dfir it!

responding to incidents with candied bacon

DFIR.IT! On Tour - DEFCON 23

After not so positive experiences with security conferences this year I finally decided to visit the biggest of them. Here’s DEFCON 23 in several points:

  1. Lines

    No wonder why DEFCON has an alternative name: LINECON. I can’t really tell if the lines were bigger or smaller this year when compared to previous years. I know one thing for sure - I should have joined the line for badges several hours earlier… On the other hand it wasn’t that bad - folks in the lines seemed to enjoy beers and chats with random people.


  2. Talks

    Five official tracks with about ten talks daily in each. Add talks and presentations in the Villages and your schedule gets really busy. At some point I decided to explore other parts of the conference and to not attend many talks as they can always be viewed later online. I must admit though, I spent considerable amount of time at SKYTALKS - organizers were rather strict about not recording any talks and I don’t feel like I wasted my time there!

  3. Villages

    There were about a dozen of Villages - just to name a few: Packet Capture, Wireless, Social Engineering or BioHacking. I was impressed how some of them were really well equipped (ICS Village) and how they gathered more people than some of the conferences I attended to this time.

  4. Demo labs

    As DEFCON organizers describe this new idea: “a poster board session but with computers”. Some of the presentations sounded really promising (SDR hacking, Fiber Optic tapping, Haka workshop) - too bad I missed all of them.

  5. Workshops

    10+ free, (half-)day long workshops. By the time I learned about them all seats were taken. It’s definitely something I want to try next year!

  6. Competitions

    Starting from official CTFs (Legit BS, OpenCTF), through more specialized (Network Forensics Puzzle, Crack me if you can, Wireless CTF, Intel CTF) and ending up with more obscure events (why did I miss TCP/IP Drinking Game!?). With about 25 such events there’s always something to choose from!

  7. Badges

    After I got my DEFCON badge it took me a while to realize that I have been trolled. This year’s official DEFCON badge was a playable 7” vinyl record. It was really funny to see thousands of participants wearing vinyl record badges. It was even funnier to see non-participants giving them strange looks.

  8. Parties

    There were just too many of them. Too bad I didn’t manage to attend at least some of them. I guess I now have a whole year to polish my social engineering skills.

  9. Las Vegas

    It’s a real Hell on Earth (and I’m not only speaking about the weather). Biggest complaint I have is that Las Vegas is too far away from the place I live and it’s impractical (and not cost-effective) to fly there just for the conference. On the other hand I can’t imagine other place that could accommodate 20k participants…

To keep it short: I really enjoyed my time in Las Vegas. It was my first time at DEFCON and I felt a little bit overwhelmed by all the things happening there. I didn’t have a plan for where and what to do. That’s the thing I’d like to fix next year - go there with a plan and engage more in awesome events happening there. I hope to see you there at DEFCON 24!