Def Con 16: Day 1
After hitting the breakfast buffet, I made sure to get to the introductory Welcome talk. Dark Tangent gave a short overview of what was to come, including some details about the CD.
Most of the talk was lead by Joe “Kingpin” Grand. He talked about the technical aspects of designing and building the badge. There were more than a few snafus in the process, mostly logistical problems of getting everything to the fabricators. The badges were assembled in China and getting things through Chinese customs this close to the Olympics was just about impossible.
Here’s a short version of Joe’s talk about the design of the badge:
He really did a fine job of creating something good looking, fun to wear and easy to modify and build upon. He pointed out that the Def Con CD has all of the software tools you need to hack the badge.
I Hack Charities Booth
After the Welcome, I headed over to the I Hack Charities booth in the vendor hall.The vendor hall was smaller than I expected, but had a wide range of goods. Many booths simply sold hacker-themed t-shirts, stickers and music (a la Jinx). Others had over-caffeinated snacks and energy drinks. The EFF, FSF and UAT all had booths. There were a minority of people selling hardware: refurbished computers and wifi antennas. One booth (I forget who) represented a lock picking group and had all kinds interesting wares on the table.
Johnny gave me a t-shirt and I was able to wear it comfortably over my clerical collar. (Photos to come.) For the most part, I filled in while there were only a few people at the booth. Seeing that they were over-staffed, I headed off to another talk.
Hacking in the Name of Science
So I headed off to my first real talk and found myself sitting on the floor. This one was a panel discussion focusing on the theme of doing hacking in the academic context. One panelist was an associate professor and the others seemed to be grad students (I got there late).
Some of them spoke on the problems of RFID cards and demonstrated their research in tracking people who carry them and in reading them from much farther distances than advertised. Giving it a medical twist, one researcher worked with implantable cardioverter-defibrillator (ICD) devices. These devices are surgically implanted and programmed via radio to keep a patient’s heart stable. With his work, he was able to retrieve the patient’s medical information with a simple radio device and hinted at the possibility of reprogramming the ICD device with ugly consequences. In my mind, unknowingly surrendering personal medical data is bad enough without thinking too much about what reprogramming would do.
Satan is on My Friends List
I didn’t actually go to this talk, but it was one of the most talked-about ones at the Con. Widely known as “the Myspace talk,” the speakers talked about the problem of implicit trust thrown around so easily on social networks.
To give the talk an apocalyptic theme, the speakers wore clerical collars. For the rest of the Con, people kept congratulating me on a great talk. So, I had to remind everyone politely that I couldn’t take credit for that (and that I had earned my clerical ‘stripe’ and didn’t just order it from a catalog). I did pass on all of the goodwill to one of the actual speakers. I can’t wait to see this talk on Youtube later.
Generic, Decentralized, Unstoppable Anonymity
This talk was good, but kind of a chore. It was two hours long and went into great detail about how Internet Protocol (IP) has inherent problems and proposes a new Anonymous Protocol to replace it. Interestingly, he is designing it to be entirely backward-compatible with the current IP.
I gave up halfway through. I like the idea of a completely anonymous and private Internet, but can’t figure out how two computers can connect without giving up their identities.
NMAP Scanning the Internet
The famous Fyodor presented the major new features of his network mapping tool, nmap. Nmap scans networks and can report on what ports are open and, potentially, vectors for entry. There’s a lot of contributors to the project, so tons of new features got described, including the great eye-candy from “zenmap,” the improved graphical version.
To test his updated tool, Fyodor scanned about a million different Internet hosts at random. Several sites got upset, but generally were agreeable once he said that he was just trying to improve nmap. At one point, he received an angry email from some of the hosts he scanned, as they were (unknown to him) sensitive military computers. Fyodor said that he’d be happy to stop scanning sensitive military computers, if only he could have the IP addresses of those machines, he’d exclude them from the scan. Unsurprisingly, no miliatry administrator handed out the IP addresses of sensitive hosts.
Meet the Feds
I wound up late at Meet the Feds after stopping in at the I Hack Charities booth again. When I got there the Feds were playing “Spot the Lamer.” They had a random selection of conference attendees and were allowed to quiz them to see who was the nerdiest. It was pretty much over when one fed asked, “How many members of the Skywalker family can you name?” They had their lamer when one guy responded, “Just the movies or the expanded universe also?” (An uber-geeky analog to “African or European swallow?”)
I didn’t stay for the whole panel discussion. There were some interesting questions asked. There were two things that stood out to me from the talk:
- The Federal agencies (NSA, FBI, NASA, Air Force Cybercommand, etc) are desperate for new blood. They stressed over and over that as long as you can pass a background check, someone will hire them. Seems like an awfully low bar. They noted that most of us here would take a significant pay cut in doing government work, but it’s a satisfying way to make a living. Asking for job applicants came up several times and it was apparent that they were looking for young blood.
- The Feds are unsurprisingly not much interested in an anonymous Internet. They seemed to be interested in privacy and anonymity as long as they had some kind of “switch” to turn it off when they did special government work. Of course, this introduces (at least) two problems. First, you have to trust that the government officials will use it ethically, which they have repeatedly demonstrated they cannot do. Second, if there’s a special switch for the feds, what happens when a non-fed gets access to it. Nothing is totally secure and it would only be a matter of time before a non-fed can abuse that system.
With that, I had heard enough and sought out dinner.
Hackers Are People Too
Second-generation hacker Ashley Schwartau showed her fifty-minute hacker documentary. Ashley’s parents have been involved with Def Con for ages and started bringing her to the Con when she was 16 years old. Over the past year she filmed interviews at Def Con and Shmoo Con and got a good “slice of life” for what the hacker community is all about.
I found it a little uneven. There were some very moving moments. For example, Sandy “Mouse” Clark said that she never knew that she had no family until she found a family at Def Con that accepted her without preconditions. Other places were trite, focusing on beer, porn and nerds. Other spots were sappy, offering hugs from friendly hackers who mow lawns and do laundry like everyone else.
All in all, I enjoyed it, despite some flaws. The hacker community is obviously deeply important to Ashely’s self-identity and life story. The documentary was a wonderful craft to be offered as a paean to something she loves deeply and that come across clearly.
Here’s the trailer. Mouse appears briefly at 1:22.
Through Hackers for Charity, I got an invitation to one of the private parties. It’s good to hang around Johnny. Although I went up to the skybox, I didn’t get into the party. The goons were doing a poor job of crowd control that night. Everything was overcrowded and overhot. So, I chatted with some folks in line for a while and went to bed (it was already 11pm).
However, something fun did happen. Everyone in line got rickrolled. Several guys came by with a wheeled cart. The cart had a laptop, strobe lights and enormous speakers. The laptop was blasting Never Gonna Give You Up for us losers who thought we were getting into the party. I’ve never seen a physical, meatspace rickroll before but the guys who did this deserve props.