Published: Wed, 18 Jan 2017 15:01:46 -0800
Last Build Date: Wed, 18 Jan 2017 15:01:46 -0800Copyright: ©1992-2014 DEF CON Communications, Inc. All Rights Reserved except for non-commercial educational purposes only. email if you have questions.
Wed, 18 Jan 2017 15:01:45 -0800
The trailer for 'Coded', a new hacker-focused series from Freethink Media, has tons of shots from DEF CON 23. It also contains interview footage with Ladar Levison and Nico Sell. We've only seen the trailer, but It looks promising. Here's the promo blurb: "The data war is in full swing. Foreign governments are hacking major corporations, major corporations are collecting massive amounts of consumer data, and the NSA is listening to all of them. With malevolent hackers on one side and oppressive regimes on the other, data security is as important to the global economy and human rights as free speech and the rule of law. Join us as we profile a new generation of programmers helping consumers and companies alike protect their financial information, their identities, and their freedom."
Wed, 18 Jan 2017 14:44:16 -0800
Gentle reminder: The Secret Stash is back with more DEF CON 25 boss-level swag! Both the tee and the sticker are custom, exclusive artwork available only from the Stash. Get your 2017 look together with a versatile tee - fresh for all situations, from the boardroom to your secret lair.
Sat, 14 Jan 2017 12:25:35 -0800
The early birds have captured all of the on-site worms: Caesars Palace is sold out for DEF CON 25.
Be of good cheer, however. You can still get our discounted room rate at the following nearby properties:
DEF CON 25 is gonna be kind of a big deal, and we want you there. We suggest getting on that reservation post haste. The link for the DEF CON discount is https://resweb.passkey.com/go/SCDEF7 and the time for action is now.
Wed, 11 Jan 2017 19:33:46 -0800(image)
As always, enjoy and pass it on.
Wed, 11 Jan 2017 13:15:01 -0800
Attention all seekers of CTF glory - the qualification season is underway! The solid citizens of the Legitimate Business Syndicate have posted the information you need to get involved on their website at legitbs.net.
If you've got the goods, get in the arena. There's nothing between your squad and Capture the Flag supremacy but air, opportunity and the best players on Earth. Get you some.
Fri, 06 Jan 2017 11:26:11 -0800
Today's treat - a YouTube playlist chock full of SE goodness from the Social Engineering Village at DEF CON 24! All the presentations and a bonus live recording of the Social Engineering podcast. There is much to be learned here, so block off some time.
As always, take what you can use and pass it on. The best defense against the dark arts of SE is exposure and education.
Mon, 02 Jan 2017 16:00:11 -0800
The Secret Stash is back with more DEF CON 25 boss-level swag. Both the tee and the sticker are custom, exclusive artwork available only from the Stash. Get your 2017 look together with a versatile tee - fresh for all situations, from the boardroom to your secret lair.
Mon, 02 Jan 2017 12:20:01 -0800
Happy New Year, DEF CON community! Jayson Street, our DEF CON Groups Ambassador, has some year-end words for everybody from his tastefully appointed secret bunker.
Get amped, radiant humans of DEF CON. 2017 is our Silver Anniversary and big things are in the plan.
As always, if you're not in a DEF CON group, consider joining one. If you can't find one nearby, consider starting one! The infoz are all available at defcongroups.org.
Thu, 29 Dec 2016 10:45:28 -0800
We've got some new stuff in the trusty old DEF CON eBay store for you - including DEF CON 24 Rucksack and Duffel bags and the hit "Jack" soldering Kit from HACKED at the Tribeca Film Festival.
Start the new year right - treat yourself to the very finest of hacker swag!
Fri, 23 Dec 2016 16:10:56 -0800(image)
Join us at Caesars Palace to look back at how we got here, and to imagine together where we go next.
Fri, 23 Dec 2016 14:12:53 -0800
According to CrowdStrike, the Russian hackers known as ‘Fancy Bear’ (recently in the news regarding the US election) or APT28 used a trojanized Android targeting app to geolocate and frustrate Ukrainian artillery.
From the article: “It’s incredible, from a technical point of view, that hackers and hacking can so drastically influence the outcome of military engagements,” Wardle said. “If this is all true, I mean, it would have been a huge, huge advantage for the Russians to be able to geolocate the Ukrainian artillery units...basically in real-time, via an infected Android app. Crazy.”
It’s worth noting that at DEF CON 23 Runa Sandvik and Michael Auger dealt with the possibilities of using connected weaponry against its owners in their talk “Hacking a Linux Powered Rifle”. You can check that presentation out here.
Fri, 16 Dec 2016 23:13:30 -0800
In the spirit of this festive season, DEF CON has a gift for you and your various screenz: wallpapers for everyone!
Designed by our very own Mar Williams and sized to fit many popular devices, these DEF CON 25 wallpapers will make your lock screen the talk of the town!
And while you're admiring your spiced-up mobile, remember that you can still get a T-shirt emblazoned with this very same artwork at teespring.com/defconstash, for the next several days.
Thu, 15 Dec 2016 14:06:46 -0800
Heads up to all the CTF fans out there: the upstanding citizens of the Legitimate Business Syndicate have alerted us to some of the contests that will qualify for the DC25 CTF.
According to the Legitimate Business Syndicate (@legit_bs) Twitter feed, the following contests are confirmed as qualifiers:
Boston Key Party (@BkPCTF)
33C3 CTF (@EatSleepPwnRpt)
If you're not in the dojo getting yourself into tournament shape, it's time to start making better choices.
Thu, 08 Dec 2016 14:23:31 -0800(image)
Like #DEFCON? Like #GoRuck Events? Wanna put them together? Express your interest in the DEF CON/GoRuck Custom! http://buff.ly/2h7Th7F
Wed, 07 Dec 2016 14:22:43 -0800(image)
IoT-enabled botnets are all over the news, but the suspect devices are generally consumer-grade. In today's #internetoftriviallycompromisablethings update, 80 different industrial-tier IP cameras shipped with hard-coded creds, opening them up to all kinds of botnet mischief.
Sony has addressed the issue in the latest firmware updates for these devices, and updating is enthusiastically recommended.
Probably a good reminder that the higher prices for corporate-level gear do not imply better security practices.
If you want to devote some time to educating yourself on the current state of the Internet of Things, we suggest starting with the DEF CON 24 IoT Playlist.
Enjoy, share widely and run the latest firmware.
Mon, 05 Dec 2016 12:59:37 -0800(image)
The December pack is a crisp, fresh DEF CON 25 tee and a high-quality DC25 sticker. The design is courtesy of DEF CON staff artist Mar Williams, created especially for this package. Look sharp, gift like a boss and hide your laptop's shiny metal shame. Rock DEF CON 25 swag like you come from the future.
Wed, 30 Nov 2016 13:45:33 -0800(image)
Watch this space: December 1, DEF CON has something nice for your holiday season. Even if you've been a little naughty.
Wed, 30 Nov 2016 13:58:17 -0800(image)
As always, share widely and give the artists you dig some love.
Fri, 18 Nov 2016 13:30:36 -0800(image)
The new Raspberry Pi hotness is Samy Kamkar's PoisonTap. It's a cheap (like dinner at Arby's cheap) device that pops locked machines fast (like the onset of Arby's regret fast). Samy posted a video demo on YouTube, and you should watch it.
If you dig Samy's style and want to see another of his low-fi, hi-yield hacks, we've got a #defconflashbackfriday video for you - Samy demoing inexpensive car/garage door exploiter 'RollJam' at DC23 in supremely informative and entertaining fashion.
Check it out, pass it on.
Thu, 17 Nov 2016 11:45:31 -0800(image)
DEF CON 24 Speaker Patrick Wardle is back in the news with a warning about Shazam's macOS app. Apparently, turning off the app doesn't stop it from recording.
Which is weird, right?
If reading the article has you looking for a little more of Patrick's insights into macOS security, you can check out his talk 'I've Got 99 Problems, Little Snitch Ain't One.' from DC24.
Fri, 11 Nov 2016 14:01:45 -0800(image)
Limber up your hard drives, my friends. If you seek the motherlode of DEF CON 24 content, look no further than our Torrents page. All the talks in multiple formats? Check. DARPA Cyber Grand Challenge content? Music? CTF files? Check, check, super check. Fire up your preferred netguzzler and get to guzzling. Enjoy, seed and share widely.
Thu, 10 Nov 2016 14:34:32 -0800(image)
More hot playlist action - Internet of Troublingly Hackable Things edition! It's a gourmet selection of talks from the main track and the IoT Village. We recommend pairing it with an overcaffeinated beverage and wired headphones. Learn all you like, then make sure to pass it on.
Wed, 09 Nov 2016 14:56:33 -0800(image)
Today's playlist is the DEF CON 24 Wireless Village Talks. Software Defined Radio, evil access point tricks, BLE hacking - it's all in there. If the wireless ecosystem and the hacking thereof floats your boat, it's time to make an appointment with our YouTube channel and get caught up.
As always, share the love and pass on the knowledge..
Mon, 07 Nov 2016 16:35:12 -0800(image)
Today's DEF CON 24 playlist is called 'AFK'; it focuses on talks that deal with policy and ideas rather than hardware and code. Hacker Law superhero Jennifer Granick's talk on the state of the applicable law is in here, as are the 'Meet the Feds' and 'Ask the EFF' panels. There's a little something for every interest, from the venerable Richard Thieme's talk on the psychological toll of working with secrets to the Bob Ross Fan Club's talk on recognizing and neutralizing propaganda.
Thirteen talks in all, with lots of variety. Block off some time (or just put in headphones) and get yourself some. As always, share the love.
More playlists on the way!
Fri, 04 Nov 2016 12:07:17 -0700(image)
The rollout of DEF CON 24 videos continues with 10 videos with a focus on car hacking. There’s a couple of presentations that deal with the CAN BUS, a deep dive into autonomous cars and even a couple specifically about big rigs. Seven of the ten talks come straight out of the Car Hacking Village!
There’s a weekend coming - maybe it’s time to curl up with a laptop and get up to speed on the rapidly expanding world of automotive hacking. As always, enjoy and pass it on.
Big playlist coming Monday!
Thu, 03 Nov 2016 15:38:32 -0700(image)
Today we begin the rollout of the DEF CON 24 talks with a very diverse playlist of crypto and privacy focused presentations.
From the main tracks we have Ladar Levison on compulsory decryption and Nate Cardozo on the State of Crypto in 2016. We also have six talks from the Crypto and Privacy Village!
As ever, we want you to enjoy the presentations, get inspired and pass the knowledge along.
More talks tomorrow!
Fri, 28 Oct 2016 15:14:18 -0700(image)
Today's #defconflashbackfriday is from DEF CON 24, and it's a fun one. Evan Booth's talk this year was on building a bionic hand out of a Keurig coffee maker, but it's also about imagination, creativity and finding potential in the commonplace and unremarkable tech that's all around us. As always, please enjoy, be inspired and pass it on.
Wed, 26 Oct 2016 12:38:41 -0700(image)
DEF CON is on Instagram! We're posting a steady stream of pictures from the vaults, pictures of the preparations we're making for DEF CON 25 and various image-based shareables to amuse and edify all hackerkind. Follow us at wearedefcon and share your memories, your projects, or maybe all the exciting places you're wearing your DEF CON hat. We can't wait to see what you're up to.
Tue, 25 Oct 2016 11:45:12 -0700(image)
DEF CON in the news: To kick off your week with a heaping helping of hope for the future, here's an article from Sara Sorcher and Ann Hermes at the Christian Science Monitor calling out 15 kids killing it in the cybersecurity space.
To our great joy, a bunch of those kids have in common the DEF CON kids' track, R00tz Asylum. CyFi, Kryptina, Evan, Miller and Emmitt - you make us prouder than you know.
Tue, 18 Oct 2016 17:14:25 -0700(image)
The US Presidential election is a few weeks away. Whatever the outcome it’s safe to say this election is an inflection point. Hacked communications, data dumps and claims of state actors using media to influence the vote have dominated the news cycle. These factors and the anxiety and outrage fatigue that acccompany them are likely to be around a while, so it seemed like an opportune moment to repost Chris Rock’s talk on overthrowing governments. It’s a thought-provoking investigation into what it might take to use the modern landscape for toppling a regime, and it’s a good practical alternative to the generalized hysteria promoted by cable news.
Fri, 14 Oct 2016 09:38:25 -0700(image)
A couple of DEF CON 24 related news items in the last week:
The folks from the DEF CON IoT village and SOHOpelessy Broken Contest fame have recently published an article on their findings from this years DEF CON outlining the ever present threat of IoT vulnerabilities discovered.
Not to mention this interesting article about an Steganography vuln first publicized in the Crypto and Privacy Village at DEF CON 24.
Fri, 07 Oct 2016 14:04:00 -0700(image)
It's been a while since we posted an update, so this will be a doozy....
First and foremost, meetings are EVERY TUESDAY AT 7PM at Idea Fab Labs Chico! Every week people ask "is there a meeting tonight"? The answer is ALWAYS YES! Sometimes meetings are just 5 hackers hanging out talking shop. Come by and say Hi!
If you'd rather participate and get your hands dirty, there is currently a shiny voip phone running SIP firmware AND A PBX waiting for a config to be created and pushed.
The Kegbot also needs some love, as the raspi that runs the DB and Twitter feed is unplugged on top of the kegerator. Feel like getting the Pi and Tablet talking again? By all means!
There's also that sexy little black box on our table...but that's a secret. Right guys? See you next Tuesday.
Fri, 07 Oct 2016 14:02:53 -0700(image)
A more interesting thing about human augmentation devices like the. Insulin pump, however, is that they offer real, life-altering promise. Unlike all the devices clamoring to dim your lighting and save you from walking all the way over to the thermostat, this class of device can save your life, return your mobility, even make you a bootleg superhero.
For your Wednesday we offer a video from DEF CON 20 by doc/hacker types Christian Dameff and Jeff Tully meant to remind you of all the cool possibilities that the future holds, if we can get the security thing under control.
Link to the insulin pump story:
Fri, 30 Sep 2016 14:32:28 -0700(image)
DC813 is holding a CTF competition in January. If you're Tampa-adjacent, this could be a really fun way to get into CTF or level up your blossoming skills.
From the DEF CON Forums:
We will be holding a beginners/intermediate CTF game which has a $10 seating charge for purposes of raising money for DC813. Cash payment at the door. There will be a grand prize given to the first competitor to get the flag (root). This is a boot to root challenge. Seating is limited. NOTE: This CTF does not include multiple attack nodes; this game is designed for beginners and those that wish to sharpen their CTF skills. An OVA file containing the game within a VM will be provided, upon payment, the day of the competition. All monies received will go towards the DC813 Meetup expenses.
Tue, 27 Sep 2016 11:55:47 -0700(image)
In the ever-expanding universe of DEF CON competitions, there are many winners. We salute them all. Some of these victories are so impressive that we recognize them with an extra awesome badge and free DEF CON entry for life. This badge is the Black Badge, and we list the winners on the Black Badge Hall of Fame.
We've updated the Black Badge Hall of Fame to include winners from DEF CON 24. You should check it out.
If you have questions or updates, hit us up at info at def con dot org.
Sun, 25 Sep 2016 10:11:00 -0700(image)
Video from #defcongroup DC801's badge coding environment presentation a few nights ago. Learn a little something about the making of the 801 badge and pass it on. Also, get a look into the kind of cool stuff that happens at DEF CON Groups, and seriously consider joining your local chapter so that cool stuff can start happening to you.
If there isn't a DC Group where you are, consider starting one. All the details you need are at defcongroups.org.
Tue, 20 Sep 2016 10:59:34 -0700(image)
The talks from the @r00tzasylum kids track at DEF CON 24 are now live on the inter-tubes for the edification of young padawans and grizzled Jedi alike. Please enjoy, and make sure to drop a link to any promising younglings who might benefit from the training!
Fri, 16 Sep 2016 16:16:55 -0700(image)
For anyone with questions about the hotels DEF CON attendees use during the con, our forum wizard TheCotMan has assembled a super-handy FAQ from previous As to various lodging-related Qs.
Wed, 14 Sep 2016 13:44:29 -0700(image)
To help you get over that midweek hump, we offer another early release video from DEF CON 24 - 'I Fight for the Users: Attacks Against Top Consumer Products '. In this video, @zfasel and @secbarbie walk you through attacks on 21 popular IoT devices - so you get something more than just proof that one or another connected toaster is ready to pwn. You get to see how how whole product categories are ready to pwn.
There's even tools, in case you want to test the security of some of your own 'smart' devices. Good stuff, delivered with an eye for the lulz.
Please enjoy and then pass it on.
Thu, 08 Sep 2016 14:56:42 -0700(image)
We've got another early release video from DEF CON 24! It 's called 'Can You Trust Autonomous Vehicles?', and in it Jianhao Liu and Chen Yan discuss jamming and spoofing attacks on the sensors of cars like the Tesla Model S. It's definitely a sobering look at the downside of the Jetsons-style tech we're developing and a good reminder of the place security thinking needs to take at the design table.
As always, enjoy and pass it on.
Tue, 06 Sep 2016 14:17:09 -0700(image)
The scores for this year's DEF CON 24 CTF have been posted! The model citizens of the Legitimate Business Syndicate have finalized and shared the ultimate scores of this year's historic and hotly contested contest.
But wait - there's more! LBS also suggests strongly you keep your eyes on their site (and ours, natch) for more goodies on the near horizon: pcaps, source code, a full SQL dump among other data for your leisurely examination.
Sat, 03 Sep 2016 00:22:55 -0700(image)
For your weekend, we offer @_Kustodian_'s talk from DEF CON 24 'How to Overthrow a Government', in which the intrepid Chris Rock delivers another provocative and spooky talk about the kinds of vulnerabilities an imaginative transgressor can harness to exploit bureaucracy for their own ends.
As always, enjoy the talk and pass it on.
Thu, 01 Sep 2016 16:27:55 -0700(image)
DEF CON got a lot of ink this year - among the happenings were the DARPA CGC, tons of IoT news and what is probably the most bonkers uber badge in the history of uber badges. If you want to comb through the press coverage, we’ve assembled a bunch of it on the DEF CON Press Archive for your convenience. If you see articles that we missed, feel free to drop us a link in the comments and we’ll update.
Fri, 26 Aug 2016 23:24:37 -0700(image)
For your weekend, another #defconflashbackfriday early release talk from DEF CON 24 - this time Marc Newlin on the hijacking of wireless mice for nefarious purposes. He calls it 'MouseJack'.
As always, enjoy and share widely.
Thu, 25 Aug 2016 11:58:34 -0700(image)
For your midweek edification, we offer another early release video from DEF CON 24 - this one is the Mr. Robot panel! It's a lively discussion of the show and its inspirations with Mr. Robot's technical advisor Kor Adana, The Dark Tangent, Marc Rogers, Andre McGregor and Ryan Kazanciyan with journalist/author Kim Zetter moderating. If you watch the show, you'll definitely learn some new tidbits to increase your appreciation. If you don’t, the panel will show you what it takes to keep a hacker show realistic and exciting.
Wed, 24 Aug 2016 13:40:46 -0700(image)
Good News Everybody! We've got some updates to the archive page for DEF CON 24! We've got updated slide decks and whitepapers now on the media server.
For a post con re-cap on DEF CON and the CFP process this year, check out Nikita's speaker's corner entry entitled "DEF CON CFP: Thinking Back and Moving Forward"!
Fri, 19 Aug 2016 14:46:24 -0700(image)
Returning to the tradition of #defconflashbackfriday, we offer a presentation from all the way back in 2016 - Weston Hecker's 'Hacking Hotel Keys and Point of Sales Systems : Attacking Systems Using Magnetic Secure Transmission' from DEF CON 24.
We probably can't summarize the talk better than the title does, but if you need a little more incentive here's the abstract:
"Take a look at weaknesses in Point of sale systems and the foundation of hotel key data and the Property management systems that manage the keys. Using a modified MST injection method Weston will demonstrate several attacks on POS and Hotel keys including brute forcing other guest’s keys from your card information as a start point. And methods of injecting keystrokes into POS systems just as if you had a keyboard plugged into the system. This includes injecting keystrokes to open cash drawer and abusing Magstripe based rewards programs that are used a variety of environments from retail down to rewards programs in Slot Machines."
As always, watch, learn and share widely.
Thu, 18 Aug 2016 07:56:52 -0700(image)
If the presentation tracks are the brain of DEF CON, then the contests are its heart. It's a kind of alchemy: we bring together thousands of interesting strangers fascinated with various aspects of technology, and we want them to leave a few days later with new friends, new skills and new obsessions. Our solution? Just add a rich, world-class layer of competitions run by an army of talented, insanely dedicated volunteers.
This formula has worked pretty well, and we thank all of you players for supporting the games and keeping the comp high-level and good-natured. It is our sincere hope that you're getting something valuable from getting into the DEF CON arena in the battle of your choice.
Still, the contests are as tough as they are fun, and the field is full of wildly brilliant humans. Every winner listed here has earned their prizes and bragging rights. We congratulate them all and hope to see all of you back in the ring for DC25.
Wed, 17 Aug 2016 11:29:42 -0700(image)
The newest treats on the DEF CON media server are pictures from DC24. Like metric oodles of pictures, taken with skill and respect by our Photo Corps and a few other friends of the con like the SE Village. We offer them to all of you as a memento and record of the event, and a chance to see the bits you didn't get around to.
Like everything we release, these photos are CC licensed for you to enjoy, share and remix so long as you clearly attribute them to DEF CON.
If you have pics you'd like to share, let us know at info ]at[ defcon [dot] org and we'll look into adding them to the collection.
Mon, 15 Aug 2016 21:25:20 -0700(image)
When the dust settles after a DEF CON, it's time to collect the write-ups from the various contests and challenges. There's nothing more educational and humbling than analyzing successful strategies from the player's point of view. Please enjoy our DC24 Writeup Sampler Vol. 1, and if you see some we missed, please drop us the links for inclusion in a future volume.
Mon, 15 Aug 2016 21:23:51 -0700(image)
For those of you who missed the TD Francis X-Hour Film Contest, here's all of the competing films in their full glory. The creativity and energy required to conceive, write, shoot and edit a film during DEF CON never fails to impress. If it looks like fun to you, consider signing up and taking a crack at it next year!
Thu, 11 Aug 2016 20:15:14 -0700(image)
As part of our annual process of compiling press accounts of DEF CON, we offer some link roundups sorted by topic. First up, DEF CON Link Roundup: IoT edition.
This was a big year in the Internet of Things, and the whole industry is only just getting off the ground. At DEF CON 24 we saw the first ransomware delivered via thermostat, among many other causes for interest and concern.
As always, if you find cool coverage of DC24 topics out there, please feel free to drop some links in the comments.
Thu, 11 Aug 2016 12:16:05 -0700(image)
A big congratulations to this year’s winners of the DEF CON Capture the Flag Competition, Plaid Parliament of Pwning. A big shout out to Legitimate Business Syndicate for their masterful hosting of this event. Check out this profile of the winners!
Thu, 11 Aug 2016 12:16:28 -0700(image)
DEF CON 25 is going to be kind of a big deal.First, we’re celebrating 25 years of bringing hackers together for knowledge transfer and hackish shenanigans in the swelter of late-summer Las Vegas. Even after a full quarter-century of hacker summer camp, our family is still growing fast, and we’re still finding new cool ways to get people involved and connected.
Second, we’re switching venues again, this time to the larger, swankier environs of Caesar’s Palace. We’ll have bit more space and a lot more flexibility in how that space is distributed. Hopefully that means there will be easier traffic management and shorter lines for everyone.
DEF CON 25 will be held at Caesar’s Palace July 27-30, 2017. You can get yourself the DEF CON block rate right now at Caesar’s or the other participating hotels (Bally’s. Paris, Flamingo, Harrahs,and Linq) by following our reservation link at https://resweb.passkey.com/go/SCDEF7.
We have a lot of ideas for celebrating our Silver Anniversary with you, and we hope you have some too.
Can’t wait to see all of you again at Caesars in July.
Tue, 09 Aug 2016 18:13:23 -0700(image)
Heads up hackers! For those who attended, we hope you enjoyed this year's soundtrack. Many thanks to our headliners like Dirtyphonics, Information Society, and Richard Cheese for pitching in.
Most of all, a big thank you to Gravitas Recordings for helping to facilitate, curate, and help out with the online distribution of the soundtrack. If you missed the conference, you can find it at http://music.gravitasrecordings.com/album/def-con-24-the-official-soundtrack. Best of all, it's free or pay-what-you-want, with all revenue going to support the Electronic Frontier Foundation.
Look out for some major jams for DEF CON 25!
Sun, 07 Aug 2016 16:21:33 -0700(image)
We know what you're wondering. Who is that handsome fellow?
That striking visage belongs to this year's Uber Badge. In addition to his chiseled good looks, he sports some spiffy secret code and one particularly hyper-functional eyeball. They're each handmade, and need to be individually adjusted due to servo differences. If you're one of the lucky few who are taking one of these home, congratulations! If not, you should get here next year and get your hat in the ring. Who knows what next year's badge will be?
You can observe it in action at: https://www.youtube.com/watch?v=t8mLCnhMSqA
Sat, 06 Aug 2016 14:31:09 -0700(image)
The DARPA Cyber Grand Challenge is complete, and the mighty Mayhem from ForAllSecure has been crowned Champion and ruler of all it surveys.
If you're still wondering what's such a big deal about computers hacking each other, or if you just want a quick primer on how amazing the contest was, DARPA has dropped a highlight reel to catch you all the way up.
Sometimes you can't see how important something in in its moment, even if it seems kind of important. This is probably one of those times.
Thu, 04 Aug 2016 16:35:40 -0700(image)
CD player in the shop? Too young to know what a CD even is? The DEF CON 24 conference CD and the DEF CON 24 Music CD are now available to you in ultra-convenient Torrent form. Enjoy hours of free music and conference goodies, without the danger of skips, scratches and microwave misadventure. The internets are standing by, so Act Now!
Or, like, whenever. Supplies are basically unlimited.
Wed, 03 Aug 2016 18:03:30 -0700In response to the article that was posted by the Register, the DEF CON Network Operations Center Team (NOC) pride ourselves on making a network that allows the community to get Internet access, and have access to internal resources (Servers, etc.). The DEF CON NOC believes in privacy and anonymity for our attendees. When users attach to the DefCon Secure (802.1x/PEAP) network, we have made the decision to do our best to make that data/traffic inaccessible, and the team does not allow for data monitoring, nor recording of the traffic. We do have overall bandwidth monitoring- but will never run driftnet, ntop or other tools that invade the privacy of the users on the secure network. The DEF CON network resources, and staff who volunteer in the NOC at DEF CON currently do not have any part in the operations of the Black Hat network(s). The DEF CON NOC also doesn’t allow vendors to use the network as a place to demo or experiment with our user’s traffic. Now… If you happen to attach to any network that does not have the more secure certificate authentication method enabled – all bets are off. Your traffic will be monitored – not by us, but by the people around you. We also ship the open WiFi network traffic off to the Wall of Sheep as well, and anyone on the unsecure network can and will easily Man-In-The-Middle your traffic. If you want to get on the “DefCon” Secure network- follow the instructions that are posted on https://wifireg.defcon.org/. Each PEAP session that is created from the client to the controller is a unique session, and is not allowed to talk to any of the other users on the network once connected to the official network. If you are concerned about someone capturing your credentials, you don’t want to register ad userid, or want to maintain anonymity we have also setup a common username and password of defcon/defcon. So if someone says that they captured your credentials, it’s really not that big of a deal, especially when everyone has a unique session. You should still install and only trust the certificates that we have posted on https://wifireg.defcon.org/. -The NOC Team Sine Qua Non[...]
Fri, 29 Jul 2016 19:02:32 -0700
Attention Lawyers, Judges, Law Students and people who have the complete Matlock collection on VHS:
The Lawyer Meetup has changed locations. It's still on Friday Night August 5, and it's still at 6pm, but now it will be held in Bally's Palace 6 on the main floor. We hope to see you there for genial jurisprudential fellowship.
If you have questions or want to help, contact host Jeff McNamara at email@example.com.
Fri, 29 Jul 2016 19:01:08 -0700
At DEF CON, cyber competitions are kind of our thing. Our first We love them because they're fun, because they test a lot of skills at once, and because they build community.
Yesterday, DEF CON founder Jeff Moss attended a workshop held by the Office of Science and Technology Policy to discuss ways we can use this kind of competition to encourage infosec as an occupation, and making this kind of high-energy hacker problem-solving part of the standard curriculum for STEM students everywhere. The idea, according to OSTP's blog is "increasing awareness of potential cybersecurity professionals and providing opportunities for experiential learning at all skill levels."
We couldn't agree more.
This year DEF CON's annual CTF contest will bring together teams of packet-slinging phenoms from all over the world. For the first time, we're also putting on a DARPA autonomous CTF contest. In a few years, who knows what the combination of brilliant humans and intelligent machines will mean for contests like ours? You're definitely going to want to stay tuned.
Wed, 27 Jul 2016 01:35:58 -0700
Many thanks to @shortxstack and @sethlaw for creating the Android and iOS versions of the #HackerTracker app. Thanks to their effort you can slurp the entire schedule of DEF CON 24 into your pocket-brain, freeing your hands and meat-brain for mischief and hackery.
Wed, 20 Jul 2016 13:37:14 -0700
Workshops are free, first come, first served, and seats will fill up fast!
To register for a workshop, you will need to go to the Bally's side in front of the cafe arcade between Thursday 07:00 to 15:00. We will have goons to pre-register you for the workshop(s) of your choosing.
If the workshop that you want has filled up before you got there, don't worry! Just like last year, if you come to the workshop area early the day of, you can wait in the standby line. If a seat opens up, it will be made available to the first person waiting to claim it.
Please Note: You will be issued a workshop "pass". It will be required for class admission. If you lose it we can't help you, your seat will be made available for those in standby.
Tue, 19 Jul 2016 01:52:38 -0700
While you're enjoying DEF CON 24, don't forget to check out the demo labs, where many of your fellow hackers are displaying their current projects for your perusal. Get inspired, offer some feedback, maybe even find a new collaborator.
There ain't no show and tell like a hacker show and tell.
Sun, 17 Jul 2016 15:44:18 -0700
Attention Hams, both active and aspiring! The exemplary humans of DC408 have brought back Ham Exams for DEF CON 24!
If you're looking to get a certification, please take a moment to look through the rules on the forum page for this event. You're gonna have to bring some stuff. And know some stuff.
Sun, 17 Jul 2016 15:43:12 -0700
The situation we find ourselves in after the events of last year is tenuous. All agents must be especially careful. The Mad Hatter's disruption of the Daemon was a serious breach, but this year, we may just be able to get the upper hand.
Soon you will find new content and a brand new Teaser online at https://dcdark.net/ Agents from past years: DM me here or on Twitter. There is work to be done.
forum thread: https://forum.defcon.org/forum/defcon/dc24-official-unofficial-parties-social-gatherings-events-contests/dc24-official-and-unofficial-contests/the-defcon-darknet-project-ac/223792-defcon-24-darknet-humans-and-machines
Sat, 09 Jul 2016 03:06:46 -0700
The Data Duplication Village is also returning for DC 24, tanned, rested and packed with even more goodies to fill your oceans of cheap HD space.
Bring some drives, get everything in infocon.org and a practically endless supply of rainbow and hash tables. You can even throw some fun data into the mix, if you have something you think your fellow hackers would find useful. It's kind of like a drop-off dry cleaner, except you get back terabytes of sparkly new data instead of your same old clothes. And it's free. And surrounded by DEF CON.
So really it's only like a drop off cleaner in that you drop stuff off, pick it up later and the bag is NOT A TOY. But that's enough for a simile, right?DT spells it all out in the Forum thread and you are encouraged to ask any questions you have there.
Wed, 29 Jun 2016 14:50:51 -0700
Vegas is a lot of fun, but it can also be just a lot. Too much, even, if you’re trying to keep the horizon level in your windscreen. If you’re a friend of Bill W joining us for DEF CON 24, please know that we have meetings at noon and five p.m., Thursday through Sunday at ’The Office’ on the 26th floor of the Bally’s Tower. Drop by if you need to touch base or just want a moment of serenity. We’ll be there.
Mon, 27 Jun 2016 17:00:59 -0700Heady, insightful movies about the rise of robots and AI are great. We've even recommended several in these pages, and you should definitely watch them all. Still, movies don't have to carry the weight of 2001 or the maniac attention to detail of Blade Runner to be worth 90 minutes of your life. Sometimes an earnestly misguided B-movie is just what the doctor ordered. In that spirit, we offer 'Rise of the Machines' Movie Homework, Guilty Pleasure Edition. Westworld: In the early 70s, the robot future looked like the Disney animatronic President exhibit, at least to the makers of this film. Take a fun, sexy vacation to a theme park where robots populate a Wild-West themed town. You can drink with them, dance with them, fight with them - it's a hoot until somebody makes the Yul Brynner-bot angry. Fun and interesting, if a little slow-moving. The Lawnmower Man: Sure, VR is all the rage now, but this isn't the first time we've gone crazy for the idea of low-poly graphics and nausea goggles. The last VR boom mostly created dozens of televised interviews for Jaron Lanier, but right on the edge of that bubble we got 'Lawnmower Man' - a sort of 'Flowers for Algernon' meets 'Transcendence' with some seriously early 90s graphics work. Hardware: I can't really give you a better description than IMDB does: "The head of a cyborg reactivates and rebuilds itself and goes on a violent rampage in a space marine's girlfriend's apartment." This movie isn't high art, but it's fun and it's better than its budget deserves. Also, Lemmy is in it. Runaway: Tom Selleck and his absurdly luxurious mustache have the dirty job of deactivating robots who've gone haywire. The over-the-top bad guy is played by Gene Simmons of KISS. Michael Crichton wrote and directed. Dopey fun, and a good reminder how incredibly weird the 80s were. [...]
Thu, 23 Jun 2016 12:03:21 -0700
There's a brand new Speaker's Corner post from Aditya K. Sood titled "Bridging the Gap: Dispersing Knowledge through Research Presented at DEF CON". Have a look!
Mon, 20 Jun 2016 15:17:47 -0700
After much difficult deliberation and debate, the list of speakers for DEF CON 24 is now live and ready for your consideration. We want to thank everyone who submitted - there was a bumper crop of quality entries. It's never easy to narrow down the list, and we congratulate the selected speakers. If your talk wasn't selected, we hope you'll submit again next year.
Heartfelt thanks also to the DEF CON Review Board. The board puts in crazy hours and makes hundreds of tough calls to finalize our roster, and we heart the stuffing out of them for all their sweat and devotion.
Feel free to let us know which talks you're most excited about in the comments.
August can't get here fast enough!
Fri, 17 Jun 2016 16:04:29 -0700
Can you feel how close it's getting?
The full schedule for Workshops at DEF CON 24 is now available for your careful examination. Make plans, invite friends, agonize about the limited number of hours in a standard Earth day. The workshops are all free, but space is limited. Registration is onsite, first-come first-served, so knowing what you want ahead of time is key.
It's gonna be a good DEF CON.
Thu, 16 Jun 2016 14:04:03 -0700
The DEF CON Groups program is designed to reflect the values of DEF CON, providing an open community for the discussion of technology and security topics. As such, we must all work together so that our actions build toward that goal.
However when anyone or any group abuses the trust of this community and negatively impacts the reputation of DEF CON we are all harmed. After significant discussions we have concluded with regret that DEF CON must revoke DEF CON Group Lucknow for attempting to commercialize based on the brand and community.
Since the beginning of the DEF CON Groups back in 2003 this is the first time we have had to take this action, and we genuinely hope it will be the last.
The Dark Tangent
Sat, 11 Jun 2016 12:46:29 -0700
Tinkerers of all sorts, rejoice! The EFF's Badge Hack Pageant returns to DEF CON 24. Have your clever badge hacks judged by the all-star panel of Zoz, Joe Grand and 1o57! Win prizes! Enjoy the company of others who refuse to accept the idea that the device in front of them has reached its final form!
Sat, 11 Jun 2016 11:36:02 -0700
Winners have been announced in the DEF CON Short Story Contest. Many congratulations to the winners and thank you to everyone who shared your work with us. The DEF CON community brings it - no matter what the challenge. You guys rule.
Mon, 06 Jun 2016 10:24:25 -0700
In 2005, DARPA challenged innovators around the world with a $2M prize to build a vehicle that could navigate the Nevada desert with no one at the wheel. In 2016, DARPA has again challenged the global innovation community with a $2M prize to build a computer that can hack & patch unknown software with no one at the keyboard.
At DEF CON 24, on Thursday night at 5pm, the Paris ballroom will host the world's first all-machine hacking tournament. Seven high performance computers will play an all-machine Capture the Flag contest, reverse engineering unknown binary software, authoring new IDS signatures, probing the security of opponent software, and re-mixing defended services with machine-generated patches and defenses.
(more on on the DEF CON 24 Cyber Grand Challenge Page)
Tue, 31 May 2016 13:43:40 -0700(image)
Wireless Village CFP is open - closes June 30!
Sure, the main DEF CON CFP is closed. But sometimes, when DEF CON closes a door, the Villages open a window.
If you have a great presentation on wireless security or shenanigans you've still got a month to get it into shape for consideration by the radiant humans of the DEF CON Wireless Village. We recommend getting on it promptly though. Slots are limited and the last moment always gets here faster than you expect.
Fri, 27 May 2016 16:52:58 -0700(image)
We have a treat for all the suave sophisticates out there. If your idea of the perfect evening is the tinkling of ice cubes and ivories under low, flattering lights, join us Friday night at Napoleon's for two shows of the song stylings of Richard Cheese and his crack band Lounge Against the Machine.
Yes. We said Richard Cheese. And we said two shows. We also said the thing about flattering lights, but your mileage may vary. Polish up your best monocle and let's enjoy an evening of the hits of yesterday and today, sprinkled with that one-of-a-kind Cheese magic.
Wed, 25 May 2016 14:00:48 -0700(image)
Join us Saturday night for a dance party both radical and tubular. DEF CON is proud to present two pioneers of the electronic dance genre: Berlin featuring Terri Nunn and Information Society. Sick beats and iconic hooks await you. We promise a sweaty good time to all, 80s survivors and wide-eyed millennials alike.
If you are not there, are you anywhere? Don’t be nowhere, when you can be right here, at DEF CON 24’s 80s night.
Tue, 24 May 2016 15:14:00 -0700(image)
Thanks again to the honorable folks at Legitimate Business Syndicate for running the 2016 CTF Quals! They've been kind enough to put together a wrapup for your post-mortem perusal.
They've also open-sourced all the challenges, just because they're cool like that.
Enjoy and share. We'll post more as we get them.
Fri, 20 May 2016 23:54:07 -0700(image)
If you're looking to keep track of the 40 or so hours of unbridled packet mayhem that remain, here's a couple of links:
On Twitter, follow our powerful CTF Organizers Legitimate Business Syndicate @LegitBS_CTF
To see the HTML Scoreboard, go to https://2016.legitbs.net/scoreboard/complete
If you like your scoreboards a little spicier, there's a JSON version at https://2016.legitbs.net/scoreboard/ctftime.json
There's a chat at #defconctf on the 'Hackint' network - infoz at http://www.hackint.org/
There's even a pushbullet channel at https://www.pushbullet.com/channel?tag=first-solves-jequaquifs
Honestly, if you need more ways than that to keep your eyes on the action, you should be playing.
Godspeed to all combatants. May the best hacks win.
Fri, 20 May 2016 14:13:05 -0700(image)
So you're at DEF CON 24. It's Friday night. After a long day of contests, talks and general merriment, you need to get lost in some music and maybe shake that tail feather. If only there were a whole evening planned with house-quaking, artisanally crafted small-batch beats from DEF CON's favorite crowd-moving specialists!
We have anticipated your need, DEF CON massive. DEF CON EDM night (exact location TBA) is here to supply you with soul-nourishing rhythm and space to get your head and your booty in sync. Who's playing, you ask?
The heavy groove merchants DirtyPhonics
The sensual overload of the Zebbler Encanti Experience
The sophisticated boom-bap of DualCore
The mighty, mighty, YTCracker
Now that you know, you have no excuse to be anywhere else. To get familiar, hit us up at https://defcon.org/html/defcon-24/dc-24-entertainment.html
Thu, 19 May 2016 11:20:11 -0700(image)
DEF CON 24 has a lot of space, and we're expecting a lot of party people. So much space, and so many party people, in fact, that we're once again crowd-sourcing some of the merrymaking to you, the DEF CON community.
We want your party ideas. The best ones get the space to get it cracking, the gratis use of a hotel bartender (the bartender, not the booze) and promotion from us. Let's make your party dreams come true for one magical Vegas night.
Infoz are on the DEF CON 24 Call For Parties Page
It's getting close, people. Let's light this candle!
Mon, 16 May 2016 16:54:07 -0700(image)
Got an open source project you want to share with the DEF CON crowd? You're in luck - the DEF CON Demo Labs are back for 2016! We're offering you a demo space and a scheduled time (a few hours) to get your tool or hardware in front of some curious hacker faces. It's a great way to raise awareness, meet people with similar interests and maybe even scare up some help or feedback.
There are rules, of course, and you'll have to get selected. For all relevant infoz, please head over to the Call for Demo Labs page and we'll get you on your way. Deadline is June 15. We're waiting to be amazed.
Sat, 14 May 2016 14:21:02 -0700(image)
Have you ever wondered what you would do with a full penthouse suite at DEF CON to fill with any kind of amazing nighttime party/contest/BB-8 death match you could dream up? We wonder too. And we have suites. You see where this is going?
Send us your best ideas for turning a giant empty room into a can't-miss happening, and we'll get you the keys at a huge discount to make your vision manifest. The whole rundown is waiting for you on the DEF CON 24 Call for Suites page.
Sat, 14 May 2016 14:20:03 -0700(image)
Thu, 05 May 2016 14:53:28 -0700
Attention hackers of sound - the moment has come to share your gifts with the DEF CON massive. We have need of many skilled entertainers to meet the rump-shaking requirements of our many, many joyful partygoers. If you possess the skills to shake those rumps, it's time for you to submit your application.
So, Bards and Troubadors, get thee to the DEF CON forums, learn what we require and come to the aid of your community. A grateful nation awaits your genius.
Mon, 02 May 2016 16:29:58 -0700
Interested in joining the Capture the Flag Action at DEF CON 24, but wish you had more information? The fine, upright and honorable citizens of the Legitimate Business Syndicate are here to help with a very wordy and complete blog post on just that subject. Satisfy your curiosity. Learn the rules. Join us at the quals.
Wed, 27 Apr 2016 16:16:14 -0700
A lot can happen In a week. Decisive battles can be won, changing the course of great wars. Human relationships can blossom from indifference to friendship. Carelessly refrigerated leftovers can blossom into viable microbiomes. A week is a powerful unit of time.
If you're planning to submit to the DEF CON CFP or CFW, you have just one of these powerful units left. One (1) week to get your powerful ideas into submission shape. One (1!) week to get them to us for consideration.
One (1) week, people. Use it wisely. The DEF CON community is counting on you. A week is finite, but regret lasts forever.
Wed, 27 Apr 2016 12:26:58 -0700
We're in the double digits, folks - less than 100 days until DEF CON 24! In that spirit, a little update on the venue:
We've made some adjustments to the floor plan, and you can peruse them at your leisure on the Venue page of the DC site.
We'd also like to remind you that the rooms in our discounted blocks are selling pretty fast, so if you're looking to book in one of our associated hotels sooner is better than later. The numbers and links you can use to get yourself situated are also available on the Venue page.
The time to get psyched is at hand. Let's DO this!
Wed, 27 Apr 2016 12:26:07 -0700
The DEF CON Short Story Contest returns, bearing prizes and a chance at geek-lit glory. All those inclined to compete are urged to visit @DCShortStory or the #DCShortStory DEF CON forum page for the rules and requirements as they develop.
Pencils up, people. You have until May 30 to submit your masterpiece.
Fri, 22 Apr 2016 13:43:25 -0700
Attention hacker kids - R00tz Asylum (r00tz.org) wants your ideas for talks and demos for fellow young hackers in the R00tz pavilion at DEF CON 24! If you've been a part of R00tz before, you know how cool this is - if you haven't been, this is a great way to get yourself involved. If you've got cool ideas for this year's R00tz Asylum, check out the call for ideas on their webpage.
Adults are welcome to submit ideas as well (obvs), but youth definitely has some privileges and priority here.
Mon, 18 Apr 2016 15:55:38 -0700
The Wall of Sheep would like to announce a call for presentations at DEF CON 24 at the Paris and Bally's Hotels in Las Vegas, NV from Thursday, August 4th to Sunday, August 7th. All accepted talks will be announced, recorded, and published by Aries Security and DEF CON Communications, Inc. Please see our YouTube channel for all Speaker Workshops from last year.
This year, the Packet Hacking Village at DEF CON 24 will be on the 26th floor of Bally's Indigo Tower. The Call for Presentations will close on Wednesday, June 15th at 11:59 PM. The list of workshops will be finalized and published on Thursday, June 30th.
How: Complete the Call for Papers Form at http://www.wallofsheep.com/pages/call-for-presentations-at-def-con-24 and send to cfp2016[at]wallofsheep[dot]com. Please also refer to the form for more details
Sat, 16 Apr 2016 13:42:33 -0700
As you may know, 'HACKED by DEF CON and MR. ROBOT' is happening at the TriBeCa Film Festival this weekend. If you are not in the vicinity of New York City, you can still keep up on all the cool stuff we have happening there, from the DEF CON FaceBook Page! We're posting videos, pictures and even having some live feeds from TFF, so check it out!
Fri, 15 Apr 2016 19:54:40 -0700
For those of you with hackerly merchandise to peddle at DEF CON 24, the Vendor registration site is now open!
You'll find a thorough FAQ with answers to those hard hitting vendor questions, like "how big are the booths?", and "how much does it cost?". Not to mention the handy dandy application forms which can slingshot you into a position of sales success!
Don't wait, Apply for your spot in the DEF CON 24 vendor area today! You'll be glad you did!
Thu, 14 Apr 2016 12:43:41 -0700
Attention ink-slingers (literal and virtual) - DEF CON 24 Press Registration is now open!
We have a hard limit on press badges this year, so it's a good idea to get your application in right away. Once we run out of badges no amount of charm or flattery will get you in the door. As always, there are some basic rules of press conduct we'll expect you to adhere to, and you can find them on our press page
You'll also find the info we need on your application for both DC 24 and the DARPA CyberGrandChallenge.
If you need any questions answered, drop us a line at press at DEFCON dot org. We look forward to hearing from you.
Sun, 10 Apr 2016 18:19:14 -0700Important reminder for everyone in the general vicinity of New York City this weekend: 'HACKED by DEF CON and MR. ROBOT' is happening at the TriBeCa Film Festival and you owe it to yourself to check it out. Some of our famous DEF CON Villages (Lockpicking, Privacy, Hardware Hacking and BioHacking) will be on hand to share hands-on instruction, group presentations and even some fun contests. Hosted by the team behind USA Network's breakout hit 'MR. ROBOT', there's an fSociety recruitment challenge. Test your hacking/social engineering/knowledge skills to see if you have the goods to join Elliot in fsociety. There will also be panel discussions all three days: Friday, 4/15 @8pm: Emergent Technologies: Hacking Innovation Panelists: Joshua Carr, Sarah Grant, Tal Danino Moderated by DEF CON Saturday, 4/16 @7pm: Perception: The Art of Surveillance Panelists: Alexis McGill Johnson, Lyric Cabral, Laura Poitras(TBC) Moderated by DEF CON Sunday, 4/17 @1pm: Living in a Post MR. ROBOT World Panelists: Kor Adana, Writer and Cast Members of MR. ROBOT Moderated by The Dark Tangent [...]
Fri, 08 Apr 2016 13:20:30 -0700(image)
Putting things off until the last moment is a valid time management strategy. Until it isn’t.
If you’ve been meaning to get in gear and get your idea for a DEF CON presentation or a DEF CON Workshop polished up and sent in, it’s time to mean it harder. There are a just a few weeks to get all the boxes filled and the details worked out. We want to see what you’ve got cooking, but to get it into DC24 you’ve got to press ‘Send’ by May 2.
Fri, 08 Apr 2016 12:08:50 -0700(image)
If you are a hacker type with younglings in your care, no doubt you are aware of the Rootz Asylum track for Kids at DEF CON. (If you didn't know, get familiar at r00tz.org - or ask the nearest hackishly inclined youth.)
Well, the folks at R00tz have a CFP out for DC24. It covers a wide area, as they're looking for people to run workstations, make presentations and set up contests. If the rising generation of padawan are to grow into mighty and honorable cyber-jedi, it's up to all of us.
Bonus coolness: Submissions from kids are welcomed and encouraged!
Wed, 06 Apr 2016 01:21:57 -0700(image)
The BioHacking Village is back for DEF CON 24, and their CFP is open. If you have something interesting to say (or demonstrate) about the blossoming science of modding human squishware, the BioHacking Village is a pretty great place to say it.
They're also looking for some help reviewing CFP submissions, so there's another way you can share your BioHacking knowledge with the world.