Defcon 20

Wednesday

Flight over Greenland

Flight over Greenland

This year, my colleague Jens and I were given the opportunity to visit Defcon 20 (https://www.defcon.org/html/defcon-20/dc-20-index.html) in Las Vegas. It was my first time visiting the US, so I was obviously very excited about it!

We started off around noon on Wednesday, and after having a transfer at Heathrow, London, we arrived to Las Vegas at 7 PM on the same Wednesday (due to Las Vegas being 9 hours earlier compared to Sweden).

Inside the terminal, the AC made it seem almost chilly at times, but once you went out to the taxi queue, you were greeted by a 45 degrees heat wave. The first thing that came to mind when going towards the hotel was how extremely big everything was, even compared to cities such as Shanghai. Once checked in at the hotel, I quickly drifted off to sleep as I had forced myself to stay awake on the plane in order to avoid as much jet lag as possible.

Las Vegas

Las Vegas

Thursday

Defcon Queue

Defcon Queue

Thursday morning, around 40 degrees outside at 8 AM when we made our way to the convention. Felt quite lucky in the cab when I saw actually walking the trek towards the convention in the blistering heat. When we arrived, we noticed that the queue started outside, not so good. The queue moved forward though, so we assumed we’d be able to pay the entrence fee once we got roof over our heads. Bad assumption. Once inside, the queue went on for about 2,5 hours more, and that’s when we were there 30 minutes prior to the desks opening. Lesson learned for next time.

 

Defcon Badge

Defcon Badge

Once we had paid the entrance fee, we were given the badges for the 20th Defcon, and they were mighty impressive. Rather than having a normal badge (which is never the case for Defcon, but still), you were given a badge containing a multi-core processor, IR transmitter, LEDs, usb-mini port, PS2/VGA ports that can be soldered on and open source software that contained a good variety of competitions for those who wanted to play around with cryptos. Certain badges could also ”infect” other badges, making the LEDs blink differently if you came in contact with them.

The amount of text you could write about these badges are probably enough to fill a book, but I suggest you check out the following resources for more information about the badges:
http://www.wired.com/threatlevel/2012/07/defcon20-badge/
http://forums.parallax.com/showthread.php?141494-Article-Parallax-Propeller-on-DEF-CON-20-Badge-Start-Here
!

Next in line was getting some food, and there was a nice ”chill out zone” where you could buy hot and cold food, drinks, breakfast and other vital things for your every day life.

Having refuled, we decided to get some swag to bring home. This turned out to be another 2 hour long queue to the single only shop they had for official merchendise. Eventually I ended up getting two t-shirts as a memory.

Defcon Merchendise

Defcon Merchendise

Later on we got into the first conference, which was the starting ceremony where everyone was welcomed to the 20th Defcon!

Since it was the registration day, we managed to get out earlier than usual, and used the time for a trip to the Grand Canyon, which has been one of my most wanted locations to see for quite a while. Due to the large time contraints, we had to take a helicopter ride, which in itself was quite an adventure!

At Grand Canyon

At Grand Canyon

Helicopter over Hoover Dam

Helicopter over Hoover Dam

 

Once back, we decided to do some sightseeing in the area next to the hotel.

Jens in front of the Bellagio Fountains

Jens in front of the Bellagio Fountains

Walking on the strip

Walking on the strip

Friday

One of the talks

One of the talks

First ”real” day of the conference! I started off with some talks about the badge and the history of Defcon to get some further ideas about how things had progressed. I found it very interesting and that it had a lot of ”unofficial information” about how things had been, even though I have wanted to go to Defcon for a long time and read a lot about it throughout the years. There was also the talk with General Keith B. Alexander (US Cybercom director and NSA Director) which proved well interesting to hear, as he talked about how important it is to secure the country as a whole from outside attacks. The talk after that was called ”Owning One to Rule Them All”, where the talker went through Microsoft SCCM and how it was possible to compromise it and make it send a payload decided by you to all clients that’s connected to it (which means by adding your trojan or whatever you’d be able to very quickly infect an entire network of computers).

Also, as you walked around, you noticed more and more competitions around the place. On the floor, there were multiple puzzles and crypto challanges, and others could be found on posters etc.

One of the puzzles

One of the puzzles

During the evening we went out to have another look at the surrounding area, and ended up eating at a place, called Johnny Rockets, that had amazing burgers. We also went to check out the opening ceremony of the Olympics!

Outside the Hotel

Outside the Hotel

On the strip!

On the strip!

 

Olympic Games Opening Ceremony

Olympic Games Opening Ceremony

On the strip!

On the strip!

Saturday

Defcon talks

Defcon talks

Today was a mix of talks concerning the future of the net and what limitations should or should not be in place, how government agencies operate, and how attacks on our infrastructure are being done. The more ”practical” talks were regarding botnets and how they are being operated through webpages or irc servers, and various ways of how DDoS are being done on companies and how it can be mitigated.

Today I also walked around a bit on the other parts of the convention! For example, I visited the CTF area where teams are competing against each other for securing their own servers in order to prevent other teams to compromise their running services, but they are also supposed to take over other teams servers in order to gain points. There was also the wall of sheep area, where traffic that had been sniffed on the network (non-SSL-traffic) were posted on a a big screen for shame and for others to see.

Competition room

Competition room

Competition room

Competition room

 

The vendor area on the other hand was a place of business where people gathered up to buy and sell various merchandise, ranging from t-shirts to satellite transmitters. It was also a book signing area with people such as Bruce Schneider, and an area where you could view things as actual Enigma machines.

Bruce Schneider signing books

Bruce Schneider signing books

Enigma Machine

Enigma Machine

There was also the hardware hacking area, an area where you could learn how to create robots, learn how to solder, learn how to make your badge do things it couldn’t when you got it, and a lot of other things.

Hardware Hacking Area

Hardware Hacking Area

Afterwards we went out for some sightseeing and visited the Venitian as well as Treasure Island!

The Venitian

The Venitian

The strip

The strip

Sunday

Metasploit talks

Metasploit talks

Sunday was the last day of the conference, and it contained a variety of talks ranging from new generation port scanners, metasploit examples, how easily certain Huawei routers can be hacked, and Kevin Poulsen talking about his previous experience as well as his book. It was also the closing ceremony with all the contestants getting their prices, with some getting the all-mighty black badge that gives you a life-time free entrence fee to Defcon.

As we hadn’t have time to eat much other than sandwiches or the quick burrito, we decided to hit the buffet at the Bellagio for our last conference evening. The queue took quite a while to process, but it was well worth it with a lot of really great food. Also took a quick stroll down the south of the strip.

Closing Ceremony

Closing Ceremony

Bellagio Buffet!

Bellagio Buffet!

 

Hotel entrance

Hotel entrance

In front of Paris Paris!

In front of Paris Paris!

Monday

Mandalay Bay

Mandalay Bay

Monday was the last day in Las Vegas, as we were supposed to leave for Stockholm again at 8.45 PM. For once, we decided to take a long morning rather than getting up at 7.30 AM, so we met up at 11.00 for checking out and having something to eat. Once that had been sorted, we decided to take a stroll down through all the Casinos south of Bally’s to see what each of them offered. We ended up visiting each one, and also went into the Aquarium of Mandalyn Bay to see some sharks. Once at the airport, we found out that the plane was 3 hours delayed. That in turn, meant we missed our connecting flight in Heathrow which meant we got home after 00:00, which kind of made the next work day feel ”so so” considering the time difference etc. All in all I’d definitely rate this convention the best one I’ve been at! Some of the talks were not very interesting at all, while some were very very good. The two I liked the most were: ”Black Ops” and ”How to Hack All the Transport Networks of a Country”.

You can find the full schedule here: https://www.defcon.org/html/defcon-20/dc-20-schedule.html

The main thing I feel I gained though was ”getting back to basics” rather than being so emerged in the commercial aspect of the IT industry. The experience gave me a lot of reminders about why I started loving computers in the first place!

At the Luxor Entrance

At the Luxor Entrance

Hotel New York New York

Hotel New York New York