 House, much better, much better. What? You want a what, sir? You're a German, sir? Why do Germans love to dress up and kick the men in the crotch and have butt sex with scat? Okay, we're ready to go. Okay, can you hear me? Who is this strange man wearing a business suit in Las Vegas? It's me. But I'm a research guy, so I'm supposed to look the part. Anyway, my name is Larry Poneman, and the name of my company is called Poneman Institute. And we did a very interesting study on your favorite topic called e-voting. And I want to, I know, I know boo, boo, boo. Now some of you look, you know, look very cool and dapper, and I'm sorry I'm wearing this awful business suit, but this is my handle. I'm really, and my background, by the way, if you want to know something about me. I'm not a fed. Never was. No, that's not true. What a liar. But I actually started off as a, try to be a musician. And I was a hippie. In those days, we had hippies. It's, you know, your parents, for example. I was a soot! But I still have a fender. Hey, who said that? Okay, now that we got that introduction over, what I'd like to do is on a serious note tell you that e-voting is a serious issue. And quite frankly, we decided to do a study on this issue because we think that the general public, not you wonderful people, but the general public is unbelievably complacent about this whole thing. People just don't worry about it. Are you worried about it? Okay. Do you think that the election is going to be fair? Yeah. Okay. Hey, look! Go for it! Okay, so now let me just tell you what we did. We talked to about, oh, several thousand people in the United States and we asked them a couple of questions. In fact, some of you participated in the same survey. About that bottom line is, what do you think? Do you trust e-voting? Well, you say hell no, but let me just tell you what we found. Luckily, because I know we're going to run out of time. I don't get a headache by looking at all those power points. Okay, now what we did is we asked you, you are the group called expert. Can you believe it? Hello, experts. Ah, expert. You know who you are. Stop being so serious, please. And what we ended up doing is we wanted to find out your overall opinion and you know what? You think that e-voting sucks. But I will also say that the general population are favorably... Poor these people! Where are they? Where are they drinking these people? God damn! Here's another weird slide. Okay, so what's your feeling about how much comfort or confidence you have? And guess what? You folks are not confident. Little confident and significantly no confidence in e-voting. And the general population, you know, again, most of these folks who responded have a high degree of confidence. They're not worried. Okay, so based on what you know today, so much telephone is ringing. Kill that person. I hear that sound. I go crazy. Slowly I turn. So how would you compare e-voting to traditional paper ballot machines? And again, you guys are saying e-voting is less likely to record or report my vote accurately. That's a serious state of affairs. Based on what you know today, how would you compare e-voting to traditional paper ballots? And in terms of tampering with election results, e-voting is much less secure. E-voting is less secure. There was no one that we spoke to, who we will admit to anyway, that believed that e-voting is more secure. So here's the bottom line issue. What worries you? What worries people today? For you, the number one or number two issue is attempt to influence the outcome of the election. And you know that serious stuff. I can't hear you. Say it again, please. Go, Florida. Shoot that masked man. But at the end of the day, that's really the issue. And look, it's serious. That's why I'm wearing a business suit. I'm talking to you as your father would talk to you. And yes, I have my son, David, who idolizes what you do. He's a very, very good kid. But you know what? Bottom line is, this is what I'd like to say. If there's David, right there is a matter of... No, he already is lucky. Imagine if I was the case and my son was here. I'd like to lose my part of my body. So anyway, here's the bottom line. It is a serious state of affairs. And really, if you kind of look at it, if we assume that you know more about information security than just about any person in the universe, let's just assume that. Maybe I'm wrong. Then if that's in fact true, then there's a need to seriously consider the impact of a wide-scale abuse and manipulation. There's a need for some accountability. And there's also a need to think about some solutions. Nico sells who you know and love. Nico and I were talking about it. In fact, she came up with a great solution. Maybe we get rid of the voting technology, we burn it, blow it up or whatever. And maybe we go back to kind of the absentee system in order to have some accountability, because we're talking about election in 92 days. And in 92 days, we just don't ever act together. It's a pretty serious state of affairs. Now listen, we're very lonely people in Tucson, Arizona. That's where this thing is. And if you are interested in any of the work that we do, and we study very cool things, we study privacy, data protection, information security policy. So we do a lot of interesting studies. But if you're interested, you want to get involved, I'm serious, give me a call. So, and please don't hack my system. Please don't. Thank you very much. Slides, good. Okay, so we're going to still need the projectors. I think the Wi-Fi guys are going to demonstrate something with it, so we'll keep the projectors up. Yeah. Okay, so we're going to get started with the awards ceremony. Before we do that, I have a couple of general announcements I'm going to end up making. First of all, we love you. You guys are cool. Thanks for coming. So give yourself a round of applause. And next to you, we love our staff, all the guys in the red shirts who made the show possible. Yeah, and girls, that's right. The show wouldn't operate without the wonderful girls and especially the two in dispatch who make basically the glue that holds all of us together. So we know they're still in dispatch. We're going to give them applause. Okay. New this year, you might have noticed some people running around in blue shirts. We did that to kind of avoid confusion with you guys. The blue shirts are the people that managed all of you speakers and made sure you got to where you were supposed to be on time. And that's Agent X's category. So give him a round of applause. Cool. I also want to single out for some special attention. The person who really makes things operate here on the ground. I might pay the bills and host the website and do a lot of stuff, but I get pretty busy. And so I count on my right-hand man to make sure that the show actually runs. So you can think of this person as sort of the operations COO. And that person is Zack here. So without Zack, nothing would happen here. So I just want to make sure you realize who he is. He's not my evil clone like the evil Kirk in Star Trek. He's actually his own person. Okay, with that said, I would like to go ahead and start things off. We're going to kind of go with the newest contest first. I'm going to work all the way up to the caps of the flag winners. So we're going to go in reverse order. Starting off, I want to hand the phone first to Russ, who's in charge of the contests this year. So he wants to just say a little bit about the overall contests. And then we'll start it up. And the first up will be the TCPIP appliance winners. So with that said, I want to hand it off to Russ. What's up, guys? All right, how many of you were in the contest this year? Okay, how many of you watched the contest? How many of you were awake up until an hour ago? All right, what we did this year was we tried to take DEF CON back to what it used to be more technical. And what we did was we introduced a bunch of new contests. And what we found out was a whole bunch of very afraid people out there to get involved. All right, we had a robot wars contest for the first year. Okay, how many of you watched that? All right. Now, was that cool or what? Now, let's have more than one next year. Come on, you guys are supposed to be smart, you know? Okay, who saw the IP appliance contest? All right, was that okay? Okay, you know my email address, right, if you have feedback. All right, so basically what I want to say is for next year, if we're going to keep adding this stuff, we need more involvement. If there's something you guys are interested in, jump in there. Get involved. The robots were really cool this year. We need people with good ideas for other contests and to help us out with this, all right? So we're going to go down the list here, and I'm going to hand the mic back to Jeff here. Okay, so is Nero in here? Okay, are you here? That would be a no. Okay, Greg, you're the doppelganger. All right, for the TCP IP appliance contest, these folks had to develop some kind of appliance, any kind of appliance that would communicate over the network. There were two entrants for this contest. One entrant was a skull, and they communicated with the different functions of the skull, and the other one was an IRC connection that they tried to communicate over the network, however the network was not functioning properly when they attempted to do that. But they put in a great deal of time and effort in getting to the point that they got to, and it was pretty cool, and we encourage more participation next year. There is a prize for second place. That was the IRC team. If you are here, please come forward. IRC team. Okay, their prize is a mini web server. See what you can do with it. Good job, guys. All right, if the first place team, which I believe was just one person, the skull team... Do you have the skull? Do you have your skull with you? All right, for them we have actually a cash prize from the University of Advancing Technologies. We also have a t-shirt for them, as well as the coveted black winners' contest winner badge. Let's them in the future show. Let's them in the future show. Cash prize from U18 was $50 for this one. I know most of you here are a lot smarter than I am, so why didn't some of you enter and kick my butt in this contest? I have no idea. It's easy to do. Most of you know how to do some hardware. Hardware is not that scary. Seriously, more people should enter next year. It's a pretty cool contest. We'll get Ryan behind us, too. Next up, we've got the Robot Wars. This is also a first-time competition that we've never done before. Some of you might have seen all those DEF CON ping pong balls floating around. Minimum order was 1,000, so we made 1,000 of these things, and it was for the robots to move from one side to the other. We quickly realized there's three types of ping pong balls out in the world, so these were competition-grade ping pong balls, but should not fit ping pong ball guns, unfortunately. With that said, I want to hand off the microphone to Blue Boar, whose brainchild this was. He's going to tell you a little bit about the contest and give away the prizes. Thank you. I think a bunch of people came by and saw the competition we had yesterday. Close contest, but Team Irvine were the winners. Thank you. Are the Irvine guys here? Come on up. Do you have the bot with you? Do you guys have the bot with you by chance? Okay. Their entry was the Irvine bong bot. And very much appreciate these guys participating. They met the challenge as described and put on a good show for us yesterday, so they're our first-place winners. All right. And for prizes for these guys, again, compliments of the University of Advancing Technology. We have a t-shirt. This one's actually pretty cool. It says, chicks dig guys that write recursive algorithms. We also have, for them as a prize, there are 256-meg USB keys in here for each of you, as well as $50 total. You have to, guys, just go out and drink for a while. And, again, compliments of the University of Advancing Technology. So congratulations. Now we're into some of the most established contests. We've got the lock-picking winners. Lock-picking's come a long way in the last couple of years. They've got some cool timers, new locks. They've got a really cool system set up there. Personally responsible with that is going to be Greg. He's going to talk about it a little bit. There's a couple categories. We're going to hear from the winners, kind of the winning technique. We're going to have some of the lock-pick contests recorded this year, so we're going to digitize it. We're going to put it online so maybe you can see a little bit of the action. So with that said, here's Greg. All right. First off, I'd like to also recognize Kai Gath, who was heavily involved in getting this organized this year. Stand up. Stand up. Oh, yeah, Ted. And as well as DC719, which helped do some of the organization, as well as some of the lock-pick boards. DC719. Stand up. All right. This year we had two categories that we did the contest for. One was the old one, which was the speed contest. And the other one was an obstacle course. The obstacle course is brand new. It was an eight-sided board. And what you had to do was attempt eight different locks on there. And whoever won got the most locks open and two would be the aggregate time, would be the winner. We had about 10 to 12 people try that particular set. It was very challenging. Those were really hard locks that were intentionally put on there. And so we did have some winners with that as well. So I'll start with third place for the obstacle course. Third place was Narfland. For third place, we have a t-shirt. Okay. Yeah. For that particular one, Narfland got three of the eight possible locks. They were very challenging. Second place, also with three locks, just a little faster time was Grant. Grant, if you're here. Okay. The shirts were compliments again of UAT, and we really appreciate our sponsors and the prizes. First place for the obstacle course is actually the returning champion of last year from the speed course, Q-Mark. Q-Mark got seven of the eight locks, and he was within probably minutes of finishing the eighth lock before he got kicked out of the room last night. So did a really great job, tremendous effort on that. What we have here, we have $50 from the University of Advancing Technology in the USB key. We have $50 from Security Horizon to Frize. There's those two. We also have more t-shirts than you can shake a stick at. So hang on. And the lockpicking winner's shirt. All right. Now for the speed contest. There were 25 people that started this contest. We had three of eight actually finish the semifinals. We had some very competitive locks on this, and the folks that got to the finals did a tremendous job to get there. In order to make it to the finals of the speed contest, they had to, one, be able to break into your home. Okay, break into a hand knob lock. The second round was actually a deadbolt lock. The third round was a door, literally a door that they had to do the handle lock, the deadbolt lock, and they had to do a padlock as well. And the finals was that same combination. The padlock was actually a tremendously hard padlock. Some of them got it, some of them didn't, but they all did a great job. So to recognize the top three, we have a few prizes there as well. Third place on the speed contest, Narfland. Yeah. Again, great job. Oh, that's a good point. Sorry. There's actually not a third place. It was a tie for second on the speed contest. That was my bad. Yeah. Great job. So the other second place finisher is Ian. Is Ian here? What was the time? No time. There was no time because we made it so hard for them they couldn't finish. That's why they tied for second. However, I do want to mention that the folks that made it into the finals, there were eight people out of 24 that made it into the finals. In order to make it into even the semifinals, they had to be able to open a lock in 13.5 seconds or less. So does anybody feel like their house is safe now? Not me. Okay. First place for the speed contest, actually a new comment this year. His name is Lemon Jello. Lemon Jello. And just off the cuff, Lemon Jello is going to talk for just a moment about his technique and how good it felt to be the winner. No pressure. Oh, man, I have to talk. Yeah, I started last year because I saw the competition at Def Con. And just a lot of practice, a lot of stealing locks from my friends. A lot of... I have to thank my friends for all their support, Froggy, Tiger, Colonel Panix, Europa, Tom, Ian right there, his mom, and RC and Brandon for letting me crash in his room this year. Thank you. Lemon Jello actually did have a time on the finals. It was 477 seconds, I believe. And with a very difficult lock on that board, that was a tremendous time. Okay, for Lemon Jello, we have $50 in cash, a USB key and some t-shirts. Again, compliments of the University of Advancing Technology. We also like to thank Jinx for a couple of the shirts that we have as well. You also get a prize, $50 gift certificate from Security Horizon. And congratulations, and here is your lock-picking champion t-shirt. Right on. It makes me feel secure at night. For those of you who don't know, the coveted black badge only goes to usually the leader, the winners of any of the contests, and it allows you a free entry to DEFCON for life. So, yeah. It's worth competing in these things. Get up, step up and compete. Okay, next up is the Wi-Fi contest. It was a tremendous success last year, and it's back again this year with a couple of tweaks for the wheels. And Dave Moore is the person who's put it together again for the second year. He's going to get up here and tell you about some of the stuff that happened, and hand out the prizes. So if Dave is around right there, here he comes. Dave. Thanks, Jeff. Shall I proceed? I'm Dave Moore. I invented the Wi-Fi shootout contest last year, and the event has taken off beyond my wildest expectations. However, this year I realized... I think you need to hook that up back there, don't you? Oh, is it? I'm sorry. I'll keep talking. This year I realized that I was going to need a tremendous amount of help. Otherwise, the contest was not going to take place. So I asked ASL rules team. They were the overall winners in last year's competition. If they would run the contest this year. Thank you. They agreed to do it, and it is because of their help that we are here today. They've been a spectacular group to work with, and over the past few months I've also learned that they are much scarier hackers than I had originally thought. So this year, instead of competing, they helped two secure sponsors ran the contest in the field, and I thank them with all my heart. I also want to thank Jeff Moss and the DEF CON staff for allowing us to hold the contest in conjunction with DEF CON. They've been good to us, and I hope that our contest has contributed to the overall DEF CON experience. Thank you, sir. The basic rules of the Wi-Fi shootout contest are simple. Set up a pair of computers, get an 802.11b Wi-Fi radio working on each one, and then see how far apart you can get and still maintain a connection. Contestants submit to a very stringent distance verification process, and it's a lot of fun to see these rigs work. I need to thank our sponsors, our premier sponsor, Wired Magazine. Thanks, Maya. Also assured InfoSec, Jeffetech, and Eason Associates, ConfigureSoft, Symantec, Pasadena Networks, Netgear, O'Reilly Books, Broadband Wireless Exchange Magazine, Jinx, Gamers, Geeks, and Akkers, with the Cooler shirts and down. Wireless Fidelity Magazine and Exchange Magazine, without our awesome sponsors, this contest would not have happened. I also have to thank our contestants. They traveled a long way to get here. They worked hard and they slogged it out in the desert heat, the wind, which was brutal yesterday. The direct sunlight, which I cannot take, and they are to be admired. One team in particular is to be applauded because they achieved what we believe is the new world's record in their category, about which you will hear more after I turn the microphone over to Ben of ASL Rules. Thank you very much. Thanks, Dave. We had six teams come out and compete this year, which really blew us away. We had no idea how many people to expect. We'd like to thank Rangebox, 4DI, Bing, SXE Crew, Turbo Crew, CL Wireless, and PAD for coming out to the desert this year. Our zero-width prize goes to both 4DI and Bing, SXE Crew. These guys were considering our honorable mention category. They showed up. They did register to compete in a few categories, but unfortunately they were not successful in establishing contact and could not get any official distance measurements down the books because of that. We would like to give each of those teams a set of books and some cash prize for showing up. We do have a lot of O'Reilly books here. We have SSH, the Secure Shell Handbook, Network Security Hacks, Network Security Assessment, and the Linux Security Cookbook. So we'd like those guys to come up if they're here and grab a copy of all these books and some Best Buy Gift Certificates. Are they here? They don't appear to be here. We've got $250 for each of those teams in Best Buy Gift Certificates and books. I guess hopefully their email addresses are accurate. We'll get them to them later. Just for showing up! They didn't even establish a link here. More people, come on next year, please! So that was our zero-width prize. Here's our first prize we're going to award. Our commercial amplified antenna category. Basically we had four categories. Take commercial antennas on both ends and put an amplifier on them, establish a link. That's one category. Take commercial antennas. Don't amplify them, establish a link. That was the second category. Take at least one homebrew antenna on at least one end and amplify it. That was the third category. Take at least one homebrew antenna on both, on one end and don't amplify it. That was the fourth category. So here we actually had some people competing, but we can't award a prize because we didn't get any official distance measurements recorded. We're going to now proceed from the shortest distance achieved out to the greatest distance achieved. So the next category we'd like to provide an award for is the most innovative antenna. That goes to Turbo Crew with 0.82 miles. What you see here is an assortment of cardboard duct tape. If you're familiar with the shield or the shiny shields that people put in their windshields or their cars to keep the heat reflected out, that's what this antenna is made of, and that's really cool. They achieved 0.82 miles with it. It was not amplified, but we'd like to give some prizes for that. So we're going to give them a stack of O'Reilly books. We have an additional one in their pile called Hardware Hacking Projects for Geeks. We have some antennas from Pasadena Networks we'd like to give them. We have some Jinx Hackerware. Now, I don't know for sure here, but it's my understanding we're giving them a t-shirt and a pair of ladies panties, and someone told me they want to see them demonstrated or modeled. We're also giving this team $500 Invest by Gift Certificates, and we're going to give them a copy of Wi-Fi Toys in the backyard or down the street. This is War Driving. There's a bunch of more words on here. I'm sure you can read them on your own time. Are the ladies who want to show up in the desert this year here? Oh, they're coming up. These ones say Monofork with parentheses, you know, the inexperiment. So we won't hold you to it. Is that everything? Books. We got the books, the Pasadena antennas, the Jinx Hackerware. Yeah, you guys were building your own antennas out there from scratch, so we decided we'd help you out with some hardware here. Okay, the next longest distance achieved was the commercial category, commercial antennas with no amplifier. A range box achieved 14.0 miles. Congratulations to them. I would like to mention something about the picture you're looking at. This is not near a road. It was 109 degrees. There were about 700 feet in elevation off the road and about a thousand foot walk from the road. I went up there just for fun and I didn't enjoy it. These guys are crazy. For them, we'd like to give them the pile of O'Reilly books, the extra book that was just recently published, I believe. We have a $200 gift certificate to CCNY, Computer Connection of Central New York. They're basically a sun shop. They have a lot of cool sun hardware and really good prices. So we'd like to give that to them. We have a Jinx Hackerware shirt or two, I believe. And again, we have $500 in Best Buy gift certificates for them. Please give them a hand. The next greatest distance achieved was in the home-made antenna category with amplifiers in use. This particular team, PAD, built antennas on both ends, so both ends were home-brew, and they used amplifiers on both ends for this particular win. These guys are not about 700 feet in elevation. They're only about 500 feet, but I'll still give them credit for hiking up there. I don't know if you can see much in this picture here, but that's all steel construction, and I'm glad I'm not the one carrying it up in the mountain on 109 degrees. That is home-made. So these guys actually have aiming equipment on this thing, and if you think this is impressive, wait until you see what's on their trailer. These guys drove from Ohio, and they have a trailer with, correct me if I'm wrong, a 9-foot 4-inch diameter dish mounted on the top of this trailer, which they're happy to drive down the road at 55 miles an hour. I wasn't very near them when they were doing that. They also have aiming equipment on that dish, and these guys were really cool. They started out by achieving a 5-mile win to get something on the books. Then they went out to about 14 miles, I believe, and then they went out and toyed around at 30-some-odd miles, and then they decided to get serious. I don't know if you have any members, but last year the grand prize went to 35-some-odd miles. These guys started driving down the road, and they looked at Topo USA, which is a software program, and they called out some coordinates, and we said, well, if they're actually going to achieve this, we'd better head down the road ourselves. So we rented an H2 this year, and it's a good thing we did, because we ended up going down a dirt road for several miles, and it was a lot of fun driving the H2. Anybody should try it. And ended up, these guys got out in the field, very near the end of the competition, and achieved successfully, in this category, 55.1 miles. The amplification was 600 mW on each end. They were using ornogal cards, which many people know put out 32 mW, and they put that up to 600 mW into each of these dishes. Somewhere after this record here of 55.1 miles, they flipped the hood up on the minivan, which, you know, it's not a brand new vehicle. They started putting duct tape under the hood to hold the car together. They wanted to seal some dust out. They heated up some chicken nuggets from Burger King to, you know, for dinner. We'd like to give these guys some O'Reilly books. We've got some Jinx Hackerware for them. We've got $500 in Best Buy gift certificates. And we've got that other book, that third one, from the other author. Okay, so if those guys can come up and accept their prize, that would be really cool. Don't let these guys sit down yet, because after they achieved this distance, somebody had the silly idea, well, hey, we're using amplifiers. Let's take the amplifiers out. So they did. And it is my distinct pleasure and honor on behalf of the entire DEF CON 12 Wi-Fi shootout team to announce to you a brand new world record for the greatest distance achieved for an 802.11B network with no amplification, 55.1 miles. So we'd like to tack on another $500 in Best Buy gift certificates. There you go. And what the heck? We'll give them some Knuckier hardware. We got it donated from Knuckier. Yeah, access point, PCI guard. Yeah, we got an access point, and I think four PCI cards there. And according to the contest rules, we have to give out a prize for the greatest distance achieved in the entire contest. So why not? 55.1 miles, no amplification. Give them another $500, please. I think they will all agree with me that these guys are certainly deserving of what they're getting now. The Uber Hacker badges. Okay, I'll give you both of them. Did we give them a stack of O'Reilly books? I think we already did. We've got one last O'Reilly book here, 802.11 Wireless Networks. And if you can all stand to listen to them, we'd like to ask them to come up here and just talk for one minute or two about the drive across the country, maybe about how much money they put into this, and a little bit about if they had any fun. I don't know, I'm not sure. Thank you very much for your attention. I'm going to turn it over to these guys and let them wrap up for the Wi-Fi shootout 2004. Thank you very much. Okay, well about 19 days ago, I guess, we were surfing on the web after a business plan we had created, fell through. We were going to war drive around Cincinnati and find unencrypted wireless access points, and we knocked on people's doors and asked them if we wanted to encrypt them. They just got all freaked out and slammed the door. So we were searching for other things to do with the equipment we had just purchased and built, we had some cantina yogis and stuff. And Andy here came across the Wi-Fi shootout webpage and he's like, hey Ben, in a couple days we're going to go to Las Vegas and I was like, yeah, right. And he showed me and we're like, well, maybe you could do this. So I called Justin here and he was on the cell phone with his girlfriend and I said, hey dude, we're going to Las Vegas in like 19 days. And he's like, yeah, right. And I was like, no, I'm not kidding. And he's like, I'm talking to my girlfriend. I'll talk to you later. And I said, call me back. And he doesn't call me back. So we started working on this. Mostly Andy and I, we had collected some nine and a half foot satellite dishes from around Cincinnati over the past couple of years. We were planning on putting them up on towers behind our houses and sharing our broadband internet connections. Due to complications and parental restrictions, that never happened. But we had, we still had the dishes laying in our backyards and we were like, well, what the hell, why not? So we got them out. We started building feeds for them. We started with a bike rod that didn't work out because it didn't eliminate the whole dish. So we switched to a patch antenna and built that up, did all the calculations to figure out how far out it needed to be. And then we started building the mounts that you saw on the pictures. One of them was designed, the one that was down on a trailer was actually designed to fit in Andy's pickup truck which has been driven all over Cincinnati with the dish inside of it, strapped down to try and find links which are impossible in Cincinnati because there are lots of trees and hills. But we had a good time with that. And so after that, we, about two or three days before we decided to leave, we were going to leave, we went out and did a first test. And we got two and a half miles and the link was better than we had with our laptops sitting right next to each other in our bedrooms. So Andy's dad who thought we were crazy and is an RF engineer looked at our data and said, oh my god, they might have a chance at this. They might actually have to go to Las Vegas. So we worked on it some more. We got everything working. We borrowed some amplifiers from a company called RF Links in Cincinnati, Ohio who were very generous and gave us a 30-day loan on the amplifiers at 600 mW. We almost got 8-watt ones. Not that we would have needed them. But they were a very generous company and if you guys are looking for amplifiers for the 802.11b or G equipment, I would highly recommend them. And so we got those. We did an 8-nose 9-mile link in Cincinnati worked great and so we went home, had a meeting with our parents where they tried to talk us out of it and the next day we were packing. And so we had too many people to fit in the truck so we decided to take the van and tow the trailer behind and so here we are and we got out here. We set it all up had a blast doing it and now we have to figure out how to get home and if any of you guys would like to help us out with that our equipment is for sale. I'm not kidding. It is all disassembled. It fits in the back of a pickup truck and if you want to talk to us about it we'd be very interested in talking about it. We'll probably be over there by the doors at the end. The equipment we really do want to get rid of it before we go back to Cincinnati but we had a great time. I'll let some of these other guys talk. It was kind of a crazy idea but it worked out in the end and we put a lot of hard work in especially working around our other jobs but we put the time in and due to experience we'd had in the past a little bit with already collecting the dishes unfortunately we had to go and get some linear actuators that had broken before and fixed those up and get everything mounted but the whole process was a lot of fun and I'd just like to thank everybody who helped us out especially our flanks for the amplifiers. I just want to say to anyone who's interested in computing next year do it. It's a lot of fun. It was like 110 degrees or something like that and we'd like to shut the set of the mountain but it was a lot of fun and you can be done looking at the numbers we had theoretically we could have gone further but there was no road left we had traveled we we might be building some bigger dishes and trying to go further but we'll see what happens in the future and like I said if anyone is interested in doing it it's a lot of fun. Come on out. Thanks. We'd also like to thank the ASL rules team for all the work they did in the organization and setting up a cross-band repeater and all the communications so we'd really like to thank them. About 33 dB Do you ever plan on having kids? Okay well not nearly as impressive as that I have a quick impromptu award to give it's not really a contest but it sort of became a contest if I could get Paul Proctor to stand up here for a second you know what's coming Go on Paul, stand up get your ass up here so Paul's having dinner with this guy Nick Farr if you're out there Nick you're going to be put on the spot in a second and they're having a burger at Old In-N-Out Burger and for those of you who live in a location that doesn't have an In-N-Out Burger you can you can realize how important it is for us to get to an In-N-Out Burger while we're in Vegas so Nick Farr pulls up and Paul Proctor pulls up, orders a burger Nick Farr says hey that sounds good and orders a 10 patty burger and eats it and he looks up at Paul and says you know I could probably be 20 and so Paul says you're on so that was Friday night Saturday night Paul shows up with a 20 patty burger out by the pool one here and Mayhem and Sears quickly were throwing down money and gambling on whether he can handle it or not and it turns into a pretty good contest I'm going to let Paul finish it up here but there was talk of a head-to-head death match kumite 30 patty battle oh yeah so when he bought this 10 patty burger I mean he walks up at In-N-Out and he says yeah I want a 10 patty burger I said you got to be kidding me and yeah they sit there and they say extra patty patty patty patty so and you should have seen well when we went on the next night we got the 20 patty burger I think that it was it was worth the 14 bucks for the burger just to see the look on the face and I'll tell you honestly we're considering a contest for next year now we do not know what this contest will look like but it will probably involve a lot of cow so pay attention to the contest website for next year and if you feel like you can do 30 or more bring it on now where's my man Nick I cannot believe what X just told me he says Nick is brushing his teeth probably still from that burger well listen when Nick oh my god so I didn't even realize this they got Nick a prize this is the sergeant from full metal jacket alright you're all going to have trouble because Nick's got motivation for next year he is not here right now but oh he's on his way here he is Nick doesn't even know why he's on stage yet so this is kind of a surprise nobody told us they were going to do this so anyway this is Nick he's the man we're considering a contest for next year you obviously have set the mark and for that we have bought you some motivation for next year this is the sergeant from full metal jacket he was when you came in he was entertaining the audience so you'll have little things to listen to like this oh god did the 30 patty kumache happen the 30 patty kumache you didn't have to be veiled because we're going to put a contest how many for next year how many how many for 30 how many things okay so I used to live in California oh hell no you're going to put the basket or something and make me throw up so I moved back to Michigan after living in California for two years and I hadn't been to In-N-Out in almost a year so you and Proctor a couple of the other speakercoons decided to go there and you know I know the whole secret In-N-Out ordering so I said yeah just give me a 10 patty animal burger so they give it to me Proctor he looks and he's like they can do that I said yeah they can do that so I I hadn't eaten anything all day so I'm just chowing down and I finish it before he finishes his double double and so he gets the broad idea you think he can do 20 so he says yeah you know we've got your 20 patty people like I didn't know this is like no no come over to the pool I'm like okay so you go over to the pool and then this crowd out of nowhere envelopes and from LA was just getting crazy taking bets how many for how many is how many for and there was this pile of cash in front of you and I was just enjoying my dinner and it was all good so so are you guys trying to tell me you want me to do 55 next year what where's Humperdink I want to point out just before he ate the 20 patty burger we were sitting over it in and out with the actual burger and some other people with us he's eating french fries they're good fries alright I'll see you guys next year okay now we're into the liquid category coffee wars and coffee wars usually happens really early Friday morning and there's quite a competition that runs off then they tabulate their results pretty much all weekend long in order to give you the grand totals now so I want to hand it over to Fufis I'm just going to tell you a little bit about the contest and how that was judged and who won well once again coffee wars was just a monstrous success and it's an honor to be up here yet again with the excitement before we present our grand prize I'd like to touch on a couple of highlights this year we did not have to turn anyone away which was great last year we had some capacity planning troubles and way more people brought coffee than we were ready to handle and then this year as always the Alexis Park staff came through for us we needed a big garbage can with a liner in it and they were right there on the spot and once again were great and we didn't confuse them this time usually they're a little leery that people once again as always the DEF CON staff were great thanks to Dark Tangent, Black Beetle, Russ and Pyro it was the smoothest running show that we've had we got started a little late but everything was as it should have been we also need to recognize the staff who are the heart of coffee wars Alice and Madhat who kept things running smoothly when the rest of us got confused Shirley once again as always was the core organizer, the keeper of the equipment the master brewer and also the coordinator of shirt acquisition the proceeds from coffee wars shirt sales were all donated to EFF the rest of the staff and the judges were also essential, Gurney, Rob, Tim, Lucid and Tweet, thank you very much coffee wars wishes to extend a special greeting to Jay Dyson who was unable to be with us but sent some really good beans, we're thinking of you man there are two honors in coffee wars the grand prize for which we have a prize and then the best bang for the buck which doesn't really get a prize but you can feel really good about yourself the latter which is the bang for the buck is given to the coffee whose overall approval is the highest ratio of overall approval to price is the highest so the average price per pound of coffee entered this year was $15.38 which is pretty middle of the row but when you consider that we had four entries that were over $30 you can see that the average price is actually pretty reasonable so previously the bang for the buck winner was always a coffee that was close actually an approval to the overall winner but was a little cheaper this year's strategist this year's award went to a contestant who supplied actually a reasonably good coffee but not that super highly loved but it was at the rock bottom price of only $4.99 a pound so there's no prize but we salute you spy boy wherever you are we don't have a prize for you but we respect your skills this year's winner is an expensive coffee but not the most expensive entries from Jay Dyson and God-1 and Decula all surpassed it in price but the winning coffee was the winner by a wide margin a full 16% ahead of the second place entry which was from Jay so both of those coffees Jay's and the winner were from the same plantation and our winner had found a way to acquire the Peaberry instead of the regular bean and also had fed exit to himself from Jamaica for maximum freshness so so damn that was some fine coffee so our prize this year is the same as last year courtesy of Van Hall one of our judges thank you very much sir in terms of sort of street or market value but we also have an additional honor that makes it all the more precious to sure can you hold this up mad hat that you know that says the coffee worth champion and commemorates that so the back says Jamaican Blue Mountain for the fifth year but who's counting so our winner is no stranger to coffee worth triumph and instead of this one-of-a-kind shirt is going to let the world know of your victory sir and at $29 with an overall approval score of precisely 8.0 the winner is Jamaican Blue Mountain Wallanford Estates from Peaberry from Hook are you here look what inspired you to enter that same coffee again seeing you guys at the end of the match no more thanks a lot congratulations props going out to 9-1-6 baby okay next up we're going to get a wrist griffin wrist griffin a grifter is going to come up in a handout talk a little bit about the scavenger hunt and the leadest link two things he was involved with and hand out the words and talk a little bit about the future of both contests so with that said welcome grifter puts a lot of energy into running the shows thanks I'll start off with the leadest link this was the first year for the leadest link we had a couple of technical difficulties that kept us from showing its full potential but on the second night I think we had a really great time we had a good turnout and more and more people kept showing up as the night went on we had two different hosts the host for Friday night was Slee Stack if you're here I guess he's not here and the host for the second night was Disobedient are you here anyone anyone no I guess not anyway so we went through a phenomenal amount of questions the questions were generally technical but we threw in a lot of things like Simpsons Trivia and stuff like that for people who just wanted to get up on stage and have some free beers on Jeff and we had a really great time and we understand that a lot of you have expressed that you like team structured games rather than individuals while the other half of you like being up there as an individual and competing against your friends so next year we're thinking about doing a team game one night and then an individual game the next night when has expressed perhaps bringing back Hacker Jeopardy for one of those nights so we have a whole year to plan and we will keep you posted so keep looking at Defconn.org for details so after several rounds and into the final round with some absolute insanity on the part of Humberdink Flea Humberdink's brother who screamed the entire time phenomenal lungs on that man but the winner of the first round and then eventually of the contest on Saturday night our first leadest link is Vicky. Vicky if you're here there she is and we have a Defconn leather jacket the coveted leather jacket and a black badge for Vicky so well thanks everybody after losing Hacker Jeopardy so many times it feels really good to finally have the black jacket now I can get closer to being cool like Kevin Mitnick just a little bit closer I also finished Kago so this will come in handy so the strategy was get on stage and then there was a bunch of alliances and eventually people started pouring beer on each other that kind of I think that was a big part of the strategy also and I'd like to thank everyone I played with for not pouring beer on my head thank you I'm going to steal a couple seconds before I talk about the scavenger hunt just to mention real quick it's not a contest but um dc801nrootcompromise.org is the group from Utah and we wrote all the questions for the leadest link and then we also do the Defconn movie channel I hope you guys enjoyed the Defconn movie channel this year we'll be back again next year and we will be putting up a suggestion script for it on DefconnTV.org for anything you'd like to see changed, things added and what's that? Yeah and you can submit filler content and things like that my email address is pretty easy grifter at Defconn.org so if you have something send it to me or send it to grifter801 at gmail if it's a gigantic file um now on to the scavenger hunt due to doing so many things speaking yada yada yada I was away from the scavenger hunt table quite a bit this year and didn't get to see the insanity that ensued as much as I would have liked to but one of the 801 crew will come up here and let you know all about it so without further ado here is A. Alright for those of you who don't know the scavenger hunt is one of the longer running contests here at Defconn DC801 and Root Compromise we've been doing it for is this our third year there grifter? Yeah third year and I think we had a great time this year I think that I actually have more fun than the entrance every year so it really makes the count for me a couple example items my favorite was the drunken what was that? No the lingerie was enjoyable that was for sure a lingerie show but the drunken whore egg tap it was stolen last year so it was an impromptu item and so this year we made it you need to bring it to us so one team actually did talk them out of it we also had such things as coin buckets from different hotels, tin foil swimsuits finding out the zip code of Mt. Kisco New York mashed potatoes and gravity you decide the rest one of my favorites for 100 points and then one that actually drew a little bit of the crew understandably make a huge straw and drink a full can of Mountain Dew from the roof of Parthenon by pool one can must be on the ground by the pool two teams as far as I know completed this about 30 feet worth of tubing from one team and then it was at least 30 some odd straws electrical taped together or the other it was quite the sight and it took probably 10 plus minutes and a couple of people on each team to get it done so we have video we're going to try and get it up here as we can it will be on scavengerhunt.org and yeah so go ahead with the loading of the prizes we have prizes donated by I think every vendor these guys are always great to us every year they hook us up or rather they hook the winners up so third place with 2056 points is Hot Broccoli if you guys would stand and wave and yeah well actually all female team so they kicked major ass if you guys want to grab your prize box afterwards just grab me we had I think seven we had a couple more that a couple hours and then gave up but we had quite a bit it was a race down to the end and I'll get into that here and then it's second place team local boys and girls from Vegas DC 702 with 3065 points I believe they're over here go ahead and stand up guys wave so much love to the local guys and then in first place we had we left on an item semi purposefully they didn't have a limit on it it was tabs off of soda cans one point each and this is actually for charity the Ronald McDonald house so we thought you know it would be a good item to do and the Corps of Social Engineers brought in approximately 7000 plus tabs off of cans my bad 8500 some odd I'm sure that they will tell you the exact number if you want and they almost won without them I must say they played a very good game it's the winning teams or the people from 1st to 2nd and the third place teams from last year all got together and came and kicked some ass so where did you guys get them yep okay so DC 702 get your prizes we got a box full of cool swag and then DC 702 the five team members come on up we've got a special prize for you the Corps of Social Engineers aka Exodus first up here Griff is actually going to get your what alright here we have Civiac this is HiWiz this is Ecstasy we've got Lando and Kelvin so we have black badges for each of them lifetime admission to the con and if one of you wants to be the spokesperson then come on up and let us know how it worked so once again thanks for a great con thanks for DC for letting us do this you know, raise hell every year all of our sponsors so skedingerhunt.org we'll have the final scores the breakdown and some media here in a couple weeks so Civiac thanks guys is it just me or does that table have the finest hair in all of DEF CON between A and drifter these guys are hot it's been five years it's been a long time I enjoy it it's one of the only reasons I've gotten the free booze I'd like to thanks Spackle Blossom, HiWizard the entire team all the DEF CON staff every last one of the goons Katie did, Daenerys, Stitch oh god minus one Pez who am I missing Octopus, Cryonic it's been five years I've been going out for starting this entire addiction I'm out I've done it five years it's been a good run guys come compete I'm hoping to help out next year see what we can do put together an even better hunt guys thanks we're coming into the end there's only a few more there's only a couple contests left there's one that's near and dear to our hearts it's the war drive contest Roman here who's drawing a lot of attention to this issue he's done some big worldwide war drives helped organize and run this year's war drive contest so I want to pass it off to him he's going to tell you a little bit about how the contest has changed over the years and who the winners are so here you go Roman thank you very much basically what we have done in the past just had everybody drive around Las Vegas and try and find as many access points as they can a real short period of time we kind of decided to change things up this year and rather than do that we were going to let people drive as much as they wanted to and some people really really drove a lot I think the person that won ended up driving about 60 hours this time we also decided because most people were not going to be willing to invest their entire con experience into driving around Las Vegas we put in some mini games and I'll talk about each of those a little bit as we get to them first of all I want to get a couple of people to come up here and be recognized Render Man One Master Render Man yes Render Man, Pantera, One Master and One Master's partner whoever he was one of the games that we had this year for the mini games was called TAG which was basically I totally spaced on something I forgot to thank the contest staff who really kicked ass this year they were working nonstop and they're all standing and sitting right over here Aaron Thorn Der who was our running man we'll talk about and Converge, Jesus Converge For those of you who didn't know Converge basically spent his entire DEFCON trying to score these the drives because the size of the files that people were dumping were so huge so thanks man I'll buy you a beer or something Now, back to the TAG game These four guys were on two separate teams for the TAG game TAG was sponsored by FABCOR and they gave us some outstanding prizes what they needed to do was find an access point that I had located somewhere in the Alexis park that was transmitting on low power and then there was a Windows 2000 box sitting behind it that they basically needed to own well enough to be able to drop a text file on the desktop I really thought that by getting in three hours they would have enough time especially when they found the access point itself within about seven minutes and then proceeded to spend the next three and a half hours beating against the box and not being able to get into it but wait, there's Norn We were sniffing all their traffic which will be available on the website when we particularly decided that it was worth giving these guys a little recognition was when all of their logs we watched them and they actually brute-forced the right accounts we had two not one but two accounts set up that the password was the username Homeland security should be very afraid but because they did work their ass off for that moment I decided to go ahead and give them the prizes rather than try and take them with me so Aaron if you could help me out here the prizes from FabCorp this time around and you can split them up however you want to in these are an Orinoco card a five DBI omnipig pigtails and a five watt amp I made it up and enjoyed gentlemen and go sit down some of you will be back one of the other games you did was called Fox in the Hound that was basically we had an access point set up off-site away from the Alexis Park that was transmitting on low power and was only broadcasting for 15 seconds out of every minute and then it would go out offline the goal on this one was to actually physically track this one down the winning contestant who was Render Man I had to actually find the hotel room that it was in and welcome to it and knock on the door to win and again we gave three hours for that and Render Man owned that in 35 minutes it was a fantastic job so I think we his partner come on up he probably all saw Render Man walking around with the render rig Render Man's partner on that one hold it up Render Man's partner on this one and you guys really did a great job I figured after a little humiliation for Render Man I deserved to go ahead and recognize the work you did that was good do you have anything that you want to say well originally Panthel was going to be my partner on this but we had a polka-related accident of the German beer house so it was really unable to walk so even here stepped up this rig was sort of a last minute last minute idea it worked really great really posting designs and everything the hotel staff at the Amerisweets thank you for not throwing things at me or like getting security guards on my ass walking through the hotel with this thing and thanks to Thorne I just wanted to know why you didn't have any cold beer for us in the room we came knocking on the door sorry sorry that's it I guess let me give you some prizes this contest was sponsored by both Render Man Michigan Wireless and we have for you guys two 24 DBI Voggies and one 5 DBI Omni so enjoy I'm a little busy right now say hello I'll call you back later alright next where's the Render Man Render Man we basically had a person walking around with a Zaurus that had an Apache web server running on it the point of this one was to find the Apache web server grab some files off of it decrypt them and then determine who the running man was approach that person and say are you the running man unfortunately yet again we did not have any major skills because they could not do it but we did find we did have two guys that came very very close and if they had a little bit more time they probably would have we only ran that contest for about an hour and a half because the Zaurus battery was going to die so if I could get William Barnes and Eric Smith to come up this contest was sponsored by Blackthorn Systems and Thorn has donated the Lynx's WRT 54G access point they also get a running man contest winner badge congratulations did you guys have anything that you wanted to say real quick? we did crack it I had a lot of fun, I hope we have some more people competing next year I think one of the biggest problems that people have with the running man was actually that we did not use a man for the running man we used a girl if she would stand up there she was a running man, thank you thank you all guys, good job now what we have was the main drive the main drive winner this year really really put a lot of time into it and he has also been publicly humiliated once today so I'm going to call him back up here this time around we found over 20,000 access points and 20,753 we did find one of the contestants did have some fake AP stuff in their log that we had to drop out the second place on this who gets nothing except to kick himself for driving that much time and not winning with 109,238 points was Fratch which basically means that the only other person that's actually insane enough to drive around Vegas that long and win was with 128,876 points one master come back up this time around they get from the coveted leather jacket the coveted black badge they also get a copy of wi-fi toys and we're driving I'm a big fan of that one if you haven't bought it go get it right now actually we all signed it for you too you're in good shape there and the main prize this time around was donated by Fab Corp as well it was it is $500 cash money would you like to talk a little bit about your drive well yeah this is quite fun if you think that sitting alone in your car in 12 hours driving from 6 in the evening to 6 in the morning Chris told that I was driving for 60 hours but I only drive for 60 an hour so it wasn't that long time but great fun and the only reason I keep coming back is that Chris is always pissing me off Andre actually threatened to register chrissucks.com after last year's contest also I wanted to go ahead and get Rendezvous back up here give them their books and their badges and then get off of the stage so those are for you a ton more of the war driving books signed by the authors who wants them the bartender is getting that one let's hear it for the bartenders excellent so this is the first year that we've had new management at the Alexis park and so far they seem to have treated us pretty well so I think we're pretty happy with them wouldn't you say, pretty good ok so this next one is not necessarily really a contest but sort of placing value on vengeance and it was the dunk tank and dead addict had this great idea after seeing it happen during this one parade of having a dunk tank and we thought hey that would be fantastic we'll get everybody in there, we'll get all the feds to be dunked and pretty soon that means that I'm going to have to be dunked Zach's going to have to be dunked pretty much everybody's going to have to get dunked and that means we're going to make some money and hopefully enough money to pay for the rental of this thing and the liability and all the insurance and all the paperwork had to go along with it so we decided the money should probably go to the EFF they've been around a long time and they generally really stick to their principles and so I thought it would be it would be pretty good of us if we could generate some money for the EFF we know there's a lot of civil liberties battles to be fought in the near future and we may as well get in the game there a little bit so because we are not totally a charity involved with running a dunk tank the dunk tank if you want to know costs us about $2,100 to rent yeah there's also additional insurance writers that we had to pay for which is maybe another $150 or so and the $55 loss or damage waiver but I figured that was a lot of money to take out of the finding so we donated $1,000 of DEF CON money to help support it so we took $1,000 away from the costs and what we have here is a check that I would like to present to the EFF Wendy Seltzer who is here and first I'd like her to say a little bit about what the EFF is up to and then I'm going to present the check and tell you how many dollars it really is so with that said let's give Wendy a round of applause thanks very much, thank you thank you from the Electronic Frontier Foundation it's $3,027 and here we go that's not that at least I got the check I think that's an extra dunk that's happening out there if anyone wants to collect a little extra money he's in the water well I've got the check here and I want to thank you extraordinarily much for everything that all of you here at the conference have done for us at EFF people stopping by our booth people stopping by the dunk tank especially those people who went into the tank to keep our rights dry those people who got themselves soaked in ice water to keep us from feeling the chilling effects on our online rights really makes a huge difference and that's what keeps us going and donations like this make a big splash for EFF thank you I'd just like to say thanks to Grifter because Grifter pissed me off a couple of years ago and several garbage cans of ice at 100 bucks I thought Grifter was going to have hypothermia so Grifter ended up staying in the dunk tank for an hour and a half and made a lot of money for the EFF mostly out of my wallet don't want to touch that huh so I think it was a big smash in success and we're going to do the dunk tank again next year and what we need is big celebrities and just people you hate and Peter Shapley and people who are getting into the dunk tank there for us and I will say there was a lot of people standing around not fucking ponying up cash next year they call the Scots tight fucking hell I spent a lot of freaking money in this dunk tank this year so next year you're all ponying up yeah, electrocute the tangent ooh it's kind of tingly okay so for our final contest we have the ghetto hackers as you know for the last uh, this is the third year have been running our cap to the flag contest and they've been running what they call croup-fou all around the country and they've really been evolving it and it's really turned into something something quite cool they seem to be focusing a lot of energy to visualize a little bit of the contest so the rest of us can stop by and see how the teams are doing the earlier contests kind of had the problem of nobody knew what was really happening and this is a way to let people see kind of a feel like they're participating and cheer on their favorite team so what? oh my god we forgot cannonball run oh yeah the people who truly are the criminals I mean we'll have to have Tony Pickles jump up here in a minute then and talk about cannonball run while they're setting up but what Caesar and his crew are going to do here is they have captured enough data that they can represent how the contest went hour for hour for the first, for the 36 hours and you'll be able to see a quick time slice of who did what to whom and how so that'll be coming up in I probably yeah for anyone that doesn't understand the term mostos this is Jeff Moss and Jeff Moss wins the prize for dorsing his own services the most ever so if you go to goons.org slash mostos you'll see a list of all the incidents where he took out his own servers just being overly paranoid and just to give you a quick example this is what started the mostos syndrome I bought a ruggedized laptop like an amrel, industrial indestructible drop it 35 times on each access from 3 feet all day long no problem and it's indestructible because I'm coming to a show I need my crap to work you know it's no second best if you wait 3 days to get your laptop fixed it has to work so I pony up big bucks I get this thing I'm printing the posters for DEF CON about 3 years ago I've got my whole screen up and I'm printing so I take the laptop like any prudent person would do and put it underneath the table it's printing I don't want to disturb it then I walk over to the 3 foot plotter to change paper it uses a large metal spike in the middle of the paper spool and these paper spools that you see all of our posters on is photo paper it's like I don't know 5 bucks a foot or something so you've got like $350 a paper on this roll and I take off the one roll I lay the spike down on the table and I turn around to get the next roll of paper ready the spindle rolls off the table I look to the left it rolls off the table and lands on a chair with arms I'm like no big deal it's going to land on the ground and then it starts rocking and I get this look and it angles up and it spears down directly into the screen of my laptop the regularized laptop with the only thing that's not covered under warranty being the screen so I resize the whole print project into the left corner about this big now and kept printing so ever since then yeah I'm the Mastos I'm over to Caesar oh Tommy Pickles there's Tommy Pickles there Tommy he also raised a buttload of cash for the EFF yeah I was one of the first people in the dunk tank and the first one is the coldest I'll tell you it started at like sorry about this yeah it started about noon and yeah I do have a bladder infection now I'm joking okay how many people know what the DEF CON cannibal run is? phrase ants? okay how many thought about doing it? okay prove it next year race from Redondo Beach to Las Vegas 288 miles and we don't really encourage speeding but we can say some of it is done the problem this year which made it really exciting was when we started the race the news media showed up and I thought oh it's my buddy Pat with tech TV this is going to be a nice sweet you know piece that I could show my mom unfortunately they had a printed copy of the website and they said it says you can use police scanners radar detectors police lights and they had a problem with this so the news media actually attacked us for about an hour and that footage will be up on the website this was funny because the guy wouldn't tell us our name or the name of the station just so you guys know the asset tag was on the battery of the camera and it said KTLA 5 so we asked them when to be on probably next week so if you want to email the guy I'm sure it's like 10.Davis at KTLA5.com or something so then the cops showed up and shook hands with the media and the media guy said this is why I called you and the cop told us the original cannibal run used to run out of Redondo Beach and basically he told us about the ambulance that entered in it and stuff like that then he turned to us and said I have real crime to fight and he took off the fun part about this now was when the cop was going to leave the cop stopped right in front of us and said I'm team number 7 see you there so basically this year we had 5 teams more were signed up on the website again I saw a razor hands and you guys didn't show up either 5 teams raced one of the guys has been here 3 years and I'd like to bring him up on stage his name is Evil Matt and he actually won the race for the second time out of the 3 years and he actually is from local Las Vegas here which is a pretty good deal to drive out from Las Vegas just to beat us he also did start last so if he beat anyone here he basically won the other point that I want to make is one of the guys from Chicago came out and he didn't make it here so if you have been to see a milk carton with his picture on it with the picture of a vehicle that's probably the guy for not showing up because that's just the funniest thing when we're waiting in a bar with a time clock Matt's time to beat everyone was 3 hours and 58 minutes which is pretty impressive during the daytime writing down to 15 I came in second, oh Max's team is Team Sodomy if you guys don't remember it from last year my team team overslept since I haven't been on time to a cannonball run and I'm the promoter came in second place Team Bizarro came in third place Team Emo Mofo came in fourth place and then Chicago 2600 didn't show up at least in Vegas they were at the start line average speed I would say was about 120 is what we were doing on the 15 we would go higher I guess but my O2 sensor went out coming up a hill so it sputtered a lot so I had to drop it down to 90 I'll have Matt come up and tell you anything about his experience but Matt's the winner here so let's bring him up on stage and we got a little car trophy here that we're going to give to Matt and the Defconn badge as well so thank you okay my name is Matt and I guess this is my third year running and it's really awesome it's really worth it if you guys are thinking about doing it come out and do it I don't know Tommy's 120 I guess we just got really lucky because I only did 85 I don't know what they were doing with the rest of their time they must have parked outside and just not came in but everybody says they've done it in two hours I've done it in three hours nobody wants to come do it and put their money where their mouth is so if you think you really can do it in three hours or two o'clock so come out and do it it's a lot of fun nobody's gotten a ticket yet as far as I know there hasn't been any accidents we do it really safe it's a bunch of stick to 65 the whole way designated speed limit it's a really great bunch of guys doing it we got Tommy running it, it's awesome we have LFA, he's a lot of fun we have Jimmy and Aaron just a bunch of great guys out there every year all five cars of us out there but it's worth it come on down and beat us next time put your money where your mouth is and come get some, that's it, thank you that brings us to the Grand Eddy competition it involves generally the most people at Defcon it has the longest tradition and that is Capture the Flag root food put on by the ghetto hackers in 206 representing them is Caesar who will now take the microphone and close it down so let's give those guys a warm round of applause applause thanks, thank you much a couple of things first the contest has been going forever and ever Capture the Flag contest it's taken different forms over the years as people have tried to solve the problem of how do you actually measure in a couple of days how cool 100 different hackers are and which group is cooler than the others what's the relative value of rooting an IRX box versus a Solaris box that's just fucked everyone off for a lot of years we screwed it up pretty good with the last couple of years but it's been a better contest and this year I think we finally really found a good way to run it the root food name that a lot of people have heard is just our idea of what the skill is inside of someone that knows what it means to get root what it means to keep root and what it means to stop other people from taking it from you in that vein I would like to get MD5 to come up here for just a second and talk to you about a whole bunch of people I guess on the east coast we're talking about that people on the west coast aren't cool we're talking about people on the east coast are stuck up assholes and the people on the west coast are saying that people on the west coast are a bunch of fucking lamers and so we decided that we were going to in the spirit of Tommy Pickles put your money where your mouth is have a little bit bigger contest with a lot more open invite longer term thing and so MD5 why don't you give a little shout out about that okay so earlier this month we went to Hope 5 and we got some we're pro to this contest here we've got O-Hackers put on it's online you don't need to be in person you can establish teams locally or you can just be working at your day job participating in this game the deal is if it's a attack and defense scenario same format as what we have here and it's set out to determine who's who and who's not and quoting Emmanuel Goldstein when asked who's going to win he's like of course the east coast so I asked you to pick up these flyers on the back it's sign up URL you go out there create your team join a team and the contest flies February 05 that's about it if you've got any questions find me after the presentation here and I'll answer them thanks okay so a real fast catch up on how scoring has worked this year in the past it's been dropping text files on the root partition supposedly protected part you know SQL and is a real protected part of Windows so busting Windows boxes was always a little bit easier than busting Unix in the old days but in the real world busting Windows is actually kind of a fucking whore if you're out there because well it doesn't really have a good shell and lots of reasons up until EI and some other guys did some you know Barnaby did this really nice shell code so what we did this year was to say that protecting information private data emails and so forth like that is the goal of the game so keep yours and try to get into the secret information on the other people's systems the idea being that you have to keep being able to get it they can try to secure it and once they do secure the service you can no longer get the secret information from their machine you should have to keep proving that you can route them over and over again so in that end our router in the center connected the eight teams together and issued to them tokens big long numbers that were signed by our key so we knew real tokens from fake ones and what came back to get the tokens some minutes later and if you could break in before we came back to get the token and proved us that you'd seen the number proved our router with a little uploader then you get one offensive point if the token never got stolen by anybody during the period then that team gets a defensive point and for every packet or some combination of packets we issued a penalty point so in the final scoring 80% of the score was from offense 15% from defense and 5% from penalties that's considerably more heavily weighted towards offense this year because a lot of people bitched that they're supposed to be a hacking contest and not a system in contest and so we listened it turns out that the penalties in defense didn't mean shit because the teams that did well on offense did well on defense and the penalties were about even so rather than waste all your time looking at boring numbers that are all tied and even we're just going to look at the attacking the offensive numbers for various services and teams and you'll understand real well when you see the last couple of graphics why the team that won won so by service what you're seeing now up on the screen what you've been looking at the purple bars this is by hour left to right over the 36 hours or 34 hours or so of the contest speaking of which that's 100 hackers 30 hours straight no sleep caffeine alcohol smokes the whole thing y'all are some fucking impressive bastards nice job everybody so round of applause just to the hackers for staying up that long so one of the things that we did an important note is that all the scoring is exactly fair and even amongst the teams so the expectation is if there's something easy to do then everybody is going to do it and if it's hard to do then only a few people will do it and so it's the difference between teams that really matters not so much you know 100 million points doesn't mean shit if every little space invaders worth a million points each right so it's the important thing is the differences between scores so as you see from left to right here land the moon we made a little moon and inside the moon in different places we drop a token thing and the name of the token was the name of the was the actual scoring point so all you had to run around through infinite mazes of forests that say you're in a dark forest there exits north northwest and south and you go north and you go south and you don't end up in the same place somewhere on the ground there's a token you can grab it and get scored for it the best thing to do is write a bot as you can see from left to right all the way through the contest there's this light yellow I don't know if the colors are registering very well it's sort of the middle bar beige color land the moon got scored on pretty much the whole contest by a whole lot of people open wiki all you had to do to root the wiki service was type token into the search field very easy and as you can see with the open wiki it's the light blue bars that was done quite a bit all you had to do to secure the service was to edit the source code and take the word token out of every search which didn't happen not so much with the goodness gallery service is very these little periwinkle I guess you'd call it color things at the bottom of a couple of things not many people on the gallery service it was just a little too secure I guess for their mad schizzles the PHP nuke everybody knows how to hack this right everybody knows how to bust PHP nuke and a lot of people did and there's a couple of interesting places when we get to how the teams actually scored themselves where you can see that PHP nuke made the difference in a couple of cases and really showed one team skills and the last thing was GHI gate and that was a little service that we wrote just a little gateway service and that one got hacked more toward the end once people had gotten their security and their services figured out and it really took time to switch over this is the number of attacks per team across the across the contest so first thing you're going to notice is two teams really dominated the fuck out of this contest team yellow that's enemy combatants and team red that's school root clearly clearly the top-notch caliber teams in this one although I have to point out in the beginning of the contest especially the first hours or so the green team showed a really strong showing and I'd like to make a little note about these guys they've shown strongly in the last three years they're coming here to show off how fucking that ass enemy Linux Linux is and while that's a cool thing we can either make a contest for product people or for people people and the other seven teams wanted it the other way so our contest really isn't geared toward what they're trying to do so it's a little unfair to see that they're at the bottom of the contest consistently good offense consistently good defense especially once their product comes up so a little honorable mention to Eminix for their strong showing yet again over to how many things green owned so on the note of Eminix let's look at what the attacks looked like so this is Eminix owning over the course of the contest and you can see that they really nailed the open wiki points in the first day they had something like I guess they might have gone to sleep from 4 a.m. or something maybe they fell down at the keyboards or maybe the guys who knew exactly how to do this one went off but there's about six hours there so I'm figuring it looks like somebody took a nap now the important thing to see though is of all the things that they stole they had to keep those tokens on their machine until we were going to come collect them later and so here's the difference between what they owned and what they kept long enough so Eminix Linux is apparently not a good security product for securing your Windows 2000 server and Windows XP products by the way it was the first year that Windows has been the target operating system the ghetto hackers bought licenses for the teams just to make sure everybody was totally fucking shocked because nobody thought A that we had any money or B that we'd ever give it away or C that we'd take the time to make a Windows hacking contest in the real world a lot of machines are Windows that we haven't seen in years notice to those guys and we don't promise but we suggest that we probably won't do that again next year Red demons so here's what the Scholar Root owned it's cool to see that they had a lot of more distribution they owned a bunch of PHP Nuke in the midnight time frame they went over to open a Wiki toward the end of the contest but they actually scored something against every service and they scored something against I believe every team Scholar Root you guys did a really nice job with that congratulations now here's the interesting thing is comparing what they stole to how many they kept check this out they kept almost everything they stole so nice job guys that's fucking impressive now here's a team with a little bit more impressive offense numbers check this shit out these guys really did a nice job I think what happened and they told me that this is what happened they developed a lot of tools and automated all the other teams so that they could get on to building the next exploit while the other teams figured out how to defend this one these guys did a great job just conquering the shit out of people unfortunately I guess they spent their time writing those tools because if you look at what happened after they stole them all not so much they lost a lot of their offensive points for having them re-stole one by the red team in fact I believe the strategy was let yellow root everyone else and we'll root yellow I think that's actually how this contest went so let's look at who attacked so this is who attacked yellow and when yellow did not lose any points they did not get anything taken away from them in terms of actual offense after 2pm yesterday so 8 hours of solid defense at the end of the contest that really demonstrates the kind of change in priorities over the hours after you get going get your development in order they got their defense working really well let's see who owned the red team yeah not so much nobody really got in past them I believe they found a cheap trick that when the scoreboard came talking to them the TTL was one shorter than when another team came talking to them you guys didn't do it yeah okay damn right you did there's no way you defended windows this well you cheated the network so for that that's a really cool nice job in total let's see the breakdown of the points oh I wanted to give a special mention to team iron grep they didn't show up in here because they didn't score any points at all here's the by color analysis then of all the offensive points and because of the graphs you saw of how many points that red team kept and how few they got attacked the fact that they only won by about 3% difference in their offensive score over the yellow team is a tiny amount of difference the yellow team really deserves a lot of credit for how much they asked they really kicked but just not quite enough 97% is a good solid second place but school root why don't you guys come up here and collect all your prizes fantastic fucking job give these guys a round of applause really fucking hard this is a pretty fat wad of black badges these guys don't have to pay for this contest ever come here ever again we've also got and also these are with the token dropping service and the deposit and withdrawal methods we did we figured these guys would appreciate some ties to go with their banking attire when they go back to work so they've got little yellow ninja ties to go with all the other swag I think that DEF CON is providing and to that end and of course to that end the uber elite black leather jacket from DEF CON and then a bunch of other swag we'll take care of that behind because these guys don't want to stand here for another hour while we handle these guys all their swag anyway Jeff for you thank you all very much and we'll be changing the format of the contest to fit what the con needs and what people want but thanks a lot for helping us out something I wouldn't really clear on and I wanted to make sure it got reflected right was Jeff was just letting me know that when we get the big, big dogs from the east versus west contest we're going to have a couple of contests here next year and one of them is going to be the big final showdown blood sport in the pit first blood where are you from and a school route where are you from it turns out that apparently the east coast didn't make such a strong showing in the DEF CON capture the flag contest hosted by the ghetto hackers in 2004 I mean it's not that they can't you know it's that they're too cool or it's too far away or they were or maybe they just don't know we exist you know we might be the little kids so anyway school route congratulations guys nice fucking job okay there's one last contest that also got forgotten that are one last award if you noticed on your show see there was a movie or video contest for sort of DEF CON shorts and we're going to play them on the TV and we're going to screen them but we kind of lost track of the organizers we never really heard from them but the winners are here so what I want to do is have Debata come up on stage talk a little bit about the contest introduce the winners and so when you watch the video and you see the Uber Elite poser hacker actually that's on the CDVM that was the winning entry so let me hand it off to DO I have a couple announcements and questions for you guys such as do you like currently the technical content of the speeches can you tell them any different than last year do you think they were better raise your hand than last year think they're about the same as last year raise your hand think they all sucked raise your hand so we showed an improvement in technical content we're going to keep trying to do that make them better and better and we also want to know did you like the format going so we'll be back again and with that I want to hand it off to Zach here who's going to make a couple of announcements and then we're going to and then we're going to have the winners of the movie contest and then we've got actually some more stuff to give away to you the attendees so don't touch that dial how many people showed up that's always really difficult to determine because we have a lot of press speakers helpers, freebies, people that sneak in people that get double badges but we're guessing this year we're over 4,000 something attendees and we're guessing total headcount to be almost 5,000 which is one of the second largest show we've ever done so the last time we had this many people was right at the height of the dot com bubble right before it burst when it was really crazy so I think that things are picking up again because people are starting to show up here and at other cons so hopefully the economy is recovering for us that's cool so hopefully I'll be seeing you guys again next year here hey, the reason he's here is because I'm not a particularly fantastic public speaker so excuse me the goons here love fucking DEF CON and the reason DEF CON is a success year after year is not just you but it's the people that are behind the scenes and put the show on so as far as goons go, let's get you up on stage guys ok so there's the mock team to make sure you have a network and put together DEF CON TV dispatch, security speaker control which makes sure they're sober contest, the quarter master vendor get your hackers for their CTF and root food don't thank this year we raised a shitload of money latest link win and G mark Harvey which are around somewhere for 10 years of hacker jeopardy send a knowledge that are recording everything and providing the feeds for DEF CON TV Jinx Uncle Ira from MECO and all the other vendors that ensure you've got shiny shiny toes to buy I'd also like to thank you guys for your dedication the parties, the booze the tech and your enthusiasm which is the reason you come again year after year and also the AP staff Dan of Takai and all the rest of the staff Garou Don Sally, Michelle, Kenny you're bartenders for DEF CON and just remember these are the guys, they stay sober so you don't have to the guns of DEF CON so speaking of staying sober I've arranged a little present for all the staff in the knock after where we've got several hundred beers waiting for them yeah so I got to make a phone call okay so I want to hand it off to Dead Attic to get rid of the last prizes give a credit where credit's due to the winners of the contest and with that we're just going to close it down hang out by the pool and see you guys for the rest of the day so let's see, Dead Attic take it away just before DEA speaks I'd like to thank my own personal sponsors Dajaram and Bumble Sapphire okay okay, no problem so this year a couple friends of mine had this great idea it kind of centered around the idea that people were having children and we wanted a good useful hacker propaganda to bring those children up on some good educational films little flash cartoons just to teach the kids the right way so we formulated a film contest and it really was their idea and they did most of the work and there's some last minute foobar that prevented the film formats to be transferred to the proper format to get on TV so I apologize for not having this on TV but there was some funny funny stuff and there were some good films there was only a month that people could enter so the contest was put together at the last second but despite this I believe seven entries step up to the play and there's a lot of work put into them and our winners here will talk about how their experience went because the film they submitted poser how many here saw the film poser raise your hands please, just curious okay that was just funny and it takes a lot of balls in my mind for a person who played the poser to portray himself as such and then be on video and walk around and say hey are you the poser that takes balls so next year we'll announce it earlier and hopefully we'll spark the imagination a lot of people that want to exercise their creativity and a visual medium or better yet hackers that can hoodwink their video friends into doing all sorts of work and just making sure your hacker theme is in there so without further ado I'd like to announce our winners the saint and nightmare baby can you please come up on the stage and thank you are you a poser okay let me talk a little bit about what they're going to get and we'll get some other stuff for them later but there are 144 of these defconn zippos made we weren't sure if anyone would really be down entrusted in zippos and know how many make and it turned out that the goons they get first stab at them for helping out most of them went to the goons so there weren't any left to sell to anyone I don't think so they get defconn zippo we looked at fake zippos and it was handed off to me for beta testing because I'm a tester and I'm a smoker so that works out well and the Chinese version worthless bad lighter zippo made in America good lighter very good lighter zippo and if you can say a couple words about the pain and sweat and agony of being a poser at defconn oh making your films I'm sorry oh no no no hi everybody just saying this is my first year at defconn and me and my friends we found out about the film contest about a week and a half before defconn before the deadline so the first thing we tried to make tried to scramble get over making an action film about these hackers in the future getting chased by mercenaries and getting killed and we had all these fight scenes and car chases but because the deadline was so soon we only got about half of it done so we decided to make poser because we decided we should enter something and basically it was my entire junior high experience so I thought I thought I was good authority on it so it was a lot of fun and my girlfriend and her friend Sam the two beautiful ladies and white at the ball they tried not to laugh so I want to thank them I want to thank my friends Raleigh Cosgrove and DarkTangent because he's the one who told me about all this so thanks I really enjoyed it so DarkTangent was in the dunk tank for a while apparently everyone loves DarkTangent a lot because he was dunked a lot and as he was shivering and getting hypothermia he's like it's all for a good cause I was in the dunk tank at one moment for a half hour the first half a dozen or so dunks I'm like you know how important are electronic civil liberties really but apparently Jeff didn't get dunked enough so there's a second dunking of his closing ceremonies which I think is very thoughtful any opinions on the info channel here grab it I just wanted to quickly ask rather than taking shots from the crowd I wrote that info channel sorry it wasn't up today had a little problem with the month change but if you guys have any ideas yeah I wrote it in about 4 hours of caffeine induced and 4 in the morning not a lot of time for QA and testing as much as I wanted to put together a full quad insurance plan and company with a TPS report anyway but if you guys have any suggestions just drop me an email joshandnicepeople.org and just if you guys have