Over on the #defconforums we're building a whole new section for #defcongroups with mini forums for each #DCG! Share pictures, meeting info, project ideas, collaborate with other groups - make it yours.
Let's get them rocking!
https://forum.defcon.org/DEFCONGroups
Congratulations to A*O*E, the winners of the DEF CON Safe Mode CTF Qualifiers, and our heartfelt thanks to the amazing team at Order of the Overflow for hosting a great event.
This year's @defcon Quals are over, but you don't have to stop yet! The scoreboard has been made static and the challenges are still available! Everyone can see challenge info, interact with the challenges (they'll stay up for a few days) and check the flags they can retrieve!/
https://scoreboard.oooverflow.io/#/
@oooverflow
The moment has arrived - the DEF CON CTF Quals are happening TODAY! Winner gets a seat at the DEF CON Safe Mode CTF event and a shot at everlasting glory. We wish the best of luck to all the contestants. Stay up to date with all the CTF updates by following our brilliant hosts, Order of the Overflow.
Godspeed, one and all.
https://www.oooverflow.io/
@oooverflow
We’ve updated the DEF CON Safe Mode Swag page with Women’s cut shirts.
We’re gratified by the response from the hacker community and we’re working to create more options for commemorating #defconsafemode. Keep checking our site for updates. Thanks for your patience.
The ‘DEF CON is canceled’ meme has crossed over into real life, courtesy of COVID-19. In early March we had hopes that things would be stable by August. That is no longer realistic. Currently there’s no way to gather everyone together and keep them safe, so The Dark Tangent has decided to cancel the in-person event.
We will try an experiment this year - an online DEF CON. Please read The Dark Tangent’s more detailed thoughts on the situation and then head over to the Forums to get involved. There is a DEF CON Safe Mode FAQ that should help to answer common questions.
We wish there was better news, but we hackers are a resilient bunch. Stay healthy, stay safe, and stay in touch so we can all be together virtually this August 6-9 and again for DEF CON 29 in person.
We've got an update from @thedarktangent entitled COVID-19 vs DEF CON v2. Please check it out for our latest thinking on #DEFCON28.
The TL;DR is that we're moving up the timetable - we'll have our announcement no later than May 15.
Press Registration for DEF CON 28 is OPEN. We’ve posted the relevant information on the press registration page, so head over and get familiar if you want to reserve a spot. If you’ve got a question that’s not answered there, hit us up at press@defcon.org and we’ll get you sorted out. As ever, we have a limited number of press badges, so it’s a good idea not to wait too long. We look forward to hearing from you!
From today until Memorial Day, you can view the full HBO documentary Kill Chain for free on HBO's YouTube Channel! The topic of this doc is election security and features our very own DEF CON Voting Village! Check it out!
Reminder: DEF CON's art contest is back! Deadline June 15.
Also, we want to partner with a few artists from the DEF CON community for some themed art for DC28. If #discovery and DEF CON inspire you, get at us at pictures@defcon.org
Books. We love ‘em. And right now, we have a major reading opportunity happening for all of us, at the same time. What better way to make use of this moment than to read something together?
Enter the #defconbookclub! Starting In April, we’re inviting you to join us - we’ll all read a book together and discuss it in its own Forum thread. Nikita has set up all the relevant info here: https://forum.defcon.org/node/231147
The first task is picking the book, and we’re asking for nominations. Let’s keep it Non-technical, thematically connected to ‘Discovery’ and reasonably easy to locate. Suggestions can go in the info thread.
We’re excited about this. Let’s make the most of this downtime together.
Calling all teachers of the hacking arts! We’re looking to turn the Monday after DEF CON 28 into a full day of trainings! We’re calling for all-day (8 hours with breaks) sessions on meaty technical topics.
If this sounds like your jam, check out the requirements and compensation info at https://defcon.org/html/defcon-28/dc-28-cft.html.
If you want to keep an eye on this new project as it develops, check in with the trainings thread on the DEF CON Forums. This is new territory for us - help us make it happen!
Attention hackers! OOO has made the difficult decision to postpone DEF CON CTF Quals to give teams a chance to take care of essentials and family during this phase of the pandemic. The new date will be the weekend of May 16th! Still online.
https://oooverflow.io/dc-ctf-2020-quals/
Like everyone, we’re watching the Covid-19 situation intently. @thedarktangent lays out his thoughts RE: DEF CON 28 in a Forum post here:
forum.defcon.org/node/231015
The #tldr is we’re going forward w/Con prep for now. We’ll update if that changes & revisit the issue June 1.
The DEF CON calendar on the DEF CON Forums is pretty handy. It can be even more handy if you participate - add your Def Con Group’s meeting info, comment on your favorite village’s deadlines. It’s an interactive way to keep up w/the defconiverse.
forum.defcon.org
We’re bringing back the Art Contest for DEF CON with a few fun twists. If you want in, sharpen up your crayons - the deadline is June 15, 2020, and it will be upon us faster than you think.
Submissions should be mailed to pictures@defcon.org.
Info and rules are on the Artwork Contest Page.
We can't wait to see what you create!
The DEF CON 28 CFP is LIVE! The time has come to whip that idea into submission-ready shape - you have until May 1 and we can offer a lot more help if you don’t wait til the last minute. Let's light this candle!
The time has come, everyone! The DEF CON 28 Call for EVERYTHING is LIVE! We're throwing open the door on a ton of different opportunities to participate in the CON.
If you're looking to get involved, this is your moment to shine. We're looking for new contests and events, Workshops, Villages, Parties, Demo Labs and even Musical Performers. Every DEF CON, hundreds of amazing hackers contact us with ideas to take DC to the next level. You can be one of those amazing humans - just look through the cornucopia of options on the CFE page, read the rules, and get in where you fit in!
There's no better way to get involved than rolling up your sleeves and making something to share. If your idea looks like a good fit, we'll get you the resources to realize your vision.
Discover what you have to share. Discover what it feels like when you share it. Let's make this DEF CON unforgettable.
The long wait is over - registration for the qualification round of the DEF CON 28 CTF is OPEN. It is, as they say, ON.
Assemble your squad. Register with the fine folks at Order of the Overflow at scoreboard.oooverflow.io. Glory awaits.
The #defconforums app has been upgraded to version 2.3. We fixed a bunch of bugs and got new floor mats - come on in! forum.defcon.org
Call for Music:
The DEF CON 28 preparations are in full swing, and it’s time to put out the call for music! We have a lot of spaces to fill with groovy sounds, and we want your help. DJs, shredders, yodelers - if you have what it takes to move the DEF CON crowd, read the rules, fill out the application and show us what you’ve got.
Call for Soundtrack Entries:
DEF CON has a soundtrack. Not just the one playing in your head as you navigate the venue in search of more things to hack, either. DEF CON has a real-deal soundtrack full of hot tracks donated by super-cool artists like Information Society, BT, MC Frontalot - and maybe YOU.
You know you want to have a track of yours handed out to the DEF CON 28 attendees. Fill out the form and apply - immortality awaits.
In light of global precautions being announced to combat the coronavirus outbreak, we’ve decided to postpone DEF CON China 2.0. We regret inconveniencing any of you. Know that we are committed to holding the event once it’s safe to do so.
If you want a refund on purchased tickets, please submit a refund request to your ticket broker. If you'd rather that we hold your reservation for our new dates, you don't have to do anything and we'll keep your tickets on file.
The situation is still developing. We’re working to find alternative dates for DEF CON China 2.0. Keep in touch with us on social media and defcon.org. We’ll share our plans as soon as we’re able.
Our hearts go out to our many friends in the affected regions. We encourage everyone to stay safe, and we look forward to reuniting when this is behind us.
We've posted the videos from DEF CON China 1.0 to YouTube and media.defcon.org - please enjoy them and share widely.
DEF CON China 2.0 is happening April 17-19 in the same Beijing location - you can find out about attending and participating on defcon.org.
Get your Open Source Project out there with DEF CON Demo Labs!
In Demo Labs we give you some time and space to share your open source project with the DEF CON audience. It's a great way to get feedback on your work, find collaborators and get your idea into the hands of the right audience. You can find out the details here:
https://www.defcon.org/html/defcon-china-2/dc-cn-2-cfd.html
Villages are a signature part of the DEF CON experience. All-day, hands-on hacker spaces where you can learn something new, level up your skills and interact with friendly experts and fellow enthusiasts. We're always looking for new village ideas - if you've got one for #defconchina2, we want to hear from you! The best way to get involved in the DEF CON experience is to roll up your sleeves and start sharing what you know. Read about the Village requirements here:
https://www.defcon.org/html/defcon-china-2/dc-cn-2-cfv.html
Scavenger Hunt. Wireless CTF. HackFortress. Do you have a fun contest idea that can measure up to some of DEF CON's legendary contests? We want to hear about it. If the idea is promising, we'll pitch in to help you make it happen at DEF CON China 2. Let's do it, people. This is how the legends are made.
The info you need is here: https://www.defcon.org/html/defcon-china-2/dc-cn-2-cfce.html
The concept is simple, but for us it drives everything.
Learning how something works, how it doesn't, or how you can make it do something amazing and off-label for the very first time.
Meeting people who know what you're talking about, or people who know that one thing you're trying to learn.
The skill you never expected to develop, the contest a near-stranger talked you into, the group of friends you didn't know you'd meet.
All the best and most exciting parts of DEF CON are the moments of discovery. So that's our theme.
To translate that feeling into the physical space of DEF CON 2020, we offer these bits of inspiration.
The color palette is derived from internet publications of the early 1990s. It was the breakthrough moment of The Web. As people raced to define the new frontier, magazines like Mondo2000 and Wired tried to convey the excitement with loud colors and edgy layouts.
The style we took from 90s 'zine culture - an amazing, boundlessly creative and wildly unprofessional DIY movement that, just like the internet, invited everyone to stop consuming culture and start creating and sharing it. Ideas over production value, attitude over polish, getting your ideas out over getting them perfect.
We hope you'll take that anarchic DIY spirit with you when you're working on whatever you're bringing to DEF CON. We can't wait to discover what you create.
DEF CON China 2.0 tickets are on sale now! We're returning to 751 D Park in Beijing April 17-19. We will be bringing our famous mix of world-class speakers, hands on learning and exciting contests and entertainment. We'd love to see you there!
Tickets are priced as follows:
Student Rate (with valid undergraduate or lower student ID) $US82 / ¥488
Early Bird Rate (purchased by 29 February) $US115 / ¥688
Regular Rate (1 March Through April 15) $US180 / ¥1088
There are several ways to get your tickets:
Cash at the door - DEF CON accepts local currency at the venue - the price is ¥1088 (regular rate).
For everyone who wants to purchase tickets prior to the event, we can offer several payment options through 4Hou's billing portal.
Pay Pal - guests with a PayPal account can use it to make a payment in US dollars:
Buy with Paypal (en)
WePay and Ali Pay - guests with WePay and AliPay can use those accounts to pay through the Chinese-language section of the 4hou portal:
Buy with Ali Pay/ WePay (cn)
Invoices - business entities wishing to pay via invoice or seeking a bulk ticket discount can contact 4hou directly by calling the Helpline at +8610-64780062 or email shankala@4hou.com.
Another reminder: DEF CON China 2.0 has an open CFP! We’re looking for presenters with exciting ideas to share in Beijing April 17-19 2020. If that’s you, get cracking! The sooner we hear from you the better your chances. Check out the submission information on the DEF CON website and get at us. Act now - CFP Reviewers are standing by!
New for DEF CON China 2.0 - 2-day technical Training Sessions on April 15-16! Call for Trainers is officially open!
Don't miss this opportunity to teach in a new city and expand your social circle. Also, money. Submit your proposal promptly if you want a spot.
Joe Grand has posted a video about the DEF CON 27 badge!
More videos from the DEF CON 27 Villages - Red Team and Blue Team Villages this time! Keep the Force in balance by watching all of them! As always, enjoy and share widely.
Blue Team Videos
Red Team Videos
Big DEF CON 27 village video rollout today - #transporthax with presentations from @CarHackVillage @AviationVillage and @hack_the_sea village! Set aside some time and get up on all the vehicle hack info. Share widely.
More DEF CON China 2 news - the Call For Papers is officially open! If you’ve got something amazing to present in Beijing this April, we’re ready to hear from you. You’ve got until February 3, 2020 to get your proposal in to us, but sooner is better.
If you’ve got a presentation that’s worthy but needs some attention to make it across the finish line, our amazing CFP Review Board can help. Time permitting, of course. Drop it on us five minutes before the deadline and this kind of personal attention becomes ... unlikely, so don’t let procrastination hijack your opportunity.
For speakers coming from outside of China, we provide hotel accommodations and we can offer up to $US900 toward airfare. You can learn all the details your heart desires at the DEF CON China 2.0 CFP Page. We look forward to seeing what you’re working on.
More DEF CON Village talks for your perusal - 17 mind-embiggening presentations from @ReconVillage!
Dig in and spread the word.
DEF CON 27 Village talks keep coming - This time it's 19 talks from the Packet Hacking Village (@wallofsheep) for all of the packet ninjas out there. Enjoy, and spread the word!
The shadowy cabal known as Order of the Overflow has announced the remaining qualifying events for the DEF CON 28 CTF! Winning HITCON, CTFZone, HXPCTF, or PlaidCTF will get you a shot at DEF CON 28 CTF glory! Plan accordingly - assemble your squad, pick your contests and prepare for cybercombat.
Godspeed to all. See you in Vegas!
More DEF CON 27 Village talks released - 18 presentations from Social Engineering Village (@sevillage) covering a wide variety of Social Engineering topics. Enjoy, and spread the word!
The presentations from DEF CON 27's many Villages are coming online! First out of the chute is Wireless Village. We've got 15 talks, ranging from a deep dive into WiFi 6 to reverse engineering a wireless model railroad. If wireless is your jam, get into a cozy spot and treat yourself. As always, share with those you think could benefit. More villages on the way.
Some more good news for your weekend - DEF CON CHINA 2 has official dates! We'll be back in Beijing's 751 D Park Art District April 16-19, 2020! We'll be bringing new talks and more hands-on Village experiences, and we hope we'll see you there. This will be our third event in China, and we've got big plans to make it the best yet.
If you're interested in participating at DC China 2, make sure to keep an eye on our website and social media. We'll be announcing the Calls for Content soon and we can't wait to see what you've got to share.
Join us, and spread the word.
As part of our ongoing Hackucation As A Service (HaaS) initiative, we're rolling out hundreds of hours of compelling content from DEF CON 27 on our YouTube channel. Today's installment - all the presentations from the DEF CON 27 main tracks. The Village videos will follow over the next week or so. Enjoy responsibly* and please pass on the info to all those you think might benefit. Sharing is caring.
Many thanks to all of the presenters who shared their knowledge with us at DEF CON 27, and all of the attendees who power DEF CON's efforts to hackucate the world. We can't wait to join you again at DEF CON 28.
*Binging best practices include choosing a comfortable spot with access to power and bandwidth, frequent stretching and crucially, hydration. Headphones are optional but recommended in cases where you might be observed by fellow commuters or supervisors.
From The news release on social-engineer.org:
It is that time of year again—we finally recovered from DEF CON (yes it takes months), and we analyzed all the data, crunched all the numbers, and produced yet another report for your reading enjoyment. Read on...
Voting Village organizer Harri Hursti and Rachel Tobac’s viral video from the DEF CON Voting Village both made it into John Oliver’s discussion of Election Security!
The live music from DEF CON 27 is up on the DEF CON Media Server! AAC, FLAC, Opus - name your flavor. Your ears deserve a little love this weekend - fire up your internet guzzlers and treat 'em right!
Attention hackers! Aside from the prequal events, you will all have a chance to qualify for DEF CON 28 CTF through the DEF CON CTF Qualifying event!
#DC28Quals will be held March 27! Start practicing now!
Stay up to date with all the CTF updates by following our brilliant hosts, Order of the Overflow.
https://www.oooverflow.io/
@oooverflow
The DEF CON Forums upgrades continue - we’ve got version 2.1.1 of the Android and iOS forum apps live in their respective stores - ready to meet all of your posting needs.
We’d appreciate your feedback - you can post your thoughts at https://forum.defcon.org/node/229993?p=230032
The DEF CON Voting Village has released its findings from DEF CON 27!
This is the third year we've hosted the Voting Village, and this year we were able to give attendees access to over 100 machines, all of which are currently certified for use in at least one US jurisdiction. The units tested included direct-recording electronic (DRE) voting machines, electronic poll books, Ballot Marking Devices (BMDs), Optical scanners and Hybrid systems.
The hackers at DEF CON once again compromised every single machine over the 2.5 day event, many of them with trivial attacks that require no sophistication or special knowledge on the part of the attacker. In too many cases physical ports remain unprotected, passwords remain unset or left in default configurations and security features of the underlying commercial hardware are left unused or even disabled.
In addition to showing the security weaknesses found in the wide variety of election tech on display, the Voting Village team's report shares its strong recommendations for improving election security, most notably the urgent need for paper ballots and rigorous post-election audits.
For any of those recommendations to become real, voters need to get informed and get the attention of their elected representatives about these issues.
You can also share your thoughts and get involved in the ongoing Voting Village conversation on the DEF CON Forums. We're very interested in what you have to contribute.
The DEF CON 27 Voting Village Report is going to be released tomorrow! Congresspeople Rep. Jackie Speier and Senator Ron Wyden will be on hand for the discussion of all the new things we learned about election security this summer.
The event will be held in Washington DC at the US Capitol Visitor Center - Congressional Auditorium and Atrium at 2pm on September 26.
Of course, we'll be sharing the report when it's available as well, so stay tuned.
From the article " Aviation security is taking off—and taking after car security" on the Parallax:
“The hackers, security researchers, government organizations, and private airlines involved in the aviation-hacking exhibition of the world’s largest hacking confab, held here in August, all say the chances of your next commercial flight getting hacked are extremely small. But the scenario is also the inspiration for DEF CON’s “Aviation Village”: They want to keep it that way.”
Some more early release video from DEF CON 27 to brighten your day - please enjoy the Cult of the Dead Cow panel. If you are familiar with cDc, you know why this is so cool. If you are unfamiliar, it's time to get familiar.
Soak in some True School vibes, learn some lore and pass it on.
#swagalert! If you’ve been wanting to get your hands on the DEF CON China 1.0 badge and lanyard, we have good news! We have a limited number of them available at our eBay store. Don’t delay - offer good while supplies last.
To kick off your weekend, here's another DEF CON 27 early release video! It's a quick one - Brent Stone shows you a live demo of reverse engineering a bunch of passenger vehicle CAN networks in under 10 minutes.
The GitHub is here: https://github.com/brent-stone/CAN_Reverse_Engineering.
As always, enjoy and pass it on!
The DEF CON press archive page is updated, for anyone who wants to get a sampling of how our little desert party was covered in the media this year. We’ll update as new stuff comes in.
Let's ease into the weekend with another early release talk from DEF CON 27. This one is a deep dive into those elevator emergency phones and what kind of phreaking opportunities they provide, courtesy of WillC.
Enjoy, and as always, pass it along.
The DEF CON 27 contest winners page is now online for your examination! Congratulations to everyone who got in the ring and competed, and double congrats to everyone who managed to emerge victorious.
Another DEF CON 27 early release video! Please enjoy Patrick Wardle's talk on 'Harnessing Weapons of Mac Destruction' - a fascinating walk through the process of subverting and weaponizing existing Mac malware and highlighting both the challenges and benefits of such an approach.
As always, pass it on.
Another DEF CON 27 Early Release Video!
Joe Grand shares with you the secrets and mysteries of the DC27 badge. Get up to speed!
The first video in the early release chute is the Panel Discussion about DEF CON's exploration of the idea of running a SecureDrop. It's entitled "DEF CON wants to help hackers anonymously submit bugs to the government: Let's discuss."
You can join in the long-term conversation about this in the DEF CON Forums:
https://forum.defcon.org/node/229621?view=thread
We're interested in your feedback. Check out the video and let us know what you think.
DEF CON 27 is in the books, but it’s never too early to start planning for DEF CON 28! Well, maybe last week would have been too early. This week, however, is perfect.
The hotel registration link for DEF CON 28 at the Caesars Forum August 6-9, 2020 is open for business. If you want to make sure you get in on that sweet, sweet DEF CON room block action, we’re ready for you.