov's Robot series - a future where humankind has built AI android tech that supports rather than supplants humanity, and (usually) behaves itself admirably.
BioShock - a genuinely thought-provoking game about the promises and limits of tech-based utopia.
Kraftwerk, Com Truise, Tangerine Dream - the beautiful sounds of our neon future, rendered in the gorgeously synthesized tones that can only come from the fruitful marriage of human and machine.
We'll be posting more of this as DC27 approaches. Lots more. This is going to be fun.
Join us, won't you?
Show your laptop some holiday love with DEF CON 26 stickers - now back in stock at the DEF CON Ebay store!
New DC26 playlist alert! The AI Village talks are up and live on the DEF CON YouTube channel! There’s a couple dozen presentations in there, all worth your time. Get cozy, get educated and get sharing.
Ready for a little pre-Thanksgiving info-binge? Please enjoy this playlist of fine videos from the Def Con 26 Internet of Things Village. Lots of interesting stuff in here about the rapidly expanding attack surface that is the world of connected devices.
Watch, share and remember : The 'S' in IoT stands for 'Security'.
Fire up your webguzzlers of choice, DEF CON fam - all the DEF CON 26 torrents are up and live! Most recently Video & Slides and Village talks, we also have audio, music, caps - it’s an embarrassment of riches. . Get ‘em, seed ‘em and pass ‘em along. #sharingiscaring
More DEF CON 26 videos - full playlist from Recon Village and Wireless Village talks are live on YouTube! There's something for everyone! As always, enjoy and share.
More DEF CON 26 videos up on YouTube! We've got a playlist from the Social Engineering Village. Learn the techniques and strategies used to manipulate the weak link between the keyboard and the chair. As always, #passiton.
It's November - the height of sweater season here at the DEF CON Central Office. It's a perfect time to find a cozy corner and treat yourself to a steaming mug of hacker knowledge. To that end, we've placed the audio files from DEF CON 26 on the media server for you to sample at your leisure. Please enjoy, and share a cup with anyone you think could use a little seasonal cheer. Please enjoy this playlist of DEF CON 26 presentations from the brand new Blue Team Village. You can learn more about the BTV at blueteamvillage.org, and if defense is your jam, consider getting involved. As promised, we have an update on the issue of the Caesars room entry policy. We regret that it's taken so long to get news, but be assured we intend to stay on this until a satisfactory result is achieved. Let's start the week off strong - please enjoy this playlist of main track talks from DEF CON 26! Clear some space in the calendar - there's 100 or so talks in there. We suggest a comfy seat, some snacks and Visine. Attention hackers! The first pre-qualifying event for DEF CON CTF 2019 is almost upon us! Don't miss HITCON CTF, your first chance to pre-qualify for DEF CON, this weekend! Over on the DEF CON media server we’ve got a firmware update, a writeup and some other goodies for you. Get that DC26 badge out and spruce it up! Thanks to @tymkrs for the refresh. More DEF CON 26 video for you - this time it's all about the Hacker Tracker. Whiney Champion (@shortxstack) and Seth Law (@sethlaw) share the story behind the conference planning/management app they created to help people navigate the world of DEF CON. It's also a cool story about hackers seeing a need and jumping in to fill it with some open source awesomeness. Another Early release for your viewing pleasure. This time it’s @SecuritySense and Agent X talking about best practices for detecting and inconveniencing old-fashioned analog shoe-leather surveillance. As always, enjoy and pass it on! The Voting Village Report from DEF CON 26 is live now! We hope you’ll take some time to read it in full.
In the Voting Village’s second year, the selection of devices was expanded to more than 30 machines, all but one of which are still in use across the USA right now. We also made a very successful effort to attract election officials to observe, participate and even get training from cybersecurity experts. More video from DEF CON 26! 'Booby Trapping Boxes' by Ladar Levison and hon1nbo is a practical talk about high impact, low cost hardening for a chronically insecure world. From the abstract: More DEF CON 26 video for your perusal: @5uggy, Till Krause and @sveckert deliver a timely and important breakdown of the fake science industrial complex. From the abstract: More video from DEF CON 26! This time it's the ancient, humble fax machine's turn in the security barrel. The team that runs the DEF CON Voting Village has announced that they will release findings from DEF CON 26 next week. The report from last year's Voting Village was widely cited and helped jump-start the conversation about improving election tech security. Now available on the DEF CON Ebay store - the very stylish DEF CON 26 hoodie. Look sharp, feel good and get a bonus saving throw against mind fog. Get these and other fine DEF CON goodies while supplies last! Nice writeup of the ICS Village CTF contest from DEF CON 26. If you've got a writeup you'd like to share, be sure to let us know! The DEF CON 26 official picture feed is live on the media server for your enjoyment! In addition to the standard web-style offering, we’ve got the whole enchilada in tasty torrent flavor for the adventurous and storage-blessed. The DEF CON 26 transparency report is live on the DEF CON site. The DEF CON 26 Archive Page is live! You can use it to find all kinds of goodies from the most recent event - speaker materials, packet captures, the program, even the audio and video from the show once they're ready. Enjoy! Contest Results for DEF CON 26 are LIVE! Congratulations to the winners and heartfelt thanks to the organizers and volunteers that made the contests happen. Much love to everyone who got into the ring and competed. 4 senators sent a bipartisan appeal to @essvote urging the vote-tech firm to engage with the independent security research community. They asked Election Systems and Software to make voting machines available for testing and to share the results to increase transparency. For your first post-DC26 (and pre-DC27!) weekend, here's the first video release - Rob Joyce, Senior Advisor for Cybersecurity Strategy at the NSA giving his presentation 'NSA Talks Cybersecurity'. A team from DEF CON management met with Caesars on Tuesday. They are looking into the reports we presented, and we’ll share what we can as those investigations play out. Just like that, DEF CON 26 is in the books. We want to thank all of you for making such a success of our little hacker party every year - there is truly no community anywhere like the DEF CON community. So, while all of you are doing DEF CON, you’re also making news. Here’s a roundup of interesting articles about what the press noticed at DEF CON 26 so far. Tonight's music selection has shifted a little in transit - same great lineup, just in new timeslots. Make sure to share with anyone you think is interested in music and joy. I’m the DEF CON bean bag. You might remember me from my appearance on Twitter at DEF CON 25 and such films as ‘I Have No Shape and I Must Scream’, ‘Dial S for Stuffing’ and ‘My Dinner with Andre.’ Ready to ingest some more DEF CON 26 media? Go ahead and unhinge your cyber-jaws and fire up our new torrent and magnet links. We’ve got the DEF CON 26 Original Soundtrack, the DEF CON 26 Presentations and the additional material from the Workshops. Let’s set the mood, people. Head over to the DEF CON media server for the whole OST Soundtrack to DEF CON 26 in several delicious digital flavors for your downloading pleasure. If you’re BT inclined, there’s a torrent file in there too. The DEF CON 26 WiFi Reg page is live, with all the info you need to securely log in to the wireless network on the DEF CON conference areas. As a followup to my last post we realized that if we were hoping people would emulate our policies at other conferences we may as well release our attendee incident reporting policy as well. The version given to all the DEF CON Goons is the same as below but also includes confidential reporting phone numbers. DEF CON does not tolerate harassment of any kind, be it racial, sexual, physical, political, intellectual, or emotional. Every Goon shall take each report by an attendee seriously, and not dismiss any of them. Never turn an attendee away. It is not a Goon’s duty to judge anything that an attendee says, regardless of opinions of the attendee, the person they’re reporting, or the reported issue itself. In my last post about the DEF CON Code of Conduct, I mentioned that I wanted to make sure that the community had all the tools necessary to get involved and report problems when they arise. You can reach DEF CON staff during normal hours of operation (8am to 4am) to anonymously report any behavior violating our code of conduct or to find an empathic ear by calling +1 (725) 867-7255. Trained community volunteers will be standing by to help any attendees. We are collaborating with several organizations including Kick at Darkness, The Rape Crisis Center Las Vegas, and the Nevada Coalition to End Domestic and Sexual Violence to provide expert resources for survivors, including dedicated support for LGBTQ+. When you call the Hotline you will reach DEF CON community Goons trained to help in these areas. In the past there has been some confusion by attendees with what Goon they were actually talking with. Based on the positive community response to our closing ceremony transparency report, we plan to do this every year and hope other conferences do as well. Less than 2 weeks to DEF CON 26 - how about a little treat to get you in the mood? Head over to the DEF CON Media Server for a sweet video and a single from DEF CON favorites Skittish and Bus, straight from the DC26 Soundtrack. When I designed the updated DEF CON Code of Conduct in 2015, I had a few goals in mind. Make it simple to understand, express in broad strokes what kind of behavior is not acceptable, and don't be too specific. The official list of Vendors for DEF CON 26 is live on the website. There's a pretty wide variety of books, gear and swag to check out, along with some fun newer stuff like nootropics. Get familiar. Many people love parties. Facts. Attention DEF CON-goers! The speaker schedule is official and live! Wait no more - find out who’s speaking about what, where and when. Commence planning. Engage stoked mode. Countdown imminent. For all those Friends of Bill W. looking for a meeting, or just a quiet moment to regroup from the Vegas of it all, we have you covered. There are meetings throughout DEF CON - Noon and five pm Thursday through Saturday and Noon on Sunday. The location is the same as last year, in Office 4 Behind the DEF CON Info Booth. Now that you’ve had a whole day to absorb the epic Village list, we’ve got some more goodies for you. The Contests and Events page is now LIVE, and it’s also quite a bit to take in.
Ranging from the straightforward elegance of the Tin Foil Hat Challenge to the complexity of an Industrial Control Systems CTF competition, there’s contests here for just about any hacker discipline, and every level of skill or experience. Contests are also a great way for the shyer among us to beat the icebreaker blues and get right into some fun with a bunch of likeminded strangers. DEF CON 26 is less than a month away, and the DC26 Villages page is live and ready for your attention! Bring a snack, though - there’s a lot of villages this year. Twenty-eight (28!) villages, covering a pretty staggering array content. More DEF CON 26 goodies for your perusal – Demo Labs are Live! You should take a moment to check out the lineup, and set aside some time to visit when you’re at the Con. In addition to being a cool way to see what your fellow hackers are working on, it’s an opportunity to offer your expertise, meet potential collaborators and help push the community forward. Another milestone on the Road to DEF CON 26! The workshops page is live on the DEF CON site. Registration is still a ways off - July 8, to be precise, but now is the perfect time to get yourself familiar with the offerings. The spots traditionally fill up pretty quick, so be ready to claim your seat when the light turns green next month, maybe even consider a few backups. DEF CON family, the time of our reunion approaches. In just a few days, summer arrives in the Northern Hemisphere. The pages of the calendar turn, ever closer to August. Today comes the surest sign - the DEF CON 26 speaker list is live on DEFCON.org. Please enjoy the video of the Keynote presentation from DEF CON China! It's the redoubtable Dan Kaminsky, and his topic is "Bugs Aren't Random: Unifying Building and Breaking in the Modern Age." Many topics are covered, as viewers of previous Kaminsky talks can attest. At the closing ceremonies of DEF CON 25 last year we shared the results of our first public transparency report - an account of the incidents we dealt with throughout the con. The report now has a permanent home on the DEF CON website, and we’ll be updating it after every event. The Recon Village is hosting a hackathon at DEF CON 26! If you like the idea of working on an OSINT/Recon tool with fun strangers and copious energy drink consumption, get your info/signup on at the link. DEF CON believes in balance. For all the forebrain overstimulation we provide by day, we provide an antidote at night - a carefully curated beat menu to work out your funky lizard underbrain. Now that the DEF CON 26 CTF Quals are complete, here's a roundup of some of the first challenge write-ups to appear in the wild. Please read them, learn from them, and share them. If you don't participate in the CTF yet, let them inspire you to throw your hat into the ring. Congratulations to Samurai for winning the hotly contested DEF CON 26 CTF Quals! Our thanks also to the luminous humans of Order of the Overflow for putting on such a fun event! Check out the scoreboard for all the rankings! You can follow the action at the DEF CON 26 CTF Quals on this convenient scoreboard provided by the fine humans of The Order if the Overflow. So you should. Our first DEF CON outside the U.S. is in full swing and day one is on the books! The twittersphere has been providing a window into that first day, so get a load of the photos people have been posting from DEF CON China! Reminder: there’s a CTF qualification event this weekend: More Reading Homework for DEF CON 26! Early bird reg for DEF CON China [beta] has now closed. Online reg remains open for those who prefer it, but please be aware that the standard DEF CON method of paying at the door works just fine. DEF CON Quals CTF 2018 registration is now open! https://register.oooverflow.io Announcing new for DEF CON 26, the Soldering Skills Village! The SSV will focus purely on soldering and making at DEF CON while the HHV will focus on bringing more hardware hacking resources than ever before! DEF CON 26 is getting close and now is the time to let everyone in on some big changes we've got in store. We've accepted a record number of villages and are growing the number of workshops from last year. To hold all this goodness we are growing to include the Flamingo hotel. Online registration for DEF CON China [beta] is LIVE! Follow the link, (using the translate feature in Chrome comes in handy) and save yourself a seat at the first international DEF CON hacking conference! DEF CON China [beta] is almost upon us, and we’re hoping to see lots of you there. To help you make your plans we’ve got a finalized speaker list and schedule! All the presenters are top-shelf and bring a wide variety of technical skill and subject matter expertise - we’re excited about all the final selections. Androsia: Securing 'data in process' for your Android Apps Triton and Symbolic Execution on GDB Spreading malware with Google (Nice Quilombo) You Logged Into My Account Fooling Image Search Engine Security Research Over the Windows (kernel) Smart Contract Hacking Beyond Adversarial Learning — Data Scaling Attacks in Deep Learning Applications Passwords in the Air: Harvesting Wi-Fi Credentials from SmartCfg Provisioning I Am Groot: Examining the Guardians of Windows 10 Security DEF CON Groups Panel General ways to find and exploit Path Traversal Vulnerabilities on Android APPs The schedule is now live! Read the abstracts, pick your favorites, and get psyched. Cyborgs, grinders, human potential optimizers of all kinds, harken! BioHacking Village at DC26 is giving you until June 22 to get your proposals in. As always with CFPs, procrastination isn’t your friend- the more time we have to help turn good proposals into great ones, the better. The relevant data is linked below. The DEF CON 26 CTF is taking shape! More Beijing news for you - we are excited to bring you the first round of accepted speakers for DEF CON China! DEF CON China [beta] is shaping up fast, and we’ve got another exciting content announcement. May 11 approaches, DEF CON enthusiasts, and we have news! Village selection is underway - we can already confirm the following for DEF CON China [beta]. Everyone interested in OSINT, Red Teaming and the like can breathe easy - the RECON Village will return for DEF CON 26. For those of you not yet in the know, please enjoy this video of the RECON Village keynote from DEF CON 25 and get excited! DEF CON China [beta], co-hosted by Baidu Security, is happening May 11-13, and we’re moving into high-gear Con mode! In addition to the Call for Papers, we’re also opening up the following Calls: The Social Engineering Village has issued its official Call For Papers for DEF CON 26! That means it's time for those of you adept in the dark arts of persuasion and wetware exploitation to drop everything and get your potential presentation together. You have until April 1 to leave and impression and win the chance to speak to the best SE audience anywhere. Get on it! DEF CON founder The Dark Tangent has been in Beijing finalizing the agreements for DEF CON China [Beta] - it’s already looking very exciting. As you can see in the attached pictures, the look is already starting to take shape. We’re really looking forward to DEF CON China - everyone is working hard and making big plans! DEF CON 26 is getting off to an early start this year, with our own Call for Everything opening in mid January. It Looks like Packet Hacking Village and Skytalks are getting an early start as well, with both opening Calls or Papers in the last week! Check em out! The DEF CON China [Beta} Call for Papers is open! We are seeking presenters with fresh ideas and exciting research to share with the DEF CON community. After more than a year investigating the possibility of bringing DEF CON to China I am proud to announce that we are going to do a [Beta] event in Bejing this May 11-13th! 过了一年多的深入研究,我很荣幸地宣布 DEF CON 将在五月11至13号降临神州, 在北京召开个DEF CON Beta会议 。 The search for the DEF CON Capture the Flag organizers has come to a close and The Order of the Overflow will lead us forward. Read more about the process and their vision for DEF CON 26 CTF here. Attention Social Engineers! DCG Ambassador Jayson Street gives a New Year's update on what's coming up for DEF CON Groups worldwide. Sharp-eyed viewers will notice he's apparently doing this in an underground DEF CON museum. :) You can (and should) learn more at defcongroups.org. As always, if you want that hacker-fresh feeling all year long, find a local DEF CON Group and get involved! DCGs are all over the world, Bogota to Kiev to Cape Town. Can't find one? Start one! Check out this brand new post on how to start a group!
Can you feel it? That electricity in the air? It’s the machinery of DEF CON 26 coming to life. The lights are blinking, the drives are spinning and the freshly oiled jaws are wide open for content.
I am proud to announce the v3 .onion address for DEF CON: The mighty @Vito_lbs from Legitimate Business Syndicate just published the fourth and final post of the "Building DEF CON CTF" series on the LBS blog. You should read it if you have any interest in Capture the Flag, but it's especially illuminating if you have any interest in what it takes to run the whole show. The bipartisan Election Security bill introduced in the US Senate yesterday introduces new guidelines for information sharing, cyber security guidelines and even includes a bug bounty program. Get excited, hacker family! In honor of its tenth anniversary as a DEF CON attraction, Hardware Hacking Village is retooling for DEF CON 26 with all kinds of new energy! There's a new Soldering Skills Village, a new focus for HHV Classic and tons of new resources. We've given you a lot of reading so far, so here's an assignment that can be completed in under two hours - The 2006 Alfonso Cuarón film 'Children of Men'. The DEF CON Voting Village co-hosted an event with the University of Chicago's Harris School of Public Policy to highlight cyber vulnerabilities in our elections infrastructure. At the event, Noah Praetz, Director of Elections with the Cook County, IL Clerk's office issued "2020 Vision" a plan that details ways federal, state, and local government can work together to improve the security posture of U.S. voting infrastructure.
You can read the plan here: https://www.defcon.org/images/defcon-25/Election Security White Paper_Praetz_12062017.pdf Here's the full video of a hearing of the House Subcommittee on Information Technology regarding the Cybersecurity of Voting Machines. One of the testifiers was Matt Blaze, security superhero and DEF CON Voting Village organizer. It's a good read for anyone who wants to be thoroughly grounded on the state of election security and the plan for moving forward. The heart of the DEF CON 26 theme is the concept of the counterfuture. The counterfuture is the open-source alternative to totalitarian dystopia; a world where we use tech and ingenuity for empowerment and connection rather than isolation and control. Friendly reminder to all of you Capture the Flag rock stars - there’s still time to put your stamp on the Super Bowl of CTFs at DEF CON 26! In keeping with the DC tradition of releasing a list of books, movies and other cultural products to help you get into the headspace of our theme, we offer the first suggested reading assignment: 'Little Brother' by digital-age soothsayer and frequent DEF CON speaker Cory Doctorow. The time has come to announce the theme for DEF CON 26 - It's '1983'. Think of it as T Minus One in the countdown to 1984.
We can't wait to see how you use it. For your Thursday enjoyment, we have a fun look into the experience of a first time speaker at DEF CON 25 this year. The take away? You won’t talk at DEF CON if you don’t pony up and submit! Spoiler Alert: Persist! Our mission to monopolize your spare mind-cycles continues with 22 talks from this year’s very popular Packet Hacking Village. It’s a lot, we know, but we have faith in you. Enjoy, learn a lot of fun new network shenanigans and make sure to share what you learn. Maybe don’t make a lot of weekend plans. For this Throwback Thursday is we have a playlist of 53 main track talks from DEF CON 25. No matter your interests, you’re definitely going to run out of weekend before you run out of talks to watch. (This math does make some assumptions about sleep and general life maintenance - be safe out there). Go ahead and bask in that monitor glow, get yourself some knowledge and don’t forget to pass it on. Another set of talks in the AFK vein for your edification. Hacking wind farms, the DEF CON 101 panel, hacking the human genome - it’s a nice assortment of subjects. A bouquet, if you will. More videos for your edification and enlightenment from the DEF CON 25 BioHacking Village. If you’ve spent any time with the BHV, you know the kind of cutting edge information they bring to the conference. If you haven’t, there’s no better time than right now. Biotech is moving fast and the singularity waits for no one. Good news, everyone! We’ve managed to get a bunch more rooms at Caesars Palace into our special rate block. If you’re planning to attend DEF CON 26 and want some of those sweet, sweet onsite lodgings at a substantial discount, the time for action is upon you. Today’s video release is 15 presentations from a new village on the block - Recon Village. Something for anyone interested in any flavor of Open Source Intelligence, Threat Intelligence, Reconnaissance and Red Teaming. Let’s start the video release week off strong with ten talks from the DEF CON 25 Car Hacking Village! AUTOSAR, GPS Integrity, SDR Relay Attacks - there’s a lot to keep your brain occupied in here. Also, as a bonus, there’s also an auto-hacking related talk from the main track on low-budget auto hacking. Today’s DEF CON 25 video releases are a variety of novel presentations that take us away from the keyboard and workstation and into the wider world. The DEF CON 25 video release train rolls on today with 11 talks from the Wifi Village. From suitcase repeater builds to replace attacks on home security networks, there’s something there for everyone. Hackers owning all the machines at the DEF CON 25 Voting Machine Hacking Village has gotten a lot of press, but the Village also had a roster of talks on the subject from experts like Matt Blaze and Gen. Douglas Lute. The need to reconsider the security of election systems is one of the biggest ideas to come out of DC25, and this playlist is a good way to get yourself up to speed on the state of ballot security. The wise hacker never underestimates the human factor - unlike machines and code humans are eager to be fooled and notoriously difficult to patch. To help expand your horizons in this crucial skillset we present a bunch of talks from the DEF CON 25 Social Engineering Village. Today’s DEF CON 25 videos come from the Industrial Controls Systems (ICS) Village, where we learn about the security challenges confronting the nervous system of modern life. Another batch of DEF CON 25 talks for your weekend perusal, this time focused on Privacy and pulled from the main speaking track at DEF CON. For those you who can’t get enough presentations on this subject, rest assured that the presentations from the DEF CON 25 Crypto and Privacy Village will follow next week. Hacktober begins. The unleashing of the videos from DEF CON 25 has been initiated.
Today, we have a themed playlist of 15 IoT-centered videos, from the main tracks and the IoT Village alike. Prepare to have your commitment to workplace productivity tested. Enjoy them, be mentally embiggened by them, and share them widely before the DVR botnets swamp us all. Here's the C-SPAN coverage from the aformentioned Atlantic Council event, enjoy! Today at a Washington DC event hosted by the Atlantic Council, the long-awaited DEF CON 25 Voting Village Report was released. You can even watch the presentation live on CSPAN 2 - The Dark Tangent is headlining the event! Vito from the Legitimate Business Syndicate has started blogging about the experience of running the past five (stellar) DEF CON CTF Contests. After five years of exemplary stewardship of the DEF CON CTF, the shadowy masterminds of the Legitimate Business Syndicate are ready to retire to the shore house. However, whenever life closes a door, hackers jimmy open a window. LegitBS will be missed, but for someone out there a giant opportunity has just opened up. Frequent DEF CON speaker and OSX security guru Patrick Wardle drops some 0day on the eve of Apple’s macOS rollout. 0day with plaintext password exfiltration. The #votingvillage we introduced at DEF CON 25 is still in the News - mainly because it’s being cited as one of the driving forces behind a growing shift in attitudes about the security of ballot machines. In case you didn't know, the DEF CON 25 Soundtrack is available on Bandcamp as a 'pay-what-you-want' item. All proceeds go directly to keep the exemplary humans at the EFF fighting for the users. So for a modest donation you get dope music from DC25 performers and that warm feeling that only comes from selfless do-goodery. Ease into your weekend with another DEF CON 25 early release video! This time it's Patrick Wardle's presentation "Offensive Malware Analysis: Dissecting OSX FruitFly via a Custom C&C Server". It's a quick talk, but there's lots to chew on here. Take a deep dive into the DEF CON 24 Cyber Grand Challenge with this video from DARPAtv, because what's cooler than autonomous supercomputers battling for supremacy? Clear a little time (it's a bit over 2 hours of analysis) and get yourself educated. Now we take you way back to July 2017 for a leisurely Q&A with two impressively clued-in congresspeople; Rep. James Langevin from Rhode Island and Rep. Will Hurd from Texas. Check out a few of the wrap ups and reviews From DEF CON 25! Another couple of DEF CON 25 early release videos to brighten up your midweek, in which Plore shows you how 15 bucks and some hacker ingenuity can turn a fancy smart gun back into a regular old dumb gun. The press archive from DEF CON 25 is up for perusal at your leisure. We'll keep adding to it as we find more related stories, and we encourage you to share stories if you find ones we missed. We don't usually make this announcement anywhere near this early in the pre-con season, but the DEF CON room block for DC26 is already about half-full. Crazy, right? More goodies for you on the DEF CON Media Server. The #DEFCON presentations and workshop materials have been updated and the torrents have been regenerated. The old ones are officially deprecated. Settle in and watch a $200 open source robot crack a combination safe. Learn how and why, sure, but also watch a robot crack a safe. Today we bring you another Early Release Talk from DEF CON 25! This time it's a more nuts-and-bolts crypto talk about the creation of the first SHA-1 collision. In this talk, Elie Bursztein delves into the challenges faced from developing a meaningful payload, to scaling the computation to that massive scale, to solving unexpected cryptanalytic challenges. More goodies from DEF CON 25 have arrived on the Media Server! This time it's vast quantities of Infoz from the CTF competition. We've got results, services, scorebots and captures, all lovingly hand-compressed by DT for maximum potency. Please enjoy the caps in both team and organizer flavors. Population of the DEF CON Media Server with DC25 goodies continues: the pictures from the closing ceremonies slide show are now live. Stay tuned - the entire output of the DEF CON Photo Corps will be available for slurpage in handy torrent format soon. Pictures, PCAPs, videos - maybe crack open a fresh hard drive and settle in. The data will flow. Early release video from DEF CON 25 - Garry Kasparov's presentation 'The Brain's Last Stand'. As always, enjoy and make sure to pass it on! Congratulations to this year's contest winners! The level of competition at DEF CON is serious, whether it's the DC CTF or the Tin Foil Hat Contest, there are many very clever, very resourceful humans vying for the honors, and we salute you. This year, you'll find all that juicy data on the DEF CON media server (media.defcon.org) and you can connect at your leisure and leech to your heart's content with no silly plastic doodads to hunt down of when you're loading out your hotel room. Yep. They won the Car Hacking Village CTF, so they won a tricked out truck. To hack or to cruise in, at their discretion. You can find out more about the contest and the other goings on at the DCCHV at carhackingvillage.com. Congratulations to Plaid Parliament of Pwning for their historic win at this year's CTF and a heartfelt thank you to the stand-up folks at Legitimate Business Syndicate for five years of fantastic contests. Another DEF CON is in the books. 25 years, and still exciting and expanding. Still staffed and attended by a community of volunteers and enthusiasts who are passionate about improving our shared digital world. You can't really ask for a better anniversary present than that. DEF CON marches on, Thursday and Friday are in the books. Caesars is still here, Vegas is still hot. For the curious, here's a sampling of the press from DC25 so far, to give you an idea what the world outside this casino is thinking about our beloved hacker party.
Cnet - Everything looks like a hack when you're paranoid at DEF CON. Watch this space for more press reaction to DEF CON 25. For a rookie, the Voting Machine Hacking Village is off to a very impressive start: consider the following tweets: The Voting Village has a bunch of machine makes and models to try your hand at, including Sequoia AVC Edge, ES&S iVotronic, Diebold TSX, Winvote, and Diebold Expresspoll 4000. More importantly, there's a chance to make a little history here. The integrity of voting systems is a live issue in the world's news, and there are a lot of eyes on our little experiment. If your idea of fun includes a little paradigm-shifting, the VotingVillage is open all DEF CON. Let's face it: this change has been looming on the horizon for a long time. When we started putting a compact disc full of slide decks and files into the DEF CON goodie bag, it was a perfectly good idea. In those days, 750 megabytes was a decent amount of storage. More importantly, optical discs were still a thing. Readers shipped with all the computers and we all had cool CD wallets and racks and whatnot. It’s very nearly on, DEF CON fam! As many of you are already in the city getting situated, here’s a few helpful links to get your mind right for the impending festivities. The Official DEF CON soundrack has dropped!The Official DEF CON soundrack has dropped! If you're here in Vegas, you'll get it on a CD with your registration pack, but if not, fear not, you can have it too! Interested in using the DEF CON secure wifi onsite? The online registration is open now. The setup page is https://wifireg.defcon.org. You can keep up with the people running that service by following @DEFCON_NOC. The wait is over! The time has come... Vegas is a lot of fun, but it can also be just a lot. Too much, even, if you’re trying to keep the horizon level in your windscreen. If you’re a friend of Bill W joining us for DEF CON 25, please know that we have meetings at noon and five p.m., Thursday through Sunday in “Office 4A”, on the promenade level. Drop by if you need to touch base or just want a moment of serenity. We’ll be there. Data Duplication Village is back for DEF CON 25, so don't forget to bring up to 3 6TB drives if you want to download the whole enchilada. This year's goodies are: Curious who's gonna be rocking the house in the wee hours of DEF CON 25? Here's a handy guide to the MainStage performers for all three nights! Enjoy, plot your entertainment journey and pass it on. Saturday Night, y'all! Friday, in the Chillout area, please to enjoy the nearly-too-swanky-to-function sounds of returning DEF CON performers (and DEF CON Soundtrack contributors!) Richard Cheese and Lounge Against the Machine! For your DEF CON After Dark enjoyment, we present Friday's headliners, Reel Big Fish! They're fresh from their Beer Run Tour and ready to bring their trademark SoCal skank to the DEF CON masses. A small group of SCADA Ninjas are traveling around the globe, spreading the word of SCADA. Unless you are already operating a secret nuclear enrichment facility in your basement or an ACME factory production line, then this is your best chance to get a kick-start into the world of Industrial Control Systems. We are bringing a number of real-world industrial devices from different vendors for you to look, feel and mess around with. "Just like everything else, it's time for hackers to come in and tell you what's possible and what's not." The DEF CON 25 Speaker Schedule is now LIVE! Please consult this schedule for all of your planning needs. For those of you who like to maximize efficiency, it can be paired with a venue map for optimal route planning and GPS programming. Attention all lawyers, law students, and judges: The DEF CON Lawyer Meetup is BACK! We'll be meeting Saturday the 29th at 6pm in the Counsel Boardroom on the Promenade Level. Join us for conversation and merriment, followed by dinner for those interested in extending the experience. Luxury problem: It turns out that we have a little more free night-time space than we anticipated. DEF CON Demo Labs are back, and everything you need to know about them is waiting for you at the DEMO Labs Page! It's a heavy lineup of cool, open tools for all kinds of audiences, from testers to defenders to crypto enthusiasts. Bring your curiosity and questions and let's see what grows out of the interaction! As hard as it might be to believe, we are less than a month away from DEF CON 25 - can you feel it in the air? Meet the team of renegade super geniuses that work for months to pick the best talks for DEF CON. We love them, and you should too. It's a crazy hard job reviewing hundreds of highly technical proposals, providing meaningful feedback and picking the best ones. This year they'll be rocking special CFP Review Board badges at DEF CON, so if you see them let them know we appreciate what they do. You know how we know it’s almost DEF CON? The Southwest is having a heat wave, that ancient tweet about the Feds (allegedly) not appreciating the ‘Spot the Fed’ contest is back and the interwebz are buzzing with burner phone chat. Also, the speaker list is complete! Get yourself over to the speaker page and learn what wondrous presentations DEF CON 25 has in store for you! We think it’s gonna be a great year, and we want to thank everyone who submitted, both selected and not. Extra special shout out to the unsung heroes of the CFP Selection team, who labor mightily to pull together the best possible lineup, and to provide the kind of feedback that makes everyone better. Check out the lineup, plan accordingly, and go ahead and get psyched. DEF CON approaches. DEF CON Workshops are GO! Get yourself over to the DC25 website and see what strikes your fancy! Registration opens July 5. W00h00! BAD NEWS: WHAT HAPPENED? WHY? WHAT DOES THIS MEAN FOR DEF CON? SO NOW WHAT? WAIT, THERE WAS GOING TO BE ANOTHER MYSTERY CHALLENGE?!? ERATTA Privacy is important to everyone, both in terms of the abstract legal right to secure our information and the concrete availability of tools and means to keep that data secure. In this age of near-ubiquitous surveillance, it's a good idea to keep your security knowledge sharp. To that end, the Crypto and Privacy Village is back with a full roster of presentations, contests and workshops to level up your privacy game. Follow them @cryptovillage, or get the full rundown at cryptovillage.org. The DEF CON Beard and Mustache Contest is back - time to break out the various oils, waxes and industrial fertilizers that keep you looking so profoundly beardy. There are prizes to be won! Join us at 'the intersection of facial hair and hacker culture'. You can learn the rules and whatnot at the contest website dcbeard.com, and you can follow the contest on the Twitters @dcbeard contest. Beardless, but interested in competing? Please know that there is a freestyle category that actively encourages the creation and display of faux, ersatz and/or fictive facial hair arrangements. Fanciful and improbable designs welcome. The 0Day Device List is now LIVE! Dig into these IoT devices and then demonstrate your exploits at the IoT Village for cool prizes and raucous applause! Once upon a time, the Wall of Sheep was mostly a bunch of paper plates stapled to a wall, shaming DEF CON attendees for bad security practices. It has grown into a whole village full of packet shenanigans with its own speaker track, contests and even workshops. There’s loads of information on their wallofsheep.com, including the speakers they’ve so far selected for DC25. There’s a lot to take in, so it pays to get familiar in advance. The Packet Hacking Village has enough going on to satisfy all packet ninjas, from Padawan to full-blown Jedi. Visit their site, follow them on Twitter @wallofsheep and get your chops in order. The mischief starts next month. Crash and Compile is part drinking game, part programming contest. The ratio, of course, is yours to determine, but there are prizes for both the solving of programming problems and the drinking of drinks. There are more rules than this,naturally, and you can find them at crashandcompile.com. They are the kind of rules that go like this: something happens, people take a drink. Also something doesn’t happen, or fails to happen as expected, and people take a drink. You get the picture, we think. There are also ways to participate if you want to code without the drinking, or drink without the coding, or just distract the people trying to do both.There are prizes, and booze, and the satisfaction of proving that your skills can’t be thwarted by a little casual imbibing. Follow the organizers on Twitter @crashandcompile and if this seems like your kind of party, get started on the training montage. We’ll see you there! Still working on convincing someone you like to come with you to DEF CON? Sharing the essence of something as big and complex as DC isn't easy. We've got your back. This sleek little USB key contains enough info to give a taste of DEF CON's magic. You get: Jason Scott's terrific DEF CON documentary and a ton of out takes and soundtrack tunes When your hand your friend this little bundle of goodies, you're giving them all the data they need to get a real feel for DEF CON. Cool, right? Round 2 of the DEF CON 25 Speaker Selections is LIVE! Get into our speaker page and soak in all the updates. Clear some space in the old noggin for the science we're gonna drop in there. Visualize your ideal route.
BITSInject Most importantly, get amped! It's next month, people! More speaker updates to come. Stay tuned. Got a device with visibly unadorned surface area? Don't worry - DEF CON is here to help you do the right thing. Hide your laptop's shiny silver shame with our stylish, durable DEF CON 25 stickers! There's five in the pack: you get a DC25 logo and four variations of our popular 'Disobey' sticker. It's almost summer here in the Northern Hemisphere - make sure your gadgets are beach-ready. Get these fine stickers (and all kinds of other DEF CON goodies) at our eBay store, while supplies last. If you're still hoping to be a vendor at DEF CON 25, you need to to get over to defconvendors.com with all deliberate speed. The space is limited,and the deadline for submissions is June 1. Don't miss your chance to share your products with thousands of members of the DEF CON community at Caesars Palace in July. Tick-tock, tick-tock. The time has come, worthy citizens of DEF CON! Our first round of speaker selections, piping hot and ready for your delectation. It's going to be a big year, and it's a good time to start planning your con. We'd love to hear which talks you're most interested in so far. Stay tuned to this channel for additional speaker updates in the days to come. Get psyched! We put a lot of effort into the atmosphere of DEF CON. We bring in musicians and artists that set a tone of high-energy creative inspiration. One of our favorite artists is Mar Williams - you’ve seen Mar's bold and evocative work in the halls, in the programs, on your swag. That style and energy are a large part of the DEF CON image in recent years, and we’re very proud of Mar. Mar recently shared some thoughts about the creative process and some ideas about the connections between hacking and art with an interviewer at PBS. Check it out and let it inspire you to just start something creative and see where it takes you. If you find that you really like Mar's style and you need some more of it in your life, Mar has a Patreon account you can check out at https://www.patreon.com/spux. YouTube version:
https://m.youtube.com/watch?v=Ud-l6u9HzVY You can also find this video (and an enormous quantity of other cool stuff) on the DEF CON Media Server’s Documentary Section.
https://media.defcon.org/Hacking Related Documentaries/ From the BioHacking Village website at defconbiohackingvillage.org: "The DEF CON Biohacking Village is a multi-day biotechnology conference focused on breakthrough DIY, grinder, transhumanist, medical technology, and information security along with its related communities in the open source ecosystem. There have been multiple instances of DIYBio overcoming conventional science. We want to celebrate the biohacker movement with a compendium of talks, demonstrations, and a medical device hackathon. The 2017 BioHacking Village theme is Medical Industry Disrupt. The Medical Industry is one of the last to be touched by technology. We have placed doctors and the study of medicine on an altar for years; the time of ivory towers, pedestals, and information isolation has come to an end. Biohackers are working on projects that have traditionally been kept in the labs of the medical institutions. We are moving science forward by working on DIY projects that matter and use citizen science to solve the economic problems that are caused by privatizing medicine and the resources for research." If this sounds like your jam, or you just want to dip a toe in the DIYBio pool, you can find out more at defconbiohackingvillage.org, by following @DC_BHV or checking out their space on the DEF CON Forums. The TD Francis X-Hour Film Contest is back! Think you've got the skills to conceive, script and shoot a short film in the midst of the DEF CON madness? Do you enjoy fun, prizes and awesome Contest shirts? Sign up, meet some basic requirements,and make your masterpiece. Full details are on the Film Contest Website (xhourfilmcontest.com), but the basics are: • You get the full and final rules and the topic when you pick up your reg Packet onsite. Win prizes like a Seattle Film Institute scholarship and human badges to DEF CON 26, and get your film shown at DEF CON 25.
Thank DEF CON through your Oscar tears a surprisingly short time later.* Slots are limited, so if you want shot at DEF CON Film glory, get over to xhourfilmcontest.com right away and begin your journey. *your mileage may vary, but you definitely can't rule it out. Tamper-evident tech may not be the flashiest security are out there, but it's a fascinating way to get your hands dirty in some ground-level physical security. The wily hacker who masters this space must know methods and techniques for defeating a wide variety of real-world seals, all the while stepping so lightly as to remove all evidence of their passing. The Tamper-Evident Village brings a ton of different seals for you to practice on, helpful humans to point you in the right direction and even a few contests to test your skills. Join us in the Tamper Evident Village and level up your physical security skill set! We're spotlighting some of the contests of DEF CON 25, to help you map your time and maybe get some practice in.
Today's Featured Contest: COINDROIDS! Coindroids is sort of an RPG, set in a post-humanity Earth where only financial services droids remain, battling each other through the ruins for upgrades and survival. Money is the goal, both as a symbol of power and the weapon from which power is derived. The game is played within the blockchain, and each block represents a round. To attack, you send defcoin to the attack address. To defend, you send defcoin to a 'block' address to raise your shield. Gain experience, level up, purchase new and more powerful armaments and upgrades and claw your way up the leaderboard. Rule the Cryptocurrency wasteland. For a thorough explanation of the game's inner workings, check out the coindroids github: https://coindroids.github.io/Coindroids-Documentation/#introduction Sign up and get some reps in at the Coindroids website: def.coindroids.com For today's #defconflashbackfriday, we offer the DEF CON documentary we commissioned for DEF CON's 20th anniversary. It's a great way to get a feel for what DEF CON is about and the amazing community that makes it happen. If you've always wanted to come to DEF CON but wished you knew more about what to expect, set aside some time this weekend to watch the video and get up to speed. If it seems like your cup of tea, we'd love to have you join us for our 25th Anniversary Celebration at Caesars Palace. We'll save you a spot. We'd like to congratulate these qualifiers for DEF CON 25's CTF contest: PPP Excellent work, and may fortune smile on you in Las Vegas this July. We'd also like to thank the shadowy masterminds of the Legitimate Business Syndicate for putting together another great contest. Feels good, doesn't it? The spring is turning to summer, the table is set for the DEF CON CTF and we're in the home stretch of the countdown to DC25. Feel free to get amped. If you're waiting until the last minute to submit your presentation, you should know that we are officially in last minute territory right now. The window closes Monday, so if you want to see your talk in contention make good use of the remaining time! The moment of truth is upon you, so clear out some space and get your submission in order. Let's get your cool ideas up where they belong. The information you need is here: Cypherpunks, start your engines! Crypto and Privacy Village is returning for DEF CON 25 and they're looking for speakers. If you've got some good stuff to share with the Crypto community, point yourself over to cfp.cryptovillage.org and get your submit on! We're looking forwards to seeing what you've been working on. If you have geek-friendly wares you'd like to get in front of tens of thousands of clued-up, engaged and highly caffeinated DEF CON types, might we suggest the vendor area at DEF CON 25? For that audience, you really can't beat it. Smart people with an interest in hacker stuff is literally all we got. As always, vendor table space is limited, and will get claimed pretty quickly. Its a good idea to get your application in early to ensure your spot. The information you need to apply is available at defconvendors.com. Registration closes on June 1st, 2017, so don't delay. The 2016 DARPA Cyber Grand Challenge was kind of a big deal. It was an autonomous, all AI Capture the Flag contest with millions of dollars in prize money. The systems competing were built by teams from all over the country, all of them building the road as they travelled. The teams that made it to the hotly contested final round are all full of straight-up wizards. We're proud of how great the contest turned out, and of all the brilliant humans who made it happen. When the smoke cleared, For All Secure's Mayhem was the last bot standing. In addition to the millions in prize dollars, the eternal bragging rights and the very stylish DEF CON Black Badge, Mayhem now has a place in official history at the Smithsonian. Writeup Here: Recap and tons of info also available here: The popular Jack v2 Pirate Electronics Kit has returned to the DEF CON eBay store! Don't miss your chance to get the finest in blinky swag (from the High German 'blinkenschwag'). The last batch sold out almost immediately, so if Jack seems like your jam, get thee to eBay! DEF CON Demo Labs are BACK! If you’ve got an open source project (tool or hardware) that you want to get in front of a huge, clued-in and interested audience, you’re gonna want to check out our Demo Labs page. Whether you’re looking for feedback, help or just getting the word out, we can offer you a 2-4 hour dedicated time slot to share at DEF CON 25. And one badge, if your project makes the cut, obvi. Get your info on the DL page and get your proposal in before June 1, and let’s make some demo magic! Friendly DEF CON 25 CTF reminder: The next qualifying event is PlaidCTF, an online jeopardy-style contest that's a mere 10 days away! You can get more infoz at plaidctf.com, but it's time to #getonit. Fortune favors the bold. The Call for Contests/Events/Parties is now closed. If you submitted a proposal, expect a response soon. If you just want to know what kind of delights are in store for DEF CON 25 attendees, watch this space. It's getting closer, people. Feel free to get amped. Friendly reminder to our friends in the fourth estate: Press Registration for DEF CON 25 is now officially OPEN! Spaces are limited, and speedy application improves your chances. The information you need to get your ducks properly aligned is on the DEF CON Press page. We've made some changes to streamline the process, so it's worth your time to check that out. We look forward to hearing from you. It's gonna be a big year. Attention CTF enthusiasts everywhere: Registration is open for the DEF CON 25 CTF competition! Please report to the web establishment of our friends and trusted associates at the Legitimate Business Syndicate for further instruction. You can't win if you don't play, and you can't play if you don't register. Let DO THIS, shall we? Can you talk a skinny dog off a meat truck? Do 419 scammers get off the phone owing you money? If you've got the steely nerve and Social Engineering skill to play in the big leagues, you should know that the SECTF is accepting applications for DEF CON 25. Get in the ring and show off your superpowers! This month's profoundly rad design is here to hacker up your spring wardrobe! Dozens of DEF CON and hacker culture references packed together in the inimitable style of our own Mar Williams. Can you identify them all? Limited edition, only available in the Secret Stash, so get yourself fresh while you can! One of the fun perks of staying in the host hotel at DEF CON is access to live, streaming talk content from the comfort of your room. DEF CON TV can really come in handy when a talk is over capacity, or when you need a little breather from the Vegas of it all. This year, we’re hoping to expand the offering of DEF CON TV beyond the main venue. If you're staying in any of the partner hotels, you’ll not only get our D.C. Group rate, but you get DCTV as well! Huzzah! We’ll keep you informed via social media and the DEF CON 25 website when we have the green light. Our block rate is sold out at Caesars, but you can still grab it at We suggest you book promptly to ensure the preferred pricing - these will fill up quickly. The next stop on the road to DEF CON 25 CTF glory is this weekend's 0OPS CTF. It's a wide open, jeopardy-style event you can learn about at https://ctf.0ops.net. Everybody gets an exciting sleepless weekend of network combat, but the winner gets a spot at the Big Show at DC25. Spring has sprung and the procrastinator's window is slowly closing. Gather your stoutest warriors and get your name in the arena, or forever wish you had tested yourself against the best. Details and the full quals schedule are at legitbs.net. Are you an entertainer? A singer of songs, a shredder of licks, a spinner of beats? Have you the skills to keep the sweaty masses in a rumpus till the breaking of dawn? If so, DEF CON has urgent need of your talents. The DEF CON 25 Call for Entertainers is now live. Fill out the form, prove you have the goods, rock faces off at DEF CON's 25th Anniversary shindig. It's that simple. You've got til June 1 to get our attention. Pro Tip: if you want to give your CFP submission its best chance, don't wait for the last minute! Get it in early so that reviewers have a chance to give you feedback. If you have a good idea that needs some refinement, we're happy to help you get it right. This CFP announce is for lifehackers; not the ones who have a really good todo list app, but the ones who hack life. The DEF CON 25 Biohacking Village is looking for your presentation ideas. Grinders, transhumanists and DIY biotech geeks of every description are encouraged to apply. The Biohacking Village theme for 2017 is Medical Industry Disrupt, so special consideration goes to pitches that aim to revolutionize the practice of medicine. You have until May 28th to get your submissions in. We're looking forward to seeing what you're up to. For all the details, go to defconbiohackingvillage.com It’s happening, luminous humans of DEF CON. The hour of our reunion draws closer. All the signs say so. The seasons change, the CFPs begin to sprout, and this year’s DEF CON website goes live. That’s right - the DEF CON 25 website lives! Burn its address into your heart, your mind, and your browser of choice. As the conference approaches, we’ll fill the site with all the info you need to maximize your DEF CON preparations. Get amped, people. DEF CON’s 25th Anniversary is closer than ever. Your response to our call for reviewers was much bigger than we expected, so we’re closing it down Monday. Thanks to everyone who offered to help - we’ll be getting in touch with those who’ve been selected. We’ll keep the applications we received on file, and we’ll open this call back up before DEF CON 26. If you’re still looking for volunteer reviewer opportunities, we encourage you to get in touch with the villages - most of them also field a large number of proposals that might be a perfect match to your expertise. Thanks to the DEF CON community for always responding to our requests with so much love and enthusiasm. You rule. DEF CON 25 approaches. It more than approaches. DEF CON 25 looms. It hovers just beyond the near horizon, waiting to be awesome. One key element of this awesome is all the superfun hackertainment we deliver in the form of Contests, Events, Villages and Parties. And the key element to pulling that together is YOU. All of that fun is 100% community-driven. Every year we ask the DEF CON community for their best ideas for CON amusements, and we make the best ideas happen. This year, our 25th Anniversary year, we're hoping you're ready to respond and really step things up. Dig deep. Dream big. Seize this moment. Everything you need to know to put your proposal together is on our CEV page. Go there, get amped, and submit your killer idea. Let's get epic, people. Friendly reminder: If you've got any questions about the process of becoming a DEF CON speaker, don't miss the AMA today! Get yourself over to /r/defcon at 6pm PST today and get 'em answered by the DEF CON 25 CFP Review Board. Get tips on what they're looking for, help with how to present your proposal and general encouragement to bring your ideas to the DEF CON community. Be there. If you're a packet ninja on a quest for CTF immortality at DEF CON 25, you need to keep your eyes on the qualification schedule. No quals, no glory. The next qualifying event is the online Jeopardy-style Bostonkey.party, happening this very week (Feb 25-27)! You can find info about this and all the remaining events in the schedule at legitbs.net, the online home of the shadowy masterminds hosting this year's CTF. We're expecting big things from you. The DEF CON 25 CFP Review Board will be hosting an AMA Wednesday, Feb 22 at 6pm PST. Bring your questions and get yourself up to speed. Meet the team that does the selecting, and learn tips that will give you an edge in getting your talk accepted. Join us in /r/defcon next Wednesday! Greetz! We're seeking specialized CFP Reviewers to join our DEF CON 25 CFP board this year. We have a fairly well rounded board, but we could use a few more to the team. Specifically, we'd like those more specialized in: Cryptography, Malware, Post-exploitation, Reverse Engineering, and Forensics. So if you can open a can of whoop ass with those skills, please apply. All you have to do is write a cover letter telling us how you've been involved in the DEF CON community, what skills you can bring to the table, and where to find your resume. Please be aware being on the review board is a hard volunteer job. To review you need to spend hours reading submissions and providing feedback. There will be hundreds of emails, so you have to be committed. The reward, however, is having a hand in making DEF CON 25 amazing and the eternal gratitude of hackers all over the world. Which is nice. Send your entries to talks@defcon.org if you want in. Thanks, Pro Tip: DEF CON's eBay store has a 50 dollar price drop on some very stylish waterproof soft-shell jackets! Now there's no excuse for spending one more day in the same boring, skull-free outerwear. Fight the elements and crush the mid-winter blahs with style. Check 'em out ! We're excited to announce that our founder, Jeff Moss, has been named a Commissioner of the brand new Global Commission on the Stability of Cyberspace! The Commission, which will debut at the Munich Security Conference, aims to safeguard the peaceful use of the Internet as volatility and threats from state-level conflict increase. Jeff joins a team of security and policy luminaries Chaired by Marina Kaljurand, former Foreign Minister of Estonia. The Co-Chairs are former US Secretary of Homeland Security Michael Chertoff and former Deputy National Security Adviser of India Latha Reddy. You can learn more about the GCSC and its mission at cyberstability.org The Secret Stash is keeping you hacker fresh with more DEF CON 25 wearables! Both the tee and the sticker are custom, exclusive artwork available only from the Stash. Look fly and keep DEF CON close to your heart until we meet again in July!
Luminous humans of the DEF CON community, we interrupt your slow news week to bring you this urgent message: The DEF CON 25 CFP is OPEN! And so is the Call for Workshops! We realize that's kind of two messages. The common thread is that the machinery of DEF CON 25 awakes from its fitful rest, and it hungers. It hungers for your talk submissions as well as your workshop ideas. To expedite the annual feeding of this beast, we've created a CFP index page that includes all of the many ways you can submit your work for consideration. The time is upon us, people. The deadlines will arrive faster than you think. Get your stuff together, whip it into shape and get it in. We are only going to turn 25 once, and we want you to be a part of it. In 2013, the FBI wanted access to Edward Snowden's encrypted email. Faced with a request for Lavabit's SSL key, founder Ladar Levison instead closed the service. Over 400,000 customers lost access to their accounts. Levison's hardline stance on customer privacy earned him praise from the security community. Today the service is on the verge of relaunching. It's got brand new architecture, new features and soon, end-to-end encryption. You can read Kim Zetter's interview with Levison on the Intercept. For additional background , watch Levison and Stephen Watt discussing Lavabit at DEF CON 22. The trailer for 'Coded', a new hacker-focused series from Freethink Media, has tons of shots from DEF CON 23. It also contains interview footage with Ladar Levison and Nico Sell. We've only seen the trailer, but It looks promising. Here's the promo blurb: "The data war is in full swing. Foreign governments are hacking major corporations, major corporations are collecting massive amounts of consumer data, and the NSA is listening to all of them. With malevolent hackers on one side and oppressive regimes on the other, data security is as important to the global economy and human rights as free speech and the rule of law. Join us as we profile a new generation of programmers helping consumers and companies alike protect their financial information, their identities, and their freedom." Gentle reminder: The Secret Stash is back with more DEF CON 25 boss-level swag! Both the tee and the sticker are custom, exclusive artwork available only from the Stash. Get your 2017 look together with a versatile tee - fresh for all situations, from the boardroom to your secret lair. Get your goodies at teespring.com/defconstashjanuary The early birds have captured all of the on-site worms: Caesars Palace is sold out for DEF CON 25. Be of good cheer, however. You can still get our discounted room rate at the following nearby properties: Linq DEF CON 25 is gonna be kind of a big deal, and we want you there. We suggest getting on that reservation post haste. The link for the DEF CON discount is https://resweb.passkey.com/go/SCDEF7 and the time for action is now. Congrats to @Granick! Hacker lawyer extraordinaire, Director of Civil Liberties for the Stanford Center for Internet and Society and possible secret superhero Jennifer Granick just won the Palmer Prize! The prize, awarded for work that sheds light on the interplay of civil liberties and State security is for her upcoming book "American Spies: Modern Surveillance, Why You Should Care, and What to Do About It". We can't wait to read it. Jennifer is also a frequent and popular speaker at DEF CON. To give those unfamiliar an idea why her work and ideas are so valued by the hacker community, take a look at her most recent DEF CON presentation. It's entitled "Slouching Towards Utopia; The State of the Internet Dream" from DEF CON 24. As always, enjoy and pass it on. Attention all seekers of CTF glory - the qualification season is underway! The solid citizens of the Legitimate Business Syndicate have posted the information you need to get involved on their website at legitbs.net. If you've got the goods, get in the arena. There's nothing between your squad and Capture the Flag supremacy but air, opportunity and the best players on Earth. Get you some. Today's treat - a YouTube playlist chock full of SE goodness from the Social Engineering Village at DEF CON 24! All the presentations and a bonus live recording of the Social Engineering podcast. There is much to be learned here, so block off some time. As always, take what you can use and pass it on. The best defense against the dark arts of SE is exposure and education. The Secret Stash is back with more DEF CON 25 boss-level swag. Both the tee and the sticker are custom, exclusive artwork available only from the Stash. Get your 2017 look together with a versatile tee - fresh for all situations, from the boardroom to your secret lair. Happy New Year, DEF CON community! Jayson Street, our DEF CON Groups Ambassador, has some year-end words for everybody from his tastefully appointed secret bunker. Get amped, radiant humans of DEF CON. 2017 is our Silver Anniversary and big things are in the plan. As always, if you're not in a DEF CON group, consider joining one. If you can't find one nearby, consider starting one! The infoz are all available at defcongroups.org. Excelsior.
Audio of the DEF CON 26 Talks is Live with Torrent!
Posted 11.5.18
Blue Team and Car Hacking Villages Video are Live on YouTube!
Posted 11.1.18
You can also earn a bit about the promise and peril of connected automobiles with this Car Hacking Village playlist. As always, share the love.
You can find out more about the fine folks who put together the CHV at carhackingvillage.com.
Enjoy, remember to share, and stay tuned for more Village presentations!
Caesars Room Check Policy Update
Posted 10.24.18
Caesars has shared their official room entry policy with us, and we're sharing it with you. It's a necessary step in the process, because it sets guest expectations, and it makes it clear that some of the reported behavior falls well outside of the hotel's own internal rules.
We'll be talking with the hotel about how violations of the policies get handled, and working to create a clear and direct way for guests to get room entry information, verify inspection teams and report concerns.
Thanks for your patience as we work through this issue. We'll share more as soon as we have news.
DEF CON Main Track Talks on YouTube!
Posted 10.23.18
We'd also suggest that you check these out soon, as we're going to be dropping the village talks shortly.
Happy watching, and as always #passiton.
DEF CON 27 CTF Qualifying Event Coming Up!
Posted 10.15.18
DEF CON 26 #Badgelife UPDATE!
Posted 10.5.18
What?! Another Early Release Video from DEF CON 26?!
Posted 10.5.18
As always, enjoy and pass it on.
DEF CON 26 Early Release: Covert Passive Surveillance!
Posted 10.3.18
DEF CON 26 Voting Village Report Released!
Posted 9.27.18
The many vulnerabilities discovered are listed in some detail. For example:
"A voting machine that is currently used in 26 states is vulnerable to be remotely hacked via anetwork attack. Because the device in question is a high-speed unit designed to process a high volume of ballots for an entire counties, hacking just one of these machines could enable an attacker to flip the Electoral College and determine the outcome of a presidential election.
A second critical vulnerability in the same machine was disclosed to the vendor a decade ago, yet that machine, which was used into 2016, still contains the flaw.
Another machine used in 18 states was able to be hacked in only two minutes, while it takes the average voter six minutes to vote.”
While these results are cause for concern, the DEF CON Voting Village also provided Election Day Crisis Communications Protocols with the aim of suggesting clear best practices to mitigate the exploitation of the election infrastructure.
Please share this report widely. The only curative measure for misleading headlines is accurate information, and the security of our democratic process requires that we understand the problem clearly. If you are concerned about the vote tech in your area, get in touch with your local representatives. If they’re not aware of our project, share it with them.
We want to thank the organizers of the Voting Village, the election officials from around the nation who came to learn from our research and the hackers at DEF CON who brought their talent and ingenuity to the task of securing our voting process.
Yet another DEF CON 26 Early Release: Booby Trapping Boxes!
Posted 9.22.18
"Whether your running servers as a high value target, or simply want to protect your Monero private key, this talk will show you to achieve FIPS 140-2 level 4 security, without the FIPS 140-2 level 4 price tag. Specifically, we'll cover acquisition considerations, physical hardening, firmware mitigation, tamper detection and more."
Enjoy, and pass it on.
DEF CON 26 Early Release: Inside the Fake Science Factory!
Posted 9.18.18
"This talk presents the findings and methodology from a team of investigative journalists, hackers and data scientists who delved into the parallel universe of fraudulent pseudo-academic conferences and journals; Fake science factories, twilight companies whose sole purpose is to give studies an air of scientific credibility while cashing in on millions of dollars in the process. Until recently, these fake science factories have remained relatively under the radar, with few outside of academia aware of their presence; but the highly profitable industry is growing significantly and with it, so are the implications. To the public, fake science is indistinguishable from legitimate science, which is facing similar accusations itself. Our findings highlight the prevalence of the pseudo-academic conferences, journals and publications and the damage they can and are doing to society."
Enjoy, and pass it along.
More Early Release Video from DEF CON 26: What the FAX!
Posted 9.14.18
From the abstract:
"What the Fax?! ...We went to work, determined to show that the common fax machine could be compromised via mere access to its fully exposed and unprotected telephone line -- thus completely bypassing all perimeter security protections and shattering to pieces all modern-day security concepts."
As always, please enjoy, be edified and share far and wide.
DEF CON in the News: Voting Village Report Incoming Edition
Posted 9.12.18
There has been controversy, with vote tech manufacturers and some state officials challenging the results and the methodology of the hackathon. TechTarget has an interview with VV's Jake Braun about this year's results and some behind the scenes info about the expanded efforts at this year's Voting Village.
DEF CON 26 Hoodie!
Posted 9.10.18
DEF CON 26 ICS Village CTF Write Up!
Posted 9.6.18
Pictures from DEF CON 26!
Posted 8.31.18
We’d like to thank the whole DEF CON Photo Corps for their excellent work. Enjoy, and pass it on.
DEF CON 26 Transparency Report!
Posted 8.30.18
We made a lot of changes this year, and we'd like to thank all the staff and partners who implemented them so smoothly.
If you've got thoughts or suggestions, send them over to feedback@defcon.org.
PS: We didn't cause the sandstorm/flooding combo. Almost completely sure.
DEF CON 26 Archive!
Posted 8.25.18
DEF CON 26 Contest Results
Posted 8.23.18
DEF CON in the News: Voting Village Edition
Posted 8.22.18
“Election agencies must be able to make informed decisions about what election equipment will help them conduct secure elections, and independent testing helps both election agencies and vendors.”
This is why we have a Voting Village.
We approve this message.
First Early Release Video from DEF CON 26!
Posted 8.18.18
From the abstract:
"The National Security Agency (NSA) has authorities for both foreign intelligence and cyber security. This unique position gives NSA insights into the ways networks are exploited and the methods that are effective in defending against threats. Over time, NSA has adapted the focus of its security efforts and continues to evolve with technologies and the adversaries we face. The talk will look back at some of the inflection points that have influenced NSA and US Government cybersecurity efforts and look at what is necessary to stay safe in the new environment."
As always, enjoy and share widely.
Caesars Palace Update
Posted 8.16.18
Here’s an overview of the current policy as shared with us:
1. DND tag on the door too long triggers a security visit.
2. That security visit is supposed to be by hotel security staff who are clearly identifiable as hotel security staff.
3. That visit should be comprised of a visual survey of the main segments of the hotel room, with no fiddling about in personal belongings.
This means that entering rooms and taking a quick look around does not violate the hotel’s policies.
But it also means that reports of opening closed bags, confiscation of personal effects, and reluctance to self-identify and/or allow guests to verify the legitimacy of the security officers all fall well outside of the policy.
Please know we are not letting this go. We are sympathetic to the new terrain major hotels find themselves in, but our main commitment is to our community. We intend to stay on this until we’re satisfied these issues are resolved for next year.
Updates as we get them.
DEF CON 26 is a Wrap!
Posted 8.14.18
The Dark Tangent announced in closing ceremonies that next year we'll be back at Paris/Bally's. Also a bit of Planet Hollywood. Even more space, but less exposure to deadly solar radiation. We're already planning ways to use it all.
This was a big year for us. We doubled the villages. We grew the workshops. We pumped up demo labs and contests, and we even learned how to set up the crazy lightshow required by the mighty Juno Reactor - which you will get to see shortly, since they let us record their set. (Yay Juno Reactor!) Also, we did that thing in Beijing that went so nice we're doing it twice.
We're gonna take everything we learned from this year's crazy expansions, fine-tune things and bring all that new wisdom to DEF CON 27. If you have ideas, feedback@defcon.org stands ready to accept them.
Thank you for all that you share with us, all of your enthusiasm and love that animates everything that happens here. Congratulations to everyone who won something, or learned something, or tried something weird and new. Cheers to all our old friends and our brand new ones. We love you, and we can't wait to get together with you next year.
https://www.pscp.tv/w/1vAxREgAdPPJl?t=1h4m56s
Press from DEF CON 26!
Posted 8.12.18
Hacking the US Midterms? It’s Child’s play. - BBC
At DEF CON, the Biggest Election Threat Is Lack of Funding - WIRED
Secretaries of State Blast Election Hacking Exercise - Route50
Election Officials’ Concerns Turn to Information Warfare as Hackers Gather in Vegas - CNN
DEF CON 2018: Hacking Medical Protocols to Change Vital Signs - Threatpost
Tesla Plans to Open-source its Vehicle Security Software - Electrek
NSA Brings Nation-state Details to DEF CON - Dark Reading
Music Lineup Update
Posted 8.11.18
The new lineup:
21:30 - 22:30 - Skittish and Bus (@Skittishandbus)
22:30 - 23:30 - Zebbler Encanti Experience (@zebbler and @encanti)
23:30 - 00:30 - Miss Jackalope (@djjackalope)
00:30 - 02:00 - Juno Reactor (@junoreactor)
02:00 - 03:00 - s7a73farm (@s7a73farm)
Do You Remember?
Posted 8.11.18
If you’d like to take me home, drop by the Official Swag area while I last!
There’s a rumor that I might make an appearance at Closing Ceremonies for a few people who’ve been especially awesome.
DEF CON 26 Torrents!
Posted 8.9.18
Grab a link, guzzle the content and enjoy it at your leisure.
DEF CON 26 Music Soundtrack
magnet:?xt=urn:btih:beedc5c36e8ba3981edfc946fac8c84e304ece9f&dn=DEF CON 26 music&tr=https://tracker.defcon.org/announce
DEF CON 26 Presentations
magnet:?xt=urn:btih:aafec09a5fa1c9fe75d062a1a39c5fa030a83f39&dn=DEF CON 26 presentations&tr=https://tracker.infocon.org/announce
DEF CON 26 Workshops
magnet:?xt=urn:btih:1d78f8158a4a505fbfc25e62c390e50358026aa7&dn=DEF CON 26 workshops&tr=https://tracker.defcon.org/announce
The regular, non-magnetic links are under DEF CON 26 on media.defcon.org.
We now return you to your regularly scheduled programming.
DEF CON 26 CD!
Posted 8.7.18
Here’s the stellar lineup of future favorite jams we’ve assembled for you.
Skittish & Bus - OTP
Dual Core - Apex Predator (featuring Tribe One)
T-4-2 - Digital Boyz
ISHI - Diamond Door (Left-Right Remix)
The TroubleShooters - This World
Haaj - Reactor Containment
FWLR & JELO - Even The Noble Shall Fall
MC Frontalot - Colonel, Panic!
MODERNS - Figuratives (DEF CON Edit)
Ascendant - Source Transmission
Mikal kHill - Mouser's Back
Icommitfelonies - Hashdump
Haaj - Gamma Rays
If you run through all of this and it’s still not Thursday morning, please continue pregaming with the DEF CON channel at SOMAFM. http://somafm.com/defcon/.
It’s almost here, luminous humans of the DEF CONiverse. Our reunion is at hand.
DEF CON 26 WiFi Reg is Live!
Posted 8.6.18
Please read carefully - there's new cert information and there are pretty explicit instructions for your specific OS.
It's not a trap.
DEF CON 26 ATTENDEE REPORTED INCIDENT POLICY
Posted 8.6.18
ATTENDEE REPORTED INCIDENT POLICY
Reported/Observed Harassment or Assault
When an attendee reports harassment or assault to any Goon follow this procedure:
1. Get a second Goon to be with you to listen to the report.
2. Have one goon contact a SOC goon via the SOC Contact Procedures
3. Make a warm hand off with the attendee to the SOC Department.
4. Let the SOC conduct their investigation and handle the incident from there.
5. Be available to answer any questions from the SOC or venue security.
Interaction with Social and Traditional Media
DO NOT SHARE photos or videos. Please let the responding SOC GOONS know if you have any video or pictures, they may end up being evidence, but out of context could cause problems.
During or after an incident, you may be asked to comment on the situation. DO NOT make any comments to reporters, and do not post about the incident on social media. As a Goon, the media will treat anything you say as an official statement from DEF CON. Commenting prematurely before we understand the situation could cause more confusion or reveal identities that should remain confidential so please refrain from speculating and work with SOC / PRESS to help them understand what happened.
Refer all media inquiries to the DEF CON Press Department (press@defcon.org or send them to the press room)
DEF CON 26 Support Resources!
Posted 8.5.18
In this post, my last before the con, I'll talk about some of the new efforts we are deploying for DEF CON 26. It will be our first year for some of these, so we are looking for feedback. You will notice a theme of transparency, appropriate given the theme of this year's con!NEW WAYS TO REPORT ISSUES: The DEF CON Support Hotline
You can still report issues by going to any Info Booth or talking to any SOC Goon, but sometimes you may not want to be walking around in person with a problem, and so this year we have added a phone option.NEW SUPPORT RESOURCES:
NEW WAYS TO IDENTIFY GOONS:
New for DEF CON 26 Goons should all have visible patches with their nickname on them so it is easier to remember who you talk to about what. The name patches should be attached to the front of the Goon's lanyards and be more visible than the back of a shirt that might be covered by a backpack.
Please use the name on the patch if you have any feedback on Goons, good or bad. Feedback can be sent to feedback@defcon.org, written and dropped off at registration, or if serious enough called into the Hotline.MORE DETAILED TRANSPARENCY REPORT:
As people get comfortable reporting issues I expect the numbers to increase, and only by facing these issues head on can we hope to prevent them. It requires courage to speak truth to power, or to report something that is unpleasant in your community, but together we can make things better.
See everyone soon!
The Dark Tangent
DEF CON 26 Hacker Tracker!
Posted 8.1.18
A must have for your burner phone - the DEF CON Hacker Tracker puts all the talks, contests, events and parties all in one easy-to-navigate package. It’s available in both android and Apple flavors and it’s free.
Media Treats for DEF CON 26!
Posted 7.29.18
Get hyped, fam. We're in the home stretch.
DEF CON Code of Conduct
Posted 7.27.18
I wanted it to act as a template for other conferences, if they chose to do so. It was legally reviewed by our outside law firm and a specialist. In 2018, it's looking like it may get seriously crash tested.
The Code of Conduct assumes people are acting in good faith and not creating intentionally elaborate, dishonest or disingenuous claims of harm. "Ah ha! This is where the bad actors will attack the CoC" you may be thinking.
As a conference of hackers, our CoC is intentionally flexible: like a spoon in the matrix. We describe generally what is not acceptable as opposed to trying to enumerate 42 different bad behaviors.
Besides the CoC, DEF CON has several structural factors that are to our advantage when dealing with people intent on disruption. This is not our first conference, and as such we have a department dedicated to dealing with this problem. We have also had time to plan with hotel and casino security should we need their involvement. We take this issue very seriously and choose to err on the side of removing people, rather than allow them to spoil the conference for those who just want to contribute in a positive way.
Finally, I have always said that DEF CON is what you make of it. I want to make sure our community has all the tools necessary to identify and report unacceptable behavior. Together, we will have all the pieces in place to act quickly and professionally, no matter what the issue is.
The Dark Tangent
DEF CON 26 Vendor List!
Posted 7.26.18
Party at DEF CON 26!
Posted 7.23.18
If you are one of those party-loving people, this update will fill up your smile tank. The Parties and Meetups Page is LIVE! Use it to learn all about the DC 26 party/meetup scene. Then, when the time is right, party with other partiers. Or meet up with people who share your interests.
Go get your life. It's all the best.
DEF CON 26 Speaking Schedule is Live!
Posted 7.19.18
Friends of Bill W at DEF CON 26
Posted 7.18.18
Stop by and refresh yourself. We'll be here.
Contests and Events at DEF CON 26 posted!
Posted 7.14.18
The more extroverted attendees can still opt for a Charity Mohawk or the cringetastic glory of Hacker Karaoke.
Block off a little time for pre-con recon and make a plan to make sure you get to sample widely from the smorgasbord of C&E offerings.
Our reunion draws ever closer, fam. Get amped.
So Many Villages!
Posted 7.12.18
Internet of Things
Crypto and Privacy
Wireless
Biohacking
R00tz Asylum
Hardware Hacking
Lockpicking
Social Engineering
Tamper Evident
Data Duplication
DEAF CON
Voting Machine Hacking
Recon
AI
Soldering Skills
DroneWarz
VX (Chip-Off)
Mobile Museum of Vintage Technology
Ethics
Laser Cutting
Cannabis
CAAD (Competition on Adversarial Attacks and Defenses)
Blue Team
Car Hacking
Packet Hacking
Industrial Control Systems
Skytalks
Monero/BCOS
Chances are there’s a few things in that list you want to level up on.
As always, the Villages are generated by the interest and effort of DEF CON Community members looking to share their interests and obsessions with you. Come through and show them some love and learn something new. If your obsession isn’t represented, maybe it’s time to write up a proposal for DEF CON 27!
Demo Labs for DEF CON 26 Posted!
Posted 6.28.18
Demo Labs are interactive, so, you know, interact.
Just over a month, people!
DEF CON 26 Workshops!
Posted 6.23.18
It’s officially summertime in our host hemisphere - the season of DEF CON has begun!
The Entire lineup of DEF CON 26 Talks is Live!
Posted 6.19.18
The wait is over - dig into the list to start your conference planning! We’re proud of the lineup we’ve created this year, and we think whatever your particular itch you’ll find some talks and panels that scratch it for you.
We’d also like to take a moment to thank the undersung heroes of the Selection Committee. They devote crazy amounts of time and energy to working through hundreds and hundreds of proposals to make sure the best ones make it to the top of the pile. They work hard, they make us great and they deserve your appreciation.
It’s almost here, hacker fam. Can you feel it?
DEF CON China Talk Video!
Posted 6.12.18
We also offer you the estimable and renowned Vito Genovese from the mighty Legitimate Business Syndicate, discussing the lessons taken from five years running the DEF CON CTF contest.
From the abstract:
"This presentation will cover topics about all aspects of CTF organization: the history of CTF, building a cross-functional organizing team that sticks together year after year, developing a game infrastructure that handles the onslaught of attacks from players, and the stories behind some of the most difficult CTF challenges ever built."
As always, enjoy and share the info. Be sure to join us in Vegas for the brand new CTF run by the scrappy upstarts in The Order of the Overflow.
DEF CON 25 Transparency Report!
Posted 6.4.18
We’re hoping that this kind of reporting catches on. It’s a good way to know where to concentrate our efforts, to attach more public accountability to the DEF CON Code of Conduct and to familiarize our community with how we handle con-goers’ concerns.
So check it out, and check back after DC 26 to see what went down behind the scenes..
PS whoever brought that one ‘vicious animal’ to the party - Hey. Don’t do that. Jebus.
https://www.defcon.org/html/links/dc-transparency.html
DEF CON 26 Link Roundup!
Posted 5.31.18
Friendly reminder that the Data Duplication Village has a CFP that's open until June 15th. Which is super soon, so if you're looking to speak there we suggest haste and focus.
The Social Engineering Village has its speaker schedule posted already! The season of the Con is most assuredly on. Check out who's gonna be dropping science on the hacking of humans, and make your plans accordingly.
For those of you who like a little 'pew-pew-pew' in your Vegas adventures, good news! The DEF CON shoot returns for DC26 - and registration is open. You can get the rules, schedule and location over at deviating.net.
Stay tuned as DEF CON 26 continues to coalesce.
DEF CON 26 Entertainment Announcement: Juno Reactor!
Posted 5.22.18
To that end, we are so proud to announce that some of those healing beats will be provided to you by the mighty, mighty Juno Reactor! You know Juno (government name: Ben Watkins) from decades of sonic bad-assery that includes the high-energy proto-trance of his debut ‘Transmissions’, the beat science of 2004’s ‘Labyrinth' and wildly cinematic soundscapes that adorn projects like ‘The Matrix Trilogy’, ‘2017 Gran Tourismo’ and ‘Drive’.
This performance will be hot on the heels of the June release of ‘The Mutant Theater’ - expect serious rhythm and highly interactive stage show that’s been described as ‘Labyrinth meets Barbarella’.
Check out Juno Reactor’s work. Get excited. This is gonna be special.
DEF CON 26 CTF Quals Write Ups!
Posted 5.16.18
"It's a Me" Challenge:
https://raywang.tech/2018/05/14/DEF-CON-Quals-2018-It-s-a-Me/
iPwn Kit:
https://gist.github.com/ChiChou/e3a50f00853b2fbfb1debad46e501121
https://gist.github.com/saelo/0a85f22c8a02f3a314661edd715900d3
Mario and Racewars:
https://github.com/toomanybananas/ctf_solutions/tree/master/defcon/2018
PoW as a Service:
https://github.com/kpcyrd/defcon26-pow
sbva:
https://github.com/bl4de/ctf/blob/master/2018/DEF_CON_Quals_2018/sbva/sbva_web.md
Signature Dishes:
https://hackmd.io/s/B1An6UL0M
smcauth:
https://blog.vero.site/post/shellql
DEF CON 26 CTF Quals Winners!
Posted 5.14.18
See all those qualified at the big show- DC26!
Halfway through DEF CON 26 CTF Quals!
Posted 5.12.18
Images from the Twittersphere: DEF CON China [Beta]!
Posted 5.11.18
DEF CON 26 CTF Quals this Weekend!
Posted 5.10.18
#DEFCONQUALS2018 will be held 00:00 UTC on May 12th for 48 hours. Glory awaits for the brave and the skilled. Get in the arena!
register.oooverflow.io
DEF CON 26 Homework: Critical Thinking Edition!
Posted 5.9.18
Another way to keep dystopia at bay: question everything. Widen your information funnel. Examine the framing. Check your sources.
In the spirit of DEF CON 26’s theme “1983: The View from Dystopia’s Edge”, we offer some homework reading with a focus on critical thinking.
First up, the delightful “You are Being Lied To”. It’s compiled by the redoubtable Russ Kick of the legendary first version of disinfo.com, and it’s a sage, provocative collection of bite-size think pieces from all over the cognitive map. The only through line is that many of your assumptions are garbage. Start anywhere, and let it shift your paradigm.
https://archive.org/details/media_You_Are_Being_Lied_To
“The Undercover Economist” is Tim Harford’s wry take on the basics of economic theory, with a special emphasis on the strange and counterintuitive ways the tangled forces of the economy affect your daily reality.
The final assignment for today is Walter Lippmann’s ‘Public Opinion’. Written almost a century ago, “Public Opinion” is an eerily incisive and prescient take on the way your opinions are crafted and slipped into your head while your attention is elsewhere. Less dated than you think, and packed with meaty insights for the ‘post-truth’ era. Prepare to question how (and why) you know everything you think you know.
http://www.gutenberg.org/ebooks/6456
Happy reading! Stay tuned for more assignments in the coming days.
Roundup of DEF CON Updates!
Posted 5.4.18
The passing of one major deadline doesn’t mean you have no reason to stay up all night sweating over a presentation idea. Many of the DEF CON 26 open calls closed May 1, but there are still villages and events still wide open for submissions. For example:
The brand-new Ethics Village (ethicsvillage.org) is accepting talk submissions until June 22.
Car Hacking Village (carhackingvillage.com) is still open.
Hardware hacking village is looking for talks, art and demos. Check their forum thread for more info.
Crypto and Privacy Village is open until June 15 (Cryptovillage.org)
AI Village CFP closes June 15 (https://goo.gl/forms/g50hhGITiOWEbo002)
Follow @defcon for village announcements as we get them!
Got a clever youngling you’re thinking of bringing along to DEF CON 26? Social Engineering Village has SE Capture the Flag contests for kids and teens - Find all the details at social-engineer.com!
CTF Quals Registration for DEF CON 26 is Now Open!
Posted 4.27.18
#DEFCONQUALS2018 will be held 00:00 UTC on May 12th for 48 hours. Glory awaits for the brave and the skilled. Get in the arena!
New Soldering Skills Village at DEF CON 26!
Posted 4.27.18
The change-up is beneficial for everyone, it means both villages can get quiet and well-lit spaces. It also means the two volunteer groups can better support the DEF CON community in their own ways. Both villages will maintain an open share of knowledge and volunteers between them. The SSV and HHV will coexist at DEF CON and provide the most that they can to all DEF CON attendees!
Also: Got something you want to show off, teach, or blab on about? Let us know about it! Shoot an email to [email]l33tbunni@dchhv.org[/email] Now accepting submissions for demos, talks, art, anything hardware you want to show off!
More info at https://www.dchhv.org
Space Announcement for DEF CON 26!
Posted 4.25.18
TL/DR
- DEF CON has has accepted more villages than ever before and needs to grow.
- DEF CON is spreading to two hotels, Caesars Palace and the Flamingo.
- This lets us do more stuff + evening pool parties.
The PLAN:
For DEF CON 26 we will try something we have never done - Split the con between two hotels! No, not like Paris + Ballys, they are connected. I'm talking Caesars Palace and the Flamingo across the street.
"That's Crazy!" you say. "Why do we need that much space?" you say. Check this out: The number of villages will almost double from last year to about 25. Parties should increase. More contests are under development. DEF CON needs space to support all the awesome projects from the community and I'd really like to throw some pool parties. That is all now possible.
In the next month you will hear more specifics but I want to answer some questions here:
- How will the space be split? The Flamingo will hold some of the "destination" events to relieve pressure off of Caesars Palace. Current planning includes Workshops, DEF CON 101 track, some villages and contests, a chill out space, pool parties, and more once we finish planning.
- Will there be DC TV at the Flamingo? Yes DC TV will be in the Flamingo and as many other hotels as we can wire. A more definitive list soon, but we are building on what we did last year.
- If you ran a village or contest last year you should count on the same or more space you got last year. If you are running a first time event we will work to meet all of your needs. If you want even more space or a dedicated spot at the Flamingo we can work on making that happen.
Background:
With the move to Caesars Palace last year we got more space and a different floor plan that helped with some flow, but the broken escalators stole some of those gains. For DEF CON 26 the escalators are fixed and we have a better understanding of how to use the space. With that understanding and the growth of interest in Village and Contests we realized that we are out of space and need to span to a new property. This growth will allow us to accept more contests and villages and try some new stuff while giving existing events some room to breathe.
Online Registration is open for DEF CON China [Beta]!
Posted 4.13.18
Of course, you are not required to make use of the online form. The traditional DEF CON method of cash at the door works too. In fact, if you want to pay at the door, cash is the only option for those visiting China for the conference. The price onsite is ¥1088, which is about USD173 at current exchange rates.
The venue for DEF CON China [beta] is the Beijing Kuntai Hotel, which you can book here. (http://www.kuntaihotel.com/en/) Once you have a confirmation from the hotel, you can use that document to help with your Travel Visa Application. (http://www.china-embassy.org/eng/visas/hrsq/)
Thanks to everyone who’s planning to make the trip and participate in this new DEF CON adventure. We’re working hard to put together a great show and we’ll see you in Beijing in just under a month!
Remainder of DEF CON China Speakers are Live, Schedule Updated!
Posted 4.11.18
Samit Anwer
Weibo Chen
Fabian Cuchietti & Gonzalo Sanchez
Daizibukaikou
Yuanjun Gong, Bin Liang, & Jianjun Huang
Peter Hlavaty
Konstantinos Karagiannis
Kang Li
Changyu Li & Quanpu Cai
Chuanda Ding
Peter Wesley, Tielei Wang, Changsheng Gao, Xinpeng Liu, Jun Li, April C. Wright, & Jayson E. Street
Xiaobo Xiang (Elphet)
Only one month to go until DEF CON China - are you ready?
DEF CON 26 Biohacking Village CFP is Open!
Posted 4.10.18
You have your assignment - we look forward to your entries.
DEF CON 26 Biohacking Village CFP
DEF CON 26 CTF Pre Qualifying Events Announced!
Posted 3.30.18
The 2018 pre-qualifying events have been selected! 🎉
The winners of DEFCON 2017, HITCON 2017, CCC 2017, 0CTF 2018, and PlaidCTF 2018 will automatically qualify for DEF CON 2018! This means, so far, PPP, DEFKOR, and pasten --- congrats!
A Prequal event for one of these, 0CTF 2018, kicks off tomorrow - online, jeopardy-style. If you’ve always wanted to try your skills against the best at the DC CTF, this is a good place to start. Assemble your team, sign up and see where it takes you.
Full info: http://oooverflow.io
First Round of Talks for DEF CON China [Beta]!
Posted 3.23.18
The first round selections include talks from DEF CON favorites like Zoz, Dan Kaminsky and Jayson Street as well as Chinese researchers like Dr. Tao (Lenx) Wei and Dr. Haixin Duan. Get acquainted with the speakers of Round 1 and watch this space for the announcement of Round 2 selections.
It’s coming together, people. We hope you’re as excited as we are .
First China Workshops are Live!
Posted 3.15.18
Selections for DEF CON China (beta) workshops are well underway. So well underway, in fact, that we already have three of them selected! They are:
UAC 0day, all day!
Ruben Boonen
Practical Malware Analysis: Hands-On
Sam Bowne, Devin Duffy-Halseth, and Dylan Smith
Principals on Leveraging PowerShell for Red Teams
Carlos Perez
If you’re interested in a deep dive into these subjects, please visit our workshops page for all the details. You’ll also want to bookmark that page and check back frequently, as we’ll be adding more in the coming days.
DEF CON China [Beta] Village Selection has Begun!
Posted 3.12.18
Lockpicking Village, hosted and run by the lock wizards of The Open Organization of Lockpickers (TOOOL). You could not be in more capable hands, whether you’re learning the ropes or testing your skills.
Car Hacking Village. Get your hands on the state of the art in connected auto security.
RECON Village - For people interested in Open Source Intelligence (OSINT) and its many applications.
The very popular Packet Hacking Village, where you can hone your knowledge of network hacking in all its flavors.
Hardware Hacking Village. Void warranties, break and remake physical tech and smell that sweet solder in the air.
You can learn about these villages and keep track as new ones are added for DEF CON China [beta] at the Villages page.
DEF CON China is beginning to assume its final form - join us in Beijing May 11-13!
DEF CON 26 and China [Beta] News: RECON Village Returns!
Posted 3.9.18
The DEF CON RECON Village will also be joining us for the first Beta DEF CON in China, and their Call for Papers is open right now, so check it out!
DEF CON China [Beta] Site is Live! Calls are open!
Posted 3.3.18
Contests and Events. Puzzlemasters, game-makers and party-throwers, bring us your best ideas! We want to share the fun side of DEF CON with the world, and if your proposal is selected, we’ll pitch in to make it a reality.
Villages. The hands-on mini-con is a perfect introduction to DEF CON, and we’re looking to you to conceive, plan and run the DEF CON Village we’ve never seen but always needed. Assemble your team, create your proposal and join us in Beijing!
Demo Labs! This is your chance to show off the project you’ve been hacking on, and get attention and feedback from the DEF CON community. Take that open source effort out of the garage and into the spotlight!
You’re still reading - probably because you’re psyched and looking for where you sign up, right? Maybe a DEF CON China website where you can find all the rules, parameters and relevant info? We’ve got that. Head over to https://www.defcon.org/html/defcon-china/dc-cn-index.html, get spun up and then make us proud!
Social Engineering Village CFP is Open for DEF CON 26!
Posted 2.21.18
Dark Tangent Attends Signing Ceremony for DEF CON China [Beta]
Posted 2.14.18
The signing ceremony included a New Year’s gift of some really beautiful locks from our partners at Baidu. The locks are in an ancient style, symbolizing the long history of security and security culture.
To submit to the DEF CON China [Beta] CFP, check out our submissions page. Let’s make this amazing together.
Packet Hacking Village (Wall of Sheep) and Skytalks CFPs are Open!
Posted 2.6.18
Packet Hacking Village CFP
Skytalks CFP
DEF CON China [Beta] Call for Papers is Open!
Posted 1.30.18
The event takes place soon – May 11-13, 2018. We are accepting and reviewing proposals on an expedited schedule, and speaking spaces are limited so please respond quickly. We are happy to work with you to perfect your proposal if it arrives in time.
The rules for submissions are explained in detail on our CFP page, The Chinese translation of these rules will be online very soon.
We look forward to your submissions!
DEF CON China [Beta] dates announced and Call for Papers opening!
DEF CON 神州【Beta】日期发布及征文启事(Call For Papers)Posted 1.29.18
That means everything is on a very short schedule. This week we will be opening the CFP and launching the China [Beta] sub-site with all the information you need to know to attend or to participate. Interested in running your village, contest or event there? We can help make that happen. Want to speak? Get your materials ready!
这意味着时间相当紧迫。 我们会在这周开启 CFP 及上传DEF CON神州[Beta]的网页。所有以各式方式 参会的资料将会那发布。欢迎各界英雄豪杰参与。若想作个village, 比赛或其他项目,我们能助你一臂之力!或想当演讲嘉宾吗?请收集好资料准备投稿吧!
Congratulations to Order of the Overflow!
Posted 1.26.18
Social Engineering Village Call for Papers & SECTF Registration are Open!
Posted 1.22.18
The DEF CON 26 Social Engineering Village SECTF registration is live! According to the SE Village Twitter it's already got over 100 signups, so don't dally if SE is your jam.
The SE Village Call for Papers is also open! If you’ve got a dynamite talk in you for the social engineering space, you have until April 1 to get your stuff together and submit. SE Village is one of the most popular at DEF CON, so don’t delay, and bring your A game!
DEF CON Groups Year in Review
Posted 1.15.18
Here it is... The Call for Everything!
Posted 1.12.18
Welcome to the Call for Everything! We’re looking for proposals in the following areas: Talks, Workshops, Villages, Contests, Events, Parties, Music, Demo Labs, Press, and Vendors!
The DEF CON 26 Call for Everything page is where to start for your assignment parameters.
A few pointers...
Early is better than perfect: If your proposal is hot but not quite there, we will work with you to get across the finish line.If you wait until the last moment, you’re kinda on your own.
Follow the guidelines: The angelic volunteers who evaluate the entries have a lot of work to do, and your courtesy in following the format makes their lives easier.
Most importantly, think big. There are a lot of security conferences, but only one of them is DEF CON. Submit accordingly.
Tor .onion Links for DEF CON Sites!
Posted 12.29.17
defcon.org main web site:
http://g7ejphhubv5idbbu3hb3wawrs5adw7tkx7yjabnf65xtzztgg4hcsqqd.onion/
media.defcon.org:
http://m6rqq6kocsyugo2laitup5nn32bwm3lh677chuodjfmggczoafzwfcad.onion/
defcongroups.org:
http://jrw32khnmfehvdsvwdf34mywoqj5emvxh4mzbkls6jk2cb3thcgz6nid.onion/
Tor announced a major update to their .onion services at DEF CON 26, version 3 that greatly improves the stability and resistance of .onion sites. In order to visit a v3 .onion site you must use a newer version of Tor, or the "experimental" branch of the Tor Browser Bundle (TBB) available here [https://www.torproject.org/projects/torbrowser.html.en#downloads-alpha].
Read more about this next generation of onion services here [https://blog.torproject.org/tors-fall-harvest-next-generation-onion-services]
- The Dark Tangent
Building the DEF CON CTF, Part 4!
Posted 12.28.17
If you think you've got a great idea for the next DEF CON CTF, you still have until the end of the year to get a proposal in to us - the info you need is at https://www.defcon.org/html/links/dc-ctf-cfo.html
2018 is right around the corner, people. Preparations are underway.
DEF CON In the News! Election Security Bill Introduced!
Posted 12.22.17
Read the full text of the proposed legislation dubbed the “Secure Elections Act”.
DEF CON 26 Hardware Hacking Village News!
Posted 12.20.17
We couldn't be more excited to see all the upgrades in person! Follow @DC_HHV on Twitter and check out their website for more details on all the changes coming for next year!
DEF CON 26 Homework Assignments Roll On!
Posted 12.15.17
The movie fits the theme of 1983 by being a thoughtful and moving study of hope and resistance in the face of calamity and misrule. It also features a bunch of stellar performances and some crazy precision camera work (keep your eyes peeled for the long, unbroken takes).
'Children of Men' fits our theme in other ways, too - the set design could hardly be more in line with our DC26 style guide. Concrete skies, graffiti, neglected brutalist edifices everywhere - it's probably as close to a match as you're going to find so feel free to take inspiration from it.
Watch this space for more assignments!
DEF CON in the News!
Posted 12.7.17
DEF CON in the News!
Posted 12.5.17
"The results of the Voting Village were summarized in detail in a report. It is notable that participants, who did not have any previous special expertise in voting machines or access to any proprietary information or source code, were very quickly able to find ways to compromise every piece of equipment in the Village by the end of the weekend. Depending on the individual model of machine, participants found ways to load malicious software, gain access to administrator passwords, compromise recorded votes and audit logs, or cause equipment to fail. In most cases, these attacks could be carried out from the ordinary interfaces that are exposed to voters and precinct poll workers. The first machine was compromised by a participant within 90 minutes of the doors opening."
You can read the full report from the Voting Village.
And a transcript of Matt's remarks
DEF CON 26: The Homework Continues!
Posted 12.1.17
In the spirit of the counterfuture, we offer book two in our pre-con homework series: ‘Cryptonomicon’ by Neal Stephenson. It’s a bit of an epic, so you’ll want to pencil in some real reading time. The story concerns two historical inflection points, WWlI and the eve of the 21st century. In both eras, Crypto and savvy are all that protect us from a spreading and despotic darkness. In both, hackers (of various kinds)are the carriers of the counterfuture.
Enjoy, and stay tuned for more assignments.
DEF CON 26 Call for CTF Organizers Reminder!
Posted 11.29.17
We’re looking for a team with big ideas and the skills to execute under pressure. A team that wants to push the limits and create challenges that people talk about for years.
If that’s you, read the requirements at https://www.defcon.org/html/links/dc-ctf-cfo.html and get in touch. We look forward to seeing what you’ve got.
DEF CON 26: The Homework Begins!
Posted 11.28.17
Don't let the YA trappings trip you up - the book contains a toothsome examination and critique of the dangers of the police state and the role that hackers, makers and like-minded troublemakers can play in turning the tide.
It's also fun. Share your thoughts with us in the comments and stay tuned to this space for your next assignment.
DEF CON 26 Theme Announcement!
Posted 11.22.17
More details here.
DEF CON in the News: Confessions of a First Time Speaker
Posted 11.16.17
You can view the author, Jim Nitterauer’s talk regarding DNS Privacy on our YouTube channel:
DEF CON 25 - Jim Nitterauer - DNS: Devious Name Services Destroying Privacy & Anonymity w/o consent
As always, enjoy and pass it on!
Packet Hacking Village Videos Have Hit YouTube!
Posted 11.7.17
Live now on YouTube, Main Speaking Track Talks from DEF CON 25!
Posted 11.2.17
More Assorted Talks from DEF CON 25!
Posted 11.1.17
HighWiz, Malware Unicorn, Niki7a, Roamer, Wiseacre, Shaggy - DEF CON 101 Panel
Inbar Raz, Eden Schochat - From One Country, One Floppy to Startup Nation
Jason Hernandez, Sam Richards, Jerod MacDonald-Evoy Tracking Spies in the Skies
John Sotos - Genetic Diseases to Guide Digital Hacks of the Human Genome
Matt Wixey - See no evil, hear no evil: Hacking invisibly & silently with light & sound
Octane - Untrustworthy Hardware and How to Fix It
Snide Owen - Phone system testing and other fun tricks
Whitney Merrill, Terrell McSweeny - Tick, Tick, Tick Boom You're Dead: Tech & the FTC
Jason Staggs - Breaking Wind: Adventures Hacking Wind Farm Control Networks
Enjoy, embiggen, and pass it on.
BioHacking Village Talks are Live on YouTube!
Posted 10.31.17
As ever, pass it on.
Caesars Room Block expanded for DEF CON 26!
Posted 10.26.17
To register at Caesars with our room rate, use the link https://aws.passkey.com/gt/212381033?gtid=281c2a2f3267f177478f6cb65cf90b8b
This link will also get you the discount at several nearby affiliated hotels. While supplies last.
Recon Village Video from DEF CON 25!
Posted 10.25.17
Tyler Rorabaugh - DFIR Automation Orchestration Tools For OSINT Recon
Tracy Maleeff - Into the Bird's Nest: A Comprehensive Look at Twitter
Winner Announcement Prize Distribution
Simon Roses - OSINT Tactics on Source Code and Developers
Shane MacDougal - Keynote: Seeing is Believing The Future of Recon
Mikhail Sasonkin - Up Close and Personal: Keeping an Eye On Mobile
Leah Figueroa - FERPA: Only Grades Are Safe; OSINT In Higher Education
Kunal Aggarwal - DataSploit Open Source Assistant for OSINT
Jason Haddix - Domain Discovery:Expanding Your Scope Like A Boss
Inbar Raz - Do Tinder Bots Dream of Electric Toys
Guillermo Buendia, Yael Esquivel - How To Obtain 100 Facebooks a Day
Dakota Nelson -Total Recoll
Anthony Russell - Building Google For Criminal Enterprises
Andrew Hay - An Introduction to Graph Theory for OSINT
Abhijeth Dugginapeddi - Recon and Bug Bounties What A Great Love Story
Take one down and pass ‘em around. Sharing is caring.
Live on YouTube, Car Hacking Village Video from DEF CON 25!
Posted 10.24.17
Mickey Shkatov, Jesse Michael, Oleksandr Bazhaniuk - Driving down the rabbit hole
Weston Hecker - Grand Theft Radio Stopping SDR Relay Attacks
Vlad Gostomelsky - GPS System Integrity
Tim b1tbane, Mitch Johnson, ehntoo - That's No Car Its a Network
Sheila Ayelen Berta, Claudio Caracciolo - The Bicho
Sameer Dixit, Vlad Gostomelsky - Abusing Smart Cars with QR Codes
Montalbano, Gillispie, Connett - Attacking Wireless Interfaces
Jeffrey Quesnelle - An Introduction to AUTOSAR Secure Onboard
Woodbury, Haltmeyer - Linux Stack Based V2X Framework
Badge Life: DEFCON Unofficial Badges Panel
Corey Theun - Heavy Truck and Electronic Logging Devices
Enjoy, and remember to pass ‘em on. More shortly.
Assorted Video Tales from DEF CON 25!
Posted 10.23.17
Kevin Sacco - Tales of A Healthcare Hacker
Rhett Greenhagen - Skip Tracing For Fun and Profit
J0n J4rv1s - Surveillance Capitalism Will Continue til Morale Improves
Gus Fritschie, Evan Teitelman - Backdooring the Lottery and Other Security Tales
Svea Eckert, Andreas Dewes - Dark Data
Chris Sumner - Rage Against the Weaponized AI Propaganda Machine
Ryan Lackey - Cypherpunks History
Yan Shoshitaishvili - 25 Years of Program Analysis
Manfred - Twenty Years of MMORPG Hacking: Better Graphics, Same Exploits
Pass it on, and watch this space.
Wifi Village Talks are Live on YouTube
Posted 10.20.17
Woody, Tim Kuester - GODUMPiNG packet sniffing the Gotenna
Vivek Ramachandran, Nishant Sharma, Ashish Bhangale- Deceptacon
Robert Ghilduta - Designing An Automatic Gain Control
Nick Delewski - Failsafe: Yet Another SimpliSafe Attack Vector
Matt Blaze - Sigint for the rest of us
Eric Escobar - SecureWorks: SDR Replay Attacks On Home Security Systems
Balint Seeber - Hacking Some More of the Wireless World
Andrew Strutt - Suitcase Repeater Build for UHF 70cm
Andrew Strutt - POCSAG Amateur Pager Network
Alexander Zakarov - Large Scale Wireless Monitoring: KISMET Packet Sniffer
Aardvark, Darkmatter - WIGLE Like You Mean It Maximizing Your Wardriving
Enjoy, share and stay tuned!
The Voting Machine Hacking village talks from DEF CON 25 are on YouTube!
Posted 10.19.17
Jake Braun - Securing the Election Office: A Local Response
Joseph Hall, David Jefferson - Common Misconceptions and False Parallels
Matt Blaze - How did we get here? A history of Voting Technology
Mary Brady, Josh Franklin - The State of US Voting System Security
Joseph Hall - Election Hacking: Legal Considerations from the Civil Side
Harri Hursti - Brief history of election machine hacking
General Douglas Lute - National Security Implications of Voting Attacks
Barbara Simons, David Jefferson - Election Systems: More Than the Booth
As always, pass it on. Share the knowledge.
More on the way.
DEF CON 25 Social Engineer Village Talks on YouTube!
Posted 10.18.17
Yaiza Rubio, Félix Brezo - Heavy Diving For Credentials
Tyler Rosonke - Social Engineering With Web Analytics
Robert Wood - Thematic Social Engineering
Jayson E. Street - Strategies on Securing Your Banks and Enterprises
Helen Thackray - Hackers Gonna Hack , But Do They Know Why?
Fahey Owens - Beyond Phishing – Building & Sustaining a Corporate SE Program
Chris Hadnagy - SE vs Predator: Using SE In Ways I Never Thought
Brent White, Tim Roberts - Skills For A Red Teamer
Billy Boatright - Nor Lose The Common Touch
Michele Fincher - Are You Killing Your Security Program?
Keith Conway, Cameron Craig - Change Agents How to Effect Change in Corporate Culture
John Nye - The Human Factor Why Are We So Bad at Security
As always, take some knowledge, share some knowledge.
Many more videos on the way.
ICS Village Talks from DEF CON 25 on YouTube!
Posted 10.16.17
For the low, low price of time and attention you get:
Thomas Brandsetter - InSecurity in Building Automation
Joe Weiss - Cyber Security Issues with Level 0 through 1 Devices
Chris Sistrunk - What's the DFIRence for ICS
Bryson Bort, Atlas - Grid Insecurity and How to Really Fix This Shit
Blake Johnson Dissecting Industrial Wireless Implementations
Arnaud Soullié - Fun with Modbus 0x5a Nothing New Still Relevant?
Settle yourself in and get hip to the ICS news. Be the hit of every cocktail party with all your new ideas about DFIR and Modbus!
Pass it on and stay tuned for more.
DEF CON 25 Privacy Talks on YouTube!
Posted 10.13.17
The menu:
Cooper Quintin and Kashmir Hill - The Internet Already Knows I’m Pregnant
Jim Nitterauer - DNS: Devious Name Services Destroying Privacy & Anonymity w/o consent
Peyton Engel - Learning about Government Surveillance Software
Roger Dingledine - Next Generation Tor Onion Services
Richard Thieme - When Privacy Goes Poof! Why It's Gone and Never Coming Back
Tess Schrodinger - Total Recall Implanting Passwords in Cognitive Memory
Weston Hecker - Opt Out or Deauth Trying! AntiTracking Bots & Keystroke Injection
Block out some time, get yourself some hot cocoa and enjoy. As always, spread the love and share the content.
More to come. Stay tuned.
IoT Talk Videos from DEF CON 25!
Posted 10.12.17
Watch this space for more playlists. It’s all happening.
Happy Hacktober to all.
C-SPAN coverage of Voting Machine Security Forum
Posted 10.11.17
DEF CON 25 Voting Machine Hacking Village Report Released!
Posted 10.10.17
During the weekend of DEF CON 25, every single device in the Voting Village was compromised. The report we’re releasing today gives a glimpse into how much we were able to discover in only a few days. Any committed threat actor would devote vastly more time and resources, and we believe that democratic governments must treat the security of election systems with the same rigor and investment as they do their borders.
We entered into this experiment as a non-partisan public service, believing that discussion about solutions has to start with a realistic assessment of what needs fixing. The DEF CON community has a lot of talent in that kind of work, and we saw a way we could contribute.
We would like to thank everyone who joined us in the Voting Village to test the machines, everyone who collaborated on the report, the Atlantic Council for helping us share the results and the Library of Congress for granting an easement of the DMCA provisions that would have blocked this research. This project is a great example of government making room for independent researchers to bring their talents to an issue that matters to all of us. Here’s hoping there will be more success stories like this one.
LegitBS Blog on Running CTF for DEF CON!
Posted 10.6.17
Recommended read for anyone interested in CTF, especially anyone considering responding to our call for CTF Organizers. LBS is top-shelf, and if you’re going to learn, they’re the kind of teachers you want.
DEF CON Capture the Flag Call for Organizers!
Posted 10.2.17
We know some of you have genius ideas for making your own mark on the world’s premiere CTF competition, we want your proposal. In return for your fresh blood and fanatical devotion, we offer eternal geek glory and a place in the pantheon next to LegitBS, DDTEK, Kenshoto and the all theheroes who have made this contest their own.
There’s a lot you’ll need to know to submit, and you can read all about it on our CTFCFO page.
For inspiration, check out this Mega-panel of previous CTF organizers from DEF CONs past, courtesy of DEF CON 25.
If you’re ready to graduate from the combat arena to the control room, get your ideas together and let’s make some magic. Valhalla awaits.
DEF CON in the news: High Sierra edition
Posted 9.26.17
A little more of Patrick’s excellent work from DEF CON 25 - his presentation on OSX Fruitfly.
DEF CON 25 News Roundup: Voting Machines Edition
Posted 9.21.17
In Virginia, the State Board of Elections voted to decertify it’s touchscreen voting machines in time for the November gubernatorial election, and one of the reasons given was the discoveries at DEF CON. We’re hoping for increased focus on security and accountability in our voting systems, and we are pleased to see the subject getting broader attention.
https://www.washingtonpost.com/local/virginia-politics/virginia-scraps-touch-screen-voting-machines-as-election-for-governor-looms/2017/09/08/e266ead6-94fe-11e7-89fa-bb822a46da5b_story.html?utm_term=.bf3f8eb32228
https://www.theregister.co.uk/2017/09/11/virginia_to_scrap_touchscreen_voting_machines/
https://www.usnews.com/news/best-states/virginia/articles/2017-09-08/virginia-bans-certain-voting-machines-over-hacking-concerns
There’s also a very informative episode about DEF CON by the fine people who do all the ‘How Stuff Works’ podcasts. The first half is devoted to a thorough explanation of DC history and the second half is an interview with the wonderful Shannon Morse (@Snubs) about her experiences there as a human and in her professional capacities as a vendor and journalist. It’s from their TechStuff series and it’s worth a listen, especially if you’re new to the community.
http://shows.howstuffworks.com/techstuff/the-def-con-story.htm
The DEF CON 25 Soundtrack Raises Funds for the EFF!
Posted 9.5.17
The DEF CON A&E Team also auctioned off an artist badge for $321. Add that to the current Bandcamp sales of $423.37 and our donation match and you get a current payout to EFF of $1506.
"But the EFF does so much!" you say. "Surely I can still contribute to push that number higher?"
To which we respond, "Yes. Yes you can."
Click that link. Get some tunes. Relive the sounds of DEF CON 25 and toss a little change in the bucket to help the EFF keep cyberspace free.
Do it today, and then make sure to pass it on.
Early Release Video: Patrick Wardle's "Offensive Malware Analysis"
Posted 9.2.17
As always, enjoy and pass it on.
Cyber Grand Challenge Analysis
from DEF CON 24Posted 9.1.17
Early Release Video - DC to DEF CON
Posted 8.28.17
Ever wondered if there was such thing as a “hacker-friendly” member of Congress? We found some and convinced them to come to DEF CON so you can meet them too! In this first-of-its-kind DEF CON session, two of the most hacker-friendly Congress critters will join DEF CON for an engaging and interactive session with the security research community.
Join the Atlantic Council’s Cyber Statecraft Initiative for a candid discussion with Representatives Will Hurd (R-TX) and James Langevin (D-RI). The two Congressmen share their thoughts on the latest developments in cybersecurity policymaking on the Hill, exchange ideas, and maybe even answer some of the Congressmen’s questions.
As always, enjoy and pass it on.
DEF CON 25 Link Roundup!
Posted 8.21.17
DEF CON 25 Social engineer Village Wrap Up
Packet hacking Village Presentation Slides
Hacker Warehouse coverage of the DEF CON 25 Voting machine hacking Village
Early Release Videos: Plore - Popping a Smart Gun, & Max Bazaliy - Jailbreaking Apple Watch
Posted 8.16.17
We also have Max Bazaliy's brief but info-dense presentation about the Apple Watch. Max walks through the Watch's vulnerabilities and methods of exploitation and closes with a demo of a jailbreak.
As always, enjoy and pass it on.
Press from DEF CON 25!
Posted 8.15.17
Caesars Rooms Going Fast for DEF CON 26!
Posted 8.11.17
Those of you interested in the reduced rates we get at the con-affiliated hotels can slide over to https://aws.passkey.com/go/SCDEF8 for the most current info, and keep an eye out for any updates, should more rooms become available.
Current Prices:
Harrahs: $64 Sun-Thur, $94 Fri-Sat, $15 resort fee
Ballys: $84 Sun-Thur, $127 Fri-Sat, $19 resort fee
Caesars: $151 Sun-Thur, $171 Fri-Sat, $22 resort fee
Flamingo: $87 Sun-Thur, $127 Fri-Sat, $17 resort fee
Linq: $69 Sun-Thur, $99 Fri-Sat, $17 resort fee
Paris: $133 Sun-Thur, $156 Fri-Sat, $19 resort fee
Complimentary self and valet parking at all properties!
Media Server Treats: Updated Materials and Film Contest Video!
Posted 8.10.17
The films from the T.D. Francis X-Hour Film Contest, including the winner, are also there for your viewing pleasure.
Enjoy, and pass it on!
Another DEF CON 25 Early Release Video: Open Source Safe Cracking Robots with Nathan Seidle
Posted 8.8.17
https://youtu.be/v9vIcfLrmiA
Early release Video! Elie Bursztein - How We Created the First SHA 1 Collision
Posted 8.7.17
As ever, enjoy and share the love. Pass it on.
Media Server Treats: Capture the Flag Edition!
Posted 8.6.17
In addition to the individual files in the CTF folder, we have prepared the whole enchilada in handy torrent format. As always, seeding is greatly appreciated. The data must flow.
Media Server Treats: Closing Ceremonies Slideshow Photos are Live!
Posted 8.5.17
Early Release Video from DEF CON 25!
Posted 8.4.17
Contest Results from DEF CON 25!
Posted 8.3.17
The contest results page represents the current state of our knowledge. We'll update as additional info comes in - do not despair if you don't see the event you're looking for just yet.
We also salute all those who competed but did not taste victory this year. The distance between observer and competitor is much greater than the one between competitor and victor, and DEF CON 26 will be here sooner than you know.
Receipts, Presentations, and More, on media.defcon.org!
Posted 8.2.17
Anything you might have formerly found on the Con CD, as well as anything we post in the future in the way of Video, Audio, and updates to presentations will be there, so keep your eyes peeled!
DEF CON 25 Receipt
Torrents for Presentation and Workshop Materials:
https://media.defcon.org/DEF CON 25/DEF CON 25 presentations.torrent
https://media.defcon.org/DEF CON 25/DEF CON 25 workshops.torrent
Nice Truck, Car Hacking Village Winners!
Posted 8.1.17
Congrats DEF CON 25 CTF Winners, PPP!
Posted 7.31.17
You can read the final scores and sift through all their juicy data on the LBS blog:
https://blog.legitbs.net/2017/07/def-con-ctf-2017-final-scores-and-data.html?m=1
Thanks for a Great DEF CON 25!
Posted 7.31.17
Thanks to everyone who brought their energy and curiosity to Caesars this year, to every one of you who took the time to teach something, to every one who brought something to share, and to everyone who made it easy for people new to the scene to find a home.
We hope to see all of you back at Caesars for DEF CON 26! We're gonna get on planning that the minute the dust is cleared from this one. Stay tuned for content updates, contest results and the rest of the press coverage.
As always, we are insanely proud of the DEF CON community.
We love you, and we look forward to doing all this with you again soon.
Mid-Con Press Roundup
Posted 7.29.17
Cnet does a good job of reminding everyone to take a deep breath and carry on.
Kasparov talks calculated odds, AI, and cybersecurity
Cool Q&A with the brilliant and highly entertaining Kasparov.
It's shockingly easy for hackers to remotely scan and clone your work security badge
Why DEF CON still matters 25 years later
Well, technically 24 years later. But we're glad to still matter.
The First Apple Watch Jailbreak Has Been Demonstrated At Def Con 25
Hackers Will Be Breaking Into Voting Machines This Weekend
#VotingVillage is a hit!
Posted 7.28.17
90 min after doors open: Complete remote control on the operating system level of the Winvote voting terminal (including election data).
On the e-pollbook front: internal data structure already discovered and reverse engineered within an hour. #VotingVillage
In Memoriam, the DEF CON Conference CD
Posted 7.27.17
The world has changed, and CDs are now a weird novelty item from the hazy past like Pet Rocks and Cassingles.
This year, you'll find all that juicy data on the DEF CON media server (media.defcon.org) and you can connect at your leisure and leech to your heart's content with no silly plastic doodads to hunt down of when you're loading out your hotel room.
We will miss the Conference CD. We had good times together. We will toast to your memory, and pour out a little data in your honor. See you on the flip side, old friend.
Torrents for Presentation and Workshop Materials:
https://media.defcon.org/DEF CON 25/DEF CON 25 presentations.torrent
https://media.defcon.org/DEF CON 25/DEF CON 25 workshops.torrent
DEFCON 25 Pre-con Link Roundup
Posted 7.26.17
Parking information: Vegas parking is a little different every year - here’s the thread about it on the DEF CON forums.
https://forum.defcon.org/forum/defcon/defcon-25-planning/226245-parking-in-vegas-it-s-ok-we-can-hear-you-screaming-from-here
For that matter, you can use the DEF CON forums to check out information about any of the stuff going on here.
forum.defcon.org
In case you didn’t know, there’s an official app for DEF CON called HackerTracker, available in iOS and Android flavors. Open source and created with love by members of the community, and full of stuff like maps and schedules to help you navigate.
iOS: https://itunes.apple.com/mx/app/hackertracker/id1021141595?l=en&mt=8
Android: https://play.google.com/store/apps/details?id=com.shortstack.hackertracker&hl=en
For those of you in Paris and Bally’s, good news! You get DEF CON TV! 4 channels, no waiting.
For the latest in presentation info and such, hit up the DC25-specific media server at dc25-media.defcon.org on the internal DEF CON 25 network.
To keep up to date on the latest of the late-breaking news, follow the main twitter feed @defcon, the DEF CON info booth @dcib and Facebook.com/defcon. Pictures and such also going up at @wearedefcon on Instagram.
And most importantly, registration opens Thursday at 6am. See you there!
Announcing the DEF CON 25 Official Soundtrack
Posted 7.26.17
14 tracks of hacker-centric tunes by so many fantastic artists, like:
Skittish and Bus, Laughing Mantis, Information Society, Zebbler Encanti Experience, JG And The Robots, Bioassay, Moderns, Left-Right, Ninjula, Richard Cheese and Lounge Against The Machine, The TroubleShooters, MC Frontalot, Lavos, Dual Core
It's available for free on media.defcon.org in a handy torrent, or if you're feeling benevolent, in a pay what you want format to benefit the EFF.
WiFi Reg at DEF CON 25 Now Open!
Posted 7.25.17
HackerTracker is Live in the App Store!
Posted 7.23.17
The iOS version of HackerTracker is available on the AppStore!. It's free, slick and courtesy of @sethlaw, @Chrismays94, @macerameg & @imachumphries. Thanks to all of them for delivering the goods on time!
T.D. Francis X-Hour film contest signups are open!
Posted 7.23.17
Sign up now for the 2017 T.D. Francis X-Hour film contest!
Friends of Bill W. at DEF CON 25.
Posted 7.21.17
(See info booth next to office 4 on the map, if you’re having trouble finding “Office 4A”)
DEF CON 25 Data Duplication Village!
Posted 7.19.17
6TB drive 1-3: Updated archive of infocon.org plus other "direct from DT" content
6TB drive 2-3: freerainbowtables.com hash tables (#1-2)
6TB drive 3-3: GSM A5/1 hash tables plus remaining freerainbowtables.com data (#2-2)
There's a handy schedule to follow and you can drop off and pick up just like dry cleaning.
For more info you can check out dcddv.org and the forum thread
DEF CON 25 Entertainment Lineup!
Posted 7.19.17
Just a little over a week! W00T!
*Richard Cheese and Lounge Against the Machine are performing in the Chill-Out Area, the rest of these performers are on the main stage.
Full-spectrum psychedelic bassquake - ZEE is back!
Posted 7.17.17
Zebbler Encanti Experience (aka “ZEE”) is what happens when Pixel Wizard and Techno Badger meet in the woods and decide to short circuit neural pathways of the nearby mushroom pickers with nothing short of bassquakes (9.0 on the scale of awesome) and complete visual reality replacement (somewhat too awesome and terrifying to be numbered anything in particular).
That historic meeting in the woods is the underpinning of the very garments that ZEE now wear at every event they perform. The mere loosening of a button of their coats' pockets opens up a wormhole of psychedelic visions and sub-sonic rattles. But Zebbler Encanti Experience do more than that. They open their minds fully to each and every dance floor and ask you to Get In There!
Richard Cheese and Lounge Against the Machine are BACK for DEF CON 25!
Posted 7.15.17
America's loudest lounge singer Richard Cheese performs swingin' Vegas versions of rock and rap songs, "swankifying" popular Top40 hits into retro vocal standards. Imagine Sinatra singing Radiohead, and you've got Richard Cheese & Lounge Against The Machine.
The aforementioned DEF CON soundtrack is included with admission at DEF CON 25 or by donating to the EFF (url coming soon).
DEF CON 25 Friday Headliner: Reel Big Fish!
Posted 7.14.17
In case you're not familiar, a bio snippet: "Reel Big Fish were one of the legions of Southern California ska-punk bands to edge into the mainstream following the mid-'90s success of No Doubt and Sublime. Like most of their peers, they were distinguished by their hyperkinetic stage shows, juvenile humor, ironic covers of new wave pop songs, and metallic shards of ska."
Sounds fun, yes? Yes.
DEF CON 25 Village Spotlight: ICS VIllage
Posted 7.13.17
We bring you a safe, yet realistic environment where you can learn on how to assess, enhance, and defend your Industrial Environment. We bring you real components such as Programmable Logic Controllers (PLC), Human Machine Interfaces (HMI), Remote Telemetry Units (RTU), Actuators, etc. to simulate a realistic environment by using commonly components throughout different industrial sectors.
You will be able to connect your machine towards the different industrial components and networks and try to assess these ICS devices with common security scanners, network sniffers to sniff the industrial traffic, and more! In addition to previous years there is a workshop dedicated to ICS 101 and 201. Afterwards there will be an additional but optional challenge to test your newly acquired skills.
Follow @ICS_Village or have a look at www.ics-village.rocks.
New for DEF CON 25:
Voting Machine Hacking Village!Posted 7.11.17
-The Dark Tangent
Judging from the headlines, it's a good time to figure out how secure our electronic voting machines are. What better way, we thought, to find out what's real and what's hype than getting a bunch of real voting machines into the hands of thousands of hackers? We happen to know where to find a lot of hackers onthe last weekend in July, so we created the Voting Machine Hacking Village. We're bringing a bunch of voting machines and encouraging people to see what's possible. Let's test the physical security, try attacks at a distance, dump the BIOS, all of it. Knowing is half the battle, people. Let's do our part to add to the base of knowledge.
Read all about it:
Voting Machine Hacking Village on the DEF CON Forums
DEF CON 25 Schedule is Live!
Posted 7.9.17
We don't know about you, but we're getting pretty excited about this thing.
Web version: https://www.defcon.org/html/defcon-25/dc-25-schedule.html
PDF version: https://www.defcon.org/images/defcon-25/dc-25-schedule.pdf
Lawyer Meetup at DEF CON 25!
Posted 7.7.17
See you there!
Important Call for Parties Update!
Posted 7.6.17
Luxury solution: Turn it over to DEF CON community for some more parties. Got an idea for a fun, open-to-everyone party you’d like to throw? Get at us at contests@defcon.org right away. We’ll work with the best ideas to allocate floor space and get the party launched.
You have your assignment. We look forward to your kick-butt ideas.
DEF CON 25 Demo Labs are Live!
Posted 7.6.17
Workshops Reg Opens July 5th!
Posted 7.4.17
For those of you who are interested in the Workshops, we have some registration info. Online registration for workshops opens July 5 at 3pm PDT. First come, first served, so bookmark https://www.defcon.org/html/defcon-25/dc-25-workshops.html and set an alarm.
See you soon!
Meet the CFP Review Board!
Posted 6.30.17
The Speaker List is Complete!
Posted 6.22.17
Workshops are Live!
Posted 6.21.17
A DEF CON 25 Announcement
Posted 6.15.17
No DEF CON 25 Mystery Challenge or badge contest.
Curious Codes, the company that was designing the DEF CON 25 badges,
notified us they are no longer working on any challenges or badges for DEF
CON.
A combination of design and planning delays combined with a last minute
unforeseen personal circumstance made their production impossible.
No special badges or challenge and no mystery challenge
We've gone with a DEF CON 25 anniversary theme with the badges and have
worked around the clock to get them designed and ordered. Not to fear, we
are hackers, it will work out. Everyone will have badges, they just won't
have crypto, secret embedded robotics, or radioactive compounds. I'll talk
more about the joy of conference badges in a later post.
Yes, L0st had planned to do a special DC 25 challenge to break everyone's
minds.
Stay tuned for more info on #badgelife, we are planning a badge meet up for
all those who enjoy building and collecting conference or contest specific
badges of all kinds.
Village Spotlight - Crypto and Privacy Village Edition!
Posted 6.14.17
Better Know a Contest: Hair Farmer Edition!
Posted 6.14.17
DEF CON 25 Contest Update! SOHOpelessly Broken Router List Released!
Posted 6.11.17
Village Spotlight: Packet Hacking Village
Posted 6.10.17
'Better Know a Contest’: Crash and Compile Edition
Posted 6.6.17
DEF CON 20 Documentary on USB with updated material!
Posted 6.5.17
Videos of DC 20's Hacker Jeopardy and Hacker Pyramid
Music from the artists that played DEF CON 20 Pictures from all over DC20
All the DEF CON programs in PDF format
All the entries from the DC20 Short Story Contest.
DEF CON 25 Speaker round 2!
Posted 6.2.17
Dor Azouri
How We Created The First SHA-1 Collision And What It Means For Hash Security
Elie Bursztein
Abusing Certificate Transparency Logs
Hanno Böck
Breaking the x86 Instruction Set
Christopher Domas
Secure Tokin' and Doobiekeys: How To Roll Your Own Counterfeit Hardware Security Devices
Joe FitzPatrick & Michael Leibowitz
MEATPISTOL, A Modular Malware Implant Framework
FuzzyNop & ceyx
Radio Exploitation 101: Characterizing, Contextualizing, and Applying Wireless Attack Methods
Matt Knight & Marc Newlin
Cisco Catalyst Exploitation
Artem Kondratenko
"Tick, Tick, Tick. Boom! You're Dead." — Tech & the FTC
Whitney Merrill & Terrell McSweeny
An ACE Up the Sleeve: Designing Active Directory DACL Backdoors
Andy Robbins & Will Schroeder
Man in the NFC
Haoqi Shan & Jian Yuan
Porosity: A Decompiler For Blockchain-Based Smart Contracts Bytecode
Matt Suiche
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
Orange Tsai
Assembly Language is Too High Level
XlogicX
DEF CON 25 Sticker Packs now Available!
Posted 5.31.17
DEF CON 25 Vendor Applications are Closing Soon!
Posted 5.30.17
First Round of DEF CON 25 Speakers are Live!
Posted 5.24.17
DEF CON in the Media: Mar Talks Art and DEF CON on PBS!
Posted 5.23.17
Village Spotlight: BioHacking Village!
Posted 5.19.17
Better Know a Contest - Film Contest Edition!
Posted 5.17.17
• You can film in the venue so long as you're wearing your brightly colored Contest tees.
• Up to 5 crew - actors and extras aren't counted as crew.
DEF CON 25 Village Spotlight: Tamper-Evident Village!
Posted 5.11.17
Tuesday Feature: Better Know a Contest!
Posted 5.9.17
Flashback Friday: DEF CON the Documentary!
Posted 5.5.17
Congrats to DEF CON 25 CTF Qualifying Teams!
Posted 5.1.17
Tea Deliverers
Shellphish
DEFKOR
A*0*E
hacking4danbi
!SpamAndHex
RRR
Team Rocket ☠️
DEF CON 25 CFP Reminder!
Closes Monday May 1!Posted 4.27.17
https://www.defcon.org/html/defcon-25/dc-25-cfp.html
DEF CON 25 Crypto & Privacy Village CFP is OPEN!
Posted 4.24.17
DEF CON 25 Vendor Registration is OPEN!
Posted 4.21.17
DEF CON in the News: Smithsonian Edition
Posted 4.20.17
http://invention.si.edu/ai-and-challenge-cybersecurity
http://archive.darpa.mil/cybergrandchallenge/
Swag Alert: Jack's Back!
Posted 4.19.17
DEF CON 25 Call for Demo Labs is Open!
Posted 4.14.17
Next DEF CON 25 CTF Qualifying Event is Approaching!
Posted 4.10.17
Call for Contests, Events, and Villages is Closed!
Posted 4.6.17
Press Registration is Open for DEF CON 25!
Posted 4.1.17
Sign Up for DEF CON 25 CTF Quals!
Posted 3.31.17
Social Engineer Village SECTF Applications Open!
Posted 3.27.17
DEF CON 25 Secret Stash: March Edition
Posted 3.25.17
We're Working on Great Things for DC25!
Posted 3.22.17
Linq
Paris
Bally's
Flamingo
Harrah's
DEF CON 25 CTF Qualifying event, 0OPS CTF this Weekend!
Posted 3.16.17
DEF CON 25 Call for Entertainers is Now Live!
Posted 3.15.17
DEF CON 25 Call for Papers Reminder!
Posted 3.10.17
DEF CON 25 BioHacking Village CFP is Open!
Posted 3.7.17
DEF CON 25 Site is Now Live!
Posted 3.4.17
Call for Reviewers Closing Soon
Posted 2.24.17
Call for Contests, Events, Villages, & Parties is now Open!
Posted 2.23.17
Reminder: DEF CON CFP Review Board AMA on Reddit Tonight!
Posted 2.22.17
Next Quals Event for DEF CON 25 CTF Coming Up!
Posted 2.20.17
DEF CON CFP Review Board AMA on Reddit next Week!
Posted 2.16.17
Specialized Reviewers wanted
for DEF CON 25 CFP!Posted 2.14.17
Nikita
DEF CON Jackets on Sale!
Posted 2.9.17
Jeff Moss Named Commissoner on GSCSC!
Posted 2.8.17
DEF CON 25 Secret Stash for February!
Posted 2.3.17
DEF CON 25 Call for Papers and Call For Workshops are Open!
Posted 2.1.17
DEF CON Speaker In the News
Posted 1.23.17
https://theintercept.com/2017/01/20/encrypted-email-service-once-used-by-edward-snowden-to-relaunch/
https://youtu.be/TWzvXaxR6us
DEF CON In the Media: Coded Web Series
Posted 1.18.17
DEF CON 25 January Secret Stash Reminder!
Posted 1.17.17
Women's cut/sizes at teespring.com/defconstashjanuarywomen
Caesars is Sold Out, But Options Abound!
Posted 1.13.17
Paris
Bally's
Flamingo
Harrah's
Jennifer Granick receives Palmer Prize!
Posted 1.11.17
DEF CON 25 CTF Quals Update!!
Posted 1.10.17
DEF CON 24 SE Village Video Playlist!
Posted 1.5.17
DEF CON 25 Secret Stash for January!
Posted 1.2.17
DEF CON Groups in 2017!
Posted 1.1.17
