You might be a security professional who could not get time off for DefCon. Perhaps you could not justify it to your manager (who is probably a DefCon veteran). Or you just didn't know what it was all about. I will be your guide into the DefCon world. So sit back, get comfy - we're reading, we're reading....
DefCon 17 is a raid to the senses, especially for the first-timer. July 30, 2009 kicked off the fevered exploration of all things technology and security. It may be obvious to the initiated that DefCon is not BlackHat, but this statement does not fully convey to magnitude of these difference. BlackHat is the polished face that information security professional express to their business customers. DefCon is the raw, savage expression of the passion these professionals bring to their work.
Presentations
DefCon, like BlackHat, hosts presentations offered by information security researchers and luminaries. DefCon stands out because it also attracts the security “outlaws” - those intrepid “hackers” who exploit the fundamentals of technology. Small break-out sessions allow for more intense discussions around granular topics. These dialogues are sometimes controversial, but they are critical in stimulating attendee dialogue.
Capture the Flag
If you did not image your only laptop before entering this competition, you should reconsider participating. This exercise puts your knowledge of system exploits to the test in a competitive environment where your performance is displayed on a wall monitor for all to see. Most Capture the Flag events outside of DefCon adhere to a code of honor – don't hack your opponent. Don't assume that this code is shared among the cyber gladiators you will challenge.
Villages
If you've ever want to learn how to pick a lock or solder components to a circuit board, DefCon villages are the place to be. This is a must for the people who wish to enhance the functionality of their convention badge. I had the pleasure of contributing my press badge to a project where the different badges where arranged into a circle that flashed in sequential patterns of light. I will post pictures in an upcoming installment. These villages extend individual security awareness by highlighting the role that various components play in a system.
Entertainment
No convention is complete without festivities to offset information overload. If you want to get an insight into the hacking subculture, a DefCon party is required field work. The parties range from mild meet-ups in hotel rooms/bars to bacchanalian balls that redefine your party archetype. Regardless of your comfort zone, I recommend party attendance highly. If nothing else, they are great labs in which to practice social engineering.
Stayed tuned for the next installment to this series. I will include some cool pictures and stories from DefCon.
