I'm Attending Defcon this August, advice?

Alan Dayley adayley at gmail.com
Fri Apr 19 21:16:12 MST 2013


Why in the world would anyone actually attend a conference where you KNOW
people are going to attack your electronics and data? Erasing everyone's
credit cards? For the lulz, I guess. It sounds like a bunch of very smart
trolls getting together to see who can out-troll who. I would just
be collateral damage in such a group. I guess it's an effective way to keep
the non-trolls and newbies out of the "defcon club." Or maybe it is a from
of hazing.

And, if I HAD to go, cash, pen and paper is all I would bring.

Alan





On Fri, Apr 19, 2013 at 6:18 AM, Lisa Kachold <lisakachold at obnosis.com>wrote:

> Laugh!
>
> If you take that Ubuntu install to DefCon and connect to the network
> there, every place you connect with/to authenticate to/with will be
> endangered.  All of the sites you visit irregardless of protocol
> (encryption) will provide login/password and URL to others listening and
> MITM'ing.   A VPN is your only partial protection (depending on what your
> using - no PPTP and easily encroached router firmware).  Just do
> DefCon,there is enough to do, write about and learn while there.  If you
> must work, get a room across town (in a cheap fleabag and drive over)
> although i*t should be noted that ANY protection you would make for
> DefCon needs to be made EVERYWHERE or you risk pwnership.  *
>
>
> Someone brought a huge demagnetizer to DefCon 6, carrying it around in
> their backpack; everyone was stranded since they couldn't pay for their
> hotel or food, taxi's as about 800 cards were wiped.
>
>
> On Thu, Apr 18, 2013 at 4:25 PM, Phil Waclawski <phil.waclawski at mesacc.edu
> > wrote:
>
>> I already know not to bring your regular cell phone, and bring a "burn"
>> phone instead, and I'm bringing a laptop that will be a fresh kubuntu
>> install, locked down etc with nothing on it that I care about.
>>
>> Is there any reasonably secure way to use the internet at defcon, or is
>> that a pipe dream? I personally had just figured to use the laptop for
>> offline work (some blender training etc), but I am curious.
>>
>> Also, I will have to use my credit card to pay for the hotel, but that
>> will be the only time I use it (I plan on using cash as much as possible at
>> the event). Thankfully my credit card does not have rfid, but that doesn't
>> make it less vulnerable to shoulder surfing and other problems (fake card
>> readers etc).
>>
>> So, I've had a bit of advice from Chris Lewis, but I'm curious as to what
>> others think ;)
>>
>> Phil Waclawski
>> MCC CIS Faculty
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
>
>
> --
>
> (503) 754-4452 Android
> (623) 239-3392 Skype
> (623) 688-3392 Google Voice
> **
> it-clowns.com
> Chief Clown
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20130419/676dfbab/attachment.html>


More information about the PLUG-discuss mailing list