Why in the world would anyone actually attend a conference where you KNOW people are going to attack your electronics and data? Erasing everyone's credit cards? For the lulz, I guess. It sounds like a bunch of very smart trolls getting together to see who can out-troll who. I would just be collateral damage in such a group. I guess it's an effective way to keep the non-trolls and newbies out of the "defcon club." Or maybe it is a from of hazing.

And, if I HAD to go, cash, pen and paper is all I would bring.

Alan





On Fri, Apr 19, 2013 at 6:18 AM, Lisa Kachold <lisakachold@obnosis.com> wrote:
Laugh!

If you take that Ubuntu install to DefCon and connect to the network there, every place you connect with/to authenticate to/with will be endangered.  All of the sites you visit irregardless of protocol (encryption) will provide login/password and URL to others listening and MITM'ing.   A VPN is your only partial protection (depending on what your using - no PPTP and easily encroached router firmware).  Just do DefCon,there is enough to do, write about and learn while there.  If you must work, get a room across town (in a cheap fleabag and drive over) although it should be noted that ANY protection you would make for DefCon needs to be made EVERYWHERE or you risk pwnership.  


Someone brought a huge demagnetizer to DefCon 6, carrying it around in their backpack; everyone was stranded since they couldn't pay for their hotel or food, taxi's as about 800 cards were wiped.  


On Thu, Apr 18, 2013 at 4:25 PM, Phil Waclawski <phil.waclawski@mesacc.edu> wrote:
I already know not to bring your regular cell phone, and bring a "burn" phone instead, and I'm bringing a laptop that will be a fresh kubuntu install, locked down etc with nothing on it that I care about.

Is there any reasonably secure way to use the internet at defcon, or is that a pipe dream? I personally had just figured to use the laptop for offline work (some blender training etc), but I am curious.

Also, I will have to use my credit card to pay for the hotel, but that will be the only time I use it (I plan on using cash as much as possible at the event). Thankfully my credit card does not have rfid, but that doesn't make it less vulnerable to shoulder surfing and other problems (fake card readers etc).

So, I've had a bit of advice from Chris Lewis, but I'm curious as to what others think ;)

Phil Waclawski
MCC CIS Faculty

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss



--

(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
it-clowns.com
Chief Clown














---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss