Enginursday: DEF CON and r00tz Asylum

For a while now, I have been going to and helping out at DEF CON, a well known hacker conference held in Las Vegas every year. It is crazy, fun, and very informative. You might have noticed I put “crazy” first in that list. I have gone to Hacker Jeopardy enough times to justify that. Also, it’s a great event to learn a new skill and meet amazing people. Maybe you have read about the many hacks showcased at the event from your favorite tech websites, like car hacking or my favorite War Kitteh. If you are a Mr. Robot fan and wondered how they did that Raspberry Pi hack on the show, or you watched the movie Hackers way too many times, DEF CON is a great conference for people who are interested in hacking, and a great eye-opener for people who use the password 1234 for everything.

If you have a bunch of Arduinos, Raspberry Pis, HackRFs, and Beaglebones or other hardware just sitting around, come to the event and you will see how they can be very useful for hacking. While you are at it, try your hand at lock-picking, solder one of the many unofficial badges, and learn about social engineering, how to protect your data, and other skills at the many DEF CON villages.

One of the best things about DEF CON is getting the official badge. It makes the #LineCon worth it.

Spending 1-2 hours in a line, you will either meet a new friend or at least have time to plan out which talks you are going to.

Since I love hardware, I’m always hoping it’s an electronic badge. This year, the badge was a vinyl record. Due to there being a lot of things going on during the event, this is how far most people, like myself, got with the badge challenge:

Luckily r00tz area had a record player and others uploaded what was on the record.

Want to go to DEF CON, but worried you are just starting out and someone might steal your information? Do you see three different unsecure public Wi-Fis that are all named for the hotel you are staying at and still want to connect to them, or like to use your debit card? In short, just don’t. There are a couple great articles on preparing for the event. Consider just using cash and enjoying the event without a laptop unless you have prepped before hand. Some quick DEF CON prep:

  • Update your devices
  • Clear known WiFi APs/disable autoconnect
  • Nmap your devices to check for open ports
  • Ensure you have strong passwords (No love, secret and God), especially if you have RDP/SSH enabled (it’d be wise to disable them temporarily)
  • Check your trusted CA list
  • Exercise caution when utilizing cell networks - what you’re doing may not be private, especially texts/calls

Unless you really want to be on the Wall of Sheep, then go ahead and connect to “ParisWiFiPineapple.”

Another word of advice and why I am writing this article now: Get your hotel rooms early. DEF CON provides discounted hotel rates on its site. Some people like being at the hotels where the convention is being held. If you are someone who likes to save tons of money and loves walking, remember Las Vegas heat and street advertisers might make you wish you opted for a closer location. If you have to wait to get a hotel room, like I did this year, you might be couch surfing at a farther hotel that might not actually have a couch. Useless tip: If you combine two chairs together and lay in the fetal position, your back will only hurt for a short bit the next morning.

Consider getting to Las Vegas early, because DEF CON 24 will host the ultimate Capture-the-Flag Cyber Grand Challenge by DARPA. If you ever want to feel like machines will take over the world, go to this event!

If you can’t make it to DEF CON, you can view videos and information from past conferences. Since we are on the topic of security conferences, you can also view the past archives for the Black Hat conference. Viewing these past talks is a great way to see what you can expect when going, or to learn something new.

r00tz Asylum - Mini DEF CON for Young Hackers

DEF CON itself isn’t normally a place you bring the little ones. However, during the DEF CON conference, there is a great area called r00tz Asylum that is just for young hackers! If you have a child who is showing interest, or want a safe place to introduce them to hacking, definitely consider bringing them to this event.

alt text

Teaching your child how to solder is one of the many things they will learn at r00tz Asylum by great teachers like York.

The r00tz Asylum Team was awesome enough to give a little blurb about the event:

This year, r00tz Asylum moved beyond an event that r00tz kids and their parents wait for all year long, to become an event that the entire DEF CON community is invested in. We all see ourselves in these kids, who will become the next generation of white-hat hackers solving critical problems of which we are only beginning to scratch the surface. An amazing line-up of world-class InfoSec practitioners sharing their latest hacks with kids is exciting proof of the drive and willingness of the DEF CON community to put its energy into improving the world of technology.

alt text

All the photos of the event were provided by the r00tz Asylum team. Thanks!

For DEF CON 23, we were happy that the young hackers got to solder SparkFun soldering kits for free at r00tz Asylum!

alt text

With any form of hacking still being considered by some as negative, it is important to support young hackers and encourage them in their interests. With diversity heavily lacking at DEF CON, the r00tz Asylum breaks those norms at an early age and leaves a great first impression. It was great to see so many young female hackers!

alt text

A lot of the children did multiple soldering kits and become soldering pros fast.

I had a blast helping out at the soldering station this year and it would be great to see this event continue to grow larger. If you are in the area or attending DEF CON, I highly recommend helping out at the r00tz Asylum! If you want to help out and volunteer at the event next year you can contact info@r00tz.org.

Share Your Experiences

Got a favorite moment at DEF CON that you would like to share? For example, I lost part of my voice for a short time from screaming “Jeri Ellsworth” when none of the contestants knew who she was at Hacker Jeopardy. If you don’t know, please read up on her! Another interesting memory was seeing John McAfee (who is apparently now running for President) talk.

Any tips or recommendations on places to eat or check out? Comment below!

comments | comment feed

Leave a Reply

Your email address will not be published. Required fields are marked *