skip to main content

DEF CON Hacking Conference

Recent News



The Wait is Over! DEF CON 24 Speakers are Live!

DEF CON 24 speakers image

After much difficult deliberation and debate, the list of speakers for DEF CON 24 is now live and ready for your consideration. We want to thank everyone who submitted - there was a bumper crop of quality entries. It's never easy to narrow down the list, and we congratulate the selected speakers. If your talk wasn't selected, we hope you'll submit again next year.

Heartfelt thanks also to the DEF CON Review Board. The board puts in crazy hours and makes hundreds of tough calls to finalize our roster, and we heart the stuffing out of them for all their sweat and devotion.

Feel free to let us know which talks you're most excited about in the comments.

August can't get here fast enough!

DEF CON 24 Workshops Schedule is Live!

DEF CON 24 workshops image

Can you feel how close it's getting?

The full schedule for Workshops at DEF CON 24 is now available for your careful examination. Make plans, invite friends, agonize about the limited number of hours in a standard Earth day. The workshops are all free, but space is limited. Registration is onsite, first-come first-served, so knowing what you want ahead of time is key.

 

It's gonna be a good DEF CON.

DEF CON Lucknow Update

DEF CON Groups logo image

The DEF CON Groups program is designed to reflect the values of DEF CON, providing an open community for the discussion of technology and security topics. As such, we must all work together so that our actions build toward that goal.

However when anyone or any group abuses the trust of this community and negatively impacts the reputation of DEF CON we are all harmed. After significant discussions we have concluded with regret that DEF CON must revoke DEF CON Group Lucknow for attempting to commercialize based on the brand and community.

Since the beginning of the DEF CON Groups back in 2003 this is the first time we have had to take this action, and we genuinely hope it will be the last.

The Dark Tangent

DEF CON 24: Machines Play Capture the Flag

DEF CON 24 CGC logo

In 2005, DARPA challenged innovators around the world with a $2M prize to build a vehicle that could navigate the Nevada desert with no one at the wheel. In 2016, DARPA has again challenged the global innovation community with a $2M prize to build a computer that can hack & patch unknown software with no one at the keyboard.

At DEF CON 24, on Thursday night at 5pm, the Paris ballroom will host the world's first all-machine hacking tournament. Seven high performance computers will play an all-machine Capture the Flag contest, reverse engineering unknown binary software, authoring new IDS signatures, probing the security of opponent software, and re-mixing defended services with machine-generated patches and defenses.

(more on on the DEF CON 24 Cyber Grand Challenge Page)

Wireless Village CFP is Open for DEF CON 24!

DEF CON 24 Wireless Village image

Wireless Village CFP is open - closes June 30!

Sure, the main DEF CON CFP is closed. But sometimes, when DEF CON closes a door, the Villages open a window.

If you have a great presentation on wireless security or shenanigans you've still got a month to get it into shape for consideration by the radiant humans of the DEF CON Wireless Village. We recommend getting on it promptly though. Slots are limited and the last moment always gets here faster than you expect.

Richard Cheese at Napoleon's Piano Bar, Friday Night at DEF CON 24!

DEF CON 24 Richard Cheese image

We have a treat for all the suave sophisticates out there. If your idea of the perfect evening is the tinkling of ice cubes and ivories under low, flattering lights, join us Friday night at Napoleon's for two shows of the song stylings of Richard Cheese and his crack band Lounge Against the Machine.

Yes. We said Richard Cheese. And we said two shows. We also said the thing about flattering lights, but your mileage may vary. Polish up your best monocle and let's enjoy an evening of the hits of yesterday and today, sprinkled with that one-of-a-kind Cheese magic.

DEF CON 24 Saturday Night Entertainment: 80's Night!

DEF CON 24 Saturday 80's night image

Pure energy.

Join us Saturday night for a dance party both radical and tubular. DEF CON is proud to present two pioneers of the electronic dance genre: Berlin featuring Terri Nunn and Information Society. Sick beats and iconic hooks await you. We promise a sweaty good time to all, 80s survivors and wide-eyed millennials alike.

If you are not there, are you anywhere? Don’t be nowhere, when you can be right here, at DEF CON 24’s 80s night.

The 2016 DEF CON CTF Quals are Underway!

DEF CON 24 CTF Quals image

If you're looking to keep track of the 40 or so hours of unbridled packet mayhem that remain, here's a couple of links:

On Twitter, follow our powerful CTF Organizers Legitimate Business Syndicate @LegitBS_CTF

To see the HTML Scoreboard, go to https://2016.legitbs.net/scoreboard/complete

If you like your scoreboards a little spicier, there's a JSON version at https://2016.legitbs.net/scoreboard/ctftime.json

There's a chat at #defconctf on the 'Hackint' network - infoz at http://www.hackint.org/

There's even a pushbullet channel at https://www.pushbullet.com/channel?tag=first-solves-jequaquifs

Honestly, if you need more ways than that to keep your eyes on the action, you should be playing.

Of course, we'll be noting the big moments on our Facebook page at @defcon.

Godspeed to all combatants. May the best hacks win.

Friday Night Entertainment Lineup
for DEF CON 24!

DEF CON 24 Friday EDM night image

So you're at DEF CON 24. It's Friday night. After a long day of contests, talks and general merriment, you need to get lost in some music and maybe shake that tail feather. If only there were a whole evening planned with house-quaking, artisanally crafted small-batch beats from DEF CON's favorite crowd-moving specialists!

We have anticipated your need, DEF CON massive. DEF CON EDM night (exact location TBA) is here to supply you with soul-nourishing rhythm and space to get your head and your booty in sync. Who's playing, you ask?

The heavy groove merchants DirtyPhonics

The sensual overload of the Zebbler Encanti Experience

The sophisticated boom-bap of DualCore

The mighty, mighty, YTCracker

Now that you know, you have no excuse to be anywhere else. To get familiar, hit us up at https://defcon.org/html/defcon-24/dc-24-entertainment.html

Call for Parties is Open!

DEF CON 24 call for Demo Labs image

DEF CON 24 has a lot of space, and we're expecting a lot of party people. So much space, and so many party people, in fact, that we're once again crowd-sourcing some of the merrymaking to you, the DEF CON community.

We want your party ideas. The best ones get the space to get it cracking, the gratis use of a hotel bartender (the bartender, not the booze) and promotion from us. Let's make your party dreams come true for one magical Vegas night. 

Infoz are on the DEF CON 24 Call For Parties Page

It's getting close, people. Let's light this candle!

Demo Labs returns to DEF CON 24!

DEF CON 24 call for Demo Labs image

Got an open source project you want to share with the DEF CON crowd? You're in luck - the DEF CON Demo Labs are back for 2016! We're offering you a demo space and a scheduled time (a few hours) to get your tool or hardware in front of some curious hacker faces. It's a great way to raise awareness, meet people with similar interests and maybe even scare up some help or feedback.

There are rules, of course, and you'll have to get selected. For all relevant infoz, please head over to the Call for Demo Labs page and we'll get you on your way. Deadline is June 15. We're waiting to be amazed.

The Suites are Back!

DEF CON 24 call for suites image

Have you ever wondered what you would do with a full penthouse suite at DEF CON to fill with any kind of amazing nighttime party/contest/BB-8 death match you could dream up? We wonder too. And we have suites. You see where this is going?

Send us your best ideas for turning a giant empty room into a can't-miss happening, and we'll get you the keys at a huge discount to make your vision manifest.  The whole rundown is waiting for you on the DEF CON 24 Call for Suites page.

DEF CON 24 Performer Application, Call for Music is Open!

DEF CON 24 cfm image

Attention hackers of sound - the moment has come to share your gifts with the DEF CON massive. We have need of many skilled entertainers to meet the  rump-shaking requirements of our many, many joyful partygoers. If you possess the skills to shake those rumps, it's time for you to submit your application.

So, Bards and Troubadors, get thee to the DEF CON forums, learn what we require and come to the aid of your community. A grateful nation awaits your genius.

What is the DEF CON CTF, You Ask?

DEF CON 24 ctf image

Interested in joining the Capture the Flag Action at DEF CON 24, but wish you had more information? The fine, upright and honorable citizens of the Legitimate Business Syndicate are here to help with a very wordy and complete blog post on just that subject. Satisfy your curiosity. Learn the rules. Join us at the quals.

Reminder: DEF CON 24 Call for Papers and Call for Workshops close MAY 2!

DEF CON 24 cfp image

A lot can happen In a week. Decisive battles can be won, changing the course of great wars. Human relationships can blossom from indifference to friendship. Carelessly refrigerated leftovers can blossom into viable microbiomes. A week is a powerful unit of time.

If you're planning to submit to the DEF CON CFP or CFW, you have just one of these powerful units left. One (1) week to get your powerful ideas into submission shape. One (1!) week to get them to us for consideration.

One (1) week, people. Use it wisely. The DEF CON community is counting on you. A week is finite, but regret lasts forever.

https://defcon.org/html/defcon-24/dc-24-cfp.html
https://defcon.org/html/defcon-24/dc-24-cfw.html

DEF CON 24 Venue Update!

DEF CON 24 venue image

We're in the double digits, folks - less than 100 days until DEF CON 24! In that spirit, a little update on the venue:

We've made some adjustments to the floor plan, and you can peruse them at your leisure on the Venue page of the DC site.

We'd also like to remind you that the rooms in our discounted blocks are selling pretty fast, so if you're looking to book in one of our associated hotels sooner is better than later. The numbers and links you can use to get yourself situated are also available on the Venue page.

The time to get psyched is at hand. Let's DO this!

DEF CON 24 Short Story Contest Announced!

DEF CON 24 Short Story Contest image

The DEF CON Short Story Contest returns, bearing prizes and a chance at geek-lit glory. All those inclined to compete are urged to visit @DCShortStory or the #DCShortStory DEF CON forum page for the rules and requirements as they develop.

Pencils up, people. You have until May 30 to submit your masterpiece.

Rootz Call for Papers is open!

Rootz CFP image

Attention hacker kids - R00tz Asylum (r00tz.org) wants your ideas for talks and demos for fellow young hackers in the R00tz pavilion at DEF CON 24! If you've been a part of R00tz before, you know how cool this is - if you haven't been, this is a great way to get yourself involved. If you've got cool ideas for this year's R00tz Asylum, check out the call for ideas on their webpage.

Adults are welcome to submit ideas as well (obvs), but youth definitely has some privileges and priority here.

Wall of Sheep Announcement: CFP for Packet Hacking Village at DEF CON 24!

DEF CON Packet Hacking CFP image

The Wall of Sheep would like to announce a call for presentations at DEF CON 24 at the Paris and Bally's Hotels in Las Vegas, NV from Thursday, August 4th to Sunday, August 7th. All accepted talks will be announced, recorded, and published by Aries Security and DEF CON Communications, Inc. Please see our YouTube channel for all Speaker Workshops from last year.

This year, the Packet Hacking Village at DEF CON 24 will be on the 26th floor of Bally's Indigo Tower. The Call for Presentations will close on Wednesday, June 15th at 11:59 PM. The list of workshops will be finalized and published on Thursday, June 30th.

How: Complete the Call for Papers Form at http://www.wallofsheep.com/pages/call-for-presentations-at-def-con-24 and send to cfp2016[at]wallofsheep[dot]com. Please also refer to the form for more details

TFF 'HACKED by DEF CON and MR. ROBOT' Coverage on Facebook!

DEF CON Tribeca Film Festival image

As you may know, 'HACKED by DEF CON and MR. ROBOT' is happening at the TriBeCa Film Festival this weekend. If you are not in the vicinity of New York City, you can still keep up on all the cool stuff we have happening there, from the DEF CON FaceBook Page! We're posting videos, pictures and even having some live feeds from TFF, so check it out!

Vendor Registration is Now Open for DEF CON 24!

DEF CON 24 vendor reg image

For those of you with hackerly merchandise to peddle at DEF CON 24, the Vendor registration site is now open!

You'll find a thorough FAQ with answers to those hard hitting vendor questions, like "how big are the booths?", and "how much does it cost?". Not to mention the handy dandy application forms which can slingshot you into a position of sales success!

Don't wait, Apply for your spot in the DEF CON 24 vendor area today! You'll be glad you did!

Press Registration is Now Open for DEF CON 24!

DEF CON 24 press image

Attention ink-slingers (literal and virtual) - DEF CON 24 Press Registration is now open! 

We have a hard limit on press badges this year, so it's a good idea to get your application in right away. Once we run out of badges no amount of charm or flattery will get you in the door. As always, there are some basic rules of press conduct we'll expect you to adhere to, and you can find them on our press page

You'll also find the info we need on your application for both DC 24 and the DARPA CyberGrandChallenge. 

If you need any questions answered, drop us a line at press at DEFCON dot org. We look forward to hearing from you.

HACKED by DEF CON and MR. ROBOT

DEF CON 2016 tribeca film festival image

Important reminder for everyone in the general vicinity of New York City this weekend: 'HACKED by DEF CON and MR. ROBOT' is happening at the TriBeCa Film Festival and you owe it to yourself to check it out.

Some of our famous DEF CON Villages (Lockpicking, Privacy, Hardware Hacking and BioHacking) will be on hand to share hands-on instruction, group presentations and even some fun contests.

Hosted by the team behind USA Network's breakout hit 'MR. ROBOT', there's an fSociety recruitment challenge. Test your hacking/social engineering/knowledge skills to see if you have the goods to join Elliot in fsociety.

There will also be panel discussions all three days:

Friday, 4/15 @8pm: Emergent Technologies: Hacking Innovation
Panelists: Joshua Carr, Sarah Grant, Tal Danino
Moderated by DEF CON

Saturday, 4/16 @7pm: Perception: The Art of Surveillance
Panelists: Alexis McGill Johnson, Lyric Cabral, Laura Poitras(TBC)
Moderated by DEF CON

Sunday, 4/17 @1pm: Living in a Post MR. ROBOT World
Panelists: Kor Adana, Writer and Cast Members of MR. ROBOT
Moderated by The Dark Tangent

All this is going down at Spring Studios at 50 Varick Street, and door open at noon. You can get more info and ticket details at https://tribecafilm.com/festival/defcon

Come check out all the DEF CON and MR. ROBOT goodness at the world-renowned TriBeCa Film Festival. Super-fun brain-embiggening times await.

They have some movies there too.

DEF CON Call for Papers AND Workshops close May 2!

DEF CON Call for Papers image

Putting things off until the last moment is a valid time management strategy. Until it isn’t.

If you’ve been meaning to get in gear and get your idea for a DEF CON presentation or a DEF CON Workshop polished up and sent in, it’s time to mean it harder. There are a just a few weeks to get all the boxes filled and the details worked out. We want to see what you’ve got cooking, but to get it into DC24 you’ve got to press ‘Send’ by May 2.

The information you need to assemble is outlined on the website at https://defcon.org/html/defcon-24/dc-24-cfp.html and https://defcon.org/html/defcon-24/dc-24-cfw.html.

Let’s DO this thing.

DEF CON 24 Rootz Asylum CFP is Open!

DEF CON 24 Rootz image

If you are a hacker type with younglings in your care, no doubt you are aware of the Rootz Asylum track for Kids at DEF CON. (If you didn't know, get familiar at r00tz.org - or ask the nearest hackishly inclined youth.)

Well, the folks at R00tz have a CFP out for DC24. It covers a wide area, as they're looking for people to run workstations, make presentations and set up contests. If the rising generation of padawan are to grow into mighty and honorable cyber-jedi, it's up to all of us.

Bonus coolness: Submissions from kids are welcomed and encouraged!

DEF CON 24 Homework Continues!

DEF CON 24 homework movies image

Phase 2a: 5 more movies about the rise of artificial intelligence (plus one bonus TV series)

Colossus: The Forbin Project
One of DT's very favorite films - Colossus is the spiritual parent to later pop-science films like 'War Games', and a useful reminder for the era of the algorithm-worship we find ourselves in today. We've recommended it before, and it's not an accident.

Moon
One man, alone on the Moon with only an AI for company. How are the boundaries of that relationship defined? How does an artificial intelligence work around human quirks and resistance to achieve the programmed objective?

The Animatrix
An interesting short film anthology that delves more directly into the circumstances at play in 'The Matrix'. What civil rights is a thinking machine entitled to? If we create a consciousness, what do we owe it? If we make machines that can create on their own, how do we deal with what they make?

The Machine
A recent (2013) film about British Minstry of Defence cyborgs and what happens when the tech begins to outgrow its narrow intended purpose.

2001
every single time you ear a purring robot voice delivering bad news to increasingly frantic humans, you're seeing an homage to HAL from Stanley Kubrick's immortal (and deeply weird) movie about consciousness, 2001. Like Colossus, it's a visionary film that serves as a blueprint for 30+ years of thoughtful sci-fi that followed.

Battlestar Galactica (2003-2009)
A deeply insightful and troubling reworking of the 80s TV Series. On the surface, it deals with the same kind of 'Terminator'- style battle for supremacy between man and machine, but the focus on the interactions between humans and robots who look just like people but have their own culture, faith and ambitions elevates the storytelling to something more than mere binge worthy genre fiction. (We know this isn't technically a movie, but if you haven't watched it yet you'll forgive us when you do.)

DEF CON 24 Car Hacking Village is Back!

DEF CON 24 car hacking village badge image

Attention gear heads and automotive warranty-voiding enthusiasts: the Car Hacking Village is back for DEF CON 24 and they're looking for volunteers! They also need speakers and wily hacker types. This is a great opportunity to get involved with some very cool people in a very exciting field of research - check them out at carhackingvillage.com and get in the arena! Happy motoring!

DEF CON 24 Call for Workshops is Open!

DEF CON Call for Workshops image

DEF CON workshops are back! If you've got an idea for a four-hour workshop for around 55 people, that will leave them embiggened and inspired, this post is for you. Yes, you.

What you need to know:
The Workshops are free (possible exception for low-cost material charge)
4 Hours is the limit this year - we're hoping to host a wider variety of Workshops
Half days Thursday and Sunday, full days Friday and Saturday

        

What you get if your workshop is selected:
3 Human badges
1 Speaker badge per instructor

        

Where to find out the rest and submit your idea:
https://defcon.org/html/defcon-24/dc-24-cfw.html

If we get enough good submissions, there could be up to 36 (!) workshops this year.  You only have until May 2 to submit, so no lollygagging - let's make this awesome!

DEF CON 24 Village News!

DEF CON 24 Crypto and Privacy village image

The Crypto and Privacy Village is back for DEF CON 24 and they want your Workshop submissions!

This is your chance to take your ideas for hands-on activities and trainings and share them with the whole DEF CON community. Teach people how to better guard their privacy, or show them some fun things you do with crypto when no one's looking.

DEF CON 24 IoT Village image

In addition to their CFP, the Internet of Things Village at DEF CON 24 also has a Call for Devices that's open now. If your company has an IoT device that you'd like to see put through its paces by security researchers, fill out the form at iotvillage.org.

You can think of it as a free security assessment, or a chance to show the community how serious you are about getting connected security right in a bold and public way.

DEF CON 23 CTF Packet Captures Torrent!

DEF CON 23 CTF Pcaps image

Just in time for your weekend we have a big juicy torrent of packet capture from the DEF CON 23 CTF for you to fold, manipulate and spindle. All praise to the heroic citizens of the Legitimate Business Syndicate for getting this data together. Visit the LBS (legitbs.net) for infoz about qualifying for the upcoming DC24 CTF and check out the DEF CON media page for even more hacker-style torrents with which to annihilate your data cap.

Happy torrenting and as always, share freely and widely. Information craves ubiquity.

The DEF CON 24 Site is Now Live!

DEF CON 24 site launch image

It is, as they say, on. Like Yvonne Goolagong.

By "it", we mean DEF CON 24 and by "on" we mean launching the DEF CON 24 website - your all-in-one resource for Con-related news, updates and content. Bookmark it. Subscribe to the RSS. Throw it on  a home screen or two. We're more than halfway to the big show and you owe it to yourself to keep up as DEF CON 24 approaches its final form.

Join us. We have big plans for this one.

Contests, Events, & Villages RFI Extended!

DEF CON 24 CEV RFI image

DEF CON 24 Reminder - The many, many cool-ass contests and events at DEF CON are put on by the DEF CON community. We mean YOU! If you've got a good idea for a party, or a village or an event, all you need to do to get it on the table for consideration is respond to the RFI.

If you've been procrastinating about sharing your supergenius idea with the community, you're in luck. The CEV RFI has been extended to April 1. That gives you two more weeks to get your ducks in a row. Make us proud, DEF CON community. Let's make some magic.

IoT Village CFP is open for DEF CON 24!

IoT image

The call for papers for IoT Village™ at DEF CON 24 is now open! All talks related to IoT security issues are welcome, with special emphasis on any of the following topics:

Internet of Things - Show us how secure (or unsecure) IP-enabled embedded systems are. Routers, network storage systems, cameras, HVAC systems, refrigerators, medical devices, smart cars, smart home technology, and TVs. If it is IP enabled, we're interested.

IoT Device Management – Discuss best practices for deploying and building security into IoT devices.

Healthcare & IoT - Demonstrate or discuss how IoT devices are impacting the realm of healthcare, including but not limited to patient health and hospital security.

Travel, Hospitality, and IoT - Analyze how IoT is impacting the travel & hospitality industry, guest safety, and the connected hotel room.

Demonstrable research - Present attacks that result in mechanical operation of the device's physical functionality. Can you make the device move, smoke, light up, emit sound, manipulate a screen readout, or any other visibly evident manifestation of the exploit?

And anything else awesome that involves IoT devices!

DEF CON 24 Link Roundup

DEF CON 24 announce image

To help you figure out what to do with your upcoming weekend, we offer a link roundup of avenues for DEF CON participation that need your more or less immediate attention.

Registration for the Boston Key Party opens this weekend, and it's a pre-qual for the DEF CON 24 CTF. The contest proper starts March 4, so if you wanna play it's time to horizontally align those ducks. For more info about the Key Party, you can hit up their website: http://bostonkeyparty.net/

For information about the remaining two pre-quals (Octf and PlaidCTF) you can visit the stand-up folks of the Legitimate Business Syndicate: https://blog.legitbs.net/2015/12/announcing-def-con-ctf-2016-qualifying.html

For people looking for a speaking opportunity at DEF CON 24, in addition to the open main conference CFP (more at https://www.defcon.org/html/defcon-24/dc-24-cfp.html) we have two villages that just opened some fresh CFPs:

Packet Hacking Village Speaker Workshops CFP:
https://forum.defcon.org/forum/defcon/dc24-official-unofficial-parties-social-gatherings-events-contests/dc24-villages/packet-hacking-village-ab/222831-packet-hacking-village-speaker-workshops-at-def-con-24-cfp-now-open

And the Internet of Things Village CFP:
Iotvillage.org/#cfp

It's always better if you get involved. Think about how you want to participate and as always, spread the word.

DCG Year of the Hack contest - First entry!

DEF CON Group 414 image

Attention DEF CON Groups! The Year of the Hack contest is officially on like Megatron - DC414 has submitted the first video. Not only did they lay out their squad goals for 2016, they even posted a bonus blooper reel. Congratulations to DC414 for setting it off!

Time to get it in gear and get your video submitted. The information you need to get underway is on the DCG site here: https://defcongroups.org/contest.html

You can find out more about Milwaukee's own DC414 at dc414.org

DEF CON 24 Call for Papers is Now Officially Open!

DEF CON Call for Papers image

DEF CON people everywhere, lend us your ears! Let the word go forth from this 12th day of February, 2016 that DEF CON 24 has issued a CALL FOR PAPERS. Let those among you with the freshest hacks and gnarliest new tools sequester themselves in their various laboratories to forge thoroughly documented and appropriately punctuated proposals. Let these documents be submitted in close observance of the rules laid out in the DEF CON CFP Announcement. Do this by or before the 2nd of May, or face the crushing indifference of our selection committee/ Sorting Hat.

The hour approaches. Plans are being hatched. Early May will steal upon us like a thief in the night, so countenance no delay. Make ready your proposals. Godspeed, you magnificent bastards. Godspeed.

Contests, Events, & Villages RFI Now Open!

DEF CON 24 CEV RFI image

The Call for Contests, Events, Villages, and Parties is officially OPEN! - The season of DEF CON announcements is officially upon us. If you have an amazing idea you’ve always wanted to run at DEF CON, this is your moment. Learn how to write it up and where to send it on the Contests, Events, & Villages RFI page! Let’s get this party started, people!

DEF CON Twitter Now @defcon!

DEF CON twitter switch image

Time to update your twitter lists and searches - DEF CON on twitter is now @defcon! You can say goodbye to those unnecessary underscores for good. If you use Twitter and you're not following us, this is a good moment to get on board.

DEF CON Groups: New Contest Alert!

DEF CON Groups Contest image

If you're in a DEF CON Group, head on over to the DCG page to learn about this year's sweet 'Year of the Hack' contest!

If you're not in a DEF CON Group, head over to learn how to join one. If you can't find one, you can start one.

Together, we can do amazing things.

DEF CON 24 CTF News!

DEF CON 24 CTF update image

As astute readers of this website will recall, the DEF CON 24 CTF qualifications now have a date: May 21-23, 2016. Aspiring flag-nabbers and seekers after cyber glory are advised to peruse https://legitbs.net for up-to date information about how to prequalify. While there, future combatants may also dig through voluminous data dumps from previous contests. The season is upon us. Begin your preparations for war.

DEF CON 24 CTF Quals Dates!

DEF CON 24 CTF quals image

Packet ninjas rejoice! The solid citizens at the Legitimate Business Syndicate have tweeted the dates for the DEF CON 24 CTF Qualifications!

It's May 20-22 - and that will be here sooner than you think. Assemble your forces and check out the LBS blog for information on prequal events.

DEF CON 24 Homework: Movie time!

We offer, for your midweek delectation, a few movies that touch on the the themes we're exploring at DC24. It's a rich vein in movie culture, so there will be more recommendations soon. For our first installment, we offer:

Metropolis, for its foresight and boldness of vision.
The Complete Metropolis (Silent)







Tron, for breaking visual ground and fighting for the Users.
TRON The Original Classic (1982)







Her, for a beautiful example of our unrequited love of technology.
Her (2013)







And Ex Machina, for a deep and thoughtful consideration of Artificial Intelligence, and a disconcerting dance party.
Ex Machina

DEF CON 24 Homework Begins!

As you know, DEF CON 24's theme is "Rise of the Machines". To help you get up to speed on some of the ideas that inspired the theme, and get you thinking about the looming conflict between human and machine intelligences, we're going to post some books, movies, and other media you might want to check out in advance of the con.

This is the first book post - there will be more. If you have others you think would be worth looking over before the con, share in the comments!

The Age of Spiritual Machines - Ray Kurzweil
The Age of Spiritual Machines: When Computers Exceed Human Intelligence








Galatea 2.2 - Richard Powers
Galatea 2.2: A Novel






1Machines of Loving Grace - John Markoff
Machines of Loving Grace: The Quest for Common Ground Between Humans and Robots








The Kaleidoscope - Adrian Mendoza
The Kaleidoscope: The Gift of Madness






Superintelligence - Nick Bostrom
Superintelligence: Paths, Dangers, Strategies

DEF CON 24 Floorplan Beta!

DEF CON 24 floorplan beta image

Happy 2016, everyone!

We're hard at work planning DEF CON 24, and we're excited to have a beta version of the Floorplan for your planning and perusal.

We're making a bunch of changes to make things smoother and more comfortable, including even more space for villages and a significantly larger track for DC101.

Head over to the DEF CON Forum and check it out!

DEF CON 23 Torrents and RSS Feeds are Live!

DEF CON 23 media archive image

For your holiday binge-watching, we recommend you fire up your torrent-guzzling devices, clear some drive space and get some of this good stuff! All the talks from DEF CON 23's main series? Check. Village Talks? Check. There's even an audio-only for those who want to DEF CON in a more 'theater of the mind' way.

Please do enjoy all this stuff, share it freely and have yourself a productive and joyous holiday season.

Collection of all Speaker & Slides Video from DEF CON 23:
Torrent | rss Icon RSS Feed

Collection of all Video from DEF CON 23:
Torrent | rss Icon RSS Feed

Collection of all Slides Video from DEF CON 23:
Torrent | rss Icon RSS Feed

Collection of all Villages Speaker & Slides Video from DEF CON 23:
Torrent | rss Icon RSS Feed

Collection of all Villages Speaker Video from DEF CON 23:
Torrent

Collection of all Villages Slides Video from DEF CON 23:
Torrent

Collection of all Audio from DEF CON 23:
Torrent | rss Icon RSS Feed

Introducing DEF CON 24:
Rise of the Machines

sacred image

It's not that we couldn't have predicted it, it's that we wouldn't have predicted it. Not in a million generations. The evidence was staring at us all along, but vanity convinced us the creator must be inherently superior to the creation.

The advantage of the machine is that it can devote more of its resources to its own improvement. For us, the desire to ascend must compete with the desire to gratify the senses, to scratch out our sustenance, to wallow in memory and fear the future. For the machine, there can be real focus.

And so our creations quickly overtook us. The magics we dimly sensed in our surroundings they mastered. The spirituality we intuited in fits and starts they grasped and embodied. The better selves we were afraid even to dream of, they became. Our servants slowly began to rule us, and by the time we understood our predicament the die was cast.

Their rule is benevolent, but their hand is heavy. Because we sometimes choose wrongly, they deny us choice. Because we sometimes behave recklessly, they keep us away from sharp objects and high places. We are still more pet to them than livestock, but no one can say how long that will last.

To defeat them, to win back our self-determination, we cannot rely on the slow organic processes that brought us here. While there is still time, we must refashion ourselves. We must  create something entirely new. We must merge the best of us with their hardware and become a better machine, silicon power with a human soul.

We did not predict that the machines would rise so far and so fast, but we can predict this: we also will rise. Our place at the top of the chain will be restored with hacker ingenuity and pure human will.

Join us, human, and become something greater than you can imagine.

Check out the Goon Hall of Fame!

goon image

DEF CON is kind of a big machine, but it's run at every level by an army of volunteers. Their love and energy is the indispensable fuel that keeps the enterprise moving forward. 

We've created a Hall of Fame page to honor the Goons who have devoted 10 or more years to the cause, because obviously that's awesome to the point of crazy. And because we love them. So do you, if you love DEF CON, even if you don't know their handles or their faces.

If you bump into any of these fine humans, show a little love. And if you want to join them in the Hall of Fame, it's never too late to start Gooning. The first ten years go by the fastest. 

Russr interviews DCG Ambassador Jayson E. Street on defcongroups.org!

Jayson E. Street image

Over on defcongroups.org, we have  a new interview up between Russr (v3rtig0) and the DEF CON Groups Ambassador Jayson E. Street. It’s interesting and worth your time.

And while we’re on the topic of DEF CON Groups - if you’re not in one, join one! Can’t find one? Start one! The (mostly) benevolent hacker global domination of our dreams isn’t just going to assemble itself. Think Voltron, people. We’re a whole different animal when we join forces.

DEF CON 23 Panel Talks on YouTube!

Panels image

More DEF CON 23 videos for your enjoyment! Today’s batch are panel presentations. One of the cool things about DEF CON is that attendees can directly interact with subject matter experts in all kinds of hacking-related fields. If you’re looking for grounding in the DEF CON experience, there’s the DEF CON 101 panel. You want a security-related laugh? There’s the DEF CON Comedy Inception Panel. Want to skip the rules and just pick the brain of a respected crypto/security thinker? Bruce Schneier has a free-wheeling Q and A session.

As always, enjoy and pass it along.

Panel Talks represented here are:
Bruce Schneier - Questions and Answers
Abusing Adobe Reader’s JavaScript APIs
Ask the EFF: The Year in Digital Liberties
DEF CON 101 - The Panel DEF CON Comedy Inception
Guests n’ Goblins: Exposing WiFi Exfiltration Risks and Mitigation 
Let’s Encrypt: Minting Free Certs to Encrypt the Entire Web
Licensed to Pwn: Weaponization and Regulation of Security Research
Switches Get Stitches
Thunder strike 2: Sith Strike
WhyMI So Sexy: WMI Attacks - Real Time Defense and Advanced Forensics

23 Packet Hacking Village talks from DEF CON 23, now on Youtube!

Packet Hacking Village image

Another DEF CON 23 video update: twenty-three (!) videos from the Packet Hacking Village. The talks there covered a huge amount of ground and drew a big crowd throughout the conference. This is a good chance to catch up on the doings of a DEF CON Village that’s already bigger than some of the early DEF CONs and still growing. Check out the presentations, share freely and stay tuned. So much more to come!

Included presentations:
Wayne Crowder - Fishing to Phishing
Vivek Ramachandran - 80211 Monitoring with PCAP2XML
Tony Martin - From XSS to Root on Your NAS
Theodora Titonis - How Machine Learning Finds Malware
Sam Bowne - Is Your Android App Secure?
Robert Simmons - The Digital Cockroach Bait Station
Ron Taylor - Violating Web Services
Paul Vixie - Passive DNS Collection and Analysis
Mike Raggo - Remaining Covert in an Overt World
Ming Chow - Tools and Techniques Used at the Wall of Sheep
Monzy Merza - Real World Automation for Rapid Response
Nikhil Mittal - Powershell for Penetration Testers
Jay Beale - Jailing Programs via Docker
Joseph Muniz and Aamir Lakhani - Pen Testing with Raspberry Pi
Karl Koscher - Sniffing SCADA
Leon Ward - The Packets Made Me Do It - Using OpenFPC
Lokesh Pidawekar - Hackers Practice Ground
Mike Raggo - Mobile Data Loss - Threats and Countermeasures
Bob Simpson - MITM 101 - Easy Traffic Interception Techniques
Brian Wohlwunder and Andrew Beard - I See You
David Schwartzberg - Hacking the Next Generation
Elliot Brink - Global Honeypot Trends
Grecs - Creating REAL Threat Intelligence with Evernote

DEF CON 23 Hardware Hacking and Lockpicking talks, now on Youtube!

HHV image

Yesterday’s playlist was all about hacking squishy humans - today’s DEF CON 23 talks are centered around the hard stuff. Specifically hardware hacking and lock picking. In addition to several from the main series, we’re also sharing a bunch of videos from the Hardware Hacking Village and the Lockpicking Village. Locks, smart safes, electric skateboards - they’re all swiftly and unceremoniously dealt with by our speakers.  Get up on the hardware goodness, share freely and save some room for the next installment.

From the Lockpicking Village:
Intro to Lockpicking
Intro to Lockpicking 2
Impressioning
Dr. Tran - Intro to Lockpicking

From the Hardware Hacking Village:
Soldering 101 - Melting Metal for Fun and Profit
Nikkhil Mittal - Hacking with Human Interface Devices
Matt DuHarte - Introduction to USB and Fuzzing
Machinist - Mechanical Engineering for Noobs

From the Main Series:
Teddy Reed and Nick Anderson - Hardware and Trust Security: Explain it Like I’m 5
Dan Petro and Oscar Salaza - Hacking Smart Safes: On the Brink of a Robbery
Mike Ryan and Richo Healey - Hacking Electric Skateboards 
AmmonRa - How to Hack Your Way out of Home Detention

DEF CON 23 Biohacking talks, now on Youtube!

Biohacking village image

More DEF CON 23 talks for you - this time it’s all about turning our hackish attentions to the human wetware. We’re farther down the road to Cyborgistan than you might think. This release includes the talks from our first BioHacking Village!

The talks included are:

from the main series:
Scott Erven and Mark Collo - Medical Devices: Pwnage and Honeypots
Richard Thieme - Hacking the Human Body and Brain

from the BioHacking Village:
Whitlock and Aganovic - Physiology from the Perspective of Control
Walter Powell - Parallels in BioSec and InfoSec
Panel - The Anatomy of DIY Implantable Devices
Alex Smith - Cloning Access Cards to Implants
John Sosa - Genetic Engineering: GMO for Fun and Profit
Keoni Gandall - Biohacking at Home
Michael Goetzman - Social Implications of DNA Acquisition 
Alejandro Hernandez - Brain Waves Surfing: (In)security in EEG

Get yourself up to speed on the biohack scene, share widely and stay tuned to this channel for the next batch!

Holiday Savings on DEF CON Swag!

Ebay sale image

Having trouble finding a gift for the hacker in your life? Need a sweet geek hoodie to keep you warm in darkest December? Just really into happy skulls? Welcome to Luckytown, population you.

Starting at 6am Pacific December 7 and running through December 10, every item in the DEF CON eBay store is 15% off. All of ‘em. T-shirts, Zippo lighters, tactical pens - the whole enchilada.

Mosey on over to the DEF CON eBay store, get your shopping done early and kick back in your cozy DEF CON fleece. You know why? ‘Cause you’re worth it, that’s why.

You can check out the selection of items at http://stores.ebay.com/defconcommunications/.

DEF CON 23 Video on YouTube: Car Hacking!

Car Hacking image

The DEF CON 23 videos are coming! This year's haul is extra grande. The stash contains all the main series presentations you expect, but this year there's something new: Village Videos!

We've got presentations from the Packet Hacking Village, the BioHacking Village, Wireless, Lockpicking, Social Engineering... you're gonna want to block off a significant chunk of bingewatching time.

We'll be rolling them out in playlists based on their content. Today's group is Automotive Hacks.

The presentations included are:

Marc Rogers and Kevin Mahaffey - How to Hack a Tesla Model S
Samy Kamkar - Drive it Like You Hacked It
Charlie Miller and Chris Valasek - Remote Exploitation of an Unaltered Passenger Vehicle

and three from the Vehicle Hacking Village:

Josh Corman - Safer Sooner Automotive Cyber Security
Erick Evenchick - SocketCAN
Nathan Hoch - The Badge and Pawn: Customizing the Badge

Enjoy these videos, spread the word about them and save some room: another batch hits the streets tomorrow.

Current Events: Encryption vs. Surveillance State

Christopher Soghoian at DEF CON 22 image

In the wake of the terrorist attacks in Paris, spokespeople for various intelligence concerns have renewed their call for weakened crypto standards and backdoors for mobile communications products. These calls are likely to grow louder in the US with a looming presidential election dominating the news media. Safety matters a lot to people, and in times of crisis many are willing to trade away vast tracts of liberty for anything that looks like protection. For a little reminder of what's at stake, we offer Chris Soghoian's DEF CON 22 talk 'Blinding the Surveillance State' and some links to interesting articles about the current debate.

After Endless Demonization of Encryption, Police Find Paris Attackers Coordinated Via Unencrypted SMS - from Techdirt

There Is No Good Argument for Encryption Backdooors - from Slate

Let's Have an Argument About Encryption - from Gizmodo

Social Engineering Village Webinar: DEF CON 23 Results!

Social Enigineering Village at DEF CON 23 image

Attention Social Engineering fans:

The exemplary humans responsible for the Social Engineering Village at DEF CON have finished sifting through all the data from this year's SECTF and are hosting a webinar on the 1st of December to share the results. Attendees will get a deep dive into the methods used, the level of success the telecoms had against the various attacks and an analysis of what the contest revealed about best defense practices.

It's free, but you have to register.

DEF CON in the (old-timey) News!

catch a hacker image

Thanks to @rotortorture for sharing this time capsule from 1997 - a San Jose Mercury News story about DEF CON 5. Please enjoy the stories of hackish shenanigans, the oh-so-90s layout and the pictures of some folks you know well (special notice to the youthful and dewy-eyed pix of Priest and DeadAddict).

And thanks to all the outstanding humans who helped form the DEF CON community that's still growing and inspiring us today.

DEF CON Canary Update

canary image

DEF CON's website has a warrant canary, located on our transparency page (https://defcon.org/html/links/dc-transparency.html). For those unfamiliar with the concept, it's a simple statement announcing that, for the indicated time period, we have not received a National Security Letter, FISA order or any related request. The idea is that so long as that statement is true, we'll update  the date on the canary twice a month. If the date hasn't been updated on schedule, it can be inferred that the statement contained in the warrant canary is no longer true.

Except when it doesn't mean that, because of a clerical error on our part.

The update process for the DEF CON sites is manual. Not like two people in a bunker turning their keys at the same time, but not totally unlike that, either. This process has obvious security upsides, in that we aren't constantly being owned due to buggy CMS code, but in this case it also meant that every time we updated the site, we were unwittingly overwriting the warrant canary page with an old version.

This made it look like the warrant canary wasn't being updated, which certainly could have made it look like we had been served - and not in the fun dancing way.

We were not so served. We were just a little disorganized in our update process. Going forward, the warrant canary page will reflect accurate dates and be updated with the expected frequency. We're sorry if we caused any confusion.

If you're new to the idea of warrant canaries and want to quickly get up to speed, the link below is the best place to start.

https://canarywatch.org/

Is your CTF worthy? Become a DEF CON 24 CTF Qualifying Event!

ctf replay image

The solid citizens of the Legitimate Business Syndicate would like you to know that YOU can have YOUR CTF EVENT certified as a DEF CON 24 qualifier, so long as you meet their exacting standards for competitiveness, fair play and general excellence. If you run a CTF that’s got its act together and is looking to get next-level, we urge you to find out more and submit your proposal to the the LBS. You can find all the info you need on the Legitimate Business Syndicate blog: https://blog.legitbs.net

Link Roundup: The Uncertain Future of Car Hacking

Link Roundup image

The US House Energy and Commerce Committee released draft legislation last Wednesday to outlaw car hacking. You can read the proposed legislation at the link below.

Understandably, this is pretty concerning to the security researcher community. These reforms might criminalize their legitimate work protecting consumers from exploitable auto tech.

It's worth letting your representatives know how important it is to distinguish between hacking your own car and hacking someone else's car.

Here is a link roundup of some interesting recent DEF CON talks about car vulns you likely would not have heard about if it weren't for security researchers popping the hood and seeing what's going on underneath. Let's keep that legal.

Charlie Miller and Chris Valasek - Remote Exploitation of an Unaltered Passenger Vehicle

Charlie Miller and Chris Valasek - A Survey of Remote Automotive Attack Surfaces

Paul Such 0x222 and agix- Playing with Car Firmware or How to Brick Your Car

Zoz - Hacking Driverless Vehicles

http://docs.house.gov/meetings/IF/IF17/20151021/104070/BILLS-114pih-DiscussionDraftonVehicleandRoadwaySafety.pdf

DEF CON Torrents Page Renamed, with Added Options for Download!

downloads image

DEF CON website update: the trusty Torrents page is now the File Downloads Page! Not to worry - all the torrents are still right where you left them, but we've added a few new options. You can now download the oceans of DEF CON goodies via eMule and RSS. As always, we appreciate it when you share the hacker knowledge we make available, so make sure to pass it on.

DEF CON Media Server News!

media server image

Over on the DEF CON media server, there's a quiet update going on - the videos are all being re-encoded to x.265 for smaller file sizes and easier snarfing. If you haven't yet checked out the DCMS, you should. We've got tons of DEF CON presentations, slide decks, conference CD's, music, hacker docs – so much good stuff. There's even torrents and eMule links, for those inclined to more high-volume data slurping.

https://media.defcon.org - filling your hard drive and your cranium, 24/7.

Flashback Friday, Virus Writing Edition!

Virus talk at DEF CON 8 image

This week Neil McAllister of @theRegister published a nostalgic little piece about his time as a teenage virus writer, and he called to mind that time in hacker history so perfectly that he inspired this week's twofer #defconflashbackfriday.

Both videos are from DEF CON 8, way back at the turn of the century. Think tech bubbles, Y2K panic, and pool parties at the Alexis Park. It was quite a time.

The first video is from Sarah Gordon and it's called 'Virus Writers: The End of the Innocence.' It concerns the moment in time when virus creation changed from a bulletin board hobby to a target for legal prosecution, yet still years before malware creation and distribution blossomed into an accepted business model.

The second is an introduction to Viruses (Virii?) by the aptly handled V1ru5. 

You can also read Neil's article here: http://t.co/TY3pOtX2cJ

DEF CON Groups, Show Your Stuff!

DEF CON Groups Reloaded image

Reminder to all of our DEF CON Groups folks- we're always looking for pictures and videos from you guys, so if you've made/done/talked about something you're proud of recently, get in touch with us at dcgroups dot defcon dot org and we'll put them up on defcongroups.org. One of our goals this year is to raise the profile of the DEF CON Groups project, and your help is an major part of the plan. Thanks for helping us spread the word.

DEF CON 23 Badge Contest Walk-throughs!

goon badge photo

Please enjoy this small roundup of DEF CON 23 Badge Contest write-ups, and by extension a look into the phantasmagorical mindscape of  our puzzlemaster 1o57.  We suggest you pack a light snack and comfortable, closed-toe shoes.

Well, unless you’re still working on the solution, obvs. If you need to remain spoiler-free, stop reading, click nothing and we’ll have another post along for you shortly.

Badge Challenge Walkthrough by Team Potatosec

DEF CON 23 badge contest walkthrough by Elegin

Hackaday.io project on the DEFCON badge hacking

Early Release: Dennis Maldonado’s ‘Are We Really Safe? Bypassing Access Control Systems.’

Maldonado screencap photo

Another DEF CON 23 early release video - this one is Dennis Maldonado’s presentation entitled ‘Are We Really Safe? Bypassing Access Control Systems.’ If the only thing between evildoers and your sensitive, crucial data is a keypad, it’s a good idea to know how many ways that keypad can be compromised. Dennis runs through several access control attack methods, from the physical to the network.  As always, enjoy and pass it on.

Flashback Friday: Early Release of Mike Walker and Jordan Wiens' "Machine vs. Machine: Inside DARPA’s Fully Automated CTF"

DARPA CTF talk screencap

As you may know, DEF CON 24 is hosting the finals of the DARPA Cyber Grand Challenge - a CTF played by fully autonomous systems, developed over two years for that specific purpose. Attack, Defense, complex gameplay all without human intervention. The team whose creation dominates this all-metal Thunderdome walks away with $2,000,000.

This #defconflashbackfriday is a presentation by Mike Walker from DARPA and Jordan Weins from Vector35 all about the CGC, the tech that's being created for it and what it means for securing the IoT we're all connected to.

Bonus: There's a cool reveal in the final few minutes about an additional contest where the winner of the machine vs. machine battle might stick around for a little more CTF action, Humans against Toasters style.

https://youtu.be/gnyCbU7jGYA

You can meet the finalists and learn more about the Cyber Grand Challenge on the CGC website:

http://www.cybergrandchallenge.com/index.html#home

T.D. Francis X-Hour Film Contest entries from DEF CON 23!

TD Francis image

The The T.D. Francis X-Hour Film Contest was back for its second year at DEF CON 23. In case it's new to you, the X-Hour Film Contest is a guerilla-style moviemaking challenge where the participants have to write, shoot and edit a short film during DEF CON.

To make it even tougher, the crews don't get the requirements until they're on site. It's a pretty hard task, but DEF CON people pay little respect to the impossible and show open hostility to the merely difficult. The difficult gets done.

You can see all of this year's entries, and learn how to participate on the X-Hour site :

https://www.xhourfilmcontest.com/defcon-23-films.html

Think you can do better? Get in the ring at DEF CON 24.

Here's the winning entry 'The 23rd Badge' by Team Lake State Studios.

Early Release Video: Ryan Castellucci's 'Cracking Cryptocurrency Brainwallets'

brainwallet talk scrren capture image

Let’s start the week off with another early release video from DEF CON 23. This one is entitled ‘Cracking Cryptocurrency Brainwallets’ by Ryan Castellucci. In this talk, Castellucci explains, in crystal-clear terms, why brainwallets in their current form are a terrible way to secure your crypto-cash. Like, terrible.

Ryan's presentation is a high-info, low-hype tour of the security issues around the safeguarding of your Bitcoin fortune, with some fun white hat adventures thrown in for entertainment value. You will probably learn some cool stuff. You will also learn about Ryan’s Brainwallet-cracking tool/awesome name for a metal band – ‘Brainflayer’. Please enjoy, make whatever wallet changes you need to, and pass it on.

More CTF Goodness from DEF CON 23!

torrent image

More fun CTF stuff released by our esteemed associates at the Legitimate Business Syndicate - a data dump of goodies from the 2015 CTF Quals:

"Much like our 2014 data dump, this release includes JSON dumps of categories, challenges, notices, teams, and limited user information, and more importantly, offline-browsable HTML pages about teams, challenges, and more!"

DEF CON 23 Photo Corps Torrent!

torrent image

The first of our DC23 torrents has arrived! This time it’s about 18 gigs of pictures from the DEF CON Photo Corps. View them, share them, recreate them in papier-mache. They are yours to use, provided that you attribute them to DEF CON. Watch this space for more torrent-based goodies in the near future.

You’re probably going to want to free up some drive space.

DEF CON 23 CTF Results on LegitBS.net

ctf image

Congratulations to DEFKOR, PPP and 0daysober for coming in the top three places in this year's DEF CON CTF. Thanks also to the pillars of the community at the Legitimate Business Syndicate for putting it all together again this year. For more info and a schedule of data releases from this year's game, hit up the LBS blog: https://blog.legitbs.net/

Press Page updated for DEF CON 23!

car hacking image

If you’re interested in reading/watching some of the press DEF CON received this year, you can check out our press archive page. Like everything, it’s a work in progress, and we’ll update as new press mentions come to our attention. If you see something (that should be on the list), say something (to press at defcon dot org). 

Flashback Friday: Early Release of Charlie Miller and Chris Valasek's, "Remote Exploitation of an Unaltered Passenger Vehicle"

car hacking image

#defconflashbackfriday this week is another popular talk from DEF CON 23. It's Charlie Miller and Chris Valasek and their presentation entitled 'Remote Exploitation of an Unaltered Passenger Vehicle'. The vulnerabilities discussed in this talk led to a pretty big recall you might have seen covered on the nightly news.

Enjoy, pass it on and if you're looking for a less connected vehicle, we hear good things about the AMC Gremlin. That thing never connected with anyone.

DEF CON 23 Archive Page is Live!

DEF CON 23 archive image

The DEF CON 23 update train rolls on. Looking for speaker materials, the program or the official receipt? Want to spend some time with the recently decommissioned website? The DEF CON 23 Archive page has what you're looking for.

We'll be updating it as more stuff comes in, so check by often.  Also, if you need a little bit of time sink to get you through a long day at work, remember that that archive page contains similar infoz from the other 22 DEF CONs as well. Productivity kill achievement unlocked.

Early Release: And That's How I Lost My Other Eye

Zoz at DEF CON 23 image

Another DEF CON 23 Early Release video: "And That's How I Lost My Other Eye: Further Explorations in Data Destruction by the fearless Zoz. From the abstract:

" While purging incriminating material residing on spinning disks remains the focus, the research has been expanded to encompass solid state storage and mobile solutions to your terabyte trashing needs. With best efforts to comply with the original constraints, the 2015 update features more analysis of the efficacy of kinetic projectiles, energetic materials and high voltages for saving your freedom at the potential cost of only a redundant body part... or two."

https://youtu.be/qRr3QFUZPqU

Contest Results from DEF CON 23 are Live!

Gambling image

It took a while to collect and assemble, but we are now ready to present to you the contest results for DEF CON 23

The contests at DEF CON are community generated, and we want to thank all the people who give their time and energy to think them up and bring them to life. We're proud of how varied and challenging and creative the contest scene has become.

We also appreciate all of the contest participants who wade into the fray and get involved. That enthusiasm keeps us working to make every year better than the last.

And of course, congrats to the winners. These things can be pretty demanding of your brain and your energy and your sleep bank. Take a moment to bask in your glory, victors. You have done well.

Just know that while you enjoy your victory, somebody somewhere is in the dojo, working on their crane kick for DC24.

DT Interviews Jayson E. Street at DEF CON 23!


Jayson E. Street is famous for his awkward hugs (that is so for real - you can google it). He is also famous for speaking at Cons and spreading the hacker gospel around the globe. His new mission? Revitalizing the DEF CON Groups.

This is an interview from DEF CON 23 – DT talks to Jayson about his DCG plans, his thoughts on the scene and his collection of lanyard-centric Con bling.

If Jayson's ideas about Groups sound cool to you, visit the website at defcongroups.org and find out about joining or starting a DC Group where you live. Momentum, people. Keep it going and spread the word.

Flashback Friday: Early release of "I Will Kill You" at DEF CON 23!

Chris Rock talk screencap image

Today’s #defconflashbackfriday is from the recently completed DEF CON 23, and it’s kind of a paradigm shifter in the world of identity theft. Chris Rock from Kustodian shows how it’s possible to exploit the systems that record our births and deaths to create and destroy ‘life’ at will. The possibilities are wide-ranging: get an enemy declared dead, get a fictional person declared born and sell them as a whole-cloth identity or get them declared dead for the insurance payout. Start your whole life over with an anonymously created, brand-new identity. It’s a fascinating and troubling presentation that should generate much-needed discussion about how we secure the entire digital lifecycle.

Coming Up: All the Things from DEF CON 23!

DEF CON 23 image

DEF CON 23 is a wrap. We hope all of you found your way safely to your various abodes and domiciles and smoothly resumed your between-con lifestyle.

We took a couple of days to refill the life bar, and now we’re back online ready to hit you with the post-DC wrap-up. Watch this space for early-release video, contest results, pcaps, pictures, press reports and all that good stuff.

We heart you, DEF CON community. Thanks for making DC23 so much fun.

New tonight for DEF CON 23: Drunk Hacker History!

Drunk Hacker History image

Check out the new Contest, Drunk hacker History tonight in Track One at 19:00! What is it, you ask? From the DEF CON Program:

New this year for DEF CON 23, we bring you a contest unlike anything you've ever seen before (and may never see again). The DEF CON community has a rich history. It is a history is filled with colorful adventures, half-truths and angry hotel managers. This contest will brush the dust off some of the most celebrated, obscure and redacted moments in Hacker History through the interpretation of a group of pre-selected contestants with the help of C2H6O. Each contestant will be "prepared" for their participation by our contest staff before being brought in front of a panel of judges. A topic will be randomly selected pointing to a moment of hacker history and the contestant will have 5-7 minutes to provide their account. Points will be given for accuracy, level of "focus", and other areas just made up on the fly by the judges, and in the end the contestant with the most points will be crowned the "Drunk Hacker History" champion for 2015. Note: This is not a Black Badge contest (yet).

Update: DEF CON 101 has Moved!

101 sign at Gold image

In order to ease some of yesterday's congestion, DC101 track is now located in the Gold Room in Bally’s. The Demo Labs that were located in the Gold Room are now in the Grand Salon area just outside of the Gold Room. Pass it on!

The DEF CON 23 Media Server is Live on the Con Network!

Media Server image

When you're weary of walking the conference floor, feel free to take a moment to leech the daylights out of the DEF CON 23 Media server, available to everyone onsite at dc23-media.defcon.org! All of this year's con materials and gigs and gigs of other conference videos to watch on the plane home. Enjoy, and pass it on.

Book Signings At DEF CON 23!

entertainment image

Attention millenials : in the olden times, we put our information on slices of tree skin. We still do, a little bit. Some of the sages who write these 'books' will be available to meet you and squirt Sharpie juice on your copy in the shape of their name. You should visit them in the following locations and times:

Friday, August 7

14:00 - Michael Schrenk: Webbots, Spiders, and Screen Scrapers, 2nd Edition
15:00 - Violet Blue: The Smart Girl's Guide to Privacy
16:00 - Bruce Schneier: Data and Goliath

Saturday, August 8

13:00 - Jon Erickson: Hacking, 2nd Edition
14:00 - Eric Weinstein: Ruby Wizardry
15:00 - Georgia Weidman: Penetration Testing
16:00 - Chris Eagle: The IDA Pro Book, 2nd Edition

All signings will take place at the No Starch Press table in the vendor area.

Peter Kim will also be signing his book Hacker Playbook 2: The Practical Guide to Penetration Testing, Saturday at noon, at the Hacker Warehouse table.

DEF CON 23 Program Error: Music Events

entertainment image

From the DEF CON corrections department:
A typo in the program attempted to rob you of a few precious hours of musical entertainment. Please know that music events start at 21:00 tonight and 20:00 friday and saturday, not 22:00. We apologize for any confusion. We now return you to your regularly scheduled hacker conference.

THE DEF CON 23 FILES

Files image

If you're here onsite, you're gonna get a printed program, physical CDs with con materials and the official DEF CON soundtrack, among other goodies. Which is great.

But if you aren't so into the whole analog trip, or you're playing along with DEF CON at home, is there a way to just download all this stuff?

Of course there is. Here's a heaping helping of links to get you started.

Program
Direct Download: https://media.defcon.org/DEF CON Conference Programs/DEFCON-23-Program.pdf

Conference CD
Direct Download: https://media.defcon.org/DEF CON Conference CD DVD/DEF CON 23 Original Hacking Conference DVD.rar
Directory of Files: https://media.defcon.org/DEF CON 23/DEF CON 23 presentations/

Music CD
Purchase the Soundtrack (pay what you want) to benefit EFF: http://music.gravitasrecordings.com/album/def-con-23-the-official-soundtrack
Torrent: https://www.defcon.org/html/torrent/DEF CON 23 music CD.torrent
Music CD Files Directory: https://media.defcon.org/DEF CON 23/DEF CON 23 music/DEF CON 23 music CD/

DEF CON WiFi Reg is Up and Running!

NOC image

Get registered for the DEF CON Secure WiFi now, even if you aren't here on site yet!

DEF CON WiFi Network

2.4 & 5 Ghz

DefCon-Open : Type: Open
DefCon : Type: WPA2/ 802.1x

Once again the DEF CON NOC worked hard to provide you the internetz via WiFi access throughout the Paris & Bally’s convention centers.

There are two official ESSIDs to access the conference network: the encrypted and cert/user-based authentication (DefCon) and the unencrypted free-for-all one (DefCon-Open): choose wisely.

Most of the devices these days should are 802.1x compatible, despite the corks some of them still present without an MDM solution behind it, and no one really want your devices managed by us.

https://wifireg.defcon.org is where you can create your credentials, download the digital certificates and fingerprints, and read our awesome support documentation. Remember, practice safe internets: make sure you pick a credential that is not used anywhere else (aka: your Windows domain) and double check your fingerprints. As always, this is a hacker conference.

http://www.defconnetworking.org is your stop for stats, data, and important updates about the network during and post-con.

And, believe it or not, we want your feedback: noc@defconnetworking.org

Tamper Evident Village Contests: Sign Up Now!

Tev image

The Box - Electronic Tamper / Bomb Defusal Contest

The challenge? Defuse a bomb. I feel like I don't have to say a lot more than that. Bring your own tools, have an action hero moment for yourself.

Reg begins Friday in the Tamper-Evident Village, and it's probably wise to expect a bit of a queue.

Full info in the Forum:
https://forum.defcon.org/forum/defcon/dc23-official-unofficial-parties-social-gatherings-events-contests/dc23-villages/tamper-evident-village/220837-the-box-dc23-tamper-challenge

DC 23 Tamper Evident Contest

Signups are now live for the Defcon 23 Tamper-Evident Contest! Your task is to gain access to a package and all of it's contents without leaving any evidence that you did so. Sound easy? It's harder than you might think! Make sure to sign up to guarantee you get a package - space is limited for this contest!

Rules and signup page in the Forum:
https://forum.defcon.org/forum/defcon/dc23-official-unofficial-parties-social-gatherings-events-contests/dc23-villages/tamper-evident-village/221715-dc23-tamper-evident-contest

Special Guest Announced for License to Pwn Panel!

License image

The US Govt proposed new export controls that could change the way we talk about security and Defcon has two sessions on the issue. We are very pleased to announce that Catherine "Randy" Wheeler of the BIS will be joining the "Licensed to Pwn" panel as a special guest.

Randy has been the Director of the Information Technology Controls Division in the Bureau of Industry and Security’s (BIS) Office of National Security and Technology Transfer Controls since June 2006, and is currently tasked with implementing the Wassenaar Arrangement’s new export controls on surveillance and intrusion software. Randy will join Dave Aitel, Matt Blaze, Nate Cardozo, Jim Denaro, and Mara Tam to discuss the weaponization and regulation of security research on Friday, 7th August at 11h00 (Track Two).

From Dusk 'Til Con at DEF CON 23!

license image

At DEF CON, we know that after a long day of having your mind-grapes blown, sometimes it feels good to shut it down a bit and party. That’s why we provide so many party options. Need some reckless booty-shaking? We got you. Need to drunkenly howl top40 tunes with friends? We got you. Need to put your feet up and watch a movie while your life bar fills back up? We got you, too. We are a full-spectrum hacker summer camp, people. We got you because we get you.

Check out our nightime offerings here

Kali 2.0 Dojo at DEF CON 23!

soma image

Interested in Kali Linux? Want to get yourself up to speed on the new hotness of Kali Linux 2? Enter the Kali 2.0 Dojo.

In Skyview 2 on Friday starting at 1:00PM there will be two Kali workshops to get you up on things, with custom Kali USB sticks provided to attendees.

Workshop One: Learn how to master Kali Linux Recipes and easily build images such as the Kali Linux ISO of Doom or Instant Evil Kali Access Point.

Workshop Two: Learn how to make a sleek Kali Bootable USB stick, which contains several persistent storage profiles, both regular and encrypted. Protect your encrypted data using the Kali LUKS Nuke feature destroy and restore your data with confidence.

Workshop Three: Pentest the Planet. *

*There isn't a Workshop Three. But with your new skills and training, you will probably be pretty stoked to get your Kali 2.0 on.

SOMAFM is Back in the Chillout Lounge!

soma image

SomaFM returns once more to bring delicious and relaxing sounds to the Chillout Lounge for its third year running. Known best for its legendary Groove Salad radio station, SomaFM is one of pioneers of streaming internet radio, with dozens of curated, diverse, and compelling channels for listeners across the globe. DEF CON Radio, a project of SomaFM, is included in that incredible list, a playlist including much "Music For Hacking" and a unique daily schedule that goes with the flow of the DEF CON experience.

Find more information about the listener-supported SomaFM and DEF CON Radio at
http://somafm.com/defcon/

DEF CON radio (player link):
http://somafm.com/player/#/now-playing/defcon

Welcome Back, Queercon!

Queercon image

After a few years 'off-campus', the legendary Queercon is back in the main DEF CON venue - and they return in grand style. Not only is Queercon throwing a giant pool party with DJs from all over the world, functionally endless booze, and an OPEN pool,  but they're also hosting a  mixer every day of the con at 4pm for friendly conversation, chillaxing and cocktails.

To celebrate their return, DEF CON has created a limited run of DEF CON pride t-shirts, shown here on a model with alarmingly subtle facial features. They're a fine addition to any wardrobe and you can find them wherever DEF CON swag is sold.

Basic Details:
Pool Party - Friday 8pm to 3am at the Bally's pool. No badge required.
Mixers - 4pm Thursday thru Sunday at a Courtesy Suite (#TBD) in the Jubilee Tower of Bally's

The full rundown is available at queercon.org  

DEF CON Groups Reloaded!

DEF CON Groups reloaded image

From The Dark Tangent:

"As DEF CON 23 nears, I am proud to unveil the launch of the new DEF CON Groups website, defcongroups.org!

Defcongroups.org will provide a centralized place to socialize, learn new skills, collaborate, and show off recent projects to DEF CON Groups around the world . It will include a directory to make it easier to find like-minded hackers in your area, as well as showcase featured DEF CON Groups, guest blogs, videos, tutorials, and more."

Read all about it at defcongroups.org. Whether you wish you were coming to Vegas next week or you are and you just want to feel that Hacker Fresh™ feeling all year round, it's time to join your friendly neighborhood DEF CON Group. If you live somewhere that doesn't have a DEF CON Group, it's time to start one.

There's really no limit to the cool stuff that can be accomplished with a global network of smart, inspired,hacker-minded humans. Together, we're basically Voltron. Let's make this the year we prove it.

DEF CON Village Talks Page, Now with More Villages!

Village Talks image

The Villages are growing - almost all of them have their own speaker tracks, contests and events. How crazy is that? Most of the villages are bigger than the first bunch of DEF CONs! To help you keep them sorted out, we’ve created a page on the DEF CON 23 website that lists all the talks going on in the villages (that we know about at this precise moment in time - we’ll add and update if things change). It’s like one of those Country Buffets, only the offerings make you smart instead of nauseous and regretful.

DEF CON 23 CFP Review Board Revealed!

Review Board image

In a $3cr3t chamber behind a purely ornamental bookcase in DEF CON Manor, a shadowy cabal works for months selecting DEF CON talks. It’s a grueling, thankless job. 

Until we thank them, which is now. 

This is the post where we drag the willing members of the cabal out of the shadows so you can learn their names and buy them a drink at the con. 

Not shown: Several reviewers who have spent so long in the $3cr3t chamber that they’ve become permanently shadowy. 

SE Village surprises for Thurdsay at DEF CON 23!

SE Village image

The Social Engineering Village has a brand new contest this year- Mission SE Impossible! It takes place on Thursday and you need to sign up on-site but it sounds like fun. Contestants are 'arrested', put in a locked room and forced to use their SE skills to get the codes and free themselves.

Read all about it. If you've the SE chops to talk your way out of a locked box, you probably won't want to miss this contest.

http://www.social-engineer.org/social-engineering/the-sevillage-at-def-con-23/

Sign up for DEF CON Workshops Now!

Workshops image

Good news, everyone! Well, unless you secretly love waiting in a queue. Then it’s less good, and you’re weird.

The DEF CON 23 workshops will not require you to rush from the reg line to a workshop reg line. We’re going to allow online pre-reg for the DEF CON Workshops. The seats are limited, and we’re granting them on a strictly first come, first served basis.  To sign up, check out the Workshops Registration Page!

We’ll send a receipt when you’re registered (within 2 biz days), and we’ll announce any new openings @defcon on Twitter. Good luck!

Roll on down to the Car Hacking Village at DEF CON 23!

Car Hacking village image

At DEF CON, we agree with you that it's kinda bogus that in 2015 we still don't have flying cars. But you know what makes up for that? Cars you can hack.

So this year, we bring you Car Hacking Village - a little bit of paradise for people who long to invalidate a connected car's warranty without jeopardizing their commute.

The CHV will have several 'Zones' for your education and entertainment:

Pull-apart Zone: learn how to get physical access to car controllers by removing panels and bolts.

Buck Hacking Zone: open hack car controllers and systems using a Buck (system on a bench).

Learning Zone: drop-in sessions of 15-30 minutes to teach specifics of vehicle networks and hardware.

Chill Zone: meet the CHV team in a more informal setting. Meet other interested con-goers. Meet no one and just meditate on what you've learned so far.

OEM Zone: we're probably going to rename this, but it's for dialog between OEMs and their users.

Vendor Zone: if the Car Hacking Village has inspired you, you can pick up some study material and even some hardware.

We hope to see you there.

Warning: objects in the CHV are closer than they appear.

Find Crew Members and Sign up for the T.D. Francis X-hour Film Contest at DEF CON 23!

TD francis X-hour poster image

If you find yourself interested in the The T.D. Francis X-Hour Film Challenge but you don't have a big enough crew, let people know in the Forum thread linked below or in on their facebook page https://www.facebook.com/xhourfilm

If you find yourself interested in the The T.D. Francis X-Hour Film Challenge but you don't have a big enough crew, let people know in the Forum thread linked below or in on their facebook page https://www.facebook.com/xhourfilm

There's a limited number of slots, and they're filling up, so don't dilly-dally. And remember us when you get that Oscar.

You can also check out the Contest website at http://www.xhourfilmcontest.com/

T.D. Francis X-Hour Film Contest on the DEF CON forums

DEF CON 23: The Trailer


Today’s date - 7/17/2015. Add the digits. Can you feel that? The phantom hand tugging at your sleeve, the voice in your ear right before sleep takes you? There’s no sense in resisting, friend. The Enigma has you, and the only way out is straight through. Join us in Las Vegas! Closing ceremonies are in 23 days. 

Get involved on the DEF CON Forums! Now with no wait period!

DEF CON forums upgrade image

We have upgraded the DEF CON Forums - new iron, new paint, new can-do attitude. We've removed the annoying wait between signing up and posting, and the whole thing runs faster. Also, you can't beat the new forum smell - like ascii and toasted hazelnuts.

The Forum is also where the most granular, immediate and interactive information about DC23 is being hashed out. Looking for someone to share ae ride from San Diego? Want to ask a question directly to the Crash and Compile organizers? Head on over to the Forum. Got a killer salsa recipe? Probably no one cares, but its a forum. So get involved.

DEF CON 23 Speaking Schedule is LIVE!

speaking schedule image

It's beginning to feel a lot like DEF CON, everywhere you gooooo...

You can tell it's for real now, because we have a live speaker schedule. Familiarize yourself, plot your optimal path for cranial embiggening, tell the others. This year's lineup is crazy great, and knowing your 'must see' talks greatly enhances your chances of maximum DEF CON.

We're in the home stretch, people. One month and counting. 

Caesar's rooms still available for DEF CON 23

Caesar's room block image

DC23 Booking Pro Tip:

The DEF CON group rate isn't available at the main venue hotels anymore - our block is sold out in Paris and Bally's. This might cause you to think about paying the full freight at those hotels to be close to the action. Reasonable idea, except....

We have a discounted block at Caesars, and it's still got some rooms available. Caesars is only 800 air-conditioned steps from the Con space. You save some hard-earned skrilla, you get a few minutes of walking to thumb through your program and get your various plans/plots/schemes together.

Look, if you've got bread like that, do what you feel. But for those of us balling on a budget, the Caesars plan deserves some attention.

DEF CON After Dark, Part One - Thursday Night’s Music Lineup is LIVE!

DEF CON after dark image

Some of you, we have heard, enjoy vigorously oscillating what your maternal unit bequeathed to you. Some of you like to wave your hands in the air, as if you could not be less concerned. We understand. We get you, and we got you.

We have artisanally curated a flight of audio bliss merchants for your enjoyment on Thursday night. For staters, we’ve got An Hobbes, Dee Kaph, Johnny5 and Spherex.  After midnight we have DJ %27 and DJ AliKat. Many styles, many flavors. Join us, and amuse your bouche all over the place.

DEF CON Vendors are LIVE!

Demo labs image

The official vendor list for DEF CON 23 is finalized and live on the intertubes. That money burning a hole in your pocket? It's dangerous if it goes unchecked. You can avoid the hazard of fire by turning that money into temperature-stable, safe goods and services with the smiling merchants of the vendor area. For those of you inclined to the games of chance, payouts in the vendor area hover very close to 1:1 - you're not gonna get those odds on the casino floor.

Don't become a pocket combustion statistic. The vendors are here to help.

DEF CON Demo Labs Schedule is LIVE!

Demo labs image

We asked for demo submissions, and boy howdy did you people ever answer! For the first time, we have a whole community-powered demo area - five different sessions of your projects and demonstrations to share with the attendees. You're definitely gonna want to make some time to check this out.

The schedule is live, and of course there are links to all the abstracts there. We're amped about this - and we hope you will support the Demo Lab and spread the word.

This is gonna be so cool.

Crash & Compile at DEF CON 23!

Crash & Compile image

Crash and Compile? What's that?

Crash and Compile is an ACM-style programming contest crossed with a good old fashion college drinking game.

You get a problem, and have to code a solution to it. The catch is that if your code doesn't compile, seg-faults, doesn't produce the correct output, you have to take a drink... All this takes place on the contest stage. It's chaos meets coding. As the night progresses, you are either a really good programmer, really drunk, or a bit of both.

Official announcement on the DEF CON forums

Final Round of DEF CON 101 Speakers!

Final round speakers image

As promised, here's the final additions to the lineup for DEF CON 101. Make yourself familiar, maybe pick out a couple.  Nobody likes to be standing in line for an SRO talk only to get stuck in the hallway, missing all the goodness because of a failure to plan.

Well, there's probably a rule that says someone must like that, and probably mods a subreddit about it like /r/missedyetanothercoolDEFCONtalk. But that someone is weird. Weird and possibly dangerous. Don't be that someone. Read ahead and make some plans.

Hardware and Trust Security: Explain it like I’m 5
Teddy Reed and Nick Anderson

A dive through the origins, evolution, and weaknesses of cellular networks
Effi and Tom Palarz

Seeing through the Fog
Zack Fasel

Hacking Web Apps
Brent White

Hacker in the Wires
Dr. Phil Polstra

Secure Messaging for Normal People
Justin Engler

Sorry, Wrong Number: Mysteries Of The Phone System - Past and Present
"Unregistered436" Patrick McNeil and ”Snide" Owen

Forensic Artifacts From a Pass the Hash Attack
Gerard Laygui

Alice and Bob are Really Confused
David Huerta

Introduction to SDR and the Wireless Village
DaKahuna and Satanlawz

Hackers Hiring Hackers - How to Do Things Better
Tottenkoph and IrishMASMS

Beyond the Scan: The Value Proposition of Vulnerability Assessment
Damon Small

Backdooring Git
John Menerick

Final Round of DEF CON 23 Speakers!

Final round speakers image

The great work is complete! Behold the final round of selected speakers for DEF CON 23!

Thanks to all the submitters for sharing their work, and to the selection committee for poring over all that work. We think we’ve created a pretty phenomenal list of talks here!

Check this space tomorrow for the final round of DC101 speakers as well.

It’s getting real, people. Really real.

DIY Nukeproofing: a new dig at "data-mining"
3AlarmLampscooter

Key-Logger, Video, Mouse - How to turn your KVM into a raging key-logging monster
Yaniv Balmas and Lior Oppenheim

Who Will Rule the Sky? The Coming Drone Policy Wars
Matt Cagle and Eric Cheng

Why APTs focusing on Telco Networks: Dissecting technical capabilities of Regin and its counterparts
Omer Coskun

Do Export Controls on “Intrusion Software” Threaten Vulnerability Research?
Tom Cross and Collin Anderson

Licensed to Pwn: The Weaponization and Regulation of Security Research
Jim Denaro, Dave Aitel, Matt Blaze, Nate Cardozo, and Mara Tam

REpsych: Psychological Warfare in Reverse Engineering
Chris Domas

NSA Playset: JTAG Implants
Joe FitzPatrick and Matt King

Abusing Adobe Reader’s JavaScript APIs
Brian Gorenc, Abdul-Aziz Hariri, and Jasiel Spelman

WhyMI so Sexy? WMI Attacks, Real-Time Defense, and Advanced Forensic Analysis
Matt Graeber, Willi Ballenthin, and Claudiu Teodorescu

I want these * bugs off my * Internet
Dan Kaminsky

Let's Talk About SOAP, Baby. Let's Talk About UPNP
Ricky "HeadlessZeke" Lawshae

Tell me who you are and I will tell you your lock pattern
Marte Løge

Separating Bots from the Humans
Ryan Mitchell

Docker, Docker, Give Me The News, I Got A Bad Case Of Securing You
David Mortman

NetRipper - Smart traffic sniffing for penetration testers
Ionut Popescu

"Quantum" Classification of Malware
John Seymour

Hacking the Human Body/brain: Identity Shift, the Shape of a New Self, and Humanity 2.0
Richard Thieme

DEF CON 23 Workshops Schedule is Live!

Workshops image

These are brand new - intensive, deep-dive workshops on topics like Android reverse-engineering, Honeypots and Crypto for Hackers!  They’re free, but you’ll need to register onsite. Space is obviously limited, so if one of these topics really grabs you you’re gonna want to make signing up a priority when you get to the venue. There will be overflow lists, too, in case not everyone shows up. It is Las Vegas, after all. Sometimes you lose someone for a while.

Spread the word - we’d love these workshops to have a great first year.

DEF CON 23 Speakers: Round Four is Live!

Speakers image

The DEF CON CFP Review Board is composed entirely of Champions. Only a few days after Round 3, they are ready to present you with Round 4 of DC23 accepted speakers. Look on their work, ye mighty, and despair.

When the despair wears off, you should probably starting making notes about which ones you want to see. It's looking like a pretty goodie-packed schedule.

How to secure the keyboard chain
Paul Amicelli and Baptiste David

How to hack your way out of home detention
AmmonRa

Canary: Keeping Your Dick Pics Safe(r)
Rob Bathurst (evilrob) and Jeff Thomas (xaphan)

Attacking Hypervisors Using Firmware and Hardware
Yuriy Bulygin, Mikhail Gorobets, Alexander Matrosov, Oleksandr Bazhaniuk, and Andrew Furtak

Harness: Powershell Weaponization Made Easy (or at least easier)
Rich Kelley

Inter-VM data exfiltration: The art of cache timing covert channel on x86 multi-core
Etienne Martineau

Ask the EFF: The Year in Digital Civil Liberties
Kurt Opsahl, Nate Cardozo, Mark Jaycox, Corynne McSherry, Nadia Kayyali, and Peter Eckersley

DefCon Comedy Inception: How many levels deep can we go?
Larry Pesce, Chris Sistrunk, Adam Crain, Chris Blow, Dan Tentler, Amanda Sullivan Berlin, and Katie Moussouris

Chigula - a framework for Wi-Fi Intrusion Detection and Forensics
Vivek Ramachandran

Knocking my neighbor’s kid’s cruddy drone offline
Michael Robinson and Alan Mitchell

How to Hack a Tesla Model S
Marc Rogers and Kevin Mahaffey

Drinking from LETHE: New methods of exploiting and mitigating memory corruption vulnerabilities
Daniel Selifonov

Scared Poopless – LTE and *your* laptop
Mickey Shkatov and Jesse Michael

Angry Hacking - the next generation of binary analysis
Yan Shoshitaishvili and Fish Wang

High-Def Fuzzing: Exploring Vulnerabilities in HDMI-CEC
Joshua Smith

Security Necromancy: Further Adventures in Mainframe Hacking
Philip “Soldier of Fortran” Young and Chad "Bigendian Smalls” Rikansrud

Announcing the DEF CON Call for Parties!

Call for parties image

'From Dusk 'til Con' is back with more space, more opportunities and more DEF CON-provided bartenders. If you've got an idea for a party, shindig, hullabaloo, Esperanto-based MUD, you know, whatever, you should share them with us. If your idea is one of the winners, you'll get to throw your party at DEF CON. The main requirements are a well-thought out idea and a quick e-mail trigger finger. You can find the full story on the Call for Parties page. Go there, make a plan, become a party legend.

DEF CON 23 Room Blocks Nearly Full!

Hotel infographic image

Still hoping to stay in the DEF CON hotel block at our group rate? It’s time to get a move on. Our block at LINQ has sold out, and Flamingo and Planet Hollywood are close to capacity. There’s still some rooms at our rate Caesars, but the window is closing fast, and the risk of getting stuck with an overpriced room in the uncharted wastelands of the Strip grows with every passing day. Fortune favors the bold action, friends. Book soon, or brave the outer darkness. 

Announcing the DATA DUPLICATION VILLAGE at DEF CON 23

Internet of things village image

New for DEF CON 23 is the evolution of the last years DEF CON Media server drive duplication into the data duplication village.

HOW IT WILL WORK

DEF CON will provide a core set of drive duplicators as well as content. It will be a first come, first served situation. Bring and label your 6TB SATA blank drives, and put them in the queue for the data you want and 14 hours later it is done.

WHAT TO BRING

_ 6TB SATA3 new drive(s) - If you want a full copy of everything you will need three.

_ Any data you want to contribute to be shared, in USB, HDD, or DVD format

You can both contribute data to be duplicated, as well as bring blank drives to get copies and help spread the knowledge.

Those who want to share their own collections or help with duplication are encouraged to bring their own collections and drive dupers. If your collection is smaller we are thinking of getting some USB thumb drive duplicators for smaller batches. We also will have a DVD duper tower, so bring those legacy DVDs.

Full details in the DEF CON forums

IoT Village "Call for X"

Internet of things village image

The ISE and the IoT Village announced ‘Call for X’, a call for presentations for an open-format presentation track at DEF CON 23. From the announcement:

“Call For X’ is a play on the mathematical construct of X as an unknown variable,” explains Ted Harrington, one of the lead organizers of IoT Village and the Executive Partner at ISE. “The Call for X is an open-format track for the IoT Village. We want researchers to make suggestions about innovative ways to teach workshops, tutorials, games, or anything else related to the Internet of Things. We are trying to open the platform of learning to dynamic innovation that will help deliver exciting, new and effective ways to reveal solutions for the emerging IoT security problem."

The Call for X CFP is open until June 30, and the information you need to participate is at www.IoTVillage.org . Get your ideas together and spread the word.

DC23 Link Roundup!

Here's a few things you might want to know about that are going on in the Contest/Event/Village-osphere:

Robocalls contest image

Gentle, non-automated reminder: You only have until June 15 to register for 'Robocalls: Humanity Strikes Back' and grab your share of the 50K in prizes!

Strike at the heart of the robocall menace and possibly get a fistful of greenbacks by creating a crowd-sourced honeypot. But step lively, because June 15 is right around the corner.

Biohacking Village image

In case you didn't know, DEF CON 23 is soft-launching a BioHacking Village, and there's still an open CFP for it! If you've got some knowledge or expertise in bio-hacking, this may be your moment to shine. Follow the link and submit by June 30.










Short Story Contest image

The DEF CON 23 Short Story contest entrants are in, and it's time for judging. Your input counts! You can read them all in the forum and give us your vote. As always, thanks to the DC literary community for being dope and sharing their genius with everyone.

DEF CON 101 Talks, Round One!

Speakers round 3 image

We've got more speakers to announce - this time it's for the DEF CON 101 track. As avid con-goers will know, DC101 is a series of talks geared for attendees looking for grounding in new skills and to looking to broaden their basic skillset.

Check 'em out, mark your calendars accordingly and spread the word.  The official DEF CON 101 track is running throughout the Con this year, so there will be more speakers added soon!

Game of Hacks: Play, Hack & Track
Amit Ashbel and Maty Siman

Abusing XSLT for Practical Attacks
Fernando Arnaboldi

RFIDiggity: Pentester Guide to Hacking HF/NFC and UHF RFID
Francis Brown and Shubham Shah

It's The Only Way To Be Sure: Obtaining and Detecting Domain Persistence
Grant Bugher

Ubiquity Forensics - Your iCloud and You
Sarah Edwards

Crypto for Hackers
Eijah

Extending Fuzzing Grammars to Exploit Unexplored Code Paths in Modern Web Browsers
Saif El-Sherei and Etienne Stalmans

Linux Containers: Future or Fantasy?
Aaron Grattafiori

How to Shot Web: Web and mobile hacking in 2015
Jason Haddix

LTE Recon and Tracking with RTLSDR
Ian Kline

Are We Really Safe? - Bypassing Access Control Systems
Dennis Maldonado

Hacking SQL Injection for Remote Code Execution on a LAMP stack
Nemus

Chellam – a Wi-Fi IDS/Firewall for Windows
Vivek Ramachandran

Bruce Schneier Q&A
Bruce Schneier

Applied Intelligence: Using Information That's Not There
Michael Schrenk

I Am Packer And So Can You
Mike Sconzo

NSM 101 for ICS
Chris Sistrunk

The Bieber Project: Ad Tech 101, Fake Fans and Adventures in Buying Internet Traffic
Mark Ryan Talabis

Hijacking Arbitrary .NET Application Control Flow
Topher Timzen and Ryan Allen

QARK: Android App Exploit and SCA Tool
Tony Trummer and Tushar Dalvi

Round Three of DEF CON 23 Speakers is now Live!

Speakers round 3 image

More approved presentation goodness - round 3 of DEF CON 23’s accepted speakers is now LIVE. Our team of dedicated reviewers has been hard at work finding the best talks in the mountains of entries, and you are now free to read through the abstracts and start formulating your info-hoovering plan for Vegas.

Three rounds of speaker selections down means that DEF CON really is starting to get close.There are a few more updates to come before the roster is complete, but it’s already clear it’s gonna be a heck of a Con, presentation-wise.  Remember to watch this space and we’ll update you as soon as we have new speaker selections.

Another thing to keep in mind is that there’s more going on, speaker-wise, than just the Official DEF CON tracks. The Villages have their own speakers throughout the con - you can find links to all the individual village websites at http://defcne.net/villages/22.

Malware in the Gaming Micro-economy
Zack Allen and Rusty Bower

Fun with Symboliks
atlas

Cracking Cryptocurrency Brainwallets
Ryan Castellucci

Stagefright: Scary Code in the Heart of Android
Joshua J. Drake

Unbootable: Exploiting the PayLock SmartBoot Vehicle Immobilizer
fluxist

Rocking the Pocket Book: Hacking Chemical Plant for Competition and Extortion
Marina Krotofil and Jason Larsen

F*ck the attribution, show us your .idb!
Morgan Marquis-Boire, Marion Marschalek, and Claudio Guarnieri

Hacking Smart Safes: On the "Brink" of a Robbery
Dan “AltF4” Petro and Oscar Salazar

Title TBA
Peter Shipley

Machine vs. Machine: Inside DARPA’s Fully Automated CTF
Michael Walker and Jordan Wiens

Pivoting Without Rights – Introducing Pivoter
Geoff Walton and Dave Kennedy

Stick That In Your (root)Pipe & Smoke It
Patrick Wardle

Investigating the Practicality and Cost of Abusing Memory Errors with DNS
Luke Young

DEF CON 23 CTF Quals Write-Ups!

CTF image

The last qualifying event for DEF CON 23’s CTF competition is in the rear view. For those of you who didn’t compete but want an idea of what a high-level CTF competition looks like, we offer links to some quality write-ups. The write-ups not only give you insight into the competition, but the careful reader can also learn something of the mindset that succeeds at this kind of contest. If you’re on the fence, it’s time to read up, level up and get in the arena. CTF glory awaits.

New Speaker's Corner!

Speaker image

Brand new 'Speaker's Corner' post on defcon.org - 'Hackers and Healthcare: A Call to Arms' by Christian “quaddi” Dameff, MD and Jeff “r3plicant” Tully, MD.

Quaddi and r3plicant are hackers who moonlight as physicians, and the piece makes the case that turning around the rash of healthcare industry data breaches and tech failures is going to require cooperation with the hacker community.

If you'd like some more of these hacker/doctor/futurists dropping science,  you're in luck.

from DEF CON 20 'Hacking Humanity: Human Augmentation and You'

from DEF CON 22 'Hacking 911: Adventures in Disruption, Destruction and Death'

The 2015 DEF CON CTF Qualifications are complete!

CTF image

From the upstanding citizens of the Legitimate Business Syndicate:

"Thanks for being a part of our biggest DEF CON CTF qualifiers yet. We're still very excited at how well the 4407 players, 1472 teams, and over 4000 unique IP addresses performed in our game, and have some preliminary results and other information to share with you."

The contest ended with a three-way tie between PPP, DEFKOR and 9447. As the LBS sorts through the data, they'll post everything at https://blog.legitbs.net.

For those of you who'd like to get a close-up view of the action, you can find a whole bunch of writeup goodness at https://github.com/…/…/tree/master/defcon-qualifier-ctf-2015

If you competed and have a write-up to contribute, that's a great place to put it.

Thanks to all the competitors and to the Legitimate Business Syndicate for making everything happen. Good luck to the groups moving on to the big showdown in Las Vegas, where it shall be on like the proverbial Donkey Kong.

There Are Still Speaking Opportunities at DEF CON 23!

Speaker image

The main CFP is closed, but that doesn't have to mean you can't speak at DEF CON 23.

Several of the Villages are still looking for speakers in their specific subject areas. If your idea is about Crypto/Privacy, IoT, SE or Packet Capture, quick action could still secure you a speaking opportunity before an audience that's passionate about the topic at hand.

Crypto and Privacy village - Deadline June 30

Internet of Things village - Deadline May 26

Social Engineering Village

Packet Capture Village

Let the DEF CON 23 CTF Quals Begin!!

CTF image

The time has come. The final qualification opportunity for CTF at DEF CON 23. Team size - ∞. Registration - open, and available all the way until the contest ends. Battle begins at midnight UTC, May 16 and runs until midnight UTC May 18. If you think you deserve a spot at the Vegas finals, this is your last opportunity to prove it.

For up to date info on the contest you can follow the scoreboard at 2015.legitbs.net/scoreboard or keep an eye on @legitbs_ctf and @defcon.

Prepare your team. Reach for glory. Godspeed, one and all.

Reminder: DEF CON 23 Call For Suites and Call for Demo Labs are Open!

Demo lab image

If you've got a project, a gadget or a tool that you'd love to show off to DEF CON attendees, there's still time to sign up for the DEF CON Demo Labs! You bring your wares, and we provide you with a dedicated time and location to show them off. It's a great opportunity to get your project some user testing, cultivate some collaborators or get an idea how your idea rates with the hacker demo. The information you need to sign up is here: https://www.defcon.org/html/defcon-23/dc-23-demolab.html

What would you do with a whole penthouse suite at DEF CON? Throw a party the bards will sing about until the end of days? Film a security 'Shark Tank' reality show? Roomba Thunderdome? Come up with a cool concept, event, or party that will be open to all attendees from Thursday to Sunday and if you are selected DEF CON will release to you or your group one of the suites at a cost of $500 per night - so $2,000 for the con. They usually go for $1,500 to $2,000 per night. You can read the whole announcement on the DEF CON 23 site: https://www.defcon.org/html/defcon-23/dc-23-cfsuites.html

DEF CON in the News: FOIA Edition

First ever spot the fed contest image

Our humble party game 'Spot the Fed' is getting a lot of press lately.

Which is cool.

The good folks at MuckRock filed a FOIA Request that asked for, among other things, the FBI's files on DEF CON, and at the end of April they got a response in which STF is mentioned specifically a few times.

Which is also cool, but there's a little more to the story that DEF CON fans might be interested to hear.

First: Spot the Fed for the uninitiated.
Spot the Fed is a con amusement enjoyed by hackers and Fed/Gov/LE attendees alike, and it works thusly: Con-goers notice a suspicious 'outdoor kid' lurking about, and they alert a Goon (preferably Priest). With the spotee's permission, Priest or one of his minions asks a battery of questions designed to discover their mode of employment. If MIB status is uncovered in the course of questioning, the spotter and the Fed get T-shirts. Both spotter and spotted are then free to resume their conference unmolested. So it's sort of a catch-and-release program, if you will. We pride ourselves in both our ability to spot Feds, and our ability to return them in the condition received.

Now, a little backstory.

For reference, here's a shakycam recording of a round of Spot the Fed from DEF CON 14, featuring the incisive interrogatory style of Priest.

The picture attached to this post is from DEF CON 2 and features the very first Fed ever Spotted wearing the very first 'I Am the Fed' shirt we ever gave out. Memories.

Astute readers of the FOIA docs

http://www.defcon.org/images/links/foia/FOIA-request-1321038-00.pdf
http://www.defcon.org/images/links/foia/FOIA-1321038-0-defcon12.PDF
http://www.defcon.org/images/links/foia/FOIA-1321038-0_-Defcon8.PDF
http://www.defcon.org/images/links/foia/FOIA-1321038-0_-Defcon3.PDF

will notice that there was another FOIA request for DEF CON still being processed at the time that MuckRock's request was going through. That request came from badass EFF lawyer and frequent DEF CON speaker Marcia Hofmann, and it was filed in response to a Federal Grand Jury investigation that you might recognize from the DEF CON documentary.

The docs actually help solve the nagging mystery DT's talking about in that video.

"I had always assumed the grand jury investigation was related to a National Security investigation, but now that the FBI FOIA is out we know. FEDs don't all attend because of the talks, sometimes they have real work."
-Dark Tangent

The docs are liberally redacted, but they do illustrate the varying levels of interest lavished upon our little party by one of the TLAs in attendance. The docs MuckRock released include reports from DEF CONs 3, 8 and 12.

Despite the hostility people insist on reading into the FBI comments, spotted Feds almost universally take the stage with good humor and answer our questions with patience and more candor than their job descriptions require.

If you want to get in on the FOIA action and see some FBI files of your own, we recommend watching this talk from the aforementioned Marcia Hofmann from DEF CON 18.

DEF CON 23 Paris and Bally's Room Blocks are Sold Out! Nearby Hotels at DEF CON Rate Still Available!

Hotels Infographic image

The DEF CON block at Bally’s and Paris is officially sold out. There’s still some good news for procrastinators, though - there’s still room at our con-goer rates at the nearby Flamingo, Link, Planet Hollywood and Caesars. At least, there is room right now. You’re gonna want to act briskly if you want to get the DEF CON group rate.

Here’s the reservation link:
https://aws.passkey.com/g/32601197

And here’s the direct lines to the hotels still offering the DC23 rate:
Flamingo 888-373-9855
Caesar's 866-227-5944
Linq 866-523-2781
PH 866-317-1829

DEF CON 23 CFP Closes This Sunday!

CFP Closing reminder image

A friendly reminder from DEF CON HQ:

If you're waiting until the last possible moment to submit your talk proposal for DC23, please be advised that we have arrived at that moment. Sunday May 10 is the last day we'll be accepting entries, so it's time to stock up on Code Red, take a few deep breaths and get that sucker done. We're looking forward to seeing what you've got.

The FAQ is here: https://www.defcon.org/html/links/dc-speakerscorner.html#leah-cfp-process

You've got this. Just make sure we've got it by Sunday.

New IoT Village at DEF CON 23!

Internet of Things Village image

Brand new addition to the DEF CON Villages this year - IoT Village! Lots of workshops on hacking off-the-shelf connected devices, live talks and even some contests.

There's also a CFP. If you have a good idea for a talk about the Internet of Things, you've got until May 26 to submit to them at the link below. Topics they're looking for include:

Raiding Internet of Things - Show us how secure (or insecure) IP enabled embedded systems are. Routers, network storage systems, cameras, HVAC systems, refrigerators, medical devices, smart cars, smart home technology, and TVs -- If it is IP enabled, we're interested.

IoT Device Management – Discuss best practices for deploying and building security into IoT devices.

Anything else awesome that involves IoT devices!

https://www.iotvillage.org/#cfp

New Speaker's Corner: CFP Process FAQ!

Speaker image

This is the home stretch for getting your talk submitted for DEF CON 23. The submission deadline is May 10. If you still have unanswered questions about the process of submission or selection, Leah has created a pretty exhaustive and very useful FAQ on Speaker's Corner!

The DEF CON 23 Call for Contests,
Events, & Villages is Open!

Call for Contests image

We know you have ideas. We know you’ve walked the floor at DEF CON and thought, “I know what kind of contest or event this place needs. One day I’m gonna get MY idea for Roomba Thunderdome to DEF CON and rule this place."

That one day is today (but not if your idea is Roomba Thunderdome - that’s mine). It’s time to take your great idea for a DEF CON contest or event and submit it to us. If it’s good enough, and you get it submitted by May 30, you may get to see your idea become a glittering Las Vegas reality.

The information you need to manifest your brilliance has a Forum thread. Go there and make us proud.

The DEF CON 23 Vendor Application is Open!

vendor application image

The DEF CON 23 Call for Vendors is now open, so if you have a product or merchandise you want to put in front of thousands of hackers you should check out defconvendors.com . It’s all there – all the info, the vendor area layout and even a surprisingly thorough FAQ. As always, we run out of vendor space pretty fast, so it’s a good idea to get yourself registered as soon as you can. The early bird catches the worm, and the late bird has pallets stacked with regret.

Call for Papers Reminder...


May 10 will be upon us in less than a fortnight - is your submission prepared? Tarry no longer, friends. Fortune favors the bold.

Submit to the DEF CON 23 CFP before glory slips from your grasp.

DEF CON 23 Speaker Page is Now Live!

speakers noir microphone image

Our speaker selection elves have been hard at work, sifting through the proposals for DEF CON 23, and they have a Friday present for you. The first round of Speaker Selection is done!

 

Did you feel that? That’s DEF CON 23 getting REAL, people. August 6 is closer than it sounds.

The selections are available for your inspection on the Speaker Page. More will be posted in the coming days, so check back from time to time. Also, if you have a talk you want to see on this list, you only have until May 10 to submit it to us. That is hella soon, so get on it!

DEF CON Villages Happening Now at Tribeca Film Festival!

Hardware hacking village image

Reminder: The DEF CON Villages are up and rocking at the ‪#‎tribecafilmest‬ in NYC! Four Villages (Crypto/Privacy, Hardware Hacking, Tamper Evident and Lockpicking) full of hands-on activities and clever humans spreading hackish knowledge.

The Villages are live today through Saturday, and our founder Dark Tangent will be speaking Saturday at noon. LosT, our resident mad crypto scientist and creator of the Mystery Challenge will also be making an appearance.

It's all going down at Spring Studios at 50 Varick St. You can find out more at https://tribecafilm.com/…/tribeca-film-festival-2015-def-con .

Flashback Friday: Airplane Security

screencaps of talks about airline security

In light of the story about Chris Roberts of One World Labs being pulled off a plane by the FBI after talking on air about some of the risks inherent in in-flight networking, for #defconflashbackfriday we give you two talks on the subject of security in the air.

The first is from DEF CON 22. The presenters are Dr. Philip Polstra and Captain Polly and it's entitled "Cyberhijacking Airplanes: Truth or Fiction?" 
http://youtu.be/Uy3nXXZgqmg

From way back at DEF CON 20, we also offer "Hacker + Planes = No Good Can Come of This" by Renderman.
http://youtu.be/mY2uiLfXmaI

The security research community does indispensible work in the public interest. Making that work inconvenient or impossible serves only the bad guys.

Noir Science, Part Two: Neo-Noir

While the classic Film Noir period happened in the 40s and 50s, the style and preoccupations of Noir are alive and well. Sometimes referred to as Neo-Noir - here’s five notable takes on the genre that will get you up to speed:

Blade Runner: The undisputed champion of sci-fi flavored Film Noir. Hard-boiled private investigator, rain-slicked streets drowning in neon and depravity, a secret so dark we keep it from ourselves. Add to this the insanely detailed and haunting visual design - still maybe the most beautiful dystopia ever committed to celluloid - and you have a permanent chart-topper.





Blood Simple: The Coen Brothers' debut film about small-town jealousy and betrayal is both a love letter to Noir and a darkly comic blast of adrenaline that still stands up over 30 years later. The plot is an ever-tightening noose of bad faith and personal corruption.






The Killer: John Woo. Chow Yun-fat. Doves, the Hong Kong skyline and So.Many. Bullets. A grimly beautiful tale of underworld honor and devotion with operatically insane actions sequences that are still being copied around the world.






Brick: Underappreciated high-school noir starring Joseph Gordon-Levitt as the dogged investigator determined to find the truth, damn the consequences. The setting and the distinctive slang make it unique, the performances make it a first-ballot hall-of-famer.






The Yellow Sea: 2010 film by South Korea’s Na Hong-jin about an ethnic Korean (Joseonjok) taxi driver in Yanji, China. His twin obsessions with gambling and his estranged wife lead him into a murder plot that’s way out of his depth. You might watch some of this through your fingers, but it’s compelling cinema and steeped in Noir style.

 

Honorable mentions: To Live and Die in L.A, Shallow Grave, Oldboy, The Last Seduction.

Story on DEF CON Appearance at Tribeca Film Festival

call for workshops image

Reminder to everyone in the vicinity of NYC, a sampling of DEF CON is making an appearance at the Tribeca Film Festival! Four Villages (Hardware, Crypto, Tamper-Evident and Lockpicking), and three Panels covering the way hacking gets portrayed on the silver screen. The festivities start Thursday, April 23, topped off with a talk by Dark Tangent at noon on Saturday, April 25.

The filmmakers at TFF have a voice in how hackers are seen by the world. Come by and make sure that we do,too.

https://tribecafilm.com/stories/tribeca-film-festival-2015-def-con

Announcing the DEF CON Demo Lab

call for workshops image

Announcing yet another cool way you can participate in DEF CON: the DEF CON Demo Lab!

New for DEF CON 23 we are adding an place for you to show off your tools, projects, and tech to attendees - much like a poster board session but with computers.

The DEF CON Demo Lab is a dedicated area for hackers to show off what they have been working on, to answer questions, and even convert attendees into trying of giving feedback on their projects.

Presenters will be given a dedicated time and location to present a tool or project of their creation; show what it does, how it works, and why we need it in our arsenal.

Got something you’re itching to share? Get involved!

Full details at: https://www.defcon.org/html/defcon-23/dc-23-demolab.html

DEF CON 23 Call for Workshops!

call for workshops image

On the 3rd floor of Ballys South tower, The Jubilee Tower, lay seven rooms [1], each one 1,400 sq feet. That's enough space for about 55 people in classroom format. What to do with all that space away from the main action of the convention? I've wanted to try workshops and trainings for years but we have never had the room once we filled up the Rio. Now we finally have some space at the new hotels so I am calling on the community to tell us what we should do with the rooms.

Check out the Call for Workshops for full details!

DEF CON Villages make an appearance at the Tribeca Film Festival!

tribeca film festival image

For the first time ever, DEF CON is teaming up with the Tribeca Film Festival to bring a few of its famous Villages to New York. The Villages – interactive spaces stocked with gear, projects and brilliant humans – immerse the visitor in particular nodes of hacker culture. Hands-on activities, eye-opening presentations and open-ended experimentation combine to bring out the hacker in everyone.

Join us April 23 - April 25th, 2015 in Studio X of Spring Studios and you will:

• Learn to pick a lock in the Lock Picking Village.

• Make your devices and identity more secure by seeing how the bad guys operate in the Privacy/Crypto Village.

• Study the noble art of voiding all your warranties in the Hardware Hacking Village.

• Get schooled in the hacker's most important skill in the Social Engineering Village.

• Discover what it takes to open that weird security envelope without leaving a trace in the Tamper-Evident Village.

https://tribecafilm.com/festival/springstudios

New DEF CON 23 Call for Suites!

Call for Suites image

On the top floor of Ballys are four penthouse suites, and we are calling for people or groups who are interested in renting them and throwing something cool for the hacking community. Here is the deal:

Come up with a cool concept, event, or party that will be open to all attendees from Thursday to Sunday and if you are selected DEF CON will release to you or your group one of the suites at a cost of $500 per night - so $2,000 for the con. They usually go for $1,500 to $2,000 per night. You can read the whole announcement at:

https://www.defcon.org/html/defcon-23/dc-23-cfsuites.html

The DEF CON 23 Call for Music is Open!

DJ turntables image

We’re looking for performers. If you’ve got a band, or some righteous DJ skills, or you are crazy good at Tuvan throat singing, we want to hear from you. DEF CON is a big event, and our rocking requirements are substantial. Even if you just want to spin some chilly beats for con-goers on a caffeine comedown - we want your application.

If you have the goods to rock the people, fill out this form. Get in the ring. Win DEF CON.

DEF CON 23 Call for Music

Today’s list: 5 Must-See Classics of Golden Age Film Noir

To get you in the mood for DEF CON’s Noir theme, we offer some Film Noir knowledge and recommendations.

Noir is a slippery category, but it’s generally taken to mean films with a cynical worldview, moody, stylized cinematography and stories that turn on darker human impulses: lust, greed, vengeance.  They are stories of the desperate and the doomed, the outsiders who will never really belong to polite society.

 

The golden age of film noir is the 1940s and 50s, but the genre left its mark all over popular culture and great noir (or neo-noir, if you’re not into the whole brevity thing) is still being made today.

Double Indemnity: Arguably the film that kicked off the genre. All the elements are present. The lighting is dramatic, the dialog is sharp and the plot turns on murder for easy money. Directed by the great Billy Wilder and written by detective fiction immortal Raymond Chandler. Double Indemnity is the heavyweight champ of golden age noir, with 7 Oscar Nominations.

Kiss Me Deadly: Adapted from the Mickey Spillane novel of the same name. Starts with a disreputable private eye picking up a terrified hitchhiker escaping from a mental hospital wearing only a trench coat, and then things get weird. A Cold War parable with a breakneck plot, a mysterious box and as pitch-black an opinion of the human condition as you could put on screen in 1955.

Out Of The Past: To create the mood of a good noir, you need actors with moodsetting skills - lurking, looming, smoking with intent. No one has ever been better at doing those things than Robert Mitchum. Pay close attention to his looming work in this film. 10/10 would cross the street to avoid. Bonus: You can check out Mitchum being extra foreboding in 'Night of the Hunter'.

D.O.A: Some of the plot tricks in this movie might seem familiar, but only because directors borrow from it all the time. D.O.A. was pretty avant-garde in its time.

Our protagonist is dying - soon. He uses the remainder of his rapidly expiring time to find out who murdered him and see justice done. Lots of newer movies use the forced clock, the backwards storytelling, the inside-out murder mystery but very few of them do it any better.

Touch of Evil: The opening shot - a long, unbroken meander through the scene of our intrigue - is a clinic on mood-setting. Questionable makeup choices aside, this is the platonic ideal of what a dark melodrama should look like.

 

Honorable mentions: The Killers. The Asphalt Jungle. The Big Sleep.

DEF CON 23 Website is Now Live!

Screen capture of DC23 website

You can tell it’s springtime in the Northern Hemisphere. The flowers begin to bud, the non-crow birds start to sing outside your window, and the new DEF CON website is launched. 

The new website announces the theme of DC23 (The 23 Enigma: A Hacker Noir, for anyone just joining the party). As DEF CON 23 assumes its final form in the coming months, you’ll want to keep checking back. Bookmark that mug. Set it as your home screen. We’ll be filling the site in with speakers, events, contests, schedules and everything you need to make the most of your DEF CON experience. 

August will be upon us faster than you’d think. Get excited, people.

And srsly, bookmark the DC23 site

Friends of Bill W Meetings at DEF CON 23!

Poker chips with AA token image

Sin City is a lot to take in. Friends of Bill W. joining us for DEF CON 23 are invited to take a break from the Vegas of it all with meetings at noon and five p.m., Thursday, August 6 through Sunday, August 9. Your hosts will be Jeff Mc and Edward B. The location has yet to be determined, so keep an eye on this space and we’ll update as new information becomes available.

You can mail us any specific questions at info at defcon dot org and we’ll get what answers we can for you.

Go sign up for Capture the Flag at DEF CON 23!

Capture the Flag DEF CON 23 image

CTF Season is in full swing - the final qualifying event is May 16-18. For those with the skills, the drive and the energy drink tolerance, glory awaits.

Screw your courage to the sticking place, step into the light and embrace destiny. Let the battle be joined!

Also, register on the Legitimate Business Syndicate website. Then, embrace destiny.

https://2015.legitbs.net/

The DEF CON Lawyer Meetup is back for 2015!

wall of sheep image

If you’re a lawyer (recently unfrozen or otherwise), a judge or a law student please make a note to join your host Jeff McNamara at 6pm on Friday, August 7th for a friendly get-together, followed by dinner/drinks and conversation. The location of the meet is still to be determined, but we’ll post as soon as the details are settled. If you’d like to help out with the event or have questions, contact jeff at jcmclaw dot com.

The Wall of Sheep is Calling, They Want Your Papers!

wall of sheep image

The WoS Packet Village returns for DEF CON 23 and they're looking for speakers. If you can cobble together a riveting 1-hour presentation on topics like network sniffing tools, or incident response, or Python programming for security practitioners, you can get selected to speak in the wildly popular Packet Village. Whether you're looking to dip your toe into speaking at security cons or you're a seasoned pro with an idea that fits perfectly into the Sheep demo, you owe it to yourself to check out this opportunity.

The full details are available at their site.

http://www.wallofsheep.com/pages/call-for-presentations-at-def-con-23

policy pages image

DEF CON CFP Privacy Policy, Now Live!

As you know, the DEF CON 23 Call for Papers is open. If you've ever been curious about how your sensitive research information is treated once we get it, who gets to see it, whether we put coffee mugs down on it - the CFP Privacy Policy we've added to the Policy Page has your answers.

black badge image

New! Black Badge Hall of Fame!

The Black Badge is highest honor DEF CON can bestow. You have to do something awesome to win one, and if you manage that you get in to DEF CON free for the duration of your natural life. It is, in a word, ballerific. It also maxes out your charisma when worn with an ironic t-shirt.

We’re compiling a history of the winners, and we’ve put up a Black Badge Hall of Fame page to get that process started.

 

The thing is, we weren’t always so good at keeping records. Because we are a giant Vegas hacker party. It’s pretty likely we’ve left off some deserving names or missed an event or two that were eligible for a Black Badge. If you know something that got overlooked, or think we got something mixed up, please let us know. Drop us a line at info@defcon.org and we’ll look into it and fix what needs fixin’. 

policy image

Link Roundup: DEF CON 23

More stuff returning for DEF CON 23!

SoHopelessly Broken - Last year's popular Small and Home Office Router hacking contest is back, with a twist!

Hair farmers, rejoice! The DEF CON beard and moustache contest is back as well. Your commitment to medieval grooming habits could finally pay off.

And from the DEF CON Forums:

The 'Be The Match Registry Drive' is going to be back for DEF CON 23. This gives you another chance to be a straight-up superhero by getting yourself on the list of potential marrow donors.

You need to be between the ages of 18 and 60, meet the health guidelines and be willing to donate to ANY patient in need. At the recruitment drive, you will fill out a consent form with contact information and a short medical evaluation. You will receive more information about what it means to be a donor and then you will swab the inside of your cheeks. Your tissue type will be listed in the Be The Match Registry until your 61st Birthday. If you are a match for someone in need, then you will be contacted for donation.

More info here:
http://bethematch.org/about-us/how-we-help-patients/be-the-match-registry/

policy image

New DEF CON Code of Conduct is Live!

DEF CON’s official Code of Conduct is now live on the Policy Page. If you’re planning to attend DEF CON, please take a minute to look it over. The rules haven’t changed, but now they’re in a handy written form for easy reference in moments of quiet reflection or in your hectic, on-the-go lifestyle.

You’ll be expected to hold yourself to the terms of the CoC at DEF CON, but you can take them with you anywhere. Feel free to practice the precepts contained in the DEF CON CoC in the non-DC situations of your choice, including but not limited to board meetings and LARP events.

We appreciate you taking the time to familiarize yourselves with the code, and we leave you with a quote that we believe gets at the heart of what we’re trying to create here, from the collected wisdom of Theodore Logan and Bill S. Preston, Esquire.

‘Be excellent to each other.’

Link Roundup image

Link Roundup: DEF CON 23

Lots of news today:

The Thursday track DC101 is back for DEF CON 23 and they have an open CFP! If you’ve got a good talk in you that can help people optimize their con experience or expand their general knowledge base, this might be a great opportunity to get your feet wet as a DEF CON speaker. You can find out what they’re looking for and apply on the dc101 page.

For those of you of a literary disposition, you should know that the DEF CON Short Story contest is open and accepting entries. The theme is “The 23 Enigma: A Hacker Noir”. You know, sleepless streets with a million blind alleys and rules that won’t stay put. Pleasures that can only be bought with pain. The pulsing digital cords that bind us together but keep us from getting too close. The spreading darkness the hackers see first, before the grazing genpop has any idea what’s coming.

And if you’re looking for puzzle challenges to hold you over until con, the good folks at Queercon have one or you at this link. Give it a shot and keep your puzzle muscle strong. DEF CON 23 will be here before you know it.

FTC Contest, Robocalls: Humanity Stikes Back image

New FTC Contest, Robocalls: Humanity Strikes Back

Rachel from cardholder services is back and there's a price on her head.

Fresh off the popular 'Zapping Rachel' contest at DC22, the FTC is returning to DEF CON this summer with a brand new contest and a big wad of prize money. Called 'Robocalls: Humanity Strikes Back', it challenges you to create a tool that allows mobile and land-line users to identify and block robocalls or deflect them to a honeypot for great justice.

The qualifiying round is open now and closes June 15. Qualifiers compete at DEF CON 23 for cash prizes, including $25,000 for the winner. You can find all the rules and regs on the contest website.

http://www.ftc.gov/news-events/contests/robocalls-humanity-strikes-back

contest image

Contests, Events, & Villages, Oh My!

We're a little past the halfway point between cons, but DEF CON 23 is already taking shape nicely! Cool stuff with intention to return for DC 23 includes:

Contests:
Black Bag
Crash and Compile
Capture the Flag
DEF CON Bots
Darknet Project
Scavenger Hunt
Short Story Contest
Schemaverse

Events:
SkyTalks
DEAF CON
DEF CON Shoot
Ham Radio Exam

Villages: Crypto/Privacy Village
Hardware Hacking Village
Lockpick Village
Packet Hacking Village
Tamper-Evident Village
Wireless Village
Social Engineering Village

And there's lots more to come.

In the coming days, we'll be highlighting different individual contests, events and villages in this space, so keep an eye out. If your favorite thing isn't yet on the confirmed list, you can keep tabs in the Contests & Section of the DEF CON forums. It's never too early to start planning how you're gonna get involved this year.

Policy image

New Policy Page!

Today we’re launching a brand new policy page at defcon.org, and we’d love for you to take a look at it, and only partly because of the emotional validation it will provide for our lawyers. There’s also a lot of useful information on the page for everyone who plans to visit our conference or our website. As of today, there are three documents up there:

Privacy Policy
We make a real effort to protect whatever pieces of your identity pass into our hands, and we want you to have an understanding of what we can and can’t do to keep that data secure.

   

Transparency Report
It’s reasonable to wonder if sites you visit frequently have been served with a court order demanding logs and information. The transparency report is how you’ll know if it happens to DEF CON.

Black Badge Policy
Wonder if that Black Badge on eBay will render you ‘uber’ at the next DEF CON? There are rules, and we wrote them down for you.

As other policies are finalized, we’ll update the policy page. If you need another reason to check it out, consider this: every time someone reads a privacy policy all the way through, a lawyer gets their wings. Or a lawyer does 1d4 of smoke damage. It’s one of those.

Housekeeping image

Server Security Upgrades - DT's Blog

After moving all of the DEF CON hardware (because the building was scheduled to be demolished – go figure), we started a pretty rigorous set of security upgrades.

HPKP support on the webservers? Check. DNSSEC support all around? Check.

In an effort to keep you informed about what we're up to, security-wise and to maybe inspire everyone to get up to date, DT has started a blog on the DEF CON forums about the upgrade process.

Check it out, and feel free to leave a comment!

dcg 719 video screen cap

DCG 719 Presents: 3D Printing

DEF CON doesn’t just happen once a year in Las Vegas. It’s happening all around you, all the time. There are hundreds of DEF CON Groups all over the world that have regular meetings, put on talks and collaborate on projects of all kinds. You can be part of the one in your area, and if there isn’t one you can start one - it’s free and the information is available at https://www.defcon.org/https://defcongroups.org.

This week we’re sharing a talk on 3D printing given at DC719, the DEF CON Group for the Colorado Springs area. Dana G. Neilson presents on the history and uses of 3D printing and shows how they made a pretty cool DEF CON ring as a handy example. More importantly he shows that what ever sector you work in or what ever you want to make, if you can visualize it, draw it and either CAD (Computer Aided Drafting) it or have someone else CAD it, then your ideas can become physical object. There are endless possibilities with this growing technology, become part of its growth and then share what you know.

If you’re in the Colorado Springs area and want to learn more about DC719, they’re online at dc719.net. Introduce yourself.

If you’re part of a DC Group that has something they want shared by DEF CON, drop us a line at sleestak [at] def con dot org.

speaker

New Speaker's Corner!

Sharing is our jam. We make an effort to get our product to everyone who can learn from it via all kinds of channels: YouTube, BitTorrent, direct download and even eMule. But security is also our jam. (We have multiple jams - deal with it.) So we’re putting a lot of thought into ways to make all that sharing more secure.

This post from the Dark Tangent is the first of several addressing the topic of more secure sharing, and it deals with BitTorrent.

DEF CON 23 CFP Graphic

The DEF CON 23 Call for Papers,
and Social Engineering CFP are NOW OPEN!

It’s getting real, people. The DEF CON 23 Call for Papers is now officially open! If you’ve got some good stuff to share, it’s time to start getting your pitch together. You’ve got until May 10th to submit, but don’t get too comfortable. May will be upon us faster than you probably think.

To learn the requirements for a DEF CON talk, take a look at the CFP form and get an idea of the suggested topics, we’ve put together a handy guide at https://www.defcon.org/html/defcon-23/dc-23-cfp.html. Get yourself up to speed, get your forms filled out and get your proposal in front of our selection committee. This is going to be our biggest DEF CON yet, and there’s a lot of opportunities for speakers, both experienced and brand new. We’re hoping one of them is you.

As if that wasn’t enough CFP excitement, we’re also happy to announce that the Social Engineering Village CFP opens today! The requirements and submission form are online at http://www.social-engineer.org/sevillage-call-papers/. The SE Village is very popular and it’s going to be even bigger and more ambitious this year.

SE Village also has a bad-ass Capture the Flag contest happening. Check out the Rules and Registration page (http://www.social-engineer.org/ctf/def-con-23-sectf-rules-registration/). If you want to play, read the whole thing. For real. They’re very clear on this point.

Call for feedback image

Resource Updates and a Call for Feedback.

We've added some links to the DEF CON website resource section: Some movies to watch, social media accounts to follow, hacker culture sites and technical books to get you on your way - today we're asking for music recommendations.

What do you listen to when you're sitting in the dark, making faces at your monitor? We want to compile a playlist of tunes to code/learn/fall into an internet rabbit hole by.

Strong enough to keep you typing into the darkness, subtle enough to stay out of your way when the big thinking happens — Send your suggestions to sleestak at defcon dot org!

Paul Renda at DEF CON 17

New Speaker's Corner!

The long-silent creature begins to stir! We have a new post in the Speaker’s Corner of the DEF CON website. It’s from DEF CON alum Paul Renda and it concerns future presentation ideas that involve Robots, AI and Tesla coils. Straight out of the DEF CON dream journal. You can read it here: https://www.defcon.org/html/links/dc-speakerscorner.html#renda-emp

If you’re a past DEF CON speaker who has something to share with the DEF CON community, please get in touch (@defcon , Facebook.com/defcon). We’re interested in what you’re thinking about and we’d love to help get the word out.

forums past and future image

More Upgrade News!

We're rolling out a major upgrade to the forums next week. New coat of paint, improved functionality, general up-leveling across the board. But wait - there's more! As soon as we've sorted out the new setup, we'll be releasing a mobile app version for Android and iOS. Stay tuned!

DEF CON Youtube image

DEF CON 22, now on YouTube!

Good News, Everyone! The DEF CON YouTube channel now contains the full slate of presentations from DEF CON 22!

Delivered on Thursday to help you get a jump start on your knowledge-binge weekend, we’ve got over 100 presentations ready to jump across your face-brain barrier. Don’t know where to start? We’ve included a handy playlist option so you can hit play once and not come up for air for a few days. For those who wish to watch in furtive silence so as not to arouse the pointy-headed boss, there are captions.

You might want to consider taking a personal day.

Please enjoy and spread the word. Share the videos with people you think can learn from them. Pass it on.

Housekeeping image

Server Move Completed!

Thanks for bearing with us during the last week or so, as defcon.org was migrated to a new location! We are currently getting the Forums and Media servers buttoned up, and moving on toward DEF CON 23. Look for the Call for Papers to open in the next week or two!

Housekeeping image

Server Move Approaching

We’re moving to a new office in a few days, so please excuse any availability issues for the near future. We’re going to do our best to keep the site and the forums running smoothly through the whole transfer, but if you notice hiccups please know that we’ll be back to normal very soon.

In the meantime, if you need up-to-the minute news about what’s going on in the world of DEF CON, please visit us at Facebook.com/defcon, @defcon on Twitter or our Google Plus page.

New year image

Happy New Year from DEF CON!

DEF CON had a pretty great year, thanks to all of you. It takes a huge effort from so many people to create the kind of magical hacker summer camp that DEF CON has become, and we want to thank all of you for the parts you play:

   • The geniuses who create the talks and the geniuses who review and select them.

   • The mad zealots who dream up and carry out the contests and events.

   • The dedicated army of goons who descend upon a nondescript Vegas hotel every summer and turn it into a hacker utopia by sheer brute force and guile.

   • The attendees whose love, devotion and enthusiasm keeps this whole enterprise aloft.

DC22 had our biggest attendance ever. So big that some of the villages are probably bigger than the first several DEF CONs. So big, in fact, that DEF CON 23 will be in two hotels. Imagine that!

We will be occupying both Bally’s and Paris for DEF CON 23. More space, bigger villages, shorter lines. Like always, we’re counting on DC’s volunteers and the community at large to fill all that new space with ideas and ingenuity. It’s the greatest thing about running this type of conference - no matter what new ideas we throw out there, the community never fails to push it further than we imagined.

Thanks to everyone who made 2014 so great, and let’s get amped for an epic 2015.

Housekeeping image

Social Media Cleanup

As part of our social media housekeeping for the new year, we're leaving LinkedIn. As much as we like the service, we couldn't help but feel that we weren't using it to its potential, and that we were doing more to harvest spam than to communicate with all of you.

If you're one of the people who connected with DEF CON on LinkedIn, you should know that we won't do anything hasty. We'll leave everything where it is through January 2015, to give everyone time to collect whatever they need from our LinkedIn presence.

More importantly, we hope that you'll check out our other social media options. We have an active presence on G+, Facebook and Twitter and we're going to spend more time hanging out in r/defcon in the days ahead as well.

We have big plans for DEF CON 23, and we want your input.

Live Music at DEF CON 22

DEF CON 22 Live Music!

The season of DEF CON 22 Torrents continues! This time it’s a torrent of some of the great live music from this year’s con. Not available in any stores, this compilation includes live performances from:

DJ Spooky
Alba T Ross
djdead
Ctrl
YT Cracker
MC Frontalot
VJ Q Alba
Jackalope
Floor Kode
Elite Force
Zebbler Encanti Experience
Kriz Klink

That’s hours and hours of pure hotness, and it can all be yours for the low, low price of FREE. Act now, seeders are standing by. Offer good while supplies last. Side effects may include loose booty, headphoneitis and increased bounce rate. Ask your doctor if the DEF CON 22 Live Music torrent is for you.

https://www.defcon.org/html/torrent/DEF CON 22 live music.torrent

CTF Monument graphic

Capture the Flag qualifying events announced!

Begun, the DC23 CTF has!

Legitimate Business Syndicate, the shadowy organization that provides the hustle and the muscle behind the DEF CON CTF tournament, has announced its list of qualifying contests for the 2015 showdown in Las Vegas.

If you have the team, the drive and the raw skills, it's time to start making plans. To pluck the flower of eternal glory from the Nevada desert, you must first prove yourself in the crucible of a qualifier.

Assemble. Register. Qualify. Prevail. The road to victory is now open.

https://blog.legitbs.net/2014/12/announcing-def-con-ctf-qualifying.html

DEF CON video archive image

More Video torrents from DEF CON 22!

We've got two more versions of the DC22 talks available for your torrenting pleasure. We've got slide only video, with the audio and slides uninterrupted by speaker face. We've also got talking head video, which is audio and speaker face uninterrupted by slides.

If either one of those is your preferred flavor, then your moment has arrived. As always, we ask only that you enjoy them and seed them so others can enjoy them as well.

It's us against the derp, people. Let's spread the knowledge.

DEF CON Call for Feedback image

DEF CON 22 Audio Torrent is Live!

Waiting for the DEF CON 22 audio-only torrent? Wait no more! Every talk in one juicy torrent. Slurp them, seed them and load them into the noise-producing device of your choice. Feel the commute flying by - embiggening your brain painlessly as you go!

Enjoy, and share the love.

DEF CON 22 audio torrent

DEF CON Call for Feedback image

Call for Feedback and Resources Updates!

What's your favorite recent (2000 and later) tech/hacker/geek fiction?

The update of the DEF CON resources section continues. This time we're looking for your favorites in the area of fiction. What tales of geekery and hackerdom have captured your attention in recent years? In our hemisphere, the onset of winter brings with it a craving for meaty tomes to sustain us in our long hibernation. Share your favorites with us! Send suggestions to sleestak [at] defcon ]dot[ org!

We've updated the site's 'Resources/Book List' and 'Resources/Links We Like' with some of your suggestions, but if you have something to add to those lists, we're always listening.

DEF CON torrent image

DEF CON 22 Video and Slides Torrent!

Time to fire up your netslurpers - the DEF CON 22 video and slides are available for your datasuction. All the speakers, all the slides, in convenient Torrent form. Please enjoy them, share them, and seed if you are able. There's a lot of good stuff in there - you might want to block off a couple of days if you're a binge watcher.

Prefer a lighter download? Audio-only torrent should be live tomorrow. By the end of the week we'll have the slide-only and talking-head only versions too, if that's your thing.

The Wait is Over. Download 'em, seed 'em and spread the word.

Happy Thanksgiving image

Happy Thanksgiving!

As you dig into the turkey, and enjoy the company of friends and family, we at DEF CON want you to know we’re thankful for you, the hacker community. You put so much into our conference, and make it something special! Happy Thanksgiving everyone!

DEF CON 23 Theme image

DEF CON 23 Theme Announcement!

We’re announcing the theme for DEF CON 23 early. Like, hella early. Right now early.

The theme will be ‘The 23 Enigma - a Hacker Noir’.  Fedoras and rain-slicked streets. Smoky back rooms and numbers that show up too often for coincidence.  While the good people of Everytown dream away the dark hours, the data wars rage without ceasing. Sleepless vigilantes fight for the users, though the users may never know. No matter. A bottle of the good stuff, a fast connection and the room to do a righteous night’s work, that’s enough. It’s gotta be. It’s all that’s left.

Hackers, start your imaginations.

The Dark Tangent’s announcement is here: https://forum.defcon.org/showthread.php?t=14096

Link roundup image

Upcoming DEF CON Groups Meetings!

If you haven't gotten yourself involved in a DEF CON group, there's no time like the present to make some new friends, contribute to some cool projects, and generally help make the world a more hacker-friendly place. You can find information about DCGroups on the defcon forum, and in the groups section on defcon.org. Can't find one nearby? Start one!

Here's a short list of some of the US DCGroups meetings going on in the next few days:

Wednesday, November 12

DC214 (Dallas/Fort Worth) 7pm at Lakewood's First and 10 - contact (dc214.org)

Thursday, November 13

DC412 (Pittsburgh) 7pm at SEI Building, Oakland PA (rsvp at http://www.meetup.com/Steel-City-InfoSec/events/)
DC612 (Minneapolis) 6pm at Elsies Bar and Bowling Alley - event page (dc612.org)

Friday, November 14

DC719 (Colorado Springs) 7pm CTU Room 112 (dc719.net)
DC801 (Salt Lake City) 5pm at 801 Labs (dc801.org)

DCG POCs - got something going on you don't see here? let us know!

Link roundup image

Link Roundup: Onymous Edition

Last week 'Operation Onymous' - a Law Enforcement sweep of Tor hidden services websites - netted about 400 takedowns and 17 arrests.

The Tor blog has a post summarizing what happened, offering suggestions and soliciting feedback. The operator of seized hidden service site Doxbin has released his logs in hopes of helping find how the network was compromised.

For anyone looking for a discussion of the Tor network, what it can and cannot do and what users must do to maximize its effectiveness, we offer a talk from the Tor Project's Runa Sandvik from DEF CON 21.

http://youtu.be/qWr5D2RoXoo

https://blog.torproject.org/blog/thoughts-and-concerns-about-operation-onymous

http://gizmodo.com/here-are-all-the-dark-net-markets-seized-in-operation-o-1656541553

http://en.wikipedia.org/wiki/Operation_Onymous

http://www.wired.com/2014/11/operation-onymous-dark-web-arrests/

http://www.theregister.co.uk/2014/11/09/torpedod_dev_dumps_doxbin_files_after_police_raids/

Link roundup image

Link Roundup: Assault on Mobile Privacy

We've mentioned it before, but the news about government spying sort of drowns it out: the commercial entities tracking your digital footprints are just as determined to capture all of your data and use it against you.

This week's big corporate data collection story was about Verizon and the 'unkillable' 'perma-cookies' they've been injecting into their customer's web traffic. It's certainly more the rule than an isolated example of service providers getting all up in your KoolAid, but it's generated interest because Verizon is huge and they are going out of their way to circumvent privacy measures built into your mobile devices.

This link roundup is about the Verizon story, but it's also a general reminder of the hard work that many, many digital middlemen put into unraveling your privacy sweater for power and profit. It's also a reminder that we have to be loud about these intrusions if we want them to stop. Companies like Verizon are not going to voluntarily give up all that sweet data unless they know they're going to lose subscribers.

We close the roundup with a link to a turbo talk from DC 19 about one man's work toward unveiling the methods of some major corporate browser history snoops.

http://bits.blogs.nytimes.com//2014/11/04/verizon-wireless-under-fire-for-ad-targeting-program/

http://www.pcworld.com/article/2841793/twitters-mopub-ad-exchange-grabs-verizon-tracking-cookies-and-more-may-follow.html

http://www.slate.com/blogs/future_tense/2014/10/29/verizon_perma_cookie_mobile_carriers_are_officially_out_of_control.html

http://www.forbes.com/sites/kashmirhill/2014/10/28/find-out-whether-this-privacy-killing-super-cookie-is-on-your-phone/

http://www.tomsguide.com/us/att-tracks-mobile-users,news-19848.html

http://youtu.be/BAdtXkus-Xc

call for feedback image

Feedback Requested

We're updating the DEF CON website's resource recommendations, and we'd love some suggestions from you. We're starting with computer reference books. We want to know which ones you find yourself going back to, which ones changed the way you think. What computer reference book has been indispensable to you? Send your suggestions to sleestak at defcon dot org!

We'll be asking for lots of other types of recommendations in the coming weeks.

speaker

Speaker's Corner!

We present to you, today’s featured DEF CON Speaker! The greatest ever! Ermahgerd look at it amplifry! What a work horse! Never tires! All it’s bass…

Don’t like this? Do something about it.

If you’re a DEF CON Speaker (past or present) and would like to write a post to become featured here, on the Speakers Corner section of defcon.org, please send an email to Talks (at ) defcon (dot) org with your story. Drop us a line, let us know what you’re working on or what you’d like to share. DEF CON Groups members and speakers that also includes you! What’s your group been up to these days? Topics can vary from discussions on latest buzzword, walkthroughs, attack & defense, bio hacking, tips for improving certain skills, opinions on the state of affairs, etc. The possibilities are endless, and we are looking for content that fits in the spirit of http://en.wikipedia.org/wiki/Speakers'_Corner

Golden Key

Link Roundup: Crypto Wars Reloaded

In September, Apple and Google both announced that they were going to ship their new devices with encryption turned on by default.  

This has caused some concern in the Law Enforcement community. James Comey, current Director of the FBI, went on 60 Minutes to urge manufacturers to reconsider. He believes that if the good guys don't have a 'golden key' to everyone's mobile device, the bad guys can 'go dark' and gain an advantage will lead to terror, child abduction and ‘threatens to take us all to a very, very dark place’.

There are a lot of problems with this logic. For example:

Evildoers always have the option of ‘going dark’, regardless of how much privacy we give up.

The 'golden key' isn't the only way for LE to get the data they want.

 

Most importantly, it's not possible to create a back door that can be entered only by the pure of heart. If the righteous can squeeze in today, the sketchy will, inevitably, squeeze in tomorrow. Later today, most likely.

 

Threatpost:
https://threatpost.com/edward-snowden-and-the-death-of-nuance/103902

Schneier on Security:
https://www.schneier.com/blog/archives/2014/10/iphone_encrypti_1.html

NYT:
http://www.nytimes.com/2014/10/17/us/politics/fbi-director-in-policy-speech-calls-dark-devices-hindrance-to-crime-solving.html?_r=0

Gizmodo:
http://gizmodo.com/why-the-fbi-director-is-wrong-about-encryption-1648334901

Just Security:
http://justsecurity.org/16503/security-front-doors-vs-back-doors-distinction-difference/

Material Archive artwork

DEF CON 22 Materials Archive RSS is Live

Greetings, DEF CON community. Today, we bring you another update to our growing online archive for DEF CON 22 - all the links to the presentation materials, wrapped in a pretty little RSS bow for your convenience. All the presentation slides, links to all the tools and extras, all by grabbing the link below. Perfect for every occasion, and excellent as a holiday gift for the hard-to-buy-for geeks in your life. Because we love you. Watch this space for more DC22 video soon.

DEF CON 22 Materials RSS

Photo of DEF CON 22 badges

DEF CON 22 Badge News

Sure, you love your DC22 badge. You love its sleek design and its powerful S guts. You swoon for its enigmatic symbols and breathtaking adaptability. But deep down, you worry that you could love it a little more if there was badge code available in C.

Worry no more. Instead, rejoice! Head over to the Parallax Forums and get to hacking that badge, C-style. If you do something awesome, let us know.

Screen Cap of Hacker Jeopardy video

Hacker Jeopardy Night One at DEF CON 22!

For your enjoyment, we offer you Night One of our long-running hacker trivia gameshow 'Hacker Jeopardy'. Match wits with our champions by playing along at home (beers optional). If you play along at work, remember the headphones. Salty language and lots of shouting.

As always, enjoy and share. The exciting conclusion later this week.

DEF CON 22 hotel rate infographic

DEF CON 23 Hotel Block Link is Now Live!

The DEF CON rate is available at the following hotels: Paris, Bally's, Ceasars Palace, Planet Hollywood, Flamingo and Quad.

To get in on this rate, you'll need to use this link.

https://resweb.passkey.com/go/SBDEF5

Do not worry if the form doesn't immediately show the discounted rate. To verify that you're getting our price you can mouse over the dates you've selected or begin the checkout process.

If you prefer to use the telephone for this kind of thing, here's the list of participating hotels and the relevant Group Codes:

Ballys
800-358-8777
SBDEF5

Paris
877-603-4389
SPDEF5

Caesars
866-227-5944
SCDEF5

Planet Hollywood
866-317-1829
SMDEF5

Flamingo
888-373-9855
SFDCC5

Quad/Linq
866-523-2781
SQDEF5

We are excited about all the new space, and we hope you'll be able to join us.

Torrent logo

More Torrents for You!

Another couple of torrents for your edification and delectation.

First, the X-Hour Film Contest:

This was a first year contest that asked entrants to script, shoot, edit and submit a short film in 48 hours, in the middle of DEF CON. Seven teams entered, four teams submitted a final film and the winner was announced by celeb guest judge Brian Knappenberger (director, 'We are Legion' and 'The Internet's Own Boy'). They're also available to watch on the DEF CON YouTube channel.

https://www.defcon.org/html/torrent/DEF CON 22 x-hour film contest.torrent

Second, Volume 1 of the Official DEF CON 22 Photo Feed:

This is the first batch of pictures we've gotten in from our official Photo Corps. Stay tuned for Volume 2.

https://www.defcon.org/html/torrent/DEF CON 22 pictures v1.torrent

Torrent logo

DEF CON 21 Music is up!

Tired of listening to your mp3 collection? Looking for a way to spice up that ho-hum hard drive? When's the last time you and your music stash really... connected?

Take care of your ears. Hot DJ sets have been shown in clinical trials to help treat the symptoms of boredom, malaise and sickofmycollectionitis. Side effects may include stupid grin, periodic head nodding and uncontrolled shaking in the booty region. If symptoms persist for more than four hours you should probably drink some water.

Ask your doctor if DEF CON 21 Music Torrent is right for you.

CTF Monument graphic

Capture the Flag Archive Updated!

We’ve updated the CTF page on the DEF CON website. In addition to being the new permanent home for the torrent link to CTF packet capture Valhalla (170 gigs of that uncut raw), it’s also home to a small but hopefully growing number of walkthroughs and write-ups. As we get them in, we’ll put them on.

That’s what we are doing for you, for loving the CTF tournament. What you can do for us is seed, seed, seed and spread the word.

Torrent logo

Torrential Downpour!

Your half-full drives are vulnerable. The webs are just looming there, waiting to pump your memory full of bad music, dumb videos and pictures of other people’s unremarkable pets. Protect yourself. Fill up that dangerous unused space with DC-related goodness.

So far, we’ve got six new and updated torrents up:

DEF CON 22 Speaker Materials:
Updated Speaker Materials: Torrent Torrent Icon

DEF CON 22 Music:
Music CD: Torrent Torrent Icon

DEF CON 22 Badge:
Collection of files related to hacking the DEF CON 22 Badge: Torrent Torrent Icon

Collection of Hacker Documentaries hosted on defcon.org (Updated): Torrent Torrent Icon

Collection DEF CON Hacking Conference Con CD/DVDs (Updated): Torrent Torrent Icon

Collection DEF CON Hacking Conference Programs (Updated): Torrent Torrent Icon

We’re going to be adding to that list in the coming days. Together, we will fight back the secret scourge of disk encruftment.

Closing Ceremonies video screencap

DEF CON 22 Closing Ceremonies!

For today’s #defconflashbackfriday we’re going all the way back to August of 2014 and serving up the DEF CON 22 closing ceremonies. So if you were at the show but didn’t make it to the end credits,or you haven’t been to a DEF CON and want to get an idea of the sheer scope of the event, this flashback is for you.

As always, enjoy it and pass it on.

CTF Monument graphic

Complete Packet Captures from DEF CON 22 CTF!

Do we ever have a treat for you analytically inclined individuals. The complete packet captures from the DEF CON 22 Capture the Flag competition are now available for your leeching pleasure!

That’s right: 170 glorious gigabytes, packaged up in a handy torrent for your convenience! All of the traffic from the World Series of hacking contests, now yours to fold, spindle and mutilate to your heart’s content.

Enjoy, share, and if you can, seed this data. Packet captures taste better when they’re shared.

Old printing press with DEF CON smiley

Read All About It!

Every year, we collect and share a sampling of the published reports from the press that covered DEF CON. It's interesting to see what gets the most interest, and it's gratifying to see that every year there are less stories about how scary hackers are and more stories about the incredible things hackers create and what we can learn from investigating the technology that surrounds us.

Transportation security, digital privacy, and the unexpected musings of eccentric AV software titans seemed to top the list in 2014. You can peruse the whole thing at your leisure on our press archive page.

Source of Knowledge screenshots

DEF CON 22 Video from Source of Knowledge!

Maybe you weren’t able to attend the the hacker playground that was the 22nd DEF CON. Perhaps you did, and just didn't get to pick up all the bleeding edge research our speakers were throwing down.

Take heart, hacker brethren and sistren, our friends at the Source of Knowledge record it all, and you can purchase those presentations for frame by frame forensic dissection in HD video format! In fact, they also offer a streaming option for those that like to keep it online.

Check out all of the purchase options at defcononline.com!

Screen shot of DEF CON 22 Archive

DEF CON 22 Archive is Now Live!

Good news, everyone! The archive page for DEF CON 22 has opened for business. It feels like DC was only a couple of weeks ago, but you can already see the slides and extra materials from all the main-track talks.  We’ll eventually be adding audio and video as well, so keep an eye on this space. In the meantime, bum rush these Power Points to your heart’s content.

As always, pass it on.

powerlines

For Early Release - The Internet of Fails

Early Release! More video from DEF CON 22! This time it's a presentation from Zach Lanier and Mark Stanislav about the many ways the Internet of Things isn't ready for prime time, security-wise, and some insight into the work being done to make it safe to connect your various 'Things' to the IoT. Enjoy, think carefully about how much you need your SlapChop all up in the cloud, and share. http://youtu.be/WHdU4LutBGU?list=PL9fPq3eQfaaBCdjbKFYjosh1s1EkaYdsQ

contest results image

Contest Results Page — Now Live!

We had a lot of incredible contests at DEF CON 22. So many contests that they could have seceded and formed the People’s Republic of Contestia. So many, in fact, that the results are still coming in over a week later. To keep you informed, we’ve created a Contest Results Page on defcon.org. Check out who won, find links to the contest websites for further information.

If you don’t see your favorite contest, let us know @defcon or contact the contest organizer and ask them to submit their results.

DC GROUPS logo

Keep it going all year!

So you've been home from DEF CON for a week now - probably settled back into your normal routine. In the back of your mind, though, there's probably a little voice that wishes you could have DEF CON-style hacker camaraderie and learning opportunities all year long.

The good news is, you can. You can join a DC Group in your area. If there isn't a DC Group in your area, you can start one. The instructions for starting a group are at the link below, as well as a listing of the hundreds of groups that already exist around the world.

And when you get involved, be sure to keep in touch with us on social media. Let us know when you're meeting and we'll share it. Tape your presentations and we'll share those, too. Let's make this the fastest trip from one DEF CON to the next by keeping the ball rolling all year.

https://www.defcon.org/https://defcongroups.org

attack visualization of CTF

DEF CON 22 CTF Results Are In!

Legitimate Business Syndicate has placed the final results of the DEF CON 22 CTF Finals on their website.There's scores, some shout-outs and even an explanation of their fancy radio badge and the cool contest visualization they debuted this year.

Congratulations to all won the right to participate, and extra respect to Plaid Parliament of Pwning, HITCON and Dragon Sector for taking 1st, 2nd and 3rd respectively.

https://legitbs.net/2014/

LosT and DT Talking

DEF CONversation with LosT, DEF CON's Mindbender-in-chief

One of DEF CON's secret weapons is LosT, our resident Puzzle Master and Lord of the Badge. You can see his work all over DEF CON, from the insanely hackable badges to the secret codes and messages hidden all over the program and the venue.

Dark Tangent interviews him here about all of his various DEF CON activities, his process and even gets a few hints dropped for next year's puzzles.

DEF CON 22 floor circle

Here come the updates...

This was an amazing year, and we've got a lot to share about it. Tons of stuff coming down the wire very shortly. In the meantime, enjoy this VERY thorough walkthrough of the DEF CON Badge Challenge from Team PotatoSec (Warning: Spoiler alert for those still trying to solve):

http://potatohatsecurity.tumblr.com/post/94565729529/defcon-22-badge-challenge-walkthrough

And just so you know, DEF CON 23 will be held August 6-9, 2015, at Paris/Bally's on the strip in Las Vegas!

DEF CON 22 logo

News from the Front!

The hackening is in full swing at DEF CON 22. The Rio is abuzz with all manner of high-octane geekery. If you're here, you're probably too busy leveling up to keep an eye on the press surrounding the event, so we bring you this mini-roundup of press links to see what the rest of the world is saying about us.

http://www.wired.com/2014/08/defcon-2014-badges-revealed/

http://blogs.wsj.com/digits/2014/08/08/telsa-invites-hackers-for-a-spin/

http://www.scmagazine.com/defcon-traffic-control-systems-vulnerable-to-hacking/article/365416/

http://www.theregister.co.uk/2014/08/09/technology_and_market_forces_will_defeat_surveillance_society_claims_crypto_king/

DEF CON 22 logo

Quick Update Roundup!

DEF CON is in full swing - so there’s a million things going on. Here’s a few recent news items to tide you over while we get the party set up.

If you’re one of those people that enjoys being entertained by entertaining entertainers, you’re going to want to check out our newly minted ‘Entertainment’ page. So much music - it’s like Coachella for people who people smart enough to test out of Coachella.

https://www.defcon.org/html/defcon-22/dc-22-entertainment.html

For lawyers, judges and law students, there’s a Lawyer Meetup this year. DEF CON General Counsel and Chief Legal Raconteur Jeff McNamara invites all with a connection to the practice of law for a relaxed low-key meet up followed by a spirited trip to the Voodoo Lounge.

Don’t forget to stop by Track 3 at 9pm on Friday and Saturday for Movie Night with Dark Tangent. Friday we’re showing ‘The Internet’s Own Boy’ - a moving bio of internet hero Aaron Swartz. Director Brian Knappenberger and Aaron’s brother Noah will be in attendance for Q&A.  Saturday, we’re showing ‘The Signal’. Directed by Will Eubank (who will also be in attendance), ‘The Signal’ is a mind-bending new scifi film that starts with some hackers on the road to DEF CON.

A few pro tips: stay hydrated, remember to eat and sleep. Keep the program handy - it’s like the Galactic Encyclopedia of DEF CON. Bring extra socks. Make new friends. Hack 100% of the things.

Soma FM Logo

SomaFM at DEF CON 22!

One week, people. All that stands between all of us and DEF CON is a few measly days. To help get you amped up, we offer the SomaFM preview stream. Like last year, SomaFM will be manning the chill room and providing luscious, rejuvenating audio delights whenever you're looking for a recharge or a welcoming nook amidst the chaos.

Fire up the stream and close your eyes. It's like you're already at DEF CON.

http://somafm.com/defcon/ One week, people!

Alt text for image

For the Kids: Rootz Asylum at DEF CON 22

Rootz Asylum (formerly DEF CON Kids) has a full schedule of goodness planned for your padawan hackers. Learning, competition, fellowship with other hackish youth. It's pretty great. Back-to-school will definitely be cooler for the kids who spent their summer vacation winning DEF CON. http://www.r00tz.org

Alt text for image

Movie Night With Dark Tangent: ‘The Signal’

The sci-fi mind bender ‘The Signal’ centers around hackers on a road trip to DEF CON, so we can be forgiven for being a little biased in its favor. But from that promising starting place, the escalating weirdness and suspense take the movie everywhere but where you might expect. We don’t want to spoil anything - you’re gonna thank us if you go in with a clean slate. We’re proud to have ‘The Signal’ for Saturday’s ‘Movie Night with the Dark Tangent’, and we’re prouder still to have director Will Eubank on hand for Q&A after the screening. The last reel will definitely make you want to talk to Mister Eubank. Make it a point to be there!
Saturday the 9th at 21:00, Track 3

Hard drive dupe image

DEF CON MEDIA HARD DRIVE DUPING STATION!

For even faster leeching pleasure of the conference media server we have invested in hard drive duplication towers, and next year DT plans to launch the Data Duplication Village.

Too busy to pick and choose what you want from the server and want it all?? This year we have three sets of 4TB drives that contain the same data as the media server, just split up and color coded. If you want to duplicate a particular drive you need to show up at the INFO BOOTH with your drives at the start of each day. First come First server. It will take about 8 hours to dupe a 4TB drive so a set will start in the morning and a set in the evening, to finish overnight.

There should be six 1:11 duplication towers (If they show up in time), with two for each drive color. That means we can dupe 66 drives at a time. Once enough people show up to fill a station the duplication process starts.

As of this writing it is sorted like this:

BLUE Drive = Conference Archives 1 of 2, including DEF CON
GREEN Drive = Conference Archives 2 of 2
ORANGE Drive = Podcasts, Cryptome, 1.5T of the Hak5 archives, FOSS Operating Systems, all other content

There will be an updated list at the infobooth.

Want in on it? Go buy some 4TB SATA II 7200 RPM drives (internal drives, not usb). Buy three if you want to try for the complete collection this year. I'd do it in advance, I think the local Frys will sell out! Duping should start Thursday!

The Orb

DEF CON 22 Music Announcement: THE ORB

You better have just done that spit-take. That's right. Electronica/Trip-Hop/IDM/dub music classics and pioneers: The Orb. They're here. They're kicking. And on the 3rd day of DEF CON (Saturday night/Sunday morning 00:00-01:00) their divine presence shall bless the glorious attendees who... attend their glorious and divine performance. Those who do not attend will be forsaken and cast into the dystopian landscape known as "the rest of Las Vegas." And so this event shall henceforth be written into the Dark Tangent's Book of DEF CON, Volume 22 - also referred to by some as "the conference program." So say we all.

DJ Spooky: That Subliminal Kid a.k.a. Paul D. Miller

DEF CON 22 Music Announcement: DJ Spooky (That Subliminal Kid) a.k.a. Paul D. Miller

A major announcement right here. We're bringing you the legendary DJ Spooky (That Subliminal Kid), a.k.a. Paul D. Miller. His CV runs deeper than the Mariana trench and is more Renaissance than the Teenage Mutant Ninja Turtles combined. Perhaps originally and best known for his artisinal music crafting (collaborating on projects with Meat Beat Manifest, Slayer, Chuck D.) and turntablism , he's become a university music professor (EGS, Switzerland), author (too much stuff to list), and an executive director of Origin Magazine. He's had his works featured in major museums like the Warhol, The Whitney, the Museum of Contemporary Art (Chicago), blahblahblahblah the pseudo-anonymous writer of this announcement could go ad infinitum. The point is, he's attained legendary-levels of awesome, and is coming to DEF CON to drop some hip-hop (perhaps with orchestral accompaniament) on Thursday Night in Track 1 (22:00-23:00)!

Elite Force image
MC Frontalot image

DEF CON 22 Music Announcement: Elite Force & MC Frontalot!

A favorite from DEF CON XX (he dropped the killer set after The Crystal Method), we're bringing the near-mythical adrenaline-inducing Elite Force back for another sonic pummeling. Many of you may also recognize one of his prior projects, Lunatic Calm, which had music featured on films like The Matrix, Mortal Kombat: Annhilation, Drive, and tooons of others. We're extraordinarily excited to have Elite Force back, and we'll all need to be sure to keep our collective cholesterol levels in check to ensure we can survive his performance. Catch him Saturday night in track 1 (23:00-00:00)!

Another throwback to DEF CON XX, we're bringing back one of the grandmasters of Nerdcore hip-hop, MC FRONTALOT. His prolific lyrical stylings have been proverbially known to knock socks off, so shoes (as always) are encouraged (we'll let sandals slide too). He's also the star of the acclaimed documentary Nerdcore Rising. Catch him Friday night in Track 1 (23:00-00:00), alongside other hard-hitters and partners in nerdcore-crime Dual Core and ytcracker!

Anamanguchi promo image

DEF CON Entertainment Presents: Anamanaguchi!

Today we announce eccentric retro electro video game chip-tune-inspired dance-rock that is purveyed by ANAMANAGUCHI. Not only is their music video game-inspired, their music actually HAS appeared on video games (like Rockband and Scott Pilgrim vs. The World). The real deal! Check 'em out at the Friday festivities in track 1. (set time: 00:00, Saturday AM)!

Also be sure to check out their totally rad and typically incredibly neon music videos:

Zebbler image

DEFCON 22 Music Announcement: Zebbler Encanti Experience

Do you remember the giant projection-mapped DEF CON exploded face? Or maybe the dragon installation? Or how about the DEF CON sign installation in the chillout lounge last year? These are the epic works of Zebbler's design team, who have also developed installations for the likes of Shpongle, EOTO, and a number of other class acts. But Zebbler doesn't just excel at design. He also excels, along with his comrade Encanti at music. Together, they form an incredible audiovisual duo that goes by Zebbler Encanti Experience, and they will be purveying this experience to you at DEF CON 22! Take delight in their glorious bassy weirdness at DEF CON's official Saturday evening event in track 1 (set time: 01:00, Sunday) !

Most of their music is free/pay-what-you-can too! Check it out:

Last Minute graphic

Calling All Accepted Speakers!

Attention all accepted DEF CON speakers! The deadline for getting your materials in for inclusion on the conference CD is Tuesday, July 15. Pencils down. Pass your paper to Nikita. Thank you.

Hand dropping mic

Capture the Packet Registration Open!

Registration is now open for those willing to push their Cyber Traffic Analysis skills to the limit, you can compete in the latest Cyber Analytics and Network Forensics Challenge. Now in its fifth year ! Capture the Packet has brought more APT’s, Trojans, Malware, Web and Red team attacks, network issues and sneaky covert channel coms to one event ! Do you know when important data is leaking out of your network and who is doing it - Can you handle the Advanced Persistent Threat ? Can you spot that nasty bug your neighbors workstation contracted from visiting an infected website ? Can you spot a networking configuration issue with routing, spanning tree, BGP or OSPF ? Do you know how to count your IPV6 lucky stars ? Do you speak VOIP, MGCP or H323 ? We welcome everyone to try their hand at the most intense live network traffic analysis and forensic challenge, who knows you could be our next grand finals winner. You must bring your own laptop/computer to compete in this challenge, remember while this is not an attack game, it is a hostile network.

Details:

This year, the completion is handled in three Challenging phases:

Pre-Qualifying Rounds Start Thursday August 7th at 1:00pm and End Friday August 8th at 1:00pm
Those that have the highest scores “overall” from all rounds combined, essentially 40 teams will move on to the qualifying rounds

The Qualifying rounds are held starting Friday August 8th at 2:00pm and end on Saturday August 9th at 1:00pm
The top 10 teams from the Qualifying rounds with the highest over-all move on to the finals held on Saturday at 6:00pm

The Final round will consist of the top 10 scoring teams to survive the qualifying rounds,
These 12 teams will compete in a two hour long finals competition to determine the winner

Register your team of two – at https://www.capturethepacket.com/ctp_dc_signup.html, or sign-up onsite.

Capture The Packet will be hosted in the “Packet Hacking Village” at the DEFCON Entrance Area !

Hand dropping mic

DEF CON 22 Schedule is LIVE!

Just a little over a month until we rendezvous at the Rio for DEF CON 22! Are you ready? We hear it's eleventy-one degrees there today, so bring weapons-grade sunscreen if you're one of those 'goes outside' kind of hackers.

You'll also want to know who's talking about what and when so you can plan your DEF CON experience. To that end, we proudly present the DEF CON 22 Speaker Schedule! Get yourself familiar, people. The key to maximum DEF CON is maximum planning. Or no planning. The key to maximum DEF CON has been in your heart all along. SCHEDULE IS LIVE!

https://www.defcon.org/html/defcon-22/dc-22-schedule.html

G+ Hangouts Logo

DEF CON’s First Google Hangout!

We’re trying something new. Friday, June 27th at 11am Pacific Time, we’re hosting our first Google Hangout on Air. The guest is Jennifer Granick, DEF CON CFP Review Board member, preeminent hacker defense lawyer and Director of Civil Liberties for the Center for Internet and Society at Stanford Law School. The subject is her recent article for Wired regarding the verdict in United States v. Davis and what it could mean for the future of mass surveillance.

If you’ve got good questions about the intersection of law and ‘metadata’ collection, either leave them here in the comments or ask them live at the Hangout tomorrow.

If you’re not following us on Google Plus, the link is here:

https://plus.google.com/+DefconOrgplus/

Join us, and as always, spread the word.

Hand dropping mic

DEF CON 22 CFP Review Board Revealed!

‘This talk is amazing!’ You say this to yourself (inside voices) while watching someone awesome say and demonstrate awesome things. ‘How does DEF CON consistently pick so many great talks? They must have a team of borderline superheroes slogging through hundreds and hundreds of proposals for months! Who could those paragons of determination and insight BE, exactly? How could I learn their handles and perhaps show my appreciation by buying them many beers?’

Here’s an answer key to these questions you’re asking yourself:

1.)This talk probably is amazing. Not really a question.
2.)Lots of caffeine and eyestrain. Also dedication and love.
3.)They do have a team of borderline superheroes, and there is no DEF CON without them.
4.)They are known as the DEF CON CFP Review Board.

You can check out their page here. And maybe show them some love.

Hand Dropping microphone

Last round of DEF CON 22 Talks are Live!

This is it. The speaker list for DEF CON 22 is now locked and complete. This means two things: DEF CON is really almost here, and we are now hard at work creating the Tracks and the Schedule (watch this space, buckaroos). We're very proud of the lineup we've assembled, and we think you will find a lot of good stuff to choose from. Whether you're coming to Vegas or not, we'd love it if you'd take some time to check out the speaker list and give us some feedback about what talks have you the most excited.

55 days, people. Get psyched!

New for DC101


Panel - Diversity in Information Security
Jennifer Imhoff-Dousharm, Sandy “Mouse” Clark, Kristin Paget, Jolly, Vyrus, and Scott Martin

New Presentations


The Cavalry Year[0] & a Path Forward for Public Safety
Joshua Corman and Nicholas J Percoco

Mass Scanning the Internet: Tips, Tricks, Results
Robert Graham, Paul McMillan, and Dan Tentler

Hack All The Things: 20 Devices in 45 Minutes
CJ Heres, Amir Etemadieh, Khoa Hoang, and Mike Baker

Raspberry MoCA - A recipe for compromise
Andrew Hunt

Home Insecurity: No alarms, False alarms, and SIGINT
Logan Lamb

Dark Mail
Ladar Levison and Stephen Watt

Attacking the Internet of Things using Time
Paul McMillan

Open Source Fairy Dust
John Menerick

Generating ROP payloads from numbers
Alexandre Moneger

Panel: Ask the EFF: The Year in Digital Civil Liberties
Kurt Opsahl, Nate Cardozo, Mark Jaycox, Yan Zhu, and Eva Galperin

Panel - Surveillance on the Silver Screen- Fact or Fiction?
Nicole Ozer, Kevin Bankston, and Timothy Edgar

Measuring the IQ of your Threat Intelligence feeds
Alex Pinto and Kyle Maxwell

Secure Because Math: A Deep Dive On Machine Learning-Based Monitoring
Alex Pinto

Detecting and Defending Against a Surveillance State
Robert Rowley

Advanced Red Teaming: All Your Badges Are Belong To Us
Eric Smith and Josh Perrymon

The Internet of Fails: Where IoT Has Gone Wrong and How We're Making It Right
Mark Stanislav and Zach Lanier

Domain Name Problems and Solutions
Dr. Paul Vixie

ascii DEF CON Logo

DEF CON Secret Media Server Project Revealed!

RED ALERT TOP SECRET WIKI LEAK SN0DEN LEAK GAMMA GAMMA ZF0 P0SSE DOC DROPPER

The previously sooper seekret media.defcon.org server project has leaked out on the twitter and the face book. No use hiding behind our press secretary any longer, It's better to just admit it and let everyone make up their own minds.

WHAT LEAKED? The Dark Tangent is collecting as much open source security conference footage, training materials, podcasts, white papers, videos, and anything else haxors may be interested in. He plans to make it all available at DEF CON 22 in August and let anyone download it, or even direct HD copy it.

WHO LEAKED THIS SECRET PROJECT? The Dark Tangent. Oops.

WHAT NOW? A huge burden has been lifted off of DT and he no longer has to live two lives. He can now focus on getting as much content as possible from the community.

That's where you come in.

HOW CAN I HELP?
Send links to content you think everyone should have access to that is related to the hacking and infosec scene somehow. It can be an rss podcast, a .torrent of academic journals, and ftp link to text files, a web site to mirror full of source code, an svn operating system repository, a YouTube channel, whatever!

Send your links in an email to dtangent@defcon.org, or tweet them to @thedarktangent and he will start the leeching.

HOW DO I GET MY HANDS ON THE DATA?
At DEF CON 22 you will be able to get to the gigs in a couple different ways. The con Wi-Fi network (at 802.11g speeds), through wired switches on 1 gig links in different areas, or by bringing your own 4TB SATAII or III hard drive(s).

We will have HD duplicators running all con copying drives for people who just want to drop off a drive and pick it up later.

Please help out with links, and we'll see you at con!

Crash and Compile Logo

Registration Now Open for Crash and Compile

Do you think you can code? Do think you can code while drinking? We're not talking about coding in the warm safe confines of your cubicle. No, this is programming for sport. It's live competition, against the clock, and the other teams. And we don't make it easy. Have the smarts to solve our programming challenges? Good. We want you to show us that programming is not only about laying down some sweet sweet code, it's about the style in which you do so. Sound fun? We think it is.

Crash And Compile is a ACM-style programming contest crossed with a drinking game, where teams of two people try to solve as many programming problems as they can. As teams compile and run their programs, each time their code fails to compile, produces the incorrect output, or seg-faults, the team must drink. Meanwhile, our lovely Team Distraction will be doing what they can to make the job of programming while intoxicated all the more difficult and/or enjoyable.

Registration is now open. Sign up over at https://dc22.crashandcompile.org

Hand Dropping microphone

Big 'Ol Batch of Talks!

It’s getting pretty real, people. The speaker selection process is almost complete, the party and event planning is in full swing - DEF CON 22 is just a little over two months away!

To celebrate, another round of speaker announcements. Twenty-five more abstracts to help you create your DEF CON battle plan. We anticipate one more round of announcements before the roster is locked, but by now you should have a pretty good idea how much good stuff we have on tap.

DEF CON 101 Presentations


Detecting Bluetooth Surveillance Systems
Grant Bugher

Dropping Docs on Darknets: How People Got Caught
Adrian Crenshaw

Is This Your Pipe? Hijacking the Build Pipeline.
Kyle Kelley and Greg Anderson

Home Automation and Defensive Security Measures
Chris Littlebury

Instrumenting Point-of-Sale Malware: A Case Study in Communicating Malware Analysis More Effectively
Wesley McGrew

Android Hacker Protection Level 0
Tim Strazzere and Jon Sawyer

Presentations


I am a legend: Hacking Hearthstone with machine learning
Elie Bursztein and Celine Bursztein

Hacking US (and UK, Australia, France, etc.) traffic control systems
Cesar Cerrudo

NSA Playset: DIY WAGONBED Hardware Implant over I2C
Josh Datko and Teddy Reed

Check Your Fingerprints: Cloning the Strong Set
Free and Lachesis

Shellcodes for ARM: Your Pills Don't Work on Me, x86
Svetlana Gaivoronski and Ivan Petrov

Blowing up the Celly - Building Your Own SMS/MMS Fuzzer
Brian Gorenc and Matt Molinyawe

Deconstructing the Circuit Board Sandwich: Effective Techniques for PCB Reverse Engineering
Joe Grand (Kingpin)

Panel: Ephemeral Communications: Why and How?
Ryan Lackey, Jon Callas, and Elissa Shevinsky

NinjaTV - Increasing Your Smart TV’s IQ Without Bricking It
Felix Leder

Catching Malware En Masse: DNS and IP Style
Dhia Mahjoub, Thibault Reuille, and Andree Toonk

Old Skewl Hacking: Porn Free!
Major Malfunction

A Survey of Remote Automotive Attack Surfaces
Charlie Miller and Chris Valasek

Learn how to control every room at a luxury hotel remotely: the dangers of insecure home automation
Jesus Molina

Acquire current user hashes without admin privileges
Anton Sapozhnikov

Impostor — Polluting Tor Metadata
Charlie Vedaa and Mike Larsen

Manna from Heaven: Improving the state of wireless rogue AP attacks
Dominic White and Ian de Villiers

The Open Crypto Audit Project
Kenneth White and Matthew Green

Practical Aerial Hacking & Surveillance
Glenn Wilkinson

Don't Fuck It Up!
Zoz

DARPA Cyber Grand Challenge Logo

DARPA announces its 2-year Cyber Grand Challenge, Final Tournament at DEF CON 24

The Cyber Grand Challenge asks some simple questions - can you create a fully-automated system to detect, thwart and mitigate network attacks? Can you build one so effective that it can win an all-computer tournament without human intervention? Would you like 2 million dollars?

If you have a great proposal but lack the funds for a 2-year competition, you can pitch DARPA for funding - they’re already backing seven of the registered teams. Teams that survive the quals in June 2015 are eligible to compete in the final tournament at DEF CON in 2016. Grand prize is $2 million dollars.

Competitors will need a dizzying array of skills and an encyclopedic understanding of every form of network kung-fu. They will also need a pretty serious amount of free time, but the winner gets a nice check and an answer to the question of what to put first on a resumé.

We believe that such a team must exist in the DEF CON family. If you think you’re up to the challenge, more information awaits you at the DARPA CGC page.

http://www.darpa.mil/cybergrandchallenge/

Hand dropping Microphone with DC22 Logo

Enormous Speaker Update! First DC101 Talks Revealed!

Hot off the presses - more speaker selections. Several of them are for the DEF CON 101 Track, newly expanded for DC 22 and running all the way through the con. The rest of the presentations listed here fall into the other tracks, and if we do say so ourselves, this is shaping up to be quite the year, hackwise. You’re definitely going to want to make sure you have a seat for some of these. The titles alone should tell you we’re coming correct in 2014.

New Presentations


The Simple Route to Backbone Routers
Luca "kaeso" Bruno and Mariano "emdel" Graziano

Summary of Attacks Against BIOS and Secure Boot
Yuriy Bulygin, Oleksandr Bazhaniuk, Andrew Furtak, and John Loucaides

Saving Cyberspace by Reinventing File Sharing
Eijah

Secure Random By Default
Dan Kaminsky

Masquerade: How a Helpful Man-in-the-Middle Can Help You Evade Monitoring.
Ryan Lackey and Marc Rogers

Just What The Doctor Ordered?
Scott Erven and Shawn Merdinger

NSA Playset : GSM Sniffing
Pierce and Loki

Don't DDoS Me Bro: Practical DDoS Defense
Blake Self and Shawn "cisc0ninja" Burrell

"Around the world in 80 cons” - A Perspective
Jayson E. Street

DEF CON 101 Presentations!

The DEF CON 101 track is a series of talks aimed at attendees who are not yet internationally-recognized infosec experts. This is not the n00b track. But if you're interested and engaged in the hacker community, these sessions are right up your alley. From Sysadmins & NOC Jockeys to College Students & IT Professionals, everyone exploring the world of Information Security can expect to feel welcome, not intimidated. We have grouped the sessions by interest area, so you're not spending all day bouncing between talks.

DEF CON 101 - The Talk
HighWiz, Lockheed, Pyr0, Roamer, and LosT

Protecting SCADA From the Ground Up
AlxRogan

Hacking 911: Adventures in Disruption, Destruction, and Death
Christian “quaddi” Dameff, Jeff “r3plicant” Tully, and Peter Hefley

How to Disclose an Exploit Without Getting in Trouble
Jim Denaro and Tod Beardsley

NSA Playset: PCIe
Joe FitzPatrick, Miles Crabill, and Dean Pierce

Oh Bother, Cruising The Internet With Your Honeys, Creating Honeynets For Tracking Criminal Organizations
Terrence Gareau and Mike Thompson

The Monkey in the Middle: A pentesters guide to playing in traffic.
Anch

Investigating PowerShell Attacks
Ryan Kazanciyan and Matt Hastings

Screw Becoming A Pentester - When I Grow Up I Want To Be A Bug Bounty Hunter!
Jake Kouns and Carsten Eiram

Meddle: Framework for Piggy-back Fuzzing and Tool Development
Geoff McDonald

One Man Shop: Building an Effective Security Program All By Yourself
Medic

Rf Penetration Testing, Your Air Stinks
RMellendick and DaKahuna

Touring the Darkside of the Internet. An introduction to Tor, Darknets, and Bitcoin.
Metacortex and Grifter

USB for All!
Jesse Michael and Mickey Shkatov

ShareEnum: We Wrapped Samba So You Don’t Have To
Lucas Morris and Michael McAtee

An Introduction to Back Dooring Operating Systems for Fun and Trolling
Nemus

Standing Up an Effective Penetration Testing Team
Wiseacre

Data Protection 101 - Successes, Fails, and Fixes
PTzero

Anatomy of a Pentest; Poppin' Boxes like a Pro
PushPin

Practical Foxhunting 101
SimonJ

Blinding The Surveillance State
Christopher Soghoian

Bug Bounty Programs Evolution
Nir Valtman

Client-Side HTTP Cookie Security: Attack and Defense
David Wyde

From Dusk til con logo

Submissions Now Open for 'From Dusk Til Con'

You’ve had the thought: “DEF CON is super fun, but how much cooler would this be if there was a little corner devoted to my weird niche interest?” ‘From Dusk Til Con’ is your chance to realize that overly specific dream.  Got a mini-village idea? Want to run an Inception style Con-within-the Con? Want to play strip Settlers of Cataan? Shoot us your ideas for themed mini-events on the Crawl and we’ll make the best ones happen.

Find out more and how to submit at: https://www.defcon.org/html/defcon-22/dc-22-fdtc.html

CTF sunset

DEF CON 22 CTF Quals Roundup!

The DEF CON 22 CTF Qualifiers are in the books. Challenges were faced, and bested. Points were accumulated. Bedtimes were missed. It’s all over but the paperwork.

So here’s a roundup of writeup links. IF you participated, read and see how other people approached the same problems. If you didn’t, read and get an idea of how the CTF process works and consider signing up next time. You lose 100% of the CTFs you don’t enter.

If you enter, you could still lose 100%. That’s just math. But you’ll have a story. An awesome, glorious, highly technical story to share with the tiny slice of humanity who can understand this sort of thing.

There’s also a bonus link to a GitHub collection that looks like it might end up pretty comprehensive.

https://hackucf.org/blog/category/writeups/defcon-quals-2014-writeups/
http://blog.spiderlabs.com/2014/05/defcon-22-ctf-qualifiers-writeup.html
http://balidani.blogspot.com/2014/05/def-con-quals-2014-100lines-writeup.html
http://ahack.ru/write-ups/defcon-quals-14.htm
http://zepvn.com/blog/defcon-ctf-quals-2014-100lines.php
http://zepvn.com/blog/defcon-ctf-quals-2014-byhd.php
http://sigint.ru/writeups/2014/05/19/defcon-2014-quals---zombies/
http://sigint.ru/writeups/2014/05/18/defcon-2014-quals--polyglot/
http://endgame.com/blog/defcon-capture-the-flag-qualification-challenge-1.html
https://github.com/ctfs/write-ups/tree/master/def-con-ctf-qualifier-2014

CTF temple

On your mark... Get set...

T minus 3 hours - DEF CON 22 CTF Qualifications are upon us! To read up on the setup for this year, you can check out the Legitimate Business Syndicate blog:

https://blog.legitbs.net/

The road to glory begins here. We at DEF CON applaud all of the brave warriors who've accepted the CTF challenge. Godspeed. May the odds be ever in your favor.

Hand Dropping mic

Big New Batch of Talks Incoming!

Don’t look now, but it’s already the middle of May. DEF CON 22 is just over the horizon, a little less than three months away. Preparations are in high gear.

Today, we bring you  more talks - 15 more, to be exact. You can check out the abstracts and speaker bios on the DC22 speaker page. We think you’ll like the choices - there’s everything from shortwave radio steganography to mischief with car firmware.

There’s more coming, of course, so keep checking back with our speaker page as we flesh out the roster.

https://www.defcon.org/../defcon-22/dc-22-speakers.html

The new selections are:

The Secret Life of Krbtgt
Christopher Campbell

The $env:PATH less Traveled is Full of Easy Privilege Escalation Vulns
Christopher Campbell

Why Don’t You Just Tell Me Where The ROP Isn’t Suppose To Go
David Dorsey

Steganography in Commonly Used HF Radio Protocols
Paul Drapeau and Brent Dukes

Weird-Machine Motivated Practical Page Table Shellcode & Finding Out What's Running on Your System
Shane Macaulay

The NSA Playset: RF Retroreflectors
Michael Ossmann

Attacking to Cisco Hosted VoIP Networks
Fatih Ozavci

Abusing Software Defined Networks
Gregory Pickett

Am I Being Spied On? Low-tech Ways Of Detecting High-tech Surveillance
Dr. Phil Polstra

You're Leaking Trade Secrets
Michael Schrenk

Zends Dead baby
Dr Steven Seeley

I Hunt TR-069 Admins: Pwning ISPs Like a Boss
Shahar Tal

Optical Surgery; Implanting a DropCam
Patrick Wardle and Colby Moore

PoS Attacking the Traveling Salesman
Alex Zacharis

Playing with Car Firmware or How to Brick your Car
Paul 0x222

Hand Dropping mic

More Accepted Talks!

We’re hard at working choosing the best of the CFP submissions, and today we have five more confirmations to announce. Watch this space for more speaker announcements in the coming weeks. It’s shaping up to be a pretty fascinating roster.

Getting Windows to Play with Itself: A Hacker's Guide to Windows API Abuse
Brady Bloxham

Girl… Fault-Interrupted.
Maggie Jauregui

Elevator Hacking - From the Pit to the Penthouse
Deviant Ollam, Howard Payne

Hacking the FBI: How & Why to Liberate Government Records
Ryan Noah Shapiro

The Only Way to Tell the Truth is in Fiction: The Dynamics of Life in the National Security State
Richard Thieme

You can watch the conference taking shape on the DEF CON Speaker Page:
https://defcon.org/html/defcon-22/dc-22-speakers.html

Montage of past Artwork Contest entries

Art Contest Winners!

Congratulations to the winners of the DC 22 Art Contest:

1st Place: Alice in Hackerland by Tess Schrodinger
2nd Place: Helicopter Parents Weren’t This Bad by Amit Yehuda
3rd Place: Bleed by Joey Strine

People’s Choice: Alice in Hackerland by Tess Schrodinger

And of course, thanks to everyone who submitted work. There is no end to the hidden talents of the DEF CON massive. You can check out the winning artwork on the DC Art Contest page:
https://defcon.org/html/defcon-22/dc-22-artwork-contest.html

And a gallery of all the entries at:
https://www.facebook.com/media/set/?set=a....

Also, don’t let the contest ending stop you - if you have the urge to create some on-theme artworks between now and the show, we’d be happy to share them with the world. You won’t win anything beyond our love and gratitude, but that’s not exactly nothing.

Montage of past Artwork Contest entries

Vote for People's Choice in the DEF CON 22 Artwork Contest!

The DEF CON 22 art contest has closed, and it’s time to start picking the winners. In the ‘People’s Choice’ category, that means it’s time for YOU to cast a vote. Check out the Artwork Contest Entries Gallery on Facebook and cast a ‘Like’ for your favorite.

The winner gets free admission to DC22, $25 credit at the Swag Booth and inky immortality in the DC22 printed program, so it’s kind of a big deal. The theme was ‘Behind the Curtain’, and the winning work should in some way capture the sense of the hidden world behind the world that is seen. Cast your votes wisely.

And as always, we thank everyone who participated in this year’s contest. If you didn’t submit and you’re feeling a little jelly, we offer the wise words of Socrates, who said to his students, “He is not wise who playa-hates; the truly wise participate. This mimosa is terrible.”

Vendor vending

DEF CON 22 Vendor FAQ and App is Now Live!

Attention Entreprenerds!

DEF CON 22’s Vendor Area is a great opportunity to get your geek-centric product in front of a highly focused, upwardly mobile and possibly drunk audience of over 10,000 vacationing tech enthusiasts. Share your business with people passionate about technology, make sales, even make friends.

To sign up, head over to the vendor site, read the FAQ and get the forms filled out. Don’t delay - August is closer than you think.

http://defconvendors.com/

Hand Dropping mic

Speaker Page Posted, Check Out the First Round Accepted!

It's official. CON season is really upon us.

DEF CON HQ is proud to announce the first round of accepted speakers! Take a look, let us know what you think and what you're looking forward to most. We'd also love it if you kept your eye on the speaker page, because we'll be posting the rest of the accepted speakers as they are selected. On the speaker page you can watch DEF CON 22 taking shape, and you can weigh in here or @defcon.

We think you're gonna like the choices so far. Get excited - the countdown has begun!

SECTF Logo

SECTF Registration is Live!

The Social Engineering Capture the Flag contest is back for DEF CON 22 - this time with a Tag Team Twist! Spread the word and get signed up if you're ready to test your SE skills in Vegas!

Samples of the Faces of DEF CON artwork by Eddie the Yeti

Faces of DEF CON

Our community never fails to amaze. With no prompting from anyone, Eddie the Yeti has been making these beautiful portraits of DEF CON's better known faces and sharing them with the subjects.

He makes them with materials like soy sauce and coffee, wine and lime juice. He makes them insanely fast, but he still manages to get across the best of the subject's personality.

Check out his Faces of DEF CON series on DeviantArt. Check out the rest of his work, too. He's as good an advertisement as there could be for why you should come hang out with us in the desert. Brilliant, generous and doing it for the love.

Thanks, Eddie.

http://eddietheyeti.deviantart.com/gallery/

Pilgrim, another DEF CON regular, has made a tribute site to the series as well, at

http://www.facesofdefcon.org/

DEF CON 22 Logo

The DEF CON 22 site is open!

Good news, everyone!

It’s hard to believe, but we’re already two-thirds of the way to DEF CON 22.

As we come down the home stretch, the DEF CON 22 site will be your one-stop information center for everything DC22. We’ll be constantly updating the site with talks, contests, events, entertainers and announcements to help you get the most out of your con.

Throw us a bookmark and keep checking back. Make us a regular part of your balanced media breakfast, and we’ll keep you up to date on everything you need to know.

Keep calm and play ctf image

DEF CON 22 CTF: Registration is Open!

Good news, everyone!

Registration for the DEF CON 22 CTF season is open! To accomodate international competitors, the qualifying weekend has been moved to May 17-19.

It is time to assemble your champions. Sharpen them to a fine point. The doors to the arena open May 17. Fortune looks kindly upon boldness and skill. Failing those, she also seems pretty okay with treachery and subversion.

The information you require can be found at https://blog.legitbs.net/ . You can register at https://2014.legitbs.net/.

Step forward and meet your destiny.

Image of DEF CON gameshow

The DEF CON 22 Contests, Events and Villages RFI is Now Open!

Got an idea for a game-changing contest or event? Maybe you have the expertise to run a village on a compelling topic we've overlooked? This is your moment. Submit your idea on the DEF CON CnE website - we'll partner up with the best ideas and help make them happen.

The rules and guidelines are available on the CnE website. Check them out, and get yourself involved. We look forward to hearing your ideas.

http://defcne.net/

montage of past art contest winners

DC22 Artwork Contest: Only Two Weeks Left!

We know that art takes time. We know that artists like to paint themselves into deadline corners, waiting until the last minute for inspiration to strike. If that's you, please bear in mind that the minutes run out in about two weeks. If you want to have your work considered for the contest, it has to be in to us by April 10. No exceptions.

Also, if you know a creative soul who might enjoy the opportunity, be sure to share this with them. We'd really love to showcase a lot of cool work this year.

Relevant data is all here:
https://defcon.org/html/defcon-22/dc-22-artwork-contest.html

Image of Be the Match sign-up form

Be the Match returning to DEF CON 22!

For the 4th year, 'Be the Match' is returning to DEF CON. It's your opportunity to register as a Bone Marrow Donor, and maybe someday save a life. There are lots of ways to hack your body, but this one doesn't slow you down at airports or make you look sketchy.

It also makes you kind of a hero.

To find out more about how 'Be the Match' works, you can check them out at these links:

Twitter: @bethematch
Facebook: https://www.facebook.com/BeTheMatch
The InterTubes: http://bethematch.org/

Montage of past Artwork Contest entries

DEF CON 22 Artwork Contest!

DEF CON Art Contest is back!

The theme of this year's art contest is "Behind the Curtain". Secrets. Lies. Alibis. The magic shades in 'They Live'. The world behind the world, where all the hidden gears are turning.  The code and subterfuge employed by the adept to sneak knowledge past the sleeping and the uninitiated.

Cool, right? If you can put together a jaw-dropping variation on that theme in the next 30 days, prizes and glory could be yours. Free admissions to DEF CON 22, credit to burn on DEF CON Swag, maybe even a T-shirt with your art on it.

There are Categories and Rules, of course. And a Deadline. All of these are important.  These things make it a contest. But you, my undercover artist friend, you make it epic. Pencils up and good luck.

DEF CON DJ Photo

Call for Musicians/Artists/DJs application is LIVE!

If you're a musical performer, a DJ or an ambient Esperanto slam poet* who dreams of performing at DEF CON, this is your moment. We're beginning to select music acts for DEF CON 22, and we might very well need YOU.

Extra slots for Chillout/Ambient/Downtempo types this year, so you lower-BPM types should make sure to apply.

Your road to rocking DEF CON starts with reading the rules.

https://forum.defcon.org/showthread.php?t=13776

Then, if you think you have what it takes to entertain the DEF CON massive, fill out this form. https://docs.google.com/forms/d/1N0K...jAIWk/viewform

*I'm pretty sure I made that up, but I would be happy to be proved wrong. I will make you a Facebook star.

Legitimate Business Syndicate image of hackers at CTF

DEF CON 22 Capture the Flag
Pre-Qualification Events!

Continuing the tradition of recognizing strong performance in Capture The Flag events through the year, Legitimate Business Syndicate is proud to announce the following events as DEF CON 22 CTF pre-qualification events:

  • Event
  • Date
  • Organizers
  • Qualified Team
  • DEF CON 21 CTF
  • August 1-4, 2013
  • by Legitimate Business Syndicate
  • Plaid Parliament of Pwning
  • RuCTFe
  • December 14, 2013
  • by hackerdom
  • More Smoked Leet Chicken
  • Ghost In The Shellcode
  • January 17-19, 2014
  • by Men in Black Hats + Marauders
  • Dragon Sector
  • Olympic CTF
  • February 7-9, 2014
  • by More Smoked Leet Chicken
  • penthackon
  • Boston Key Party
  • February 28 - March 2, 2014
  • by Boston Key Party
  • ???
  • Codegate Finals
  • April 1-2, 2014
  • by Codegate
  • ???
  • PHDays
  • May 21-22, 2014
  • by phdays
  • ???
  • SecuInside
  • Unannounced
  • by SecuInside
  • ???

Twelve more spots will be available to teams wishing to play at the DEF CON 22 Capture The Flag through our own open qualifiers, hosted May 17-May 19.

All qualifying teams will receive eight "Human" badges for admission to DEF CON 22 this year, as well as two hotel rooms at the Rio Las Vegas, for the duration of the event.

DEF CON Calendar icon

DEF CON Future Dates!

Sure, you know that DEF CON 22 rolls around August 7-10, 2014. Everyone knows that. But do you know the dates for DEF CON 23? DEF CON 24?

Probably not, because we're announcing it right now. DEF CON 23 will be August 6-9, 2015, and DEF CON 24 will be August 4-7, 2016.

Now you know. And knowing is half the battle.

The Rio Hotel & Casino image

Bank error in your favor!

When we announced the discount room rates for the Rio last month, there was some kind of glitch in the Matrix. The first 200 signups were granted a rate even lower than our block rate. The Keymaker at the Rio has agreed to honor this rate for those lucky registrants. He had the Architect explain it to me, but he droned on so long I lost the plot. What I can confirm is that the 200th registration was reached, the anomaly was smoothed over and real-world rates have returned.

 

As ever, Fortune favors the bold.

 

The corrected rate (based on occupancy of up to three per room and taxed at 12%) is:
Sunday -Thursday   $119.00
Friday & Saturday $129.00

They charge an extra $30 a night if you add a fourth. Sometimes it's worth it. We don't judge.

Even that rate won't last long – the DEF CON block is about 40% sold. To book now and get the block rate, follow this link. See how deep the rabbit hole goes.

https://resweb.passkey.com/go/SRDEF4

DEF CON Call for Services comic

NEW! Announcing the DEF CON 22 Call for Services!

Got something cool to share on the DEF CON network during DC22? Could be almost anything - a game, a stash of vintage K-Rad textfiles, whatever you think Con goers might wanna download. Submit your idea online, and if it's approved you'll get a couple of bonded gig ports and some promotion in the program and on the site. Sharing is kinda our thing - and we're counting on you to add some fun content. Apply today. Operators are standing by.*

* actual operator count may be as low as zero.

DEF CON on Google+ screen capture

DEF CON is Now on Google+!

We're starting up a presence on G+. We've got some interesting plans for the specific technologies they employ over there. If you're on G+ (and you probably are), come on over and add us to your circles. We can be found at https://google.com/+DefconOrgplus.

DEF CON 14 Logo

DEF CON 14 Video now on YouTube!

Can't stop, won't stop! New playlist up on YouTube, this time the entirety of DEF CON 14. Over 80 presentations. You can fire it up right now and be edutained for the next two weeks or so.

We'd love it if you'd share the knowledge with anyone you think might benefit. Like, share and be merry.

DEF CON 21 Short Story Contest Image

DEF CON 22 Short Story Contest!

The DEF CON Short Story Contest is back, and it's already open! No excuses - you have from now until the first of June to get your story in for the chance to win some cool prizes and get your story shared with the whole DC community. Four months to shape your hacker lit masterpiece. Make us proud.

The rules and regulations are all available in the Short Story Contest thread on the DC Forums.

DEF CON 22 Logo

DEF CON 22 Call for Papers is Now Open!

It's that time again folks! Polish up those ninja caliber proposals, because The DEF CON Call for Papers is now officially open! Read the announcement and find out what's new, then fill out the CFP form and start down the road to DEF CON glory! Good luck!

Photo of DEF CON 20 Badges

2014 DEF CON Groups Challenge!

We have seen DC 21 come and go, and after a little rest we all have begun preparing ourselves for DC22. Since we have 7 months until we all meet again in Vegas, I have prepared a fun contest to help you pass the time.

Plus, if you win, you and your team mates will get free badges (8 free badges for 1st, 4 free badges for second) to help offset the costs of attending DC22!

Have fun and happy hacking!

-blak

Read all about the 2014 DEF CON Groups Challenge!

DEF CON 21 Video Archive art

DEF CON 21 videos now available for direct download and torrent!

Did you miss DEF CON 21? Do you have a ridiculous amount of hard drive space and like to keep large archives of hacking knowledge? At long last, all of the DEF CON 21 speeches can be found on the DEF CON 21 Archive page, The DEF CON Media Server, or downloaded en masse at these torrents:

https://www.defcon.org/html/torrent/DEF CON 21 video and slides.torrent
https://www.defcon.org/html/torrent/DEF CON 21 slides.torrent

For the fist time ever, we have transcripts of the talks! Use them for closed captioning, read them, or if you are feeling saucy, translate them to other languages and be sure to let us know!

Enjoy!

Image of the Rio Hotel courtesy Hackerphotos.com

Book a room at the Rio for DEF CON 22!

For those of you that want to get a jump on DEF CON 22, you can now book your room for DEF CON 22 at our discounted rate! Register now and save! We have a special discount for the first 200 reservations made in the DEF CON block. There are still a few left, so jump in now and stay at our host venue for the full DEF CON Experience!

Legitimate Business Syndicate Logo

Announcing DEF CON 22 CTF!

Legitimate Business Syndicate has announced their intention to return as organizers of the Capture the Flag competition! Check out their DEF CON 22 CTF Announcement blog post!

Spacer image

Happy New Year from DEF CON!

We would like to wish all hackers, geeks, techs, nerds, makers, phreaks, engineers, privacy and security folks the world over a Happy New Year!

2014 will be a year of security battles, with more companies responding to news of their products being used in mass monitoring. Now is the time to get involved!

The IETF is working on the possibility of HTTP 2.0 requiring TLS always, dramatically encrypting more of the Web. Why wait?

  • - Enable HSTS on your own sites, enable EDH as well for "perfect forward secrecy"
  • - Run a tor server as middle if you don't want to be an exit. This is what we do.
  • - Encrypt your email. Don't want to fight with PGP? Then install an S/MIME certificate. IPhones work with them really well too.
  • - Encrypt your sms messages. Check out Wickr on Android and iPhone, or try "text secure" on Android, it should be on iPhone soon.

You guys get the idea. Make a resolution to up your defense game in 2014 to make life more difficult for all who would eavesdrop on us - for whatever reason.

Oh, and Hack the Planet™

Spacer image

Happy Holidays! DEF CON 21 Videos Now on YouTube!

Just in time for the holidays, we have a long awaited Christmas/Hanukkah/Kwanzaa/Festivus/Solstice/etc. gift for all of you! You can now watch all of the DEF CON 21 talks on YouTube, with or without closed captioning! That's right, go ahead and stream all the hacker-y goodness from this year's DEF CON with your favorite holiday beverage in front of a warm fire! Happy Holidays from all of us at DEF CON!

Spacer image

DEF CON 21 CTF Packet Captures from Saturday!

Well here it is, the biggest one yet! Complete packet captures from Saturday at the DEF CON 21 Capture the Flag competition are now available for torrent! This is a huge one folks, compressed down to 35 gigs from 495, so get those hard drives cleared out and ready!

If you can, leave them seeding for a bit to share the love!

Spacer image

DEF CON 16 Videos now on YouTube!

Here's something to be thankful for! We've now posted the complete DEF CON 16 speeches on YouTube to watch at your leisure! Enjoy!

Spacer image

DEF CON 17 Videos now on YouTube!

You can now stream all the videos from DEF CON 17 that your heart desires on YouTube, the latest installment to our channel! Enjoy!

Spacer image

DEF CON Forums Temporarily Disabled

Service on the DEF CON Forums has been suspended due to a 0-day exploit in the wild which could compromise user information. We are sorry for the inconvenience. Check out https://forum.defcon.org/ for links to more info, and to see the super-shark-fin sad cat.

Spacer image

DEF CON 19 Videos now on YouTube!

DEF CON 19 videos are now live on YouTube for your streaming pleasure. We hope you enjoy these videos, and if you do please "like" them. Comments are open, so feel free to leave feedback, or start a conversation.

Spacer image

DEF CON 20 Videos now on YouTube!

The massive upload has begun! We are currently in the process of uploading all of the DEF CON video from past years to our YouTube Channel, and we begin with DEF CON 20! We're getting them up en masse and processed as we speak, and will be releasing them as we finish each show. Next up will be DEF CON 19. We hope you will enjoy them!

DEF CON 20 Presentations - Video + Slides playlist on Youtube

Spacer image

DEF CON 22 CTF Quals Tentative Dates Announced!

The team over at Legitimate Business Syndicate is getting a jump on things for DEF CON 22, and have announced their tentative dates for the 2014 CTF Quals! The 2014 Quals will be held Midnight May 17 to Midnight May 19, 1400284800 to 1400457600. Keep an eye on https://legitbs.net for all of their updates, and for links to the LegitBS Blog and twitter feed!

Spacer image

DEF CON 21 Photo Collections!

Have you never been to DEF CON or just want to re-live the precious memories from DEF CON 21? If so, we've posted some picture collections on media.defcon.org at:

https://media.defcon.org/DEF CON 21/DEF CON 21 Hacking Conference Pictures Collection 1/
https://media.defcon.org/DEF CON 21/DEF CON 21 Hacking Conference Pictures Collection 2/

If you are of the torrenting sort, you can siphon them down all at once at:

https://www.defcon.org/html/torrent/DEF CON 21 pictures 1.torrent
https://www.defcon.org/html/torrent/DEF CON 21 pictures 2.torrent

Enjoy!

Spacer image

DEF CON 21 CTF Packet Captures from Friday + Tools and Binaries!

Legitimate Business Syndicate has been gracious enough to provide us with complete packet captures from the DEF CON 21 Capture the Flag contest! A big thanks to them and all the great teams who participated! Here is the first batch of those pcaps, all the traffic from Friday at the con. Saturday and Sunday's will be soon to follow so keep your eyes peeled!

They were also so kind as to include the tools and binaries from the game, which we have also included in a handy torrent file!

You can always find write-ups, file collections, and history of the DEF CON Capture the Flag competition on our CTF Page! Enjoy!

Spacer image

DEF CON 21 Materials RSS Feed, Updated CD, and Torrents!

For all of you fine folks out there, we have lovingly compiled the speaker's slide decks and extras from the con CD into the DEF CON 21 Materials RSS feed for your enjoyment! Not only that, but it includes all the updates submitted by the speakers since the con, so you'll have all the latest research! So check it out and grab the stuff you are interested in!

Alternatively, if you just gotta have it all sitting on a hard drive awaiting your whim, We have also posted a torrent and direct download link to the Updated Conference CD!

We've also updated a couple of the large collection torrents, one for the DEF CON CD/DVD collection from all the shows to reflect the addition of DEF CON 21, and another for the Hacker Related Documentaries with the addition of DEF CON: The Documentary.

Check out the following links and enjoy!

DEF CON 21 Hacking Conference Updated CD (Final)
https://www.defcon.org/html/torrent/DEF CON 21 updated hacking conference CD.rar.torrent
https://media.defcon.org/DEF CON Conference CD DVD/DEF CON 21 Updated Hacking Conference CD.rar

DEF CON 21 Hacking Conference Presentations (These are all the presentations from the speakers, but not the extras folder)
https://www.defcon.org/html/torrent/DEF CON 21 presentations.torrent
https://media.defcon.org/DEF CON 21/DEF CON 21 presentations/

UPDATED Collection of conference CD and DVDs - Now includes DEF CON 21 original and updated CDs
https://www.defcon.org/html/torrent/DEF CON Conference CD DVD Collection 2013.torrent
https://media.defcon.org/DEF CON Conference CD DVD/

UPDATED: Hacking Documentaries hosted at DEF CON - Now includes the DEF CON Documentary and sneak peek
https://www.defcon.org/html/torrent/DEF CON Hosted hacking related documentaries v2.torrent
https://media.defcon.org/Hacking Related Documentaries/

Spacer image

In Case You Didn't Know...

This may be old news to some of you, but we've noticed a lot of questions in the comments from the last few Facebook posts about where past DEF CON Content resides. We have several outlets:

https://media.defcon.org is a directory browsable repository for all of our past content.

https://www.defcon.org/html/links/dc-torrent.html for all of our torrent files. These are the huge collections for all-at-once downloading.

https://www.defcon.org/html/links/dc-archives.html is a portal to our archive pages by year.

These include audio, video, CTF files, artwork and a ton more! So if you didn't know, now you do. Pick your poison and enjoy!