fbpx
Wikipedia

DEF CON

February 16, 2024

This article is about the computer security convention. For other uses, see Defcon (disambiguation).

DEF CON (also written as DEFCON, Defcon or DC) is a hacker convention held annually in Las Vegas, Nevada. The first DEF CON took place in June 1993 and today many attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, hardware modification, conference badges, and anything else that can be "hacked". The event consists of several tracks of speakers about computer- and hacking-related subjects, as well as cyber-security challenges and competitions (known as hacking wargames). Contests held during the event are extremely varied and can range from creating the longest Wi-Fi connection to finding the most effective way to cool a beer in the Nevada heat.[2]

DEF CON
StatusActive
GenreSecurity Conference, Hacker Conference
FrequencyAnnual
VenueVaries
Location(s)Las Vegas, Nevada
Years active30
InauguratedJune 9, 1993 (1993-06-09)[1]
FounderJeff Moss
Previous eventAugust 10–13, 2023
Next eventAugust 8–11, 2024
AttendanceOver 30,000
Websitedefcon.org

Other contests, past and present, include lockpicking, robotics-related contests, art, slogan, coffee wars, scavenger hunt, and Capture the Flag. Capture the Flag (CTF) is perhaps the best known of these contests and is a hacking competition where teams of hackers attempt to attack and defend computers and networks using software and network structures. CTF has been emulated at other hacking conferences as well as in academic and military contexts (as red team exercises).

Federal law enforcement agents from the FBI, DoD, United States Postal Inspection Service, DHS (via CISA) and other agencies regularly attend DEF CON.[3][4] Some have considered DEF CON to be the "world's largest" hacker con given its attendee size and the number of other conferences modeling themselves after it.

History edit

DEF CON was founded in 1993, by then 18-year-old Jeff Moss as a farewell party for his friend, a fellow hacker and member of "Platinum Net", a FidoNet protocol based hacking network from Canada.[5] The party was planned for Las Vegas a few days before his friend was to leave the United States, because his father had accepted employment out of the country. However, his friend's father left early, taking his friend along, so Jeff was left alone with the entire party planned. Jeff decided to invite all his hacker friends to go to Las Vegas with him and have the party with them instead. Hacker friends from far and wide got together and laid the foundation for DEF CON, with roughly 100 people in attendance.

The term DEF CON comes from the movie WarGames, referencing the U.S. Armed Forces defense readiness condition (DEFCON). In the movie, Las Vegas was selected as a nuclear target, and since the event was being hosted in Las Vegas, it occurred to Jeff Moss to name the convention DEF CON. However, to a lesser extent, CON also stands for convention and DEF is taken from the letters on the number 3 on a telephone keypad, a reference to phreakers.[6] The official name of the conference includes a space in-between DEF and CON.

Though intended to be a one-time event, Moss received overwhelmingly positive feedback from attendees, and decided to host the event for a second year at their urging. The event's attendance nearly doubled the second year, and has enjoyed continued success.[7] In 2019, an estimated 30,000 people attended DEF CON 27.[8]

For DEF CON's 20th Anniversary, a film was commissioned entitled DEFCON: The Documentary.[9] The film follows the four days of the conference, events and people (attendees and staff), and covers history and philosophy behind DEF CON's success and unique experiences.

In January 2018, the DEF CON China Beta event was announced. The conference was held May 11–13, 2018 in Beijing, and marked DEF CON's first conference outside the United States. The second annual DEF CON China was canceled due to concerns related to COVID-19.[10]

In 2020, due to safety concerns over COVID-19 the DEF CON 28 in-person Las Vegas event was cancelled[11] and replaced with DEF CON Safe Mode,[12] a virtual event planned for the same August 6–9 dates as DC 28.

In 2021, DEF CON 29 was held on August 5–8 in-person in Las Vegas and virtually (via Twitch and Discord). In-person attendees were required to wear masks in conference areas and to show proof to COVID-19 vaccination. Attendees with verified vaccine records (verified by a 3rd party) were given a wristband which was required for entry into the conference areas.[13]

Components edit

Handles edit

Attendees at DEF CON and other Hacker conferences often utilize an alias or "handle" at conferences. This is in keeping with the hacker community's desire for anonymity. Some known handles include DEF CON founder Jeff Moss' handle of "Dark Tangent". A notable event at DEF CON is DEF CON 101 which starts off the con and may offer the opportunity for an individual to come up on stage and be assigned a handle by a number of members of the community.

Badges edit

 
Multiple, electronic and non-electronic, DEF CON human badges and other con badges.

A notable part of DEF CON is the conference badge, which identifies attendees and ensures attendees can access conference events and activities. The DEF CON badge has historically been notable because of its changing nature, sometimes being an electronic badge (PCB), with LEDs, or sometimes being a non-electronic badge such as a vinyl record. Conference badges often contain challenges or callbacks to hacker or other technology history, such as the usage of the Konami Code in the DEF CON 24 badge, or the DEF CON 25 badge reverting to the look of the DEF CON 1 badge. DEF CON Badges do not (generally) identify attendees by name; however, the badges are used to differentiate attendees from others. One way of doing this has been to have different badges, a general conference attendee (HUMAN) badge, a Staff member (GOON), Vendor, Speaker, Press, and other badges. In addition, individuals and organizations have begun creating their own badges in what has become known as badgelife. These badges may be purchased in many cases, or earned at the conference by completing challenges or events. Some badges may give the holder access to after hours events at the conference. In 2018, the evolution of this came with what was termed "shitty addon's" or SAOs. These were miniature (usually) PCBs that connected to the official and other badges that may extend functionality or were just collected.[14][15]

Villages edit

Villages are dedicated spaces arranged around a specific topic. Villages may be considered mini conferences within the con, with many holding their own independent talks as well as hands-on activities such as CTFs, or labs. Some villages include Aerospace Village, Car Hacking Village, IoT Village, Recon, Biohacking, lockpicking, ham radio, and the well known Social Engineering and vote hacking villages. In 2018 the vote hacking village gained media attention due to concerns about US election systems security vulnerabilities.[16][17]

Internal Conferences edit

DEF CON has its own cultural underground which results in individuals wanting to create their own meetups or "cons" within DEF CON. These may be actual formal meetups or may be informal. Well known cons are:

  • Queercon, a meetup of LGBTQ community.
  • Linecon, any long line has the potential to turn into a con.
  • QuietCon, a meetup to hang out or talk quietly away from the hustle and bustle of the rest of the conference attendees.

Workshops edit

Workshops are dedicated classes on various topics related to information security and related topics. Historical workshops have been held on topics such as Digital Forensics investigation, hacking IoT devices, playing with RFID, fuzzing and attacking smart devices.

Fundraising edit

Since DEF CON 11, fundraisers have been conducted for the Electronic Frontier Foundation (EFF). The first fundraiser was a dunk tank and was an "official" event. The EFF now has an event named "The Summit" hosted by the Vegas 2.0 crew that is an open event and fundraiser. DEF CON 18 (2010) hosted a new fundraiser called MohawkCon.

Contests edit

Within DEF CON there are many contests and events which range from, Capture the Flag, Hacker Jeopardy,[18] Scavenger Hunt,[19] Capture the Packet, Crash and Compile,[20] and Hackfortress[21] to name a few.

Black Badge edit

The Black Badge is the highest award DEF CON gives to contest winners of certain events. Capture the flag (CTF) winners sometimes earn these, as well as Hacker Jeopardy winners. The contests that are awarded Black Badges vary from year to year, and a Black Badge allows free entrance to DEF CON for life, potentially a value of thousands of dollars.[22]

In April 2017, a DEF CON Black Badge was featured in an exhibit[23] in the Smithsonian Institution's National Museum of American History entitled "Innovations in Defense: Artificial Intelligence and the Challenge of Cybersecurity". The badge belongs to ForAllSecure's Mayhem Cyber Reasoning System,[24] the winner of the DARPA 2016 Cyber Grand Challenge at DEF CON 24 and the first non-human entity ever to earn a Black Badge.

Capture the flag edit

The first instance of the DEF CON CTF was held in 1996, at the 4th DEF CON, and has been held since then every year.[25] It's one of the few CTF in the attack/defense format. The prize of the winning team is a couple of black badges.[26]

Capture the Flag Timeline [27][26]
Year DEF CON Competing Teams Organizers Architecture Platform Winning Team
1996 4 Goons AJ Reznor
1997 5 Goons AJ Reznor
1998 6 Goons SNI
1999 7 Goons Ghetto Hackers
2000 8 Goons Ghetto Hackers
2001 9 Goons Multiple Ghetto Hackers & digirev
2002 10 Ghetto Hackers Redhat 6.2 Digital Revelation
2003 11 8 Ghetto Hackers OpenBSD Anomaly
2004 12 8 Ghetto Hackers i386 Windows sk3wl0fr00t
2005 13 8 Kenshoto i386 FreeBSD 5.4 shellphish
2006 14 8 Kenshoto i386 Solaris 10 1@stplace
2007 15 8 Kenshoto i386 FreeBSD 1@stplace
2008 16 8 Kenshoto i386 FreeBSD Sk3wl of Root
2009 17 9 DDTEK i386 FreeBSD VedaGodz[28]
2010 18 12 DDTEK i386 FreeBSD & Debian ACME Pharm[29]
2011 19 12 DDTEK i386 FreeBSD European Nopsleders[30]
2012 20 20 DDTEK i386 FreeBSD Samurai
2013 21 20 Legitimate Business Syndicate armv7 Linux Plaid Parliament of Pwning
2014 22 20 Legitimate Business Syndicate armv7 & i386 Linux Plaid Parliament of Pwning
2015 23 15 Legitimate Business Syndicate MIPS, x86 & armv7 Linux DEFKOR
2016 24 15 Legitimate Business Syndicate i386 DECREE Plaid Parliament of Pwning
2017 25 15 Legitimate Business Syndicate cLEMENCy cLEMENCy Plaid Parliament of Pwning
2018 26 24 Order Of the Overflow MIPS, x86 & armv7 Linux DEFKOR00T[31]
2019 27 16 Order Of the Overflow x86, arm64, esoteric Linux, iOS, Xbox Plaid Parliament of Pwning[32]
2020 28 16 Order Of the Overflow x86, esoteric Linux A*0*E[33]
2021 29 16 Order Of the Overflow x86, microengine Linux Katzebin[34]
2022 30 16 Nautilus Institute mixed LiveCTF Maple Mallard Magistrates
2023 31 12 Nautilus Institute mixed LiveCTF Maple Mallard Magistrates

Capture the Flag History edit

In 1996, the first DEF CON CTF was organized, with a couple of servers for participants to hack, and judges to decide if a machine has been hacked, and award points accordingly.[35]

In 2002, the company Immunix took part in the game under the moniker "immunex",[36] to benchmark the security of their Linux-based operating system, with modifications including StackGuard, FormatGuard, OpenWall's non-executable stack, SubDomain (the ancestor of AppArmor), ...[37] Confident in their defense capabilities, they even opened access to their servers to other teams, and even spent some time taunting them. The team got the second place, and all their services deployed on their Immunix stack were never compromised.[38] It was also the first year the contest had an organiser-provided services infrastructure connected to a real-time scoreboard.[39]

In 2003, the game had become so popular that a qualification round was introduced, with the previous winner automatically qualified.[40]

In 2008, the Sk3wl of Root team took advantage of a bug in the game (privilege dropping and forking were inverted), allowing them to have such a massive lead that they spent most of the CTF playing Guitar Hero.[41][42]

In 2009, it was announced[43] that "Diutinus Defense Technology Corp" (DDTEK) would be the new organisers, but nobody knew who they were. It was revealed at the end of the game that the team playing as sk3wl0fr00t was in fact organising the CTF! "Hacking the top hacker contest seemed like a fun way to introduce ourselves to CTF organization. The yells of "bullshit" from CTF teams during the Defcon 17 awards ceremony were very gratifying." said vulc@n, a member of DDTEK, on the topic.[26]

In 2011, the team "lollerskaters dropping from roflcopters" used a 0day in FreeBSD (namely CVE-2011-4062[44]) to escape jails, causing havoc in the game's infrastructure.[45]

In 2016, the 15th edition of the CTF was done in partnership with the DARPA, as part of its Cyber Grand Challenge program, where teams wrote autonomous systems to play the game without any human interaction.[46]

In 2017, the Legitimate Business Syndicate came up with their very own CPU architecture called cLEMENCy: a middle-endian with 9 bits bytes CPU. With its specifications released only 24h before the beginning of the CTF, it was designed with the explicit goals of both surprising the teams, and leveling the playing field by breaking all their tools.[47]

Groups edit

DEF CON Groups are worldwide, local chapters of hackers, thinkers, makers and others. DEF CON Groups were started as a splinter off of the 2600 meetup groups because of concerns over politicization. Local DEF CON groups are formed and are posted online.[48] DEF CON Groups are usually identified by the area code of the area where they are located in the US, and by other numbers when outside of the US e.g., DC801, DC201. DEF CON Groups may seek permission to make a logo that includes the official DEF CON logo with approval.

Notable incidents edit

High-profile issues which have garnered significant media attention.

Year Description
1999 On July 10, 1999, the Cult of the Dead Cow hacker collective released Back Orifice 2000 (later discovered to be infected with the CIH virus) at DEF CON 7, in what was, at the time, the largest presentation in DEF CON history.
2001 On July 16, 2001, Russian programmer Dmitry Sklyarov was arrested the day after DEF CON for writing software to decrypt Adobe's e-book format.
2005 On July 31, 2005, Cisco used legal threats to suppress Mike Lynn from presenting at DEF CON about flaws he had found in the Cisco IOS used on routers.[49]
2007 In August 2007, Michelle Madigan, a reporter for Dateline NBC, attempted to secretly record hackers admitting to crimes at the convention. After being outed by DEF CON founder Jeff Moss during an assembly, she was heckled and chased out of the convention by attendees for her use of covert audio and video recording equipment. DEF CON staff tried to get Madigan to obtain a press pass before the outing happened.[50] A DEF CON source at NBC had tipped off organizers to Madigan's plans.[3]
2008
Main article: Massachusetts Bay Transportation Authority v. Anderson
MIT students Zack Anderson, R.J. Ryan and Alessandro Chiesa were to present a session entitled "The Anatomy of a Subway Hack: Breaking Crypto RFIDS and Magstripes of Ticketing Systems." The presentation description included the phrase "Want free subway rides for life?" and promised to focus on the Boston T subway.[51] However, the Massachusetts Bay Transit Authority (MBTA) sued the students and MIT in United States District Court in Massachusetts on August 8, 2008, claiming that the students violated the Computer Fraud and Abuse Act (CFAA) by delivering information to conference attendees that could be used to defraud the MBTA of transit fares.[52][53] The court issued a temporary restraining order prohibiting the students from disclosing the material for a period of ten days, despite the fact the material had already been disseminated to DEF CON attendees at the start of the show.

In 2008's contest "Race to Zero," contestants submitted a version of given malware which was required to be undetectable by all of the antivirus engines in each round. The contest concept attracted much negative attention.[54][55]

2009 WIRED[56] reported that an ATM kiosk was positioned in the conference center of the Riviera Hotel Casino capturing data from an unknown number of hackers attending the DEF CON hacker conference.
2011 Security company HBGary Federal used legal threats to prevent former CEO Aaron Barr from attending a panel discussion at the conference.[57]
2012 The director of the National Security Agency, Keith B. Alexander, gave the keynote speech.[58] During the question and answers session, the first question for Alexander,[58] fielded by Jeff Moss,[59] was "Does the NSA really keep a file on everyone, and if so, how can I see mine?" Alexander replied "Our job is foreign intelligence" and that "Those who would want to weave the story that we have millions or hundreds of millions of dossiers on people, is absolutely false…From my perspective, this is absolute nonsense."[58]

On March 12, 2013, during a United States Senate Select Committee on Intelligence hearing, Senator Ron Wyden quoted the 2012 DEF CON keynote speech and asked Director of National Intelligence James Clapper if the U.S. conducted domestic surveillance; Clapper made statements saying that there was no intentional domestic surveillance.[58] In June 2013, NSA surveillance programs which collected data on US citizens, such as PRISM, had been exposed. Andy Greenberg of Forbes said that NSA officials, including Alexander, in the years 2012 and 2013 "publicly denied–often with carefully hedged words–participating in the kind of snooping on Americans that has since become nearly undeniable."[58]

2013 On July 11, 2013, Jeff Moss posted a statement,[60] located on the DEF CON blog, titled "Feds, We Need Some Time Apart". It stated that "I think it would be best for everyone involved if the feds call a 'time-out' and not attend DEF CON this year."[61] This was the first time in the organization's history that it had asked federal authorities not to attend.[60] Actor Will Smith visited the convention to study the DEF CON culture for an upcoming movie role.
2016 On August 4, 2016, DEF CON and DARPA co-hosted the 2016 Cyber Grand Challenge, a first-of-its-kind all-machine hacking tournament. Competing teams had to create a bot capable of handling all aspects of offense and defense with complete autonomy. Seven finalists competed for a US$2M grand prize.

The winner of the Cyber Grand Challenge was "Mayhem", an AI created by ForAllSecure of Pittsburgh, Pennsylvania.[62] Mayhem then went on to participate in the previously humans-only DEF CON Capture the Flag Contest,[63] where it finished in last place, despite pulling ahead of human teams often in a contest for which it was not specifically designed.

2017 At the "Voting Machine Village" event, dozens of voting machines brought to the conference were breached.[64]

In September 2017, the Voting Machine Village produced "DEF CON 25 Voting Machine Hacking Village: Report on Cyber Vulnerabilities in US Election Equipment, Databases and Infrastructure" summarizing its findings. The findings were publicly released at an event sponsored by the Atlantic Council[65] and the paper went on to win an O'Reilly Defender Research Award.[66]

Marcus Hutchins, better known online by his handle MalwareTech, the 23-year-old British security researcher who was credited with stopping the WannaCry outbreak was arrested by the FBI at the airport preparing to leave the country after attending DEF CON over his alleged involvement with the Kronos banking trojan.[67]

2018 In March 2018, the DEF CON Voting Machine Hacking Village was awarded a Cybersecurity Excellence Award.[68] The award cites both the spurring of a national dialog around securing the US election system and the release of the nation's first cybersecurity election plan.
2020 On May 8, 2020, the DEF CON in-person conference itself was cancelled[69] and virtualized due to COVID-19. DEF CON Safe Mode[70] was held August 6–9 online with a full roster of talks, villages, contests and events.

Entertainment references edit

  • DEF CON was also portrayed in The X-Files episode "Three of a Kind" featuring an appearance by The Lone Gunmen. DEF CON was portrayed as a United States government–sponsored convention instead of a civilian convention.
  • A semi-fictionalized account of DEF CON 2, "Cyber Christ Meets Lady Luck", written by Winn Schwartau, demonstrates some of the early DEF CON culture.[71]
  • A trip to DEF CON for a hacker showdown figures into the plot of The Signal. Director William Eubank came to Las Vegas and screened the film at DEF CON Movie Night.
  • A fictionalized version of DEF CON called "EXOCON" is the setting for the climax of Jason Bourne, the fifth film of the Bourne film series. The primary antagonist of the film, a fictionalized CIA director (played by Tommy Lee Jones), is a keynote speaker at the event, mimicking DEF CON 20's controversial keynote speaker, NSA director Keith B. Alexander.
  • In the Mr. Robot Season 3 opener "eps3.0_power-saver-mode.h" Elliot and Darlene visit a qualifying tournament for the DEF CON Capture the Flag (CTF) contest. Sharp-eyed viewers will notice DEF CON's smiley-face-and-crossbones mascot Jack among the set decorations.
  • Documentarian Werner Herzog included DEF CON in his 2016 film Lo and Behold, Reveries of the Connected World, a film described as a "playful yet chilling examination of our rapidly interconnecting online lives".

Venues, dates, and attendance edit

Each conference venue and date has been extracted from the DEF CON archives for easy reference.[72]

Conference Name Venue Duration Year Attendance
DEF CON 33 TBD August 7–10 2025 N/A
DEF CON 32 Las Vegas Convention Center, and The Sahara[73] August 8–11 2024 N/A
DEF CON 31 Caesars Forum, Flamingo, Harrah's Hotel, and Linq Hotel August 10–13 2023 ~25,000[citation needed]
DEF CON 30 Caesars Forum, Flamingo, Harrah's Hotel, and Linq Hotel August 11–14 2022 ~25,000[citation needed]
DEF CON 29 Paris Hotel and Bally's Hotel August 5–8 2021 ~8,700[citation needed]
DEF CON Safe Mode Virtual event August 6–9 2020 N/A
DEF CON 28 Planned Caesars Forum, Harrah's, The Linq, and Flamingo August 6–9 2020 0[74]
DEF CON 27 Paris Hotel, Bally's Hotel, Planet Hollywood, and Flamingo August 8–11 2019 ~30,000[8]
DEF CON China 1.0 751 D-Park May 31 – June 2 2019 Unknown
DEF CON 26 Caesars Palace and Flamingo August 9–12 2018 28,000[75]
DEF CON China [Beta] Kuntai Hotel (Beijing) May 11–13 2018 Unknown
DEF CON 25 Caesars Palace July 27–30 2017 25,000[76]
DEF CON 24 Paris Hotel and Bally's Hotel August 4–7 2016 22,000[77]
DEF CON 23 Paris Hotel and Bally's Hotel August 6–9 2015 16,000+[78]
DEF CON 22 Rio Hotel & Casino August 7–10 2014 16,000[79]
DEF CON 21 Rio Hotel & Casino August 1–4 2013 12,000[79]
DEF CON 20 Rio Hotel & Casino July 26–29 2012 Unknown
DEF CON 19 Rio Hotel & Casino August 4–7 2011 Unknown
DEF CON 18 Riviera Hotel & Casino July 30 – August 1 2010 Unknown
DEF CON 17 Riviera Hotel & Casino July 30 – August 2 2009 Unknown
DEF CON 16 Riviera Hotel & Casino August 8–10 2008 8,000[80]
DEF CON 15 Riviera Hotel & Casino August 3–5 2007 Unknown
DEF CON 14 Riviera Hotel & Casino August 4–6 2006 Unknown
DEF CON 13 Alexis Park Resort July 29–31 2005 Unknown
DEF CON 12 Alexis Park Resort July 30 – August 1 2004 Unknown
DEF CON 11 Alexis Park Resort August 1–3 2003 Unknown
DEF CON 10 Alexis Park Resort August 2–4 2002 Unknown
DEF CON 9 Alexis Park Resort July 13–15 2001 Unknown
DEF CON 8 Alexis Park Resort July 28–30 2000 Unknown
DEF CON 7 Alexis Park Resort July 9–11 1999 Unknown
DEF CON 6 Plaza Hotel & Casino July 31 – August 2 1998 Unknown
DEF CON 5 Aladdin Hotel & Casino July 11–13 1997 Unknown
DEF CON 4 Monte Carlo Resort and Casino July 26–28 1996 Unknown
DEF CON 3 Tropicana Resort & Casino August 4–6 1995 Unknown
DEF CON 2 Sahara Hotel and Casino July 22–24 1994 ~200
DEF CON 1 Sands Hotel and Casino June 9–11 1993 ~100

See also edit

References edit

  1. ^ "Def Con 1 Archive". Retrieved 2017-04-23.
  2. ^ "DefCon Beverage Cooling Contraption Contest". deviating.net.
  3. ^ a b Zetter, Kim (3 August 2007). "Dateline Mole Allegedly at DefCon with Hidden Camera – Updated: Mole Caught on Tape". Wired Blog Network. Retrieved 2007-08-15. According to DefCon staff, Madigan had told someone she wanted to out an undercover federal agent at DefCon. That person in turn warned DefCon about Madigan's plans. Federal law enforcement agents from FBI, DoD, United States Postal Inspection Service and other agencies regularly attend DefCon to gather intelligence on the latest techniques of hackers.
  4. ^ "DEFCON 15 FAQ's". Retrieved 9 Feb 2011. Lots of people come to DEFCON and are doing their job; security professionals, federal agents, and the press.
  5. ^ Tangent, The Dark. "DEF CON® Hacking Conference – About". www.defcon.org. Retrieved 2016-03-12.
  6. ^ "DEFCON about".
  7. ^ Jeff Moss (July 30, 2007). The Story of DEFCON. Retrieved 9 Feb 2011.
  8. ^ a b "Def Con 27 Transparency Report - DEF CON Forums". forum.defcon.org. Retrieved 2019-08-17.
  9. ^ DEFCON: The Documentary at IMDb  
  10. ^ "Coronavirus claims new victim: 'DEF CON cancelled' joke cancelled after DEF CON China actually cancelled". The Register.
  11. ^ Newman, Lily Hay. "Defcon is Cancelled". Wired.
  12. ^ "DEF CON 28 Safe Mode FAQ".
  13. ^ "DEF CON 29 FAQ".
  14. ^ Oberhaus, Daniel (September 18, 2018). "A History of Badgelife, Def Con's Unlikely Obsession with Artistic Circuit Boards". Vice Motherboard. Retrieved January 14, 2019.
  15. ^ McAllister, Neil (August 12, 2015). "Is this the most puzzling DEF CON attendee badge yet on record?". The Register UK. Retrieved January 14, 2019.
  16. ^ Molina, Brett (August 14, 2018). "11-year-old hacks replica of Florida state website, changes election results". USA Today. Retrieved January 14, 2019.
  17. ^ "Home". Aerospace Village.
  18. ^ "Hacker Jeopardy for DEF CON 28". www.dfiu.tv. Retrieved 2024-01-29.
  19. ^ "DEF CON Scavenger Hunt". DEF CON Scavenger Hunt. Retrieved 2024-01-29.
  20. ^ "DEF CON Crash and Compile Contest". crashandcompile.org. Retrieved 2024-01-29.
  21. ^ "Hackfortress". hackfortress.net. Retrieved 2024-01-29.
  22. ^ Tangent, The Dark. "DEF CON® Hacking Conference – Black Badge Hall of Fame". www.defcon.org. Retrieved 2016-03-12.
  23. ^ "Innovations in Defense: Artificial Intelligence and the Challenge of Cybersecurity". americanhistory.si.edu. 20 April 2017.
  24. ^ . Archived from the original on 2019-02-15. Retrieved 2017-04-24.
  25. ^ Moss, Jeff. "DEF CON Hacking Conference - Capture the Flag Archive".
  26. ^ a b c vulc@n of DDTek (2023). "A history of Capture the Flag at DEF CON".
  27. ^ "A Brief History of CTF". psifertex.github.io. Retrieved 2023-12-20.
  28. ^ "Diutinus Defense Techonologies Corp. / DC17". ddtek.biz. Retrieved 2023-12-27.
  29. ^ "Diutinus Defense Techonologies Corp. / DC18". ddtek.biz. Retrieved 2023-12-27.
  30. ^ "Diutinus Defense Techonologies Corp. / Home". ddtek.biz. Retrieved 2023-12-27.
  31. ^ "DEF CON CTF 2018". OOO — DEF CON CTF. Retrieved 2023-12-21.
  32. ^ "OOO — DEF CON CTF". OOO — DEF CON CTF. Retrieved 2023-12-21.
  33. ^ "OOO — DEF CON CTF". OOO — DEF CON CTF. Retrieved 2023-12-21.
  34. ^ "OOO — DEF CON CTF". OOO — DEF CON CTF. Retrieved 2023-12-21.
  35. ^ Riley, Eller (2004). "Capture the Flag Games" (PDF).
  36. ^ "Defcon 9 - Capture The Flag Contest Network". 2001-07-09.
  37. ^ "4/23/ Immunix & Defcon: Defending Vulnerable Code From Intense Attack Crispin Cowan, Ph.D Seth Arnold, Steve Beattie, Chris Wright WireX and John. - ppt download". slideplayer.com. Retrieved 2023-12-21.
  38. ^ Crispin, Cowan (May 2003). "Defcon Capture the Flag: defending vulnerable code from intense attack". DARPA Information Survivability Conference and Exposition. 2 (2003).
  39. ^ Ghettohackers. "Defcon 10 - Capture the Flag (CTF) contest".
  40. ^ The Ghetto Hackers (June 29, 2003). "Announcing Capture the Flag - Root Fu - Vegas 2003 @ DefCon 11".
  41. ^ Jordan (2021-04-06), A Brief History of CTF, retrieved 2023-12-20
  42. ^ A Brief History of CTF - Jordan Wiens, retrieved 2023-12-20
  43. ^ . 2011-05-14. Archived from the original on 2011-05-14. Retrieved 2023-12-21.
  44. ^ The FreeBSD Project (2011-09-28). "Buffer overflow in handling of UNIX socket addresses".
  45. ^ routardz. "Defcon 19 CTF - CTF Inside". Retrieved 2023-12-20.
  46. ^ "Cyber Grand Challenge (CGC) (Archived)". www.darpa.mil. Retrieved 2023-12-20.
  47. ^ Unknown. "cLEMENCy - Showing Mercy". Retrieved 2023-12-20.
  48. ^ "Official forums social group section for DEF CON groups". DEF CON Forums. Retrieved 2023-02-25.
  49. ^ Lamos, Rob (31 July 2005). . SecurityFocus. Archived from the original on 2012-07-28. Retrieved 2004-07-31.
  50. ^ Cassel, David (4 August 2007). . Tech.Blorge.com. Archived from the original on 2007-09-08. Retrieved 2007-08-15.
  51. ^ Lundin, Leigh (2008-08-17). "Dangerous Ideas". MBTA v DefCon 16. Criminal Brief. Retrieved 2010-10-07.
  52. ^ Jeschke, Rebecca (2008-08-09). "MIT Students Gagged by Federal Court Judge". Press Room. EFF.
  53. ^ Massachusetts Bay Transit Authority v. Zack Anderson, RJ Ryan, Alessandro Chiesa, and the Massachusetts Institute of Technology (United States District Court District of Massachusetts), Text.
  54. ^ . Archived from the original on 2013-06-22. Retrieved 2008-06-09. Contest concept.
  55. ^ McMillan, Robert (April 2008). "Security Vendors Slam Defcon Virus Contest". IDG News Service.[permanent dead link]
  56. ^ Zetter, Kim. "Malicious ATM Catches Hackers". Wired – via www.wired.com.
  57. ^ Fisher, Dennis; Roberts, Paul (August 10, 2011). . Business Security. Archived from the original on 2011-08-10.
  58. ^ a b c d e Greenberg, Andy. "Watch Top U.S. Intelligence Officials Repeatedly Deny NSA Spying On Americans Over The Last Year (Videos)." Forbes. June 6, 2013. Retrieved on June 11, 2013. "Eight months later, Senator Ron Wyden quoted[...]"
  59. ^ Wagenseil, Paul. "Hackers Don't Believe NSA Chief's Denial of Domestic Spying." () NBC News. August 1, 2012. Retrieved on June 13, 2013.
  60. ^ a b Whitney, Lance. "Defcon to feds: 'We need some time apart'". CNET. July 11, 2013. Retrieved on July 12, 2013.
  61. ^ Blue, Violet. "Feds 'not welcome' at DEF CON hacker conference". ZDNet. July 11, 2013. Retrieved on July 11, 2013.
  62. ^ "ForAllSecure | Mayhem Security | Application Security". ForAllSecure.
  63. ^ "DEF CON Capture the Flag Final Scores". blog.legitbs.net.
  64. ^ Joe Uchill (July 29, 2017). "Hackers breach dozens of voting machines brought to conference". The Hill. Thehill.com. Retrieved 2 August 2017.
  65. ^ "DEF CON Hacking Warns Voting Machines Vulnerability, Oct 10 2017 | C-SPAN.org". C-SPAN.org. Retrieved 2017-12-08.
  66. ^ "O'Reilly Security Conference in NYC 2017 Defender Awards". conferences.oreilly.com. Retrieved 2017-12-08.
  67. ^ Hern, Alex; Levin, Sam (August 4, 2017). "Briton who stopped WannaCry attack arrested over separate malware claims". The Guardian. ISSN 0261-3077. Retrieved August 11, 2017.
  68. ^ @VotingVillageDC (March 6, 2018). "WOW! Congrats to the @defcon Team, recently honored for its innovative #VotingVillage concept & the continued debat…" (Tweet) – via Twitter.
  69. ^ "DEF CON 28 in-person conference is CANCELLED - DEF CON Forums". forum.defcon.org. Retrieved 2020-05-08.
  70. ^ "DEF CON Safe Mode archive site".
  71. ^ Winn Schwartau. (PDF). Archived from the original (PDF) on 18 July 2011. Retrieved 9 Feb 2011.
  72. ^ "DEF CON® Hacking Conference – Show Archives". www.defcon.org. Retrieved 2016-04-09.
  73. ^ "DEF CON 32 Was Canceled. We Un-Canceled it". Retrieved 2024-02-04.
  74. ^ Newman, Lily Hay. "Defcon Is Canceled". Wired. ISSN 1059-1028. Retrieved 2023-02-25.
  75. ^ ""DEF CON Transparency"". August 2018. Retrieved 2018-10-28.
  76. ^ ""Voting Machine Hacking Village"" (PDF). September 2017. p. 4. Retrieved 2018-05-17.
  77. ^ ""Norton at DefCon"". September 2019. Retrieved 2019-09-15.
  78. ^ ""Gray Tier Technologies at DEFCON23"". August 2015. Retrieved 2019-09-15.[permanent dead link]
  79. ^ a b Richard Byrne Reilly (2014-08-12). ""Black Hat and Defcon see record attendance — even without the government spooks"". Retrieved 2017-06-07.
  80. ^ "DEF CON 17 FAQ". Retrieved 2018-07-07.

Further reading edit

  • "DefCon's Moss: Undercover Reporter Damages 'Neutral Zone' 2019-09-24 at the Wayback Machine." Information Week. August 6, 2007.
  • Greenberg, Andy (August 10, 2023). "Teens Hacked Boston Subway Cards to Get Infinite Free Rides—and This Time, Nobody Got Sued". Wired. Retrieved 2023-08-10.
  • Mills, Elinor. "NSA director finally greets Defcon hackers." CNET. July 27, 2012.
  • Newman, Lily Hay "To Fix Voting Machines, Hackers Tear Them Apart" WIRED August 1, 2017.

External links edit

 
Wikimedia Commons has media related to DEF CON.

DEF CON

  • Official website
  • Official FAQ
  • DEF CON Groups
  • DEF CON v3 Tor .onion addresses

Multimedia

  • DEF CON: The Documentary
  • DEF CON: The Documentary on IMDb
  • A first ever look inside the DEF CON NOC (2008)
  • The Story of DEF CON – video interview with Jeff Moss, a.k.a. Dark Tangent, the founder of DEF CON
  • Transcript, audio, video of Jess Moss describing DEF CON's inception

February 16, 2024
this, article, about, computer, security, convention, other, uses, defcon, disambiguation, also, written, defcon, defcon, hacker, convention, held, annually, vegas, nevada, first, took, place, june, 1993, today, many, attendees, include, computer, security, pr. This article is about the computer security convention For other uses see Defcon disambiguation DEF CON also written as DEFCON Defcon or DC is a hacker convention held annually in Las Vegas Nevada The first DEF CON took place in June 1993 and today many attendees at DEF CON include computer security professionals journalists lawyers federal government employees security researchers students and hackers with a general interest in software computer architecture hardware modification conference badges and anything else that can be hacked The event consists of several tracks of speakers about computer and hacking related subjects as well as cyber security challenges and competitions known as hacking wargames Contests held during the event are extremely varied and can range from creating the longest Wi Fi connection to finding the most effective way to cool a beer in the Nevada heat 2 DEF CONStatusActiveGenreSecurity Conference Hacker ConferenceFrequencyAnnualVenueVariesLocation s Las Vegas NevadaYears active30InauguratedJune 9 1993 1993 06 09 1 FounderJeff MossPrevious eventAugust 10 13 2023Next eventAugust 8 11 2024AttendanceOver 30 000Websitedefcon wbr orgOther contests past and present include lockpicking robotics related contests art slogan coffee wars scavenger hunt and Capture the Flag Capture the Flag CTF is perhaps the best known of these contests and is a hacking competition where teams of hackers attempt to attack and defend computers and networks using software and network structures CTF has been emulated at other hacking conferences as well as in academic and military contexts as red team exercises Federal law enforcement agents from the FBI DoD United States Postal Inspection Service DHS via CISA and other agencies regularly attend DEF CON 3 4 Some have considered DEF CON to be the world s largest hacker con given its attendee size and the number of other conferences modeling themselves after it Contents 1 History 2 Components 2 1 Handles 2 2 Badges 2 3 Villages 2 4 Internal Conferences 2 5 Workshops 2 6 Fundraising 3 Contests 3 1 Black Badge 3 2 Capture the flag 3 2 1 Capture the Flag History 4 Groups 5 Notable incidents 6 Entertainment references 7 Venues dates and attendance 8 See also 9 References 10 Further reading 11 External linksHistory editDEF CON was founded in 1993 by then 18 year old Jeff Moss as a farewell party for his friend a fellow hacker and member of Platinum Net a FidoNet protocol based hacking network from Canada 5 The party was planned for Las Vegas a few days before his friend was to leave the United States because his father had accepted employment out of the country However his friend s father left early taking his friend along so Jeff was left alone with the entire party planned Jeff decided to invite all his hacker friends to go to Las Vegas with him and have the party with them instead Hacker friends from far and wide got together and laid the foundation for DEF CON with roughly 100 people in attendance The term DEF CON comes from the movie WarGames referencing the U S Armed Forces defense readiness condition DEFCON In the movie Las Vegas was selected as a nuclear target and since the event was being hosted in Las Vegas it occurred to Jeff Moss to name the convention DEF CON However to a lesser extent CON also stands for convention and DEF is taken from the letters on the number 3 on a telephone keypad a reference to phreakers 6 The official name of the conference includes a space in between DEF and CON Though intended to be a one time event Moss received overwhelmingly positive feedback from attendees and decided to host the event for a second year at their urging The event s attendance nearly doubled the second year and has enjoyed continued success 7 In 2019 an estimated 30 000 people attended DEF CON 27 8 For DEF CON s 20th Anniversary a film was commissioned entitled DEFCON The Documentary 9 The film follows the four days of the conference events and people attendees and staff and covers history and philosophy behind DEF CON s success and unique experiences In January 2018 the DEF CON China Beta event was announced The conference was held May 11 13 2018 in Beijing and marked DEF CON s first conference outside the United States The second annual DEF CON China was canceled due to concerns related to COVID 19 10 In 2020 due to safety concerns over COVID 19 the DEF CON 28 in person Las Vegas event was cancelled 11 and replaced with DEF CON Safe Mode 12 a virtual event planned for the same August 6 9 dates as DC 28 In 2021 DEF CON 29 was held on August 5 8 in person in Las Vegas and virtually via Twitch and Discord In person attendees were required to wear masks in conference areas and to show proof to COVID 19 vaccination Attendees with verified vaccine records verified by a 3rd party were given a wristband which was required for entry into the conference areas 13 Components editHandles edit Attendees at DEF CON and other Hacker conferences often utilize an alias or handle at conferences This is in keeping with the hacker community s desire for anonymity Some known handles include DEF CON founder Jeff Moss handle of Dark Tangent A notable event at DEF CON is DEF CON 101 which starts off the con and may offer the opportunity for an individual to come up on stage and be assigned a handle by a number of members of the community Badges edit nbsp Multiple electronic and non electronic DEF CON human badges and other con badges A notable part of DEF CON is the conference badge which identifies attendees and ensures attendees can access conference events and activities The DEF CON badge has historically been notable because of its changing nature sometimes being an electronic badge PCB with LEDs or sometimes being a non electronic badge such as a vinyl record Conference badges often contain challenges or callbacks to hacker or other technology history such as the usage of the Konami Code in the DEF CON 24 badge or the DEF CON 25 badge reverting to the look of the DEF CON 1 badge DEF CON Badges do not generally identify attendees by name however the badges are used to differentiate attendees from others One way of doing this has been to have different badges a general conference attendee HUMAN badge a Staff member GOON Vendor Speaker Press and other badges In addition individuals and organizations have begun creating their own badges in what has become known as badgelife These badges may be purchased in many cases or earned at the conference by completing challenges or events Some badges may give the holder access to after hours events at the conference In 2018 the evolution of this came with what was termed shitty addon s or SAOs These were miniature usually PCBs that connected to the official and other badges that may extend functionality or were just collected 14 15 Villages edit Villages are dedicated spaces arranged around a specific topic Villages may be considered mini conferences within the con with many holding their own independent talks as well as hands on activities such as CTFs or labs Some villages include Aerospace Village Car Hacking Village IoT Village Recon Biohacking lockpicking ham radio and the well known Social Engineering and vote hacking villages In 2018 the vote hacking village gained media attention due to concerns about US election systems security vulnerabilities 16 17 Internal Conferences edit DEF CON has its own cultural underground which results in individuals wanting to create their own meetups or cons within DEF CON These may be actual formal meetups or may be informal Well known cons are Queercon a meetup of LGBTQ community Linecon any long line has the potential to turn into a con QuietCon a meetup to hang out or talk quietly away from the hustle and bustle of the rest of the conference attendees Workshops edit Workshops are dedicated classes on various topics related to information security and related topics Historical workshops have been held on topics such as Digital Forensics investigation hacking IoT devices playing with RFID fuzzing and attacking smart devices Fundraising edit Since DEF CON 11 fundraisers have been conducted for the Electronic Frontier Foundation EFF The first fundraiser was a dunk tank and was an official event The EFF now has an event named The Summit hosted by the Vegas 2 0 crew that is an open event and fundraiser DEF CON 18 2010 hosted a new fundraiser called MohawkCon Contests editWithin DEF CON there are many contests and events which range from Capture the Flag Hacker Jeopardy 18 Scavenger Hunt 19 Capture the Packet Crash and Compile 20 and Hackfortress 21 to name a few Black Badge edit The Black Badge is the highest award DEF CON gives to contest winners of certain events Capture the flag CTF winners sometimes earn these as well as Hacker Jeopardy winners The contests that are awarded Black Badges vary from year to year and a Black Badge allows free entrance to DEF CON for life potentially a value of thousands of dollars 22 In April 2017 a DEF CON Black Badge was featured in an exhibit 23 in the Smithsonian Institution s National Museum of American History entitled Innovations in Defense Artificial Intelligence and the Challenge of Cybersecurity The badge belongs to ForAllSecure s Mayhem Cyber Reasoning System 24 the winner of the DARPA 2016 Cyber Grand Challenge at DEF CON 24 and the first non human entity ever to earn a Black Badge Capture the flag edit The first instance of the DEF CON CTF was held in 1996 at the 4th DEF CON and has been held since then every year 25 It s one of the few CTF in the attack defense format The prize of the winning team is a couple of black badges 26 Capture the Flag Timeline 27 26 Year DEF CON Competing Teams Organizers Architecture Platform Winning Team1996 4 Goons AJ Reznor1997 5 Goons AJ Reznor1998 6 Goons SNI1999 7 Goons Ghetto Hackers2000 8 Goons Ghetto Hackers2001 9 Goons Multiple Ghetto Hackers amp digirev2002 10 Ghetto Hackers Redhat 6 2 Digital Revelation2003 11 8 Ghetto Hackers OpenBSD Anomaly2004 12 8 Ghetto Hackers i386 Windows sk3wl0fr00t2005 13 8 Kenshoto i386 FreeBSD 5 4 shellphish2006 14 8 Kenshoto i386 Solaris 10 1 stplace2007 15 8 Kenshoto i386 FreeBSD 1 stplace2008 16 8 Kenshoto i386 FreeBSD Sk3wl of Root2009 17 9 DDTEK i386 FreeBSD VedaGodz 28 2010 18 12 DDTEK i386 FreeBSD amp Debian ACME Pharm 29 2011 19 12 DDTEK i386 FreeBSD European Nopsleders 30 2012 20 20 DDTEK i386 FreeBSD Samurai2013 21 20 Legitimate Business Syndicate armv7 Linux Plaid Parliament of Pwning2014 22 20 Legitimate Business Syndicate armv7 amp i386 Linux Plaid Parliament of Pwning2015 23 15 Legitimate Business Syndicate MIPS x86 amp armv7 Linux DEFKOR2016 24 15 Legitimate Business Syndicate i386 DECREE Plaid Parliament of Pwning2017 25 15 Legitimate Business Syndicate cLEMENCy cLEMENCy Plaid Parliament of Pwning2018 26 24 Order Of the Overflow MIPS x86 amp armv7 Linux DEFKOR00T 31 2019 27 16 Order Of the Overflow x86 arm64 esoteric Linux iOS Xbox Plaid Parliament of Pwning 32 2020 28 16 Order Of the Overflow x86 esoteric Linux A 0 E 33 2021 29 16 Order Of the Overflow x86 microengine Linux Katzebin 34 2022 30 16 Nautilus Institute mixed LiveCTF Maple Mallard Magistrates2023 31 12 Nautilus Institute mixed LiveCTF Maple Mallard MagistratesCapture the Flag History edit In 1996 the first DEF CON CTF was organized with a couple of servers for participants to hack and judges to decide if a machine has been hacked and award points accordingly 35 In 2002 the company Immunix took part in the game under the moniker immunex 36 to benchmark the security of their Linux based operating system with modifications including StackGuard FormatGuard OpenWall s non executable stack SubDomain the ancestor of AppArmor 37 Confident in their defense capabilities they even opened access to their servers to other teams and even spent some time taunting them The team got the second place and all their services deployed on their Immunix stack were never compromised 38 It was also the first year the contest had an organiser provided services infrastructure connected to a real time scoreboard 39 In 2003 the game had become so popular that a qualification round was introduced with the previous winner automatically qualified 40 In 2008 the Sk3wl of Root team took advantage of a bug in the game privilege dropping and forking were inverted allowing them to have such a massive lead that they spent most of the CTF playing Guitar Hero 41 42 In 2009 it was announced 43 that Diutinus Defense Technology Corp DDTEK would be the new organisers but nobody knew who they were It was revealed at the end of the game that the team playing as sk3wl0fr00t was in fact organising the CTF Hacking the top hacker contest seemed like a fun way to introduce ourselves to CTF organization The yells of bullshit from CTF teams during the Defcon 17 awards ceremony were very gratifying said vulc n a member of DDTEK on the topic 26 In 2011 the team lollerskaters dropping from roflcopters used a 0day in FreeBSD namely CVE 2011 4062 44 to escape jails causing havoc in the game s infrastructure 45 In 2016 the 15th edition of the CTF was done in partnership with the DARPA as part of its Cyber Grand Challenge program where teams wrote autonomous systems to play the game without any human interaction 46 In 2017 the Legitimate Business Syndicate came up with their very own CPU architecture called cLEMENCy a middle endian with 9 bits bytes CPU With its specifications released only 24h before the beginning of the CTF it was designed with the explicit goals of both surprising the teams and leveling the playing field by breaking all their tools 47 Groups editDEF CON Groups are worldwide local chapters of hackers thinkers makers and others DEF CON Groups were started as a splinter off of the 2600 meetup groups because of concerns over politicization Local DEF CON groups are formed and are posted online 48 DEF CON Groups are usually identified by the area code of the area where they are located in the US and by other numbers when outside of the US e g DC801 DC201 DEF CON Groups may seek permission to make a logo that includes the official DEF CON logo with approval Notable incidents editHigh profile issues which have garnered significant media attention Year Description1999 On July 10 1999 the Cult of the Dead Cow hacker collective released Back Orifice 2000 later discovered to be infected with the CIH virus at DEF CON 7 in what was at the time the largest presentation in DEF CON history 2001 On July 16 2001 Russian programmer Dmitry Sklyarov was arrested the day after DEF CON for writing software to decrypt Adobe s e book format 2005 On July 31 2005 Cisco used legal threats to suppress Mike Lynn from presenting at DEF CON about flaws he had found in the Cisco IOS used on routers 49 2007 In August 2007 Michelle Madigan a reporter for Dateline NBC attempted to secretly record hackers admitting to crimes at the convention After being outed by DEF CON founder Jeff Moss during an assembly she was heckled and chased out of the convention by attendees for her use of covert audio and video recording equipment DEF CON staff tried to get Madigan to obtain a press pass before the outing happened 50 A DEF CON source at NBC had tipped off organizers to Madigan s plans 3 2008 Main article Massachusetts Bay Transportation Authority v AndersonMIT students Zack Anderson R J Ryan and Alessandro Chiesa were to present a session entitled The Anatomy of a Subway Hack Breaking Crypto RFIDS and Magstripes of Ticketing Systems The presentation description included the phrase Want free subway rides for life and promised to focus on the Boston T subway 51 However the Massachusetts Bay Transit Authority MBTA sued the students and MIT in United States District Court in Massachusetts on August 8 2008 claiming that the students violated the Computer Fraud and Abuse Act CFAA by delivering information to conference attendees that could be used to defraud the MBTA of transit fares 52 53 The court issued a temporary restraining order prohibiting the students from disclosing the material for a period of ten days despite the fact the material had already been disseminated to DEF CON attendees at the start of the show In 2008 s contest Race to Zero contestants submitted a version of given malware which was required to be undetectable by all of the antivirus engines in each round The contest concept attracted much negative attention 54 55 2009 WIRED 56 reported that an ATM kiosk was positioned in the conference center of the Riviera Hotel Casino capturing data from an unknown number of hackers attending the DEF CON hacker conference 2011 Security company HBGary Federal used legal threats to prevent former CEO Aaron Barr from attending a panel discussion at the conference 57 2012 The director of the National Security Agency Keith B Alexander gave the keynote speech 58 During the question and answers session the first question for Alexander 58 fielded by Jeff Moss 59 was Does the NSA really keep a file on everyone and if so how can I see mine Alexander replied Our job is foreign intelligence and that Those who would want to weave the story that we have millions or hundreds of millions of dossiers on people is absolutely false From my perspective this is absolute nonsense 58 On March 12 2013 during a United States Senate Select Committee on Intelligence hearing Senator Ron Wyden quoted the 2012 DEF CON keynote speech and asked Director of National Intelligence James Clapper if the U S conducted domestic surveillance Clapper made statements saying that there was no intentional domestic surveillance 58 In June 2013 NSA surveillance programs which collected data on US citizens such as PRISM had been exposed Andy Greenberg of Forbes said that NSA officials including Alexander in the years 2012 and 2013 publicly denied often with carefully hedged words participating in the kind of snooping on Americans that has since become nearly undeniable 58 2013 On July 11 2013 Jeff Moss posted a statement 60 located on the DEF CON blog titled Feds We Need Some Time Apart It stated that I think it would be best for everyone involved if the feds call a time out and not attend DEF CON this year 61 This was the first time in the organization s history that it had asked federal authorities not to attend 60 Actor Will Smith visited the convention to study the DEF CON culture for an upcoming movie role 2016 On August 4 2016 DEF CON and DARPA co hosted the 2016 Cyber Grand Challenge a first of its kind all machine hacking tournament Competing teams had to create a bot capable of handling all aspects of offense and defense with complete autonomy Seven finalists competed for a US 2M grand prize The winner of the Cyber Grand Challenge was Mayhem an AI created by ForAllSecure of Pittsburgh Pennsylvania 62 Mayhem then went on to participate in the previously humans only DEF CON Capture the Flag Contest 63 where it finished in last place despite pulling ahead of human teams often in a contest for which it was not specifically designed 2017 At the Voting Machine Village event dozens of voting machines brought to the conference were breached 64 In September 2017 the Voting Machine Village produced DEF CON 25 Voting Machine Hacking Village Report on Cyber Vulnerabilities in US Election Equipment Databases and Infrastructure summarizing its findings The findings were publicly released at an event sponsored by the Atlantic Council 65 and the paper went on to win an O Reilly Defender Research Award 66 Marcus Hutchins better known online by his handle MalwareTech the 23 year old British security researcher who was credited with stopping the WannaCry outbreak was arrested by the FBI at the airport preparing to leave the country after attending DEF CON over his alleged involvement with the Kronos banking trojan 67 2018 In March 2018 the DEF CON Voting Machine Hacking Village was awarded a Cybersecurity Excellence Award 68 The award cites both the spurring of a national dialog around securing the US election system and the release of the nation s first cybersecurity election plan 2020 On May 8 2020 the DEF CON in person conference itself was cancelled 69 and virtualized due to COVID 19 DEF CON Safe Mode 70 was held August 6 9 online with a full roster of talks villages contests and events Entertainment references editDEF CON was also portrayed in The X Files episode Three of a Kind featuring an appearance by The Lone Gunmen DEF CON was portrayed as a United States government sponsored convention instead of a civilian convention A semi fictionalized account of DEF CON 2 Cyber Christ Meets Lady Luck written by Winn Schwartau demonstrates some of the early DEF CON culture 71 A trip to DEF CON for a hacker showdown figures into the plot of The Signal Director William Eubank came to Las Vegas and screened the film at DEF CON Movie Night A fictionalized version of DEF CON called EXOCON is the setting for the climax of Jason Bourne the fifth film of the Bourne film series The primary antagonist of the film a fictionalized CIA director played by Tommy Lee Jones is a keynote speaker at the event mimicking DEF CON 20 s controversial keynote speaker NSA director Keith B Alexander In the Mr Robot Season 3 opener eps3 0 power saver mode h Elliot and Darlene visit a qualifying tournament for the DEF CON Capture the Flag CTF contest Sharp eyed viewers will notice DEF CON s smiley face and crossbones mascot Jack among the set decorations Documentarian Werner Herzog included DEF CON in his 2016 film Lo and Behold Reveries of the Connected World a film described as a playful yet chilling examination of our rapidly interconnecting online lives Venues dates and attendance editEach conference venue and date has been extracted from the DEF CON archives for easy reference 72 Conference Name Venue Duration Year AttendanceDEF CON 33 TBD August 7 10 2025 N ADEF CON 32 Las Vegas Convention Center and The Sahara 73 August 8 11 2024 N ADEF CON 31 Caesars Forum Flamingo Harrah s Hotel and Linq Hotel August 10 13 2023 25 000 citation needed DEF CON 30 Caesars Forum Flamingo Harrah s Hotel and Linq Hotel August 11 14 2022 25 000 citation needed DEF CON 29 Paris Hotel and Bally s Hotel August 5 8 2021 8 700 citation needed DEF CON Safe Mode Virtual event August 6 9 2020 N ADEF CON 28 Planned Caesars Forum Harrah s The Linq and Flamingo August 6 9 2020 0 74 DEF CON 27 Paris Hotel Bally s Hotel Planet Hollywood and Flamingo August 8 11 2019 30 000 8 DEF CON China 1 0 751 D Park May 31 June 2 2019 UnknownDEF CON 26 Caesars Palace and Flamingo August 9 12 2018 28 000 75 DEF CON China Beta Kuntai Hotel Beijing May 11 13 2018 UnknownDEF CON 25 Caesars Palace July 27 30 2017 25 000 76 DEF CON 24 Paris Hotel and Bally s Hotel August 4 7 2016 22 000 77 DEF CON 23 Paris Hotel and Bally s Hotel August 6 9 2015 16 000 78 DEF CON 22 Rio Hotel amp Casino August 7 10 2014 16 000 79 DEF CON 21 Rio Hotel amp Casino August 1 4 2013 12 000 79 DEF CON 20 Rio Hotel amp Casino July 26 29 2012 UnknownDEF CON 19 Rio Hotel amp Casino August 4 7 2011 UnknownDEF CON 18 Riviera Hotel amp Casino July 30 August 1 2010 UnknownDEF CON 17 Riviera Hotel amp Casino July 30 August 2 2009 UnknownDEF CON 16 Riviera Hotel amp Casino August 8 10 2008 8 000 80 DEF CON 15 Riviera Hotel amp Casino August 3 5 2007 UnknownDEF CON 14 Riviera Hotel amp Casino August 4 6 2006 UnknownDEF CON 13 Alexis Park Resort July 29 31 2005 UnknownDEF CON 12 Alexis Park Resort July 30 August 1 2004 UnknownDEF CON 11 Alexis Park Resort August 1 3 2003 UnknownDEF CON 10 Alexis Park Resort August 2 4 2002 UnknownDEF CON 9 Alexis Park Resort July 13 15 2001 UnknownDEF CON 8 Alexis Park Resort July 28 30 2000 UnknownDEF CON 7 Alexis Park Resort July 9 11 1999 UnknownDEF CON 6 Plaza Hotel amp Casino July 31 August 2 1998 UnknownDEF CON 5 Aladdin Hotel amp Casino July 11 13 1997 UnknownDEF CON 4 Monte Carlo Resort and Casino July 26 28 1996 UnknownDEF CON 3 Tropicana Resort amp Casino August 4 6 1995 UnknownDEF CON 2 Sahara Hotel and Casino July 22 24 1994 200DEF CON 1 Sands Hotel and Casino June 9 11 1993 100See also editBlack Hat Briefings Chaos Communication Congress C3 Electronic voting Hack Tic a quadrennial European convention Hackers on Planet Earth HOPE Security BSides a community supported conference with locations across the globe Summercon the first American hacker conference organized by members of Phrack ToorCon a yearly hacker conference held in San Diego California since 1999References edit Def Con 1 Archive Retrieved 2017 04 23 DefCon Beverage Cooling Contraption Contest deviating net a b Zetter Kim 3 August 2007 Dateline Mole Allegedly at DefCon with Hidden Camera Updated Mole Caught on Tape Wired Blog Network Retrieved 2007 08 15 According to DefCon staff Madigan had told someone she wanted to out an undercover federal agent at DefCon That person in turn warned DefCon about Madigan s plans Federal law enforcement agents from FBI DoD United States Postal Inspection Service and other agencies regularly attend DefCon to gather intelligence on the latest techniques of hackers DEFCON 15 FAQ s Retrieved 9 Feb 2011 Lots of people come to DEFCON and are doing their job security professionals federal agents and the press Tangent The Dark DEF CON Hacking Conference About www defcon org Retrieved 2016 03 12 DEFCON about Jeff Moss July 30 2007 The Story of DEFCON Retrieved 9 Feb 2011 a b Def Con 27 Transparency Report DEF CON Forums forum defcon org Retrieved 2019 08 17 DEFCON The Documentary at IMDb nbsp Coronavirus claims new victim DEF CON cancelled joke cancelled after DEF CON China actually cancelled The Register Newman Lily Hay Defcon is Cancelled Wired DEF CON 28 Safe Mode FAQ DEF CON 29 FAQ Oberhaus Daniel September 18 2018 A History of Badgelife Def Con s Unlikely Obsession with Artistic Circuit Boards Vice Motherboard Retrieved January 14 2019 McAllister Neil August 12 2015 Is this the most puzzling DEF CON attendee badge yet on record The Register UK Retrieved January 14 2019 Molina Brett August 14 2018 11 year old hacks replica of Florida state website changes election results USA Today Retrieved January 14 2019 Home Aerospace Village Hacker Jeopardy for DEF CON 28 www dfiu tv Retrieved 2024 01 29 DEF CON Scavenger Hunt DEF CON Scavenger Hunt Retrieved 2024 01 29 DEF CON Crash and Compile Contest crashandcompile org Retrieved 2024 01 29 Hackfortress hackfortress net Retrieved 2024 01 29 Tangent The Dark DEF CON Hacking Conference Black Badge Hall of Fame www defcon org Retrieved 2016 03 12 Innovations in Defense Artificial Intelligence and the Challenge of Cybersecurity americanhistory si edu 20 April 2017 Mayhem Wins DARPA CGC Archived from the original on 2019 02 15 Retrieved 2017 04 24 Moss Jeff DEF CON Hacking Conference Capture the Flag Archive a b c vulc n of DDTek 2023 A history of Capture the Flag at DEF CON A Brief History of CTF psifertex github io Retrieved 2023 12 20 Diutinus Defense Techonologies Corp DC17 ddtek biz Retrieved 2023 12 27 Diutinus Defense Techonologies Corp DC18 ddtek biz Retrieved 2023 12 27 Diutinus Defense Techonologies Corp Home ddtek biz Retrieved 2023 12 27 DEF CON CTF 2018 OOO DEF CON CTF Retrieved 2023 12 21 OOO DEF CON CTF OOO DEF CON CTF Retrieved 2023 12 21 OOO DEF CON CTF OOO DEF CON CTF Retrieved 2023 12 21 OOO DEF CON CTF OOO DEF CON CTF Retrieved 2023 12 21 Riley Eller 2004 Capture the Flag Games PDF Defcon 9 Capture The Flag Contest Network 2001 07 09 4 23 Immunix amp Defcon Defending Vulnerable Code From Intense Attack Crispin Cowan Ph D Seth Arnold Steve Beattie Chris Wright WireX and John ppt download slideplayer com Retrieved 2023 12 21 Crispin Cowan May 2003 Defcon Capture the Flag defending vulnerable code from intense attack DARPA Information Survivability Conference and Exposition 2 2003 Ghettohackers Defcon 10 Capture the Flag CTF contest The Ghetto Hackers June 29 2003 Announcing Capture the Flag Root Fu Vegas 2003 DefCon 11 Jordan 2021 04 06 A Brief History of CTF retrieved 2023 12 20 A Brief History of CTF Jordan Wiens retrieved 2023 12 20 Diutinus Defense Techonologies Corp Home 2011 05 14 Archived from the original on 2011 05 14 Retrieved 2023 12 21 The FreeBSD Project 2011 09 28 Buffer overflow in handling of UNIX socket addresses routardz Defcon 19 CTF CTF Inside Retrieved 2023 12 20 Cyber Grand Challenge CGC Archived www darpa mil Retrieved 2023 12 20 Unknown cLEMENCy Showing Mercy Retrieved 2023 12 20 Official forums social group section for DEF CON groups DEF CON Forums Retrieved 2023 02 25 Lamos Rob 31 July 2005 Exploit writers team up to target Cisco routers SecurityFocus Archived from the original on 2012 07 28 Retrieved 2004 07 31 Cassel David 4 August 2007 Transcript Michelle Madigan s run from Defcon Tech Blorge com Archived from the original on 2007 09 08 Retrieved 2007 08 15 Lundin Leigh 2008 08 17 Dangerous Ideas MBTA v DefCon 16 Criminal Brief Retrieved 2010 10 07 Jeschke Rebecca 2008 08 09 MIT Students Gagged by Federal Court Judge Press Room EFF Massachusetts Bay Transit Authority v Zack Anderson RJ Ryan Alessandro Chiesa and the Massachusetts Institute of Technology United States District Court District of Massachusetts Text Race to Zero Archived from the original on 2013 06 22 Retrieved 2008 06 09 Contest concept McMillan Robert April 2008 Security Vendors Slam Defcon Virus Contest IDG News Service permanent dead link Zetter Kim Malicious ATM Catches Hackers Wired via www wired com Fisher Dennis Roberts Paul August 10 2011 Legal Threat Pushes Former HBGary Federal CEO Out Of DEFCON Business Security Archived from the original on 2011 08 10 a b c d e Greenberg Andy Watch Top U S Intelligence Officials Repeatedly Deny NSA Spying On Americans Over The Last Year Videos Forbes June 6 2013 Retrieved on June 11 2013 Eight months later Senator Ron Wyden quoted Wagenseil Paul Hackers Don t Believe NSA Chief s Denial of Domestic Spying Archive NBC News August 1 2012 Retrieved on June 13 2013 a b Whitney Lance Defcon to feds We need some time apart CNET July 11 2013 Retrieved on July 12 2013 Blue Violet Feds not welcome at DEF CON hacker conference ZDNet July 11 2013 Retrieved on July 11 2013 ForAllSecure Mayhem Security Application Security ForAllSecure DEF CON Capture the Flag Final Scores blog legitbs net Joe Uchill July 29 2017 Hackers breach dozens of voting machines brought to conference The Hill Thehill com Retrieved 2 August 2017 DEF CON Hacking Warns Voting Machines Vulnerability Oct 10 2017 C SPAN org C SPAN org Retrieved 2017 12 08 O Reilly Security Conference in NYC 2017 Defender Awards conferences oreilly com Retrieved 2017 12 08 Hern Alex Levin Sam August 4 2017 Briton who stopped WannaCry attack arrested over separate malware claims The Guardian ISSN 0261 3077 Retrieved August 11 2017 VotingVillageDC March 6 2018 WOW Congrats to the defcon Team recently honored for its innovative VotingVillage concept amp the continued debat Tweet via Twitter DEF CON 28 in person conference is CANCELLED DEF CON Forums forum defcon org Retrieved 2020 05 08 DEF CON Safe Mode archive site Winn Schwartau Cyber Christ Meets Lady Luck PDF Archived from the original PDF on 18 July 2011 Retrieved 9 Feb 2011 DEF CON Hacking Conference Show Archives www defcon org Retrieved 2016 04 09 DEF CON 32 Was Canceled We Un Canceled it Retrieved 2024 02 04 Newman Lily Hay Defcon Is Canceled Wired ISSN 1059 1028 Retrieved 2023 02 25 DEF CON Transparency August 2018 Retrieved 2018 10 28 Voting Machine Hacking Village PDF September 2017 p 4 Retrieved 2018 05 17 Norton at DefCon September 2019 Retrieved 2019 09 15 Gray Tier Technologies at DEFCON23 August 2015 Retrieved 2019 09 15 permanent dead link a b Richard Byrne Reilly 2014 08 12 Black Hat and Defcon see record attendance even without the government spooks Retrieved 2017 06 07 DEF CON 17 FAQ Retrieved 2018 07 07 Further reading edit DefCon s Moss Undercover Reporter Damages Neutral Zone Archived 2019 09 24 at the Wayback Machine Information Week August 6 2007 Greenberg Andy August 10 2023 Teens Hacked Boston Subway Cards to Get Infinite Free Rides and This Time Nobody Got Sued Wired Retrieved 2023 08 10 Mills Elinor NSA director finally greets Defcon hackers CNET July 27 2012 Newman Lily Hay To Fix Voting Machines Hackers Tear Them Apart WIRED August 1 2017 External links edit nbsp Wikimedia Commons has media related to DEF CON DEF CON Official website Official FAQ DEF CON Groups DEF CON v3 Tor onion addressesMultimedia DEF CON The Documentary DEF CON The Documentary on IMDb A first ever look inside the DEF CON NOC 2008 The Story of DEF CON video interview with Jeff Moss a k a Dark Tangent the founder of DEF CON Transcript audio video of Jess Moss describing DEF CON s inception Retrieved from https en wikipedia org w index php title DEF CON amp oldid 1207891158, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.