Another epic Defcon has concluded in Las Vegas and was bigger than ever. I attended this year accompanied by NineClaw and met up with dpx at the convention. As mentioned last year, Defcon 19 was moved to the Rio Hotel and Casino to accommodate the larger numbers attending. The unofficial count I heard was over 15,000 attended this year and the Rio handled the crowds excellently. Other than the registration line, which took 2.5 hours to move through, we had no issues. Many of the talks we were able to show up to minutes before they started and still get seats. Another upside of the Rio was it allowed DCTV to be brought back allowing attendees staying at the Rio the ability to watch the talks from their room. The final large change was that the con this year started on Thursday, making it 4 days long. Thursday didn’t contain many talks, but since they opened registration it was nice to get in before the crowds got too large or we were in a position to be missing talks.
Along with the changes to the venue this year saw a new type of badge. In an attempt to migrate away from the cliche, electrical badges (which had only minor participation) the designer brought forth a simple, titanium badge with a few cryptic symbols on it cut into it. This year’s challenge was in decrypting/decoding a number of ciphers hidden, among other places, on the badge, signs around the con, the guide, and a large wheel-shaped decal on the floor of the con rather than hacking at the hardware. The badges this year also came in a variety of formats. While the base groups (human, vendor, goon, etc) were retained, different numbers were cut into the badges and some badges had notches taken out of them in different places.
We enjoyed some great talks this year, ranging from humorous talks like “The Art of Trolling” to informational ones like Charlie Miller’s on “Hacking Battery Firmware.” The trolling talk covered trolls through-out history and how trolling used various logical fallacies to get the lulz. On top of that we got to hear some of the speaker’s trolling stories and finally got our chance to troll him when the floor opened for Q&A. Charlie Miller did a great job explaining (and manipulating) the Apples SBS (smart battery system.) The primary vulnerability seemed to be Apple re-using the default passwords provided by TI and Charlie released a tool to easily allow you to change that. For a software hacker dealing with hardware, I felt he did a great job (tho from what I hear MOSFETs don’t “physically close” :P) In addition to those, we also sat in on a few panels to hear the EFF’s thoughts on current Net Neutrality and privacy issues and one talk on “Staying connected” during emergencies (or revolutions!) “Staying Connected” had some good ideas and released a tool for Android (needs devs for other platforms) to help assist in the process. The speaker kept wanting the telecoms industry to include mesh-net type communication schemes into the device itself; however, I see that breaking down all their influence (and profitability) so it’s unlikely that they will be happy to accommodate that solution.
When we weren’t at talks or bumming around the con, we headed out for some of the usual extra-curricular activities. It’s not a true Defcon trip without a visit to the Hofbrauhaus for delicious beer and Bavarian foodstuffs. We followed the Haus up with a trip to Freakin Frog’s this year and I think will have to include it in future years. With an attic full of fancy scotches, it’s hard to pass up. Thanks to |)ruid, we got invites to ExploitHub’s “No more cheap bugs” party, hosted on the 32nd floor of the Palms hotel. The villa they rented included an outdoor hot-tub overlooking the city (an excellent source of vertigo) and an open bar. Live DJs provided music and you could find the usual hacker movies (Wargames, Hackers, The Matrix) looping on TVs around the place. Unfortunately we missed the Black Ball this year, so we didn’t get to see Ytcracker live.
As usual it was an excellent trip and Defcon didn’t disappoint. Lots of good things seem to be in the works and from the chatter around the con DC20 is going to be even better. Some of the things I’ve heard about next year is a larger (and more involved) CTF and badge competition (potentially starting before the con itself.) Those of you with DC19 badges may want to bring them with you next year, as there were also hints that it may carry over in some regard.
A shot of the DC19 banner, from the registration line.
This years badge along with some of the other swag.
The view from the back of the Net Neutrality panel
Hofbrauhaus’s awesome band!
Here’s the scotch attic from Freakin Frog’s. It’s like heaven
A look out the window from the No More Cheap Bugs party
 Autobahn is (I believe) the name of the Android app from the “Staying Connected” talk, my Google-Fu has failed me here too.