skip to main content

DEF CON 26 Hacking Conference

HOME

What?! Another Early Release Video from DEF CON 26?!

DEF CON 26 Hacker Tracker Talk image

More DEF CON 26 video for you - this time it's all about the Hacker Tracker. Whiney Champion (@shortxstack) and Seth Law (@sethlaw) share the story behind the conference planning/management app they created to help people navigate the world of DEF CON. It's also a cool story about hackers seeing a need and jumping in to fill it with some open source awesomeness.

As always, enjoy and pass it on.

DEF CON 26 Voting Village Report Released!

DEF CON 26 Voting Village image

The Voting Village Report from DEF CON 26 is live now! We hope you’ll take some time to read it in full. In the Voting Village’s second year, the selection of devices was expanded to more than 30 machines, all but one of which are still in use across the USA right now. We also made a very successful effort to attract election officials to observe, participate and even get training from cybersecurity experts.

The many vulnerabilities discovered are listed in some detail. For example:

"A voting machine that is currently used in 26 states is vulnerable to be remotely hacked via anetwork attack. Because the device in question is a high-speed unit designed to process a high volume of ballots for an entire counties, hacking just one of these machines could enable an attacker to flip the Electoral College and determine the outcome of a presidential election.

A second critical vulnerability in the same machine was disclosed to the vendor a decade ago, yet that machine, which was used into 2016, still contains the flaw.

Another machine used in 18 states was able to be hacked in only two minutes, while it takes the average voter six minutes to vote.”

While these results are cause for concern, the DEF CON Voting Village also provided Election Day Crisis Communications Protocols with the aim of suggesting clear best practices to mitigate the exploitation of the election infrastructure.

Please share this report widely. The only curative measure for misleading headlines is accurate information, and the security of our democratic process requires that we understand the problem clearly. If you are concerned about the vote tech in your area, get in touch with your local representatives. If they’re not aware of our project, share it with them.

We want to thank the organizers of the Voting Village, the election officials from around the nation who came to learn from our research and the hackers at DEF CON who brought their talent and ingenuity to the task of securing our voting process.

Yet another DEF CON 26 Early Release: Booby Trapping Boxes!

DEF CON 26 booby trapping boxes talk image

More video from DEF CON 26! 'Booby Trapping Boxes' by Ladar Levison and hon1nbo is a practical talk about high impact, low cost hardening for a chronically insecure world. From the abstract:

"Whether your running servers as a high value target, or simply want to protect your Monero private key, this talk will show you to achieve FIPS 140-2 level 4 security, without the FIPS 140-2 level 4 price tag. Specifically, we'll cover acquisition considerations, physical hardening, firmware mitigation, tamper detection and more."

Enjoy, and pass it on.

DEF CON 26 Early Release: Inside the Fake Science Factory!

DEF CON 26 fake science factory talk image

More DEF CON 26 video for your perusal: @5uggy, Till Krause and @sveckert deliver a timely and important breakdown of the fake science industrial complex. From the abstract:

"This talk presents the findings and methodology from a team of investigative journalists, hackers and data scientists who delved into the parallel universe of fraudulent pseudo-academic conferences and journals; Fake science factories, twilight companies whose sole purpose is to give studies an air of scientific credibility while cashing in on millions of dollars in the process. Until recently, these fake science factories have remained relatively under the radar, with few outside of academia aware of their presence; but the highly profitable industry is growing significantly and with it, so are the implications. To the public, fake science is indistinguishable from legitimate science, which is facing similar accusations itself. Our findings highlight the prevalence of the pseudo-academic conferences, journals and publications and the damage they can and are doing to society."

Enjoy, and pass it along.

More Early Release Video from DEF CON 26: What the FAX!

DEF CON 26 Fax Talk video image

More video from DEF CON 26! This time it's the ancient, humble fax machine's turn in the security barrel.

From the abstract:

"What the Fax?! ...We went to work, determined to show that the common fax machine could be compromised via mere access to its fully exposed and unprotected telephone line -- thus completely bypassing all perimeter security protections and shattering to pieces all modern-day security concepts."

As always, please enjoy, be edified and share far and wide.

DEF CON in the News: Voting Village Report Incoming Edition

DEF CON 26 Voting Village image

The team that runs the DEF CON Voting Village has announced that they will release findings from DEF CON 26 next week. The report from last year's Voting Village was widely cited and helped jump-start the conversation about improving election tech security.

There has been controversy, with vote tech manufacturers and some state officials challenging the results and the methodology of the hackathon. TechTarget has an interview with VV's Jake Braun about this year's results and some behind the scenes info about the expanded efforts at this year's Voting Village.

DEF CON 26 Hoodie!

DEF CON 26 Hoodie image

Now available on the DEF CON Ebay store - the very stylish DEF CON 26 hoodie. Look sharp, feel good and get a bonus saving throw against mind fog. Get these and other fine DEF CON goodies while supplies last!

Pictures from DEF CON 26!

DEF CON 26 photos image

The DEF CON 26 official picture feed is live on the media server for your enjoyment! In addition to the standard web-style offering, we’ve got the whole enchilada in tasty torrent flavor for the adventurous and storage-blessed.

We’d like to thank the whole DEF CON Photo Corps for their excellent work. Enjoy, and pass it on.

DEF CON 26 Transparency Report!

DEF CON 26 archive image

The DEF CON 26 transparency report is live on the DEF CON site.

We made a lot of changes this year, and we'd like to thank all the staff and partners who implemented them so smoothly.

If you've got thoughts or suggestions, send them over to feedback@defcon.org.

PS: We didn't cause the sandstorm/flooding combo. Almost completely sure.

DEF CON 26 Archive!

DEF CON 26 archive image

The DEF CON 26 Archive Page is live! You can use it to find all kinds of goodies from the most recent event - speaker materials, packet captures, the program, even the audio and video from the show once they're ready. Enjoy!

DEF CON in the News: Voting Village Edition

DEF CON 26 voting village image

4 senators sent a bipartisan appeal to @essvote urging the vote-tech firm to engage with the independent security research community. They asked Election Systems and Software to make voting machines available for testing and to share the results to increase transparency.

“Election agencies must be able to make informed decisions about what election equipment will help them conduct secure elections, and independent testing helps both election agencies and vendors.”

This is why we have a Voting Village.

We approve this message.

First Early Release Video from DEF CON 26!

DEF CON 26 Rob Joyce image

For your first post-DC26 (and pre-DC27!) weekend, here's the first video release - Rob Joyce, Senior Advisor for Cybersecurity Strategy at the NSA giving his presentation 'NSA Talks Cybersecurity'.

From the abstract:
"The National Security Agency (NSA) has authorities for both foreign intelligence and cyber security. This unique position gives NSA insights into the ways networks are exploited and the methods that are effective in defending against threats. Over time, NSA has adapted the focus of its security efforts and continues to evolve with technologies and the adversaries we face. The talk will look back at some of the inflection points that have influenced NSA and US Government cybersecurity efforts and look at what is necessary to stay safe in the new environment."

As always, enjoy and share widely.

Caesars Palace Update

DEF CON 26 logo image

A team from DEF CON management met with Caesars on Tuesday. They are looking into the reports we presented, and we’ll share what we can as those investigations play out.

Here’s an overview of the current policy as shared with us:

1. DND tag on the door too long triggers a security visit.
2. That security visit is supposed to be by hotel security staff who are clearly identifiable as hotel security staff.
3. That visit should be comprised of a visual survey of the main segments of the hotel room, with no fiddling about in personal belongings.

This means that entering rooms and taking a quick look around does not violate the hotel’s policies.

But it also means that reports of opening closed bags, confiscation of personal effects, and reluctance to self-identify and/or allow guests to verify the legitimacy of the security officers all fall well outside of the policy.

Please know we are not letting this go. We are sympathetic to the new terrain major hotels find themselves in, but our main commitment is to our community. We intend to stay on this until we’re satisfied these issues are resolved for next year.

Updates as we get them.

DEF CON 26 is a Wrap!

DEF CON juno reactor image

Just like that, DEF CON 26 is in the books. We want to thank all of you for making such a success of our little hacker party every year - there is truly no community anywhere like the DEF CON community.

The Dark Tangent announced in closing ceremonies that next year we'll be back at Paris/Bally's. Also a bit of Planet Hollywood. Even more space, but less exposure to deadly solar radiation. We're already planning ways to use it all.

This was a big year for us. We doubled the villages. We grew the workshops. We pumped up demo labs and contests, and we even learned how to set up the crazy lightshow required by the mighty Juno Reactor - which you will get to see shortly, since they let us record their set. (Yay Juno Reactor!) Also, we did that thing in Beijing that went so nice we're doing it twice.

We're gonna take everything we learned from this year's crazy expansions, fine-tune things and bring all that new wisdom to DEF CON 27. If you have ideas, feedback@defcon.org stands ready to accept them.

Thank you for all that you share with us, all of your enthusiasm and love that animates everything that happens here. Congratulations to everyone who won something, or learned something, or tried something weird and new. Cheers to all our old friends and our brand new ones. We love you, and we can't wait to get together with you next year.

https://www.pscp.tv/w/1vAxREgAdPPJl?t=1h4m56s

Do You Remember?

DEF CON bean bag image

I’m the DEF CON bean bag. You might remember me from my appearance on Twitter at DEF CON 25 and such films as ‘I Have No Shape and I Must Scream’, ‘Dial S for Stuffing’ and ‘My Dinner with Andre.’

If you’d like to take me home, drop by the Official Swag area while I last!

There’s a rumor that I might make an appearance at Closing Ceremonies for a few people who’ve been especially awesome.

Music Lineup Update

DEF CON juno reactor image

Tonight's music selection has shifted a little in transit - same great lineup, just in new timeslots. Make sure to share with anyone you think is interested in music and joy.

The new lineup:
21:30 - 22:30 - Skittish and Bus (@Skittishandbus)
22:30 - 23:30 - Zebbler Encanti Experience (@zebbler and @encanti)
23:30 - 00:30 - Miss Jackalope (@djjackalope)
00:30 - 02:00 - Juno Reactor (@junoreactor)
02:00 - 03:00 - s7a73farm (@s7a73farm)

DEF CON 26 Torrents!

DEF CON torrent image

Ready to ingest some more DEF CON 26 media? Go ahead and unhinge your cyber-jaws and fire up our new torrent and magnet links. We’ve got the DEF CON 26 Original Soundtrack, the DEF CON 26 Presentations and the additional material from the Workshops.

Grab a link, guzzle the content and enjoy it at your leisure.

DEF CON 26 Music Soundtrack
magnet:?xt=urn:btih:beedc5c36e8ba3981edfc946fac8c84e304ece9f&dn=DEF%20CON%2026%20music&tr=https://tracker.defcon.org/announce

DEF CON 26 Presentations
magnet:?xt=urn:btih:aafec09a5fa1c9fe75d062a1a39c5fa030a83f39&dn=DEF%20CON%2026%20presentations&tr=https://tracker.infocon.org/announce

DEF CON 26 Workshops
magnet:?xt=urn:btih:1d78f8158a4a505fbfc25e62c390e50358026aa7&dn=DEF%20CON%2026%20workshops&tr=https://tracker.defcon.org/announce

The regular, non-magnetic links are under DEF CON 26 on media.defcon.org.

We now return you to your regularly scheduled programming.

DEF CON 26 CD!

DEF CON 26 album art image

Let’s set the mood, people. Head over to the DEF CON media server for the whole OST Soundtrack to DEF CON 26 in several delicious digital flavors for your downloading pleasure. If you’re BT inclined, there’s a torrent file in there too.

Here’s the stellar lineup of future favorite jams we’ve assembled for you.

Skittish & Bus - OTP
Dual Core - Apex Predator (featuring Tribe One)
T-4-2 - Digital Boyz
ISHI - Diamond Door (Left-Right Remix)
The TroubleShooters - This World
Haaj - Reactor Containment
FWLR & JELO - Even The Noble Shall Fall
MC Frontalot - Colonel, Panic!
MODERNS - Figuratives (DEF CON Edit)
Ascendant - Source Transmission
Mikal kHill - Mouser's Back
Icommitfelonies - Hashdump
Haaj - Gamma Rays

If you run through all of this and it’s still not Thursday morning, please continue pregaming with the DEF CON channel at SOMAFM. http://somafm.com/defcon/.

It’s almost here, luminous humans of the DEF CONiverse. Our reunion is at hand.

DEF CON 26 WiFi Reg is Live!

DEF CON 26 wifi registration image

The DEF CON 26 WiFi Reg page is live, with all the info you need to securely log in to the wireless network on the DEF CON conference areas.

Please read carefully - there's new cert information and there are pretty explicit instructions for your specific OS.

It's not a trap.

DEF CON 26 ATTENDEE REPORTED INCIDENT POLICY

DEF CON 26 goon image

As a followup to my last post we realized that if we were hoping people would emulate our policies at other conferences we may as well release our attendee incident reporting policy as well. The version given to all the DEF CON Goons is the same as below but also includes confidential reporting phone numbers.

ATTENDEE REPORTED INCIDENT POLICY

DEF CON does not tolerate harassment of any kind, be it racial, sexual, physical, political, intellectual, or emotional. Every Goon shall take each report by an attendee seriously, and not dismiss any of them. Never turn an attendee away. It is not a Goon’s duty to judge anything that an attendee says, regardless of opinions of the attendee, the person they’re reporting, or the reported issue itself.

Reported/Observed Harassment or Assault
When an attendee reports harassment or assault to any Goon follow this procedure:

1. Get a second Goon to be with you to listen to the report.
2. Have one goon contact a SOC goon via the SOC Contact Procedures
3. Make a warm hand off with the attendee to the SOC Department.
4. Let the SOC conduct their investigation and handle the incident from there.
5. Be available to answer any questions from the SOC or venue security.

Interaction with Social and Traditional Media
DO NOT SHARE photos or videos. Please let the responding SOC GOONS know if you have any video or pictures, they may end up being evidence, but out of context could cause problems.

During or after an incident, you may be asked to comment on the situation. DO NOT make any comments to reporters, and do not post about the incident on social media. As a Goon, the media will treat anything you say as an official statement from DEF CON. Commenting prematurely before we understand the situation could cause more confusion or reveal identities that should remain confidential so please refrain from speculating and work with SOC / PRESS to help them understand what happened.

Refer all media inquiries to the DEF CON Press Department (press@defcon.org or send them to the press room)

DEF CON 26 Support Resources!

DEF CON 26 hotline image

In my last post about the DEF CON Code of Conduct, I mentioned that I wanted to make sure that the community had all the tools necessary to get involved and report problems when they arise.

In this post, my last before the con, I'll talk about some of the new efforts we are deploying for DEF CON 26. It will be our first year for some of these, so we are looking for feedback. You will notice a theme of transparency, appropriate given the theme of this year's con!

NEW WAYS TO REPORT ISSUES: The DEF CON Support Hotline

You can reach DEF CON staff during normal hours of operation (8am to 4am) to anonymously report any behavior violating our code of conduct or to find an empathic ear by calling +1 (725) 867-7255. Trained community volunteers will be standing by to help any attendees.

You can still report issues by going to any Info Booth or talking to any SOC Goon, but sometimes you may not want to be walking around in person with a problem, and so this year we have added a phone option.

NEW SUPPORT RESOURCES:

We are collaborating with several organizations including Kick at Darkness, The Rape Crisis Center Las Vegas, and the Nevada Coalition to End Domestic and Sexual Violence to provide expert resources for survivors, including dedicated support for LGBTQ+. When you call the Hotline you will reach DEF CON community Goons trained to help in these areas.

NEW WAYS TO IDENTIFY GOONS:

In the past there has been some confusion by attendees with what Goon they were actually talking with.

New for DEF CON 26 Goons should all have visible patches with their nickname on them so it is easier to remember who you talk to about what. The name patches should be attached to the front of the Goon's lanyards and be more visible than the back of a shirt that might be covered by a backpack.

Please use the name on the patch if you have any feedback on Goons, good or bad. Feedback can be sent to feedback@defcon.org, written and dropped off at registration, or if serious enough called into the Hotline.

MORE DETAILED TRANSPARENCY REPORT:

Based on the positive community response to our closing ceremony transparency report, we plan to do this every year and hope other conferences do as well.

As people get comfortable reporting issues I expect the numbers to increase, and only by facing these issues head on can we hope to prevent them. It requires courage to speak truth to power, or to report something that is unpleasant in your community, but together we can make things better.

See everyone soon!

The Dark Tangent

DEF CON 26 Hacker Tracker!

DEF CON 26 hacker tracker image
A must have for your burner phone - the DEF CON Hacker Tracker puts all the talks, contests, events and parties all in one easy-to-navigate package. It’s available in both android and Apple flavors and it’s free.

Media Treats for DEF CON 26!

DEF CON 26 video image

Less than 2 weeks to DEF CON 26 - how about a little treat to get you in the mood? Head over to the DEF CON Media Server for a sweet video and a single from DEF CON favorites Skittish and Bus, straight from the DC26 Soundtrack.

Get hyped, fam. We're in the home stretch.

DEF CON Code of Conduct

DEF CON Policy image

When I designed the updated DEF CON Code of Conduct in 2015, I had a few goals in mind. Make it simple to understand, express in broad strokes what kind of behavior is not acceptable, and don't be too specific.

I wanted it to act as a template for other conferences, if they chose to do so. It was legally reviewed by our outside law firm and a specialist. In 2018, it's looking like it may get seriously crash tested.

The Code of Conduct assumes people are acting in good faith and not creating intentionally elaborate, dishonest or disingenuous claims of harm. "Ah ha! This is where the bad actors will attack the CoC" you may be thinking.

As a conference of hackers, our CoC is intentionally flexible: like a spoon in the matrix. We describe generally what is not acceptable as opposed to trying to enumerate 42 different bad behaviors.

Besides the CoC, DEF CON has several structural factors that are to our advantage when dealing with people intent on disruption. This is not our first conference, and as such we have a department dedicated to dealing with this problem. We have also had time to plan with hotel and casino security should we need their involvement. We take this issue very seriously and choose to err on the side of removing people, rather than allow them to spoil the conference for those who just want to contribute in a positive way.

Finally, I have always said that DEF CON is what you make of it. I want to make sure our community has all the tools necessary to identify and report unacceptable behavior. Together, we will have all the pieces in place to act quickly and professionally, no matter what the issue is.

The Dark Tangent

Party at DEF CON 26!

DEF CON Parties image

Many people love parties. Facts.

If you are one of those party-loving people, this update will fill up your smile tank. The Parties and Meetups Page is LIVE! Use it to learn all about the DC 26 party/meetup scene. Then, when the time is right, party with other partiers. Or meet up with people who share your interests.

Go get your life. It's all the best.

Friends of Bill W at DEF CON 26

DEF CON cFriends of Bill W. image

For all those Friends of Bill W. looking for a meeting, or just a quiet moment to regroup from the Vegas of it all, we have you covered. There are meetings throughout DEF CON - Noon and five pm Thursday through Saturday and Noon on Sunday. The location is the same as last year, in Office 4 Behind the DEF CON Info Booth.

Stop by and refresh yourself. We'll be here.

Contests and Events at DEF CON 26 posted!

DEF CON contests and events image

Now that you’ve had a whole day to absorb the epic Village list, we’ve got some more goodies for you. The Contests and Events page is now LIVE, and it’s also quite a bit to take in. Ranging from the straightforward elegance of the Tin Foil Hat Challenge to the complexity of an Industrial Control Systems CTF competition, there’s contests here for just about any hacker discipline, and every level of skill or experience. Contests are also a great way for the shyer among us to beat the icebreaker blues and get right into some fun with a bunch of likeminded strangers.

The more extroverted attendees can still opt for a Charity Mohawk or the cringetastic glory of Hacker Karaoke.

Block off a little time for pre-con recon and make a plan to make sure you get to sample widely from the smorgasbord of C&E offerings.

Our reunion draws ever closer, fam. Get amped.

So Many Villages!

DEF CON villages image

DEF CON 26 is less than a month away, and the DC26 Villages page is live and ready for your attention! Bring a snack, though - there’s a lot of villages this year. Twenty-eight (28!) villages, covering a pretty staggering array content.

Internet of Things
Crypto and Privacy
Wireless
Biohacking
R00tz Asylum
Hardware Hacking
Lockpicking
Social Engineering
Tamper Evident
Data Duplication
DEAF CON
Voting Machine Hacking
Recon
AI
Soldering Skills
DroneWarz
VX (Chip-Off)
Mobile Museum of Vintage Technology
Ethics
Laser Cutting
Cannabis
CAAD (Competition on Adversarial Attacks and Defenses)
Blue Team
Car Hacking
Packet Hacking
Industrial Control Systems
Skytalks
Monero/BCOS


Chances are there’s a few things in that list you want to level up on.

As always, the Villages are generated by the interest and effort of DEF CON Community members looking to share their interests and obsessions with you. Come through and show them some love and learn something new. If your obsession isn’t represented, maybe it’s time to write up a proposal for DEF CON 27!

Demo Labs for DEF CON 26 Posted!

DEF CON demolabs image

More DEF CON 26 goodies for your perusal – Demo Labs are Live! You should take a moment to check out the lineup, and set aside some time to visit when you’re at the Con. In addition to being a cool way to see what your fellow hackers are working on, it’s an opportunity to offer your expertise, meet potential collaborators and help push the community forward.

Demo Labs are interactive, so, you know, interact.

Just over a month, people!

DEF CON 26 Workshops!

DEF CON Speaker List image

Another milestone on the Road to DEF CON 26! The workshops page is live on the DEF CON site. Registration is still a ways off - July 8, to be precise, but now is the perfect time to get yourself familiar with the offerings. The spots traditionally fill up pretty quick, so be ready to claim your seat when the light turns green next month, maybe even consider a few backups.

It’s officially summertime in our host hemisphere - the season of DEF CON has begun!

The Entire lineup of DEF CON 26 Talks is Live!

DEF CON Speaker List image

DEF CON family, the time of our reunion approaches. In just a few days, summer arrives in the Northern Hemisphere. The pages of the calendar turn, ever closer to August. Today comes the surest sign - the DEF CON 26 speaker list is live on DEFCON.org.

The wait is over - dig into the list to start your conference planning! We’re proud of the lineup we’ve created this year, and we think whatever your particular itch you’ll find some talks and panels that scratch it for you.

We’d also like to take a moment to thank the undersung heroes of the Selection Committee. They devote crazy amounts of time and energy to working through hundreds and hundreds of proposals to make sure the best ones make it to the top of the pile. They work hard, they make us great and they deserve your appreciation.

It’s almost here, hacker fam. Can you feel it?

DEF CON 26 Link Roundup!

DEF CON 26 link roundup image

The Recon Village is hosting a hackathon at DEF CON 26! If you like the idea of working on an OSINT/Recon tool with fun strangers and copious energy drink consumption, get your info/signup on at the link.

Friendly reminder that the Data Duplication Village has a CFP that's open until June 15th. Which is super soon, so if you're looking to speak there we suggest haste and focus.

The Social Engineering Village has its speaker schedule posted already! The season of the Con is most assuredly on. Check out who's gonna be dropping science on the hacking of humans, and make your plans accordingly.

For those of you who like a little 'pew-pew-pew' in your Vegas adventures, good news! The DEF CON shoot returns for DC26 - and registration is open. You can get the rules, schedule and location over at deviating.net.

Stay tuned as DEF CON 26 continues to coalesce.

DEF CON 26 Entertainment Announcement: Juno Reactor!

DEF CON 26 Juno Reactor image

DEF CON believes in balance. For all the forebrain overstimulation we provide by day, we provide an antidote at night - a carefully curated beat menu to work out your funky lizard underbrain.

To that end, we are so proud to announce that some of those healing beats will be provided to you by the mighty, mighty Juno Reactor! You know Juno (government name: Ben Watkins) from decades of sonic bad-assery that includes the high-energy proto-trance of his debut ‘Transmissions’, the beat science of 2004’s ‘Labyrinth' and wildly cinematic soundscapes that adorn projects like ‘The Matrix Trilogy’, ‘2017 Gran Tourismo’ and ‘Drive’.

This performance will be hot on the heels of the June release of ‘The Mutant Theater’ - expect serious rhythm and highly interactive stage show that’s been described as ‘Labyrinth meets Barbarella’.

Check out Juno Reactor’s work. Get excited. This is gonna be special.

DEF CON 26 CTF Quals Write-Ups!

DEF CON 26 CTF Update image

Now that the DEF CON 26 CTF Quals are complete, here's a roundup of some of the first challenge write-ups to appear in the wild. Please read them, learn from them, and share them. If you don't participate in the CTF yet, let them inspire you to throw your hat into the ring.

"It's a Me" Challenge:
https://raywang.tech/2018/05/14/DEF-CON-Quals-2018-It-s-a-Me/

iPwn Kit:
https://gist.github.com/ChiChou/e3a50f00853b2fbfb1debad46e501121
https://gist.github.com/saelo/0a85f22c8a02f3a314661edd715900d3

Mario and Racewars:
https://github.com/toomanybananas/ctf_solutions/tree/master/defcon/2018

PoW as a Service:
https://github.com/kpcyrd/defcon26-pow

sbva:
https://github.com/…/20…/DEF_CON_Quals_2018/sbva/sbva_web.md

Signature Dishes:
https://hackmd.io/s/B1An6UL0M

smcauth:
https://blog.vero.site/post/shellql

DEF CON 26 Homework: Critical Thinking Edition!

DEF CON you are being lied to image DEF CON undercover economist image DEF CON public opinion image

More Reading Homework for DEF CON 26!

Another way to keep dystopia at bay: question everything. Widen your information funnel. Examine the framing. Check your sources.

In the spirit of DEF CON 26’s theme “1983: The View from Dystopia’s Edge”, we offer some homework reading with a focus on critical thinking.

First up, the delightful “You are Being Lied To”. It’s compiled by the redoubtable Russ Kick of the legendary first version of disinfo.com, and it’s a sage, provocative collection of bite-size think pieces from all over the cognitive map. The only through line is that many of your assumptions are garbage. Start anywhere, and let it shift your paradigm.

https://archive.org/details/media_You_Are_Being_Lied_To

“The Undercover Economist” is Tim Harford’s wry take on the basics of economic theory, with a special emphasis on the strange and counterintuitive ways the tangled forces of the economy affect your daily reality.

The final assignment for today is Walter Lippmann’s ‘Public Opinion’. Written almost a century ago, “Public Opinion” is an eerily incisive and prescient take on the way your opinions are crafted and slipped into your head while your attention is elsewhere. Less dated than you think, and packed with meaty insights for the ‘post-truth’ era. Prepare to question how (and why) you know everything you think you know.

http://www.gutenberg.org/ebooks/6456

Happy reading! Stay tuned for more assignments in the coming days.

Roundup of DEF CON Updates!

DEF CON CTF image

Early bird reg for DEF CON China [beta] has now closed. Online reg remains open for those who prefer it, but please be aware that the standard DEF CON method of paying at the door works just fine.

The passing of one major deadline doesn’t mean you have no reason to stay up all night sweating over a presentation idea. Many of the DEF CON 26 open calls closed May 1, but there are still  villages and events still wide  open for submissions. For example:

The brand-new Ethics Village (ethicsvillage.org) is accepting talk submissions until June 22.

Car Hacking Village (carhackingvillage.com) is still open.

Hardware hacking village is looking for talks, art and demos. Check their forum thread for more info.

Crypto and Privacy Village is open until June 15 (Cryptovillage.org)

AI Village CFP closes June 15 (https://goo.gl/forms/g50hhGITiOWEbo002)

Follow @defcon for village announcements as we get them!

Got a clever youngling you’re thinking of bringing along to DEF CON 26? Social Engineering Village has SE Capture the Flag contests for kids and teens - Find all the details at social-engineer.com!

New Soldering Skills Village at DEF CON 26!

DEF CON ssv image

Announcing new for DEF CON 26, the Soldering Skills Village! The SSV will focus purely on soldering and making at DEF CON while the HHV will focus on bringing more hardware hacking resources than ever before!

The change-up is beneficial for everyone, it means both villages can get quiet and well-lit spaces. It also means the two volunteer groups can better support the DEF CON community in their own ways. Both villages will maintain an open share of knowledge and volunteers between them. The SSV and HHV will coexist at DEF CON and provide the most that they can to all DEF CON attendees!

Also: Got something you want to show off, teach, or blab on about? Let us know about it! Shoot an email to [email]l33tbunni@dchhv.org[/email] Now accepting submissions for demos, talks, art, anything hardware you want to show off!

More info at https://www.dchhv.org

Space Announcement for DEF CON 26!

DEF CON Flamingo image

DEF CON 26 is getting close and now is the time to let everyone in on some big changes we've got in store. We've accepted a record number of villages and are growing the number of workshops from last year. To hold all this goodness we are growing to include the Flamingo hotel.

TL/DR

- DEF CON has has accepted more villages than ever before and needs to grow.
- DEF CON is spreading to two hotels, Caesars Palace and the Flamingo.
- This lets us do more stuff + evening pool parties.

The PLAN:
For DEF CON 26 we will try something we have never done - Split the con between two hotels! No, not like Paris + Ballys, they are connected. I'm talking Caesars Palace and the Flamingo across the street.

"That's Crazy!" you say. "Why do we need that much space?" you say. Check this out: The number of villages will almost double from last year to about 25. Parties should increase. More contests are under development. DEF CON needs space to support all the awesome projects from the community and I'd really like to throw some pool parties. That is all now possible.

In the next month you will hear more specifics but I want to answer some questions here:

- How will the space be split? The Flamingo will hold some of the "destination" events to relieve pressure off of Caesars Palace. Current planning includes Workshops, DEF CON 101 track, some villages and contests, a chill out space, pool parties, and more once we finish planning.

- Will there be DC TV at the Flamingo? Yes DC TV will be in the Flamingo and as many other hotels as we can wire. A more definitive list soon, but we are building on what we did last year.

- If you ran a village or contest last year you should count on the same or more space you got last year. If you are running a first time event we will work to meet all of your needs. If you want even more space or a dedicated spot at the Flamingo we can work on making that happen.