 Hi, I'm known as Valkyrie and I want to welcome you to what we call DEF CON 101, a lurker's guide to DEF CON. Today we are going to have a lot of really wonderful people who have volunteered to speak to you all about the really cool things about DEF CON. Logistics, how this whole thing happened and the really fun cool things to do here. So, since he's already here, I'm not going to take any more time. I would just like for everyone to give it up for the dark tangent. Hey guys, that's me. I'm DT and this is my party and these are my fellow party throwing cohorts. I'll be going through telling you about like security and contests and different things that are going on at the CON. This is the first time we've ever tried something on Thursday. The idea was to sort of do this rolling soft start. People who are new to DEF CON are probably obviously sitting in this room. So that makes you guys like newbies, clueless, kind of wannabes maybe. But I don't think so really. You probably are actually really engaged with what's going on and that's why you're here. And so I'm just going to give you kind of a brief overview of the history of DEF CON. Kind of what we're trying to get at with this conference. Maybe I have time for a couple questions because I really don't have anything prepared to say. And then I have to race off in about 20, 25 minutes. So I'll try to make it pretty quick. But hopefully I can dispel some of your misconceptions. So I started this thing down the street, not too far from here, 17 years ago. Back then, bulletin boards. There's all word of mouth. There's no inner webs, inner tubes. And there was pound hack though and there was pound freak. And there's a couple of news groups, Alt Security and Comp Security, something. And we promoted DEF CON anyway we could. And back then, there was no way to get real information to you guys. And so what was happening is, I remember I was on this bulletin board and I don't know how many of you guys used to call pirate bulletin boards and wear sites and all that stuff. And you would log in and they'd have this thing on the disclaimer page and it would say, if you're a member of law enforcement, you're not allowed to log in here. And they'd say, that's how we're going to keep out the feds, right? They're not allowed in. This is a private system. I'm only inviting in non-law enforcement. I can do that, right? It's my own equipment. And I thought to myself, there's something wrong with that logic. I don't get how can that work? No, no, I was assured that's how it worked. Just like I was assured if you ran the program Dejama, it would jam your caller ID so they couldn't trace you. You just run Dejama. And what Dejama did is it played a whole bunch of touch tones on your modem and made you feel good. Dejama didn't actually do anything, but people swore by it. And I was thinking, I've got to find a way to eliminate the bullshit because it's really toxic. So that first year we invited a prosecutor, Gail Thackeray, who had just busted a bunch of people with Operation Sun Devil. And she's like, yeah, guess what? Those things don't work. And everybody in the audience is like, ah, really? I really wished it would have worked. And then we had people like Dan Farmer back then, who was our hero. He worked for Sun Microsystems and Security. He was like the only hacker guy with a real job that didn't work at a banker in the military. And so everybody was really excited in whatever Dan was doing. And the idea was that he was actually practiced in UNIX security. So let's hear what he has to say. And what he was talking about was he had so many systems at Sun he had to secure. It was a total nightmare. There's all these attacks on the network. Back then there's all these yellow page vulnerabilities and all these other issues. And he had to manually deal with every single machine on his network. And he thought that was a nightmare. He had just written this script called COPS. He was thinking maybe I'll write some automated tools to scan the network, look for vulnerabilities, but I'm going to visualize it in X-Windows so I can see the status of my network. And he talked about that for a while and he said, maybe I'll call it Satan. And what do you know, within the next year he's on the cover of Time Magazine for writing Satan. And that was the birth of all these automated pen testing tools. And the people who walked away from DEFCON that first year got to hear right from the horse's mouth what people were really doing, what was really happening. And they were sort of like, they went forth and dispelled the bullshit. You know, they were out there to tell it like it really was. And now you can get information everywhere. Amazon has books on computer security, too many to count. The internet has so much tutorials on hacking that really, if you distill it down, there's no real reason for you to come to DEFCON if all you wanted to do was to learn how to hack. Because it's going to take you more than two or three days to learn how to do it. And all the information is free out there anyway. So what you're really doing when you're coming here is something more than just learning how to hack one particular technology. I think you're coming here to get inspired and to get motivated and to find new way of thinking about a problem. And I don't know, I see Deviant Olim somewhere in here. That guy just loves fucking with locks. And you talk to him and it gives you a completely different way of looking at problems. So you talk to Lost here and you participate in his mystery challenge. And I guarantee you you're going to learn five things you never even thought were possible or new ways of looking at a problem. So we're really here to give you a head adjustment and reorient you and get you excited to go do shit that maybe you didn't think you had the skills for and somebody like Lost says, hey no, guess what? You just do it this way. And now you have the power to go do it yourself. So I don't want to make it sound like we're like happy hacker camp. Because you know, a lot of bad shit does always happen here. I mean I could go on on the war stories. I mean there was the one year we had all the foreign intelligence agents posing as documentary crews. I don't know if you, you guys probably haven't heard this story. I'll tell you this story really briefly. We had a lot of people show up from different federal agencies and states. And the first year when Bush, the last Bush administration was in the first year of his administration, we had somebody speaking at Black Hat. And he came along with this White House advisor person. And about that time we were hearing all those rumors. Like some of our friends who work for the FBI, they're complaining. They're like, yeah, I'm going to DEF CON. But I got to work. We're like, what? What's going on? You got somebody from the state of Nevada. It's like, oh, I can't go. I was told not to show up to DEF CON. Something's going on there. And we're like, you know, shit in our pants. It's like, what do you mean? I mean, is there going to be like some giant raid? Is the new administration going to make some statement by, you know, resting the hackers? I don't know what's going on. Well, it turns out that what was happening was there was four or five documentary crews filming that year. And about three or four of them were foreign intelligence groups. And so we had to have our spies watching their spies watching us. While all the hackers here were busy watching all the other hackers. And I mean, it's a perfect metaphor. You never know what the hell is going on here. There's so many layers of abstraction and just, I don't know. There's so many fingers and so many pies here that it's amazing. And it took years for that story to come out. For us, as the people who run it, to even figure out what happened at our show two years ago. So, I mean, you are going to see way more about what happens at DEF CON than what I will. Because I can't be all over the place all the time. But I'm just letting you know, you're going to see stuff here that's going to blow your mind. And you're going to be a part of it. And you got to tell me about it afterward. Because I'm going to probably miss out on a lot of it. So, I don't know. That's my rant. I generally say you get out of the con what you put into it. And if you come across like you've got some kind of attitude, know it all, superpower, I can guarantee you you're going to get squashed. I mean, there's so many people here. You never know who you're sitting next to. You never know what is inside their head. And so, if you think you're a Superman, I can guarantee you you're not. I mean, look at this guy right here. No one knows who he's sitting next to. So, just be humble and ask questions. Nobody's going to give you shit for asking questions. And if they do give you shit, they're not somebody you want to talk to anyway. That's just a quick bullshit filter, right? If they're not here to help you out, and they're not here to talk to you or share the knowledge, then they're a waste of your time. And find somebody else who's willing to talk. Because it's all about sharing that knowledge. And, yeah, that's about my 90-second survey of how to get the most out of it. Ask questions. Be respectful. And, you know, maybe try a Google query on the topic first before you ask publicly. I mean, that's, you know, ask beyond Google. And then they'll probably give you the time of day. So, I have time for a couple of questions. I'm sure somebody's got some crazy ask questions. A question that's been burning in your head all day long. How many times does the DEF CON site get attacked? Can I talk about the Department of Homeland Security thing? Yeah, so I was appointed to this Department of Homeland Security Advisory Council, which caught me completely off guard. DHS in the house. But it turns out I'm not an employee. It's totally voluntary. It's unpaid. And you're only, I think to save money, you're only an employee when you travel there, talk, or fly home. So they don't give you any, you know, a insurance coverage or anything. And the revelation to me is, like, you know you're helping the government when you book airfare, and they rebook you on the cheaper flight with, like, extra connections through all the cities. So you arrive, like, eight hours later, but you save them $50. Yeah, it's like taking one for the team for that. But, you know, I'd be happy to tell some stories about that, but anyway, it's a big honor for me, and I'm still trying to figure out how to best help them, best participate. But it seems like they still haven't picked a cyber security coordinator. And it's their, the brief, the brief thing is, the first H-SAC was under Tom Ridge. And he looked outside for advice. And then under the last secretary, he didn't. He just kind of like, I can't hear you, I can't see you kind of thing. And then under Napolitano, she's really interested in getting outside opinion. So everybody's sort of thinking of it as the Tom Ridge Mark II panel. And they're really excited because these people seem to actually seek outside advice. And for those of you who don't know, this H-SAC thing was mandated by Congress, and the point of it was, in a post-911 world, how do we provide advice to these people, for example, in DHS, so they don't get into this group thing. So Congress is like forcing them to listen to people outside of their agency. And because of that, whenever we give them advice, we have to do it in a public forum. None of it can be secret behind the doors. The idea is you say it publicly so everybody knows that there's this other group with this other opinion. And so I'll be perfectly happy to do that. And it's a public fashion as possible if I detect bullshit. So, but it's a question of will they ask for advice and will they follow it? I don't know. It's too early to tell. But really exciting. Sure. Yeah. Yeah. Defconn three or five years from now. Well, every year I try to figure out how to involve the community more outside of the con. And the forums is the best expression of that. Just, we could have turned the forums into like, I don't know, bug track mark too. And we didn't because there's so many other good security research portals. There's so many other mailing lists and blogs. So I've kept the forums really true to just on track for Defconn. If you're interested in Defconn organizing a contest, finding out, getting the audio and video speeches, because for those of you who don't know, we give away all the content for free. It takes us a while to get it uploaded, but everything in the end comes out for free. And I'm going to keep doing that until the day I die. But I'm really kind of stuck on other ways to grow Defconn. I really want to sort of expand it. I never plan to take Defconn into another country. I don't want to step on anybody else's toes in other countries. I don't want to really compete with anybody else there. And I don't think, I mean, could you really see like a Defconn, I don't know, China working? I don't think they would ask questions like that. I just don't think they would, I'd have to import like everybody from Europe and America. Because we actually, you know, ask some hard questions. So I'm not going to run another show. I'm not going to do two a year because that would kill me. So I'm really trying to come up with other ideas on how to involve everybody who's into Defconn throughout the year, whether it's maybe we do some webinars, maybe we do some, you know, how many people here used to play on the Defconn voice bridge? So anybody even remember that? Back in the day we had this voice bridge where you would dial up and you could just talk with people for free. It was an 800 number. Out of this little place, Beehive Communications in Utah gave us free dial-in, like 24 phone lines dial-in for free on this 800 number. And people just chatted on the voice bridge for free all year long. It was great. And then VoIP came along and Skype came along and it just sort of died. And I mean, I don't know if I haven't told you this. I think I was talking to Deviant. We were thinking about, I don't know, maybe like a really kind of funny Defconn certification where we send you a big bag of locks and a little lockpick video and if you can do whatever, it's like you get like the Defconn stamp of I know how to break into shit seal. I don't know. Yeah, Defconn. Because it's like, how do I involve people who can't make it here to Vegas? I don't have the money to fly here. It's like, but really desperately, I mean, just look at the Twitter feed. People desperately want to participate here and they don't have a way. And I'm just trying to think of how do I help them participate and I don't have any real answers yet, but I'm totally happy to listen to anything you've got. I mean, I've got one employee, got a rack full of servers and a bunch of bandwidth, you know. Maybe I'll have a second employee, but how do we use these resources to grow Defconn and spread this info? An online mystery challenge. Sure, I've got the bandwidth, you know. It is what you make of it. If you come to me and say I want to run the challenge, I'll say great, I've got an employee, I've got an art guy, I've got bandwidth, I've got an attorney, I've got stuff to help you out. It's just I'm too busy to do it all myself. So if you get involved, I can provide you with resources, I just, I can't do it all. So, any other questions? Sure, it's an opportunity to ask DET a question, take advantage. And I'm all hopped up right now because I haven't eaten all day and I've only had coffee, so. Defconn is canceled. You're actually at Fedcon right now. But I heard Defconn might happen again tomorrow. How did it get canceled start? I think some, was it some dick on IRC? Yeah, some dick on IRC on Poundefconn was like, oh, I heard from DT it's canceled, they changed the banner on the thing. And I think it was back when you had to dial up to the Bolton board. There wasn't a website, it was like a Bolton board. So everybody just believed that nobody was about to dial up to the Bolton board to find out. So it started the rumor. Just like the very first year, that's why I stopped doing pre-registration. I used, I ran some advertisements and magazines and stuff saying hey, pre-register, send 20 bucks in to, you know, my address in Washington State. And some guy modified it and had you mailing checks to him in California. So then I decided it's cash only and there's no pre-registration. It's easier that way. And one of the other reasons it's pre-reg only, I mean it's not pre-reg only, it's cash only, is I really don't want any records of who you, you know, bastards are. I don't, I don't want credit card records that can be subpoenaed. I don't want any of that stuff, you know. The harder it is for anybody to come and approach me and ask for lists of anything, just it saves me money because I don't have to employ attorneys. So sorry if you're going to have to drain the cash machines around here, but really it's for your own good. Sir, that is a speaker control question. Are we going to, well, I can guess right off the top, yeah, right off the top of my head, I think Adam Savage is going to be really popular. And so we're telecasting, or tele, whatever, some are casting that into another room to get double the coverage. Both rooms are just the main one. I believe right now just the main room. Yeah, so just the main, right now they're planning this, the main room that Adam will be in, they're going to pre-clear. I don't know about the room that there's some of casting into. We'll clear that room as well. Okay, so anything related to Adam Savage will get cleared, those two rooms. I don't know, everybody was speculating online how big the con is going to be this year because of the economy. And I can tell you, black hat was down about maybe 15%. So I don't know if DEF CON is going to be down 15%. I don't know how much the numbers correlate. But once we get an idea by looking at how fast the badges go, we'll let you know. But it will be down a little bit from last year. But I don't know what that will do for a room crowding. I just figure the coolest people will be here this year. All the people who couldn't make it, well, whatever. There's always next year for them. Okay, one more question and then I've got to bail. What about volunteering? Oh, yeah, what about volunteering? So this is something where we could use some help. What happens is it's all sort of a who-you-know type thing. There's all these different teams. The security has more responsibility than, say, the DJ team. And so we want you to do stuff you're interested in doing, stuff that you know how to do. And what you do is you approach somebody in that team and you say, hey, I do security at the local club. I want to do security or I'm a network guy. Maybe the knock needs my help. Or I know, I see you've got Aruba access points here. I'm an Aruba engineer, whatever it is. And some people just total slave labor the first year and they work their way up. In other years they come in and they just, they get really involved. What's really hard for us is just some random person, none of us have ever met, comes up and say, let me handle the money. I'm a cashier at Walmart. I'm really good at counting. It's like, no, you might have to be known a little bit more before you get toward the money part or the security part. But you just approach anybody on any team. And a lot of times what happens is, you know, we're run by all volunteers. And so if people get busy with work and they can't make it, we need help. And what you want to do is just make friends with anybody on any of the staff. And the call always goes out every year, like, hey, I need three people in my team or hey, I need two people. And next thing you know, you get drafted in. So in a lot of times what happens like with Lost, he started a contest. The contest got really popular. We're talking to him all the time. He's talking to us. And now you're suckered in. You're trapped. Yeah, so a lot of times you just help start something, help a contest. And we noticed that, hey, you said you were going to do something and you did it, so now we can rely on you. So next year you get to be involved more. For example, I think I'm going to put together a team for next year for my contest. So next year you're putting together a team for your contest. Yeah, that'll be cool. Okay, time's up. I'm out of here. Locke. Yeah, I wish. Hey, everybody. For those who don't know me, I'm Locke. People just call me Locke. It's actually kind of funny. Jeff was talking about stories. I've been doing this now for crap like 14 years. And, you know, obviously made a lot of friends either on staff or out of staff. But after 14 years, none of my DefCon friends are comfortable calling me by my real name. It's just, and it feels weird when they do. So, you know, that's one of the fringe benefits or side effects, however you classify it. Just, you know, show of hands for those who are kind of new here. How many of you actually did research on using the DefCon network before coming to show? Oh, those would be the smart people. How many of you actually get on the internet? It's okay. You can admit it. That's where the porn is. You'll find it. Well, you know, there's a lot of things that go back and forth about how hostile the network here is and, oh my God, don't use it. But what I actually tell people when they bring that up, I'm like, what happens at DefCon that doesn't happen on the internet? You know, half of it starts here for good or bad. You know, so there are a lot of, you know, opinions on what to do, how to do it, to use the network to not use your network. That's fine. Everybody's entitled to their opinions. And me and my team, you know, we don't take it personally. Everybody's got their own reasons for their opinions, their own conspiracy theories. That's all great. And frankly, some of the more negative opinions on it were based upon how the network was five or ten years ago. It was crap. I'll admit it. I built it. You know, it was very unstable. It was very hostile. If there was an IP address, people were hacking it and trying to see if they could load GoatSea on it. So, you know, that's what they did. I got GoatSeed once. I'll admit it. But, you know, we've taken our experience of those years and looked at, you know, where are the weak points, where are the bottlenecks, and we put a lot of work into it over the last 14 years that we've been doing it to actually make the network, I won't say safe, stable and usable. You know, we've acquired a lot of equipment, made the equipment more consistent. We've limited a lot of the attacks that can happen. Not all of them, because that would be silly. And, you know, we've found a sweet spot for bandwidth, both internally and externally. So, we've looked at how you guys use the network and what it's used for, and, you know, circled around to design the network so that it is usable. Last year, a lot of you know, we let wired into the knock to take some pictures and go ooh-ah, that was very nice. And there were a lot of comments on the wired article after the fact, going ooh, you guys only have 20 megabits, wow, that really sucks for you. And, you know, I think one of my comments back was, that's nice, this isn't really a penis game. You know, to those types of comments, I'm like, well, that's fine, again, you have your theories. But DEF CON is not a sponsored show. We don't have Microsoft and we don't have Cisco in here giving us equipment, sending us money. Everything we have here is stuff that either Jeff has bought, thank you, Jeff, or honestly stuff we've bought personally for the show. Like Jeff said, this is all volunteer, so we put, you know, our hearts, minds, and money into this to make it work. You know, and again, based upon the experience, we know what we need here. We don't need a force 10 switch so that you guys can, you know, throw packets back and forth. So one of the things that we've all grown up with, we've all had to be into our heads and sometimes forget about, and the underlying principle for how we do the network design is just keep it simple, stupid. I have people approach me asking me to come talk about the DEF CON network. And I was like, you know, I'm happy to go do that. You're going to find out. It's really kind of pretty simple, and that's what makes it work. So, you know, I'm keeping it short today, but in general, you know, this is no different than how you would go out on the public internet. If you didn't have a router at home, how would you get on the internet and use it safely? Well, you know, standard stuff, patch your OS, keep your firewalls up, and don't click on all those fricking Facebook application things that you get. Again, you guys know how to protect yourself. Like Jeff said, the key to getting something out of DEF CON is to actually participate. So if you don't get on the network, how are you participating in what's going on here? Hey, let's say, you know, yes, people are out there to steal your identity, whether it's here or whether it's at home. You know, if you do get hacked and broken into, do what you guys do best and figure out how it happened and figure out a way to fix it. You know, that's why you guys are here, right? So, real-hand firsthand experience. So, just my last, you know, plug here is me and my team will be doing the DEF CON network session at four o'clock. It's essentially a open design review. So we get a lot of people asking every year, hey, can I come be on your team? I'm the Cisco engineer, I do all this, that, and the other. Well, the fact is I don't need a team of 20 people, but what we decided to do this year was actually go ahead and just open up the network design and let everybody come in, see what it looks like, see how it's designed, see how it's set up, and actually participate in feeding back on the network here at the show. You'll get to see how big it is, how ugly it is, and if you have ideas on making it better, great. If you have ideas on making it better that doesn't cost anything, even better. So, yeah, four o'clock will be there, me and my whole team. Any quick questions? We, the question was can we stop things like man and mill attacks? We can. Again, a lot of those things we actually just monitor and we don't turn off because we want to see what people are doing on the network. So closing ceremonies, assuming I get up there this time, we collect stats on what's happening on the network, bandwidth attacks, et cetera. So we can stop it, but some of those we don't because we want you guys to have the freedom to do whatever the hell it is you want to do. One more? I'm done. Thanks very much. Just real quick for anybody who just walked in, please put your phones on mute. And if you need to have a conversation with somebody, take it out in the hallway. Don't do it in here. Have some respect for the folks up here. Thanks. Hey, Noid. What? Yeah, I'm new. This is my first DEFCON. Yeah, no, my name's Noid. I'm director of security for DEFCON. This will be my 17th DEFCON. I actually didn't want to go to DEFCON 1. I got drug there. Friends of mine said it would be really cool. I thought it was going to be dumb. And I went to it and I actually liked it so much that I came back and joined the staff. And like Jeff was saying, you know, sometimes you got to start doing the grunt work before you get to do some of the cooler stuff. I mean, I worked at one point in time, the entire staff stopped what they were doing to work registration because there was what? Eight of us? Yeah. Maybe. So over the years as the conference grew, there was a level of security, a lot of crowds coming through, people trying to figure out where they need to be. We start running into issues with the fire marshal because we've got so many people that we start blocking hallways, start blocking doors. And on top of that, with all the people here, Vegas is kind of a rough place sometimes. It's hot and it's dry. I mean, I'm from, down from Seattle right now, and this lack of humidity is just killing me. So folks get here, they don't take care of themselves, and they fall over. So we kind of step in to help with that. And first of all, from being just me and a couple of the guys that did the black and white ball, I currently have a staff of roughly 50 people that does what they can to kind of, we make no attempt to control the chaos. We just do what we can to guide its path. We gave up trying to control the chaos a long time ago. There's more of you than there are of us, and we know that. Something else I was going to bring up, but you'll have to excuse me. I've been up since six o'clock in the morning. I went to the DEFCON shoot this morning, so I'm covered head to toe in sweat and cordite. So, does anybody have any particular questions for security? I'm happy to answer them. It means we're doing our job. So, oh, and I have to say this because I was told I'd be given beer if I did. When they first asked me to do this panel, I said, why? I'm just going to stand up for five minutes and say, hey, enjoy DEFCON, don't be douchebags. And somebody laughed at the shoot and said, hey, if you say that, I'll buy you a beer. So, enjoy DEFCON and don't be douchebags. I got a longer slide. Is that a glowing endorsement for me to take a bath? Yeah. Bye. All right. So, my name's Russ, and I manage all the contest and events for DEFCON. And this is actually only my 12th year. I'm a newcomer, apparently. Noob. All right. So, the first thing I want to say is DEFCON's not just about the talks. DEFCON's what you make of it. There's parties, there's people here, and there are contests and events. And if it sucks for you, it's because you're not getting involved and you're not trying. DEFCON kicks ass, and there's a lot of really cool stuff that happens here. And the contest and event POCs take place as well. And the downside of that is a lot of them put their own money into it in their own time, and they don't get goon badges either. All right. Ryan Clark, lost boy here, is actually an exception to the rule. He's put a lot of time and a lot of money. He puts several thousand dollars into his contest every year. And it's because it is love. He loves what he does. There's roughly 30 different types of events at DEFCON. They happen in the contest area. So I'm sure that everybody in the room can find at least a couple that interest you. If you can't find anything that hits your specific area of interest, and it is actually legal and doesn't involve farm animals, you can come talk to me about starting a new event. That's how Mystery Box started. That's how the robot challenge started a few years ago. The war-driving contest, the Romer Run. I mean, all that stuff started and everybody had an idea. Just like Deviant does with the lockpicks. Russ? Do you remember the time we did have a farm animal? I thought that was between you and I. You said you'd never bring that out publicly, bud. They come in a bunch of different flavors. Some run all weekend long. Some only run for a few hours on one day. Some of them run only at night, like Hack or Jeopardy. Some of them start months in advance before the con, and then everything kind of culminates here. Capture the Flags is a good example of that because all the teams qualify well in advance. Some of these events can be done by a single person. If you're really anti-social and there's not a single person at this con that you like, like, you know, Zack doesn't really like anybody here. Yeah, and there are others where it takes an entire team if you're lucky enough to have a friend. One of the questions I get a lot is what's the difference between an official and an unofficial contest? And the honest truth about that is the popularity of that contest at the time. And everything cycles in and everything cycles out. So, you know, if we look back 10 years ago, the scavenger hunt was the thing to participate in. Of course, we had some really weird shit going on. You know, they were taking doors off a telephone company's vans and bringing them in as a door prize. Yeah, the door's still out there. I saw it. I didn't see it last year. But is it in the vendor area? Yeah, so it's been floating around for a while. I don't know who's responsible for that anymore. But the idea here is that what's hot right now tends to be what's official. Lost Boys Mystery Box Challenge is incredibly challenging and you will find that a lot of people have really, really become addicted to it. I mean, they're absolutely insane crazy about it. And so those kinds of contests end up being the ones that get the black badge. Now, I want to say that that doesn't make them better than the unofficial contest. Everything starts out as an unofficial contest. All right, Robot Wars the first year. It was unofficial. It did not get a black badge. Mystery Box did not get a black badge the first year. Everything starts out as unofficial. So if you've got a really good idea, let's talk about it. And there are some really, really good events that happen that are excellent. They've been put together. Deviant didn't get a black badge last year but he's got one this year because the Gringo Warrior was really, really popular. All right, so there are a bunch of tables in the area, all right. And there's a bunch of stuff that happens in there and of course you can drink and eat and get drunk and be rowdy and be stupid and we're pretty cool with that. That's kind of what we like. But that's only about half of what happens at the con in that. I really want to get that across. You need to look at your programs. If you have other questions, you can go to either of the information booths and they'll give you some more information about the other stuff that happens. All right, some of the events occur in the Skyboxes. If you've never been here before the Skyboxes are up a level. They're all the little rooms that overlook the contest area and some of the other areas. So I recommend you check those out. We also have a new area. What's that over there? That has Team Fortress 2 tournament as well as retro gaming. They're going to have a Vax machine in there. A bunch of really old stuff with the actual terminals. It will work. This is antique computing. So if you didn't grow up like Zach and I did where this was what we had to work with when we were young then I highly recommend you go check this stuff out because that's what turned us into the geeks we are today. All right, so I highly encourage you to check that out. The villages themselves are considered open learning areas of DEF CON. What that means is right now we have one for lock picking that Deviant runs. Deviant's kind of infiltrated the entire core of DEF CON. He's kind of like syphilis. You can get rid of him. But we love him. He's like a syphilis that we like. And then we have the hardware hacking village that Lost Boy and I run. And basically these are specific areas of interest. So if you've been interested in embedded systems, how to hack the hardware, the chips, the code that's on those embedded systems, how to get around the circuits, the badge hacking, all of that can be done in the hardware hacking village. And I'd like to thank the volunteers and they are people that help man that every single day, all hours of the day, they don't get goon badges and they get very little respect for it. But again, you get out of DEF CON what you put into it and they come back year after year because they have a hell of a time doing this. Same thing with lock pick. Deviant's got his own people as well. For the contests, I'm going to read this off the list. This is not everything, but it's a lot. So we have to capture the flag which tends to get the most press. The interesting thing about capture the flag is when we started all this way back in the day, we didn't have teams. You didn't have to qualify. It was a bunch of people brought their own computers in and they would bang on each other for days and days on end and somebody arbitrarily would say, okay, that person rocks and you suck. So now we have the CTF and it's broken out in eight teams and that goes months out where everyone qualifies and that sort of thing. And it's pretty cool to watch. We got the DC 949 guys to bring out Open CTF and it kind of brings back everything that we had before. So, you know, if you're an amateur, you're a noob, if this is something you've been doing for a long time, if you just want to play taking your laptop over there, not your work laptop, please don't plug your work laptop in there, but if you're interested in trying that out, go over there and get involved and try it out. It's a lot of fun and there are usually what, 50, 60 people sitting over there? Sometimes more than that. Oh yeah, yeah. If we're open 24 hours a day, all those tables are filled with people and they've got thumping music and I don't know how they drink so much Red Bull and Brondo. I don't care if it does have electrolytes. We've got the Mystery Box Challenge which is absolutely awesome. We've got Coffee Wars. All right, that tends to happen just on Fridays and if you're a caffeine hound, definitely encourage you to try that. Be careful of Sherlock until she's had several cups of coffee. We've got Hacker Jeopardy. That's one of those that happens at night. We've got the Cannonball Run. I think Tommy Pickles ran that again this year, right? Yeah, so if you've ever seen the Cannonball Run, that's basically the same thing. They all race as fast as they can to Vegas. I would kill myself. We've got the Badge Hacking. It should be a challenge this year. At least we have badges to do that on. We have the Scavenger Hunt that CIVAC runs. We have the Beverage Culling that Deviant runs. We have Gringo Warrior that Deviant runs. We have Social Engineering. This used to be a contest that we had a long time ago and we had a lot of issues with it. That's actually quite an understatement. We had an entire tent of people at the AP run an FBI agent off the roof of the AP for trying to shut down the Social Engineering contest, and that was the point that we realized it was probably getting a little out of hand. We've taken a few years off and we're going to try it again this year. Moose is running it with what's his name? Not something. I don't remember. I'm sorry. We have the Team Fortress 2. Bruce Potter from Shmoo is running it. If you're into gaming, give that a shot. They brought some really excellent computer systems over there. We've got the 10,000 cent pyramid which is new this year. That's actually 10,000 Canadian cent, so it's absolutely worthless value, but it should be fun. We have a geo challenge that's supposed to happen this year. That's new as well. We have the artwork contest that happens as always. We have some more events we have. We have the black and white ball. How many of you have never been here before? Just out of curiosity. Holy shit. Oh, Lord. Okay, so, um... How many of you own latex? All right. So, you got to hit the black and white ball. Friday night, we're actually starting it off for the first time ever. We're going to do about a 45-minute set. It's the only live band ever this year. I will not testify to the quality of the band. I'm actually on it. We've all been playing for a really long time, but we had kind of a challenge because we're geographically separated into two separate groups, and so our first practice together as a complete band is tonight. But, hey, what the hell, right? Welcome to DEF CON. So, we have the EFF fundraiser that Stealth runs over in the corner, and if you get a chance, go check it out because it's a very worthy cause. All the money goes back to the EFF, and typically if we have a decent con, Jeff tries to put some money in on top of that, and, you know, you walk away feeling like you had a really good weekend, you learned a lot, and you were able to help some people too. I don't know if it's going to happen. TCPIP drinking game? Is that going this year? I've not heard anything about it. You know, see, the thing about those guys, they are so drunk by the time they finish last year that I never hear from them until the night they're supposed to start the next conference game. So, we've got the Wall of Sheep. If you do not know what the Wall of Sheep is, don't connect your laptop. Do not get on the network until you have talked to those guys and figured out what they're going to do to your machine, okay? Okay, so we're going to do an RFID Wall of Sheep. We actually talked about that last year. I'm glad that's happening. I hope you've all got your little pocket Faraday cages with you. I know this sounds really geeky, but there's a group of guys that has actually figured out how to hack the World of Warcraft API, and they're giving a talk. It's like Friday, I think. They're giving a talk tomorrow, I believe. And so, I actually gave them a table in the contest area, so you can go look at the demos, and I believe they're actually giving out accounts or something that have actually used this ability to... Well, there's hands going up, really? Okay. Okay, all right, so he said they're not giving out accounts, but they will show you how everything works, and they might be passing out some code, okay? There is a NIST demo, and I know it's intuitive, but Charles Clark and his team bring out some really, really kick-ass technology, and we put them in one of the Capri rooms, and so they're kind of off the beaten track, but go in there and look, I think they had some kind of communication laser or something last year. It's really actually very cool. It's the first time two systems were brought together. One from Singapore and one from the U.S. Oh, yeah. Two quantum systems talking together. Go see it. All right, you'll learn a lot. We have the Toxic Barbecue. That's also very cool. You have to hit the Toxic Barbecue. Okay, there's... If you want to get involved, if you want to meet people, go flip some burgers for a while. You'll get some free beer. You'll make a lot of friends, and you will find it a lot easier to ingratiate yourself into the community here. Then, of course, I don't know if these are happening this year. I didn't hear from the POCs. We have...typically have DC Group meets and DC Forum meets. You know, we'll see if that happens. Okay, and then, of course, there's a ton of parties every night. You can find the status of any event or contest by going to the Info Booth. You can look at the RSS feeds from the DEFCON website. You can look at Twitter. I don't know why we have Twitter, but it apparently works. He has a lot of people following the DEFCON Twitter. So, hey, wherever. Important people to know for contest and events. Most of the contest goons tend to have the black shirts, okay, and we will have contest badges on, or goon badges, or both. Pyro and I...Pyro, are you in the room? You know, he is probably still asleep. He was up late, as I understand it. I'm sure he was studying something. He wasn't drinking or anything. We also have volunteers to help out the goons. Like Jeff said, we have some of these in the hardware hacking village. We'll have some walking around. That's a great way to become a goon in the contest or event area. Like Jeff said, you tend to be an unpaid, unrespected slave for the first year, but if you work your ass off, it's easier to get involved with us, I believe. Contest area hours. Did we ever decide for sure on that? I left it up to you. Since you're all noobs, you don't know what's really going to happen in there anyway. We know for sure it's going to open at 10 a.m. Right now we're looking at closing it at 10 p.m. I'm getting various feedback from the contest organizers and event organizers about whether to leave that open 24 hours because of the amount of equipment they'll have in there or to close that down at 10 p.m. What we've found is in the past everyone likes to hang out in the contest event area after hours. Don't steal our shit. Don't steal his shit. He doesn't like his shit stolen. The villages up in the skyboxes, those close at 8 p.m. Let's see. Events like Hacker Jeopardy or TCP IP Drinking Game or 10,000 Canadian cent pyramid, that is the longest event name ever. They will start usually in the evening and run three or four hours. Hacker Jeopardy, if you have never been there, it's a must. Just like the black and white ball. I believe that is it. We're going to hold questions until the end. I will be around. I am the easiest guy to find at this con. By Sunday I will be brain damaged and I will be carried around on Zach's back because I can't walk anymore. Ask your questions early. Who's going to be carrying Jeff? Jeff Ruck. Thanks guys. Hey. For me, 7.30 p.m. when I live in tonight. I'm Zach Franken. I run all the operations here and have done for as long as I can remember. Mainly because Jeff is one of the most disorganized people I've ever met. I second that. Basically, my job is pretty much herding cats and that would be you. So just to give you guys a kind of overview of how we're set up as a con. Over the years pretty much I get one chance every year to fix problems that happened last year. And it's quite hard to do because it's like a year later and you're thinking, well, did that work last year or didn't it? So it's taken a long time to kind of get to the point here. Our entire staff had one conference call and one meeting last night for about an hour and that was it. Everything's departmentalized. So we have dispatch, we have the network team, we have contests, we have vendor, we have press, we have registration, we have swag, we have the speaker goons, security, everything's standardized. It's run by a department head and a deputy. So Russ's contest department head, Pyros' deputy and they're responsible for managing their own staff making sure that I know anything they actually need from either me or the hotel, any resources. I'm the one that Jeff hates because I spend all these money. Oh, you know, swag booth needs tills. It's like, oh, that would be 300 bucks each, Jeff. It's like... So basically you will see things and you'll think, oh, god, you know, why is registration, you know, not out the front where it was last year? And we do things kind of very pragmatically. Swag booth takes a lot of space, they have a lot of people making decisions on what they want. So this year to try and kind of eliminate most of the queues they were having, we gave them a bigger space and we kind of set up a pick system to try and kind of get you guys through the queues faster. And, you know, Reg, this is a nice big corridor for the Reg lines to queue up and they get through the queues pretty quickly. So there's a whole kind of bunch of things you might think are quite random, but have actually you know, it's taking years to actually work out what actually works because, you know, it's not always obvious. So when we planned the new swag booth, we assumed that the order takers and pickers were going to be the bottleneck and the cash tills were going to be, you know, no problem at all and it's actually the other way around. So next year we'll make sure there's four or five cash lines and less pickers. So it just takes us, you know, every year there are things that don't go quite right and slowly we try and fix it year on, year out. So I'm actually going to run off. So I'm going to take a couple of questions, even though we're not supposed to do questions to the end, but I'm not going to be here at the end. So any quick questions? No? Excellent. Well, enjoy Def Con. It's always pretty mental. There's always a lot going on. The more involved you get, as everyone has said so far, the more you'll get out of Con and have a blast. Thanks. All right. Well, we are now at the halfway point and we will be taking a five minute break. If anybody needs to go take a restroom break or go suck a fag, I mean, smoke a cigarette. Yeah, so five minutes, guys. We'll be back to the second half of our panel. All right, guys. Welcome back to Def Con 101. And thanks for hanging with us. And up next is Prez. Good afternoon, the Prez 98. My name is Michael Shearer and all these people have been at Def Con for like 10 plus years. This is only my third year. So I'd like to at least show myself in this example of how you can get involved reasonably quickly and be in a position to be able to organize activities and even being just relative new compared to everyone else. I'm here on behalf of the church of Wi-Fi and I want to talk a little bit about the wireless village and if you remember back, Russ was talking about the villagers, he didn't mention the wireless village and there's a reason for that and I'll talk about that. But I want to talk a little bit about the history of that. When we first came here to the Riviera four years ago I had actually planned to come to Def Con but I was in Iraq and I was unable to get back here in time for Def Con. But I was involved that year that was the first year that we're here at the Riviera and the use of the sky boxes was really the birth of I think the villages and how they turned out the way they have because of the environment because of the way they're set up it just it gives you that ability to have a group, an area where people can do things and people can have breakouts and that sort of thing. So three years three years ago, which was my first Def Con, we got involved with the church of Wifi and decided that we wanted to have a wireless village and this was just going to be the central area for all the wireless contests, war driving contests, RFID contests, all sorts of things and we ended up running that three years ago and we thought it went really well it turned out really well. Last year the wireless village we tried to, just like every other contest, every other part of Def Con you try to learn things from what happened the year before and apply them to the next year and again you really only get one chance to the things you change. Last year the wireless village was okay we thought it was moderately successful but it wasn't we've come to a point where there hasn't been a lot of new things and wireless that people are doing so there was a lot less interest in what was going on. So we come to this year and there's not really a wireless village going on this year and I said do I really need to get up and talk about it and they did want us to get up and talk about it so I'm talking about a wireless village that doesn't exist and the reason it doesn't exist really is because the falling off in the interest last year and the lack of being able to have help in organizing it. So this is the call to people who are new to Def Con, to people who may not be new to Def Con, if you want to see something like the wireless village if that's something that you want to participate in and help with then please do come contact myself come contact Renderman, if you don't know Renderman you will by the end of the weekend he's one of the characters of Def Con he's one of the reasons among some of the other people like Deviant and Lost that make Def Con what it is you will see him sometime this weekend, come find us if you want to help and we'll set that up for next year but like I said this is my third Def Con I spoke at my first Def Con I'm speaking this year you can get involved and make something out of Def Con right off the bat you may just want to observe for a year but you can get involved and you can do something so I encourage you to do that if you want if you have questions about any of this stuff please find me either now or after the talk I'll be more than happy to answer them for you and Deviant is up next I think alright cool hello hi yes I am Deviant I am a complete infant of the scene much like Prez I've only been here since about DC 8 but as everyone tells you Def Con is what you make of it and I've kind of become involved in a lot of crazy crap many people were up this morning with us at the Def Con shoot out in the desert just blowing things apart I do the beer cooling if you want free beer to kick off your Def Con it's Friday at noon right in the outside door area like just show up it's people cooling beer so you can drink it but really yeah what I'm up here to talk about most is the Lockpick Village we have had the big skyboxes at the very end of the skybox level for a few years now Lockpicking Village was something we wanted to start as a reflection of what our Dutch friends and other friends in the Europe scene do at various cons and events you see a lot better in our opinion a lot more active Lockpick and Sportpicking camaraderie and just general community overseas they meet more frequently their meetings are larger we have a sport picking scene if you want to come and join our group the open organization of lock pickers there's other groups and other chapters we'll try to help you find them but here in the states we're really really limited you have like YouTube videos where it's like the guy here's the lock and I and you have maybe one online forum you have the Lockpick 101 forum which I mean when I was training at Black Hat my co-director of Tool Babak said something that I think is really kind of accurate it's the only thing you got kind of from here and it's like the Myspace of picking it really is a bunch of people who's like dudes OMG I've opened this lock law what so if you're in the states you don't have this sort of community except when the Village rolls around so please come up there and actually try things for yourself you can read about it online a lot but we want you to pick up the tools we want you to put your hands on things and actually do it the whole motto of the Skybox the Lockpick Village Skybox is learn touch do we will teach you everything you need to know for the contests if you want to run yourself through these contests and you say well I've never picked before that's silly I could never win a black badge every person that I can think of every major winner has been someone who either didn't want to try or didn't think they would do well or showed up with like their own homemade kit and like I don't know this is something I just kind of got into and now they're like it's Skyler and it's Omicron it's these people who do amazing stuff just because they stood up and said I want to try this Tool is sponsoring in addition to you know our main Gringo Warrior contest which is down on the floor Tool is running speed picking again this year we offer free DEF CON for life like a black badge we are actually offering a free trip to Turkey for lock con coming out later on Tool you're up and I we're all putting that together so there's field stripping there's taking locks apart there's all kind of challenges if you come up to the village just muscle your way in just enough because it's crowded to see the big signs we'll have signs up with all of our schedules of when games are happening when lessons are happening we're just going to run intro talks and make your own pick talks and all kind of making hand crafting things all the time I'll teach I'm sure the open a lock with a beer can lesson like 97 times this weekend please come by it's so much fun for us when you actually try things so get involved if you have any other questions yeah I'm usually recognizable I'm big and ostentatiously dressed thank you so much Hi I'm lost Brian Clark Lost East Short for Lost Boy No I'm not the lost from California I haven't had that asked in quite a while but it happened to black cat recently so I just wanted to clear that up that is a completely different person I've been asked to talk about the hardware hacking village last year was the maiden voyage of the hardware hacking village I'll give you a little backs history of where that came from about five years ago I was an applications engineer for a company called parallax and I social engineered my boss to donate 25 robot kits they were about 250 dollars each so you can do the math on that I brought them in the back of a van to Def Con and after my contest I had all these boxes of robot sitting there and I wasn't sure what I was going to do with them so I started running through Def Con I started where we were edged and went all the way through the contest area and said who wants to build a robot and just waited until people followed me and so eventually when I had a trail of people long enough I went into the middle of the contest area and we sat on the floor we didn't even have a table nothing was given to us and I asked each of those people could you donate money for these and I took all the proceeds and I give it to the EFF so give a hand to the EFF guys so I'm sitting on the ground in the contest area teaching people how to build these robot kits and and I had this perfect Chris Hurley impersonation but I can't do it very well so let other people do it and he said that's the shit and that's how Romer talks so is that pretty good and he said and so he said that's what Def Con is supposed to be it's people that wanted to learn something we got together on the floor of the contest area the following year myself Russ Rogers and A were sitting at Apache Con we all know the little green laptops with the Flippy antennas the OL PCs we were doing some of the first hacking on those we had actually SEed one of the guys there to actually let us play with his units and so we were doing some hacking on it so we were doing hacking on those and Russ said you know that thing he did with the robots was really awesome we should turn that into a village and that's where the hardware hacking village got started so Russ Rogers and I decided to make that happen now the sad thing is I was involved in my contest that last year the maiden voyage of the hardware hacking village I spent the whole time in the contest area I never even got to spend any time in my own village so this year I'm making a pledge to be there and we've got people committed to be there those of you that knows Oz he will be up there, Joe Grand will be up there quite a bit Russ will be up there we have a number of volunteers we are double the size of what we were last year so what can you expect when you come into the hardware hacking village number one you can expect to get some free hardware I've done a lot of legwork to get a lot of stuff donated if you want to learn how to solder you want to learn how to hack chips you want assistants hacking the badge you want to do anything like that come to the hardware hacking village and we'll teach you last but not least I want to say I know why we're doing DEF CON 101 but teach yourself learn yourself be hackers, don't wait until stuff is spoon fed for you and you know make the conference your own I don't agree philosophically with spoon feeding you guys but I don't also disagree with helping you so if you ask a question I'm happy to answer but I will tell you my first response to every question is have you tried it yourself that's all I've got hey guys I'm DJ Jackalope and it's good to see everybody here and this is my 10th year I really kind of wish I had this when I first got here I was like hey come to DEF CON you know intimidated a little bit you guys probably felt a little intimidated when you first came here I don't know you're probably still freaked the hell out now but anyway I'm one of the DJ kids here and I've been here for 10 years and I've run like help run stuff basically I was here for the black and white ball 10 years ago it's back when Noid and Bink ran it and it was a one unit thing and it happened during like pretty much the day but now it's expanded into two different nights on Friday and Saturday night and it's all the black ball and the white ball so like as Russ was saying is the Goon Band recognize that you guys need to come see so this year Great Scott has taken over the black and white balls and he's also introduced like this whole thing that has like probably 40 DJs on it used to be like probably 10 or 15 DJs at Def Con there's four different areas right now actually just three different areas one's a chill out area and a pool party and there's also the black and white balls so there's plenty of places to just kind of chill out listen to some tunes I know you guys like drive around probably way too fast get arrested or whatever and like got your stereos on so this is where you talk to people about stuff got these first thing you really want to learn about Def Con is drink water that'll like ruin your days so that's like probably the most important thing you're going to learn here and then also there's a gentleman walking around named Priest he's wearing a big guy he's probably wearing Hawaiian shirts if he tells you to do something please do it because he knows infinitely more than you know so just remember that whole deal also the GTE Ejor got mentioned earlier the current owner of the GTE is a C Nelson and it's all a video game that people have made and then you're also at the only conference with a mirrored ceiling with the 101 class I see y'all looking up you're like hey what can you do with a mirrored ceiling I don't know Sibyax got a list of things I'm scared one thing to do definitely is if you like a DJ's music like what you're playing talk to them because they might they'll share their tracks probably or they'll tell you where they got them or they even have CDs to give out or they maybe made records or maybe they're like hey you know I play at that club in your hometown like in Chicago or somewhere so you have any interest in any of that kind of stuff definitely talk to everybody I mean it's the same thing for all the hacker stuff here like if you're like hey how'd you get that exploit I really want to know talk to them find out like what you know like how they did it because a lot of people are a lot more friendly with information here than you'd think they would be you're not like all intimidated by you know like oh my god I'm at the world's biggest hacker convention so don't be afraid of that I also want to thank the monkey butlers who are running around here in the blue shirts yay so what happened I just wanted, I have a shirt for you uh oh and lost a thing you just want some monkey butler shirt so if you're a monkey butler maybe you can talk to him about it I don't know monkey butler shut up and let her shut up the harassment but yeah once again like DEF CON is where you make it there's crews that run around and they bring their own sound systems and they bring their own stuff to their parties and there's always DJs around at the vendor room you're going to find green sector and we've blessed we have like this down tempo and decorate the entire room with music at the vendor room we've got CDs for sale there the 23B has a mobile disco that we travel around with to go like all sorts of stuff I think Civiak was a warning me there's an air cannon on the mobile disco possibly but yeah like I said make do what you can make what you make it here like all of us have taken you know taken DEF CON into our own hands and like we're like hey let's do this contest let's do this event and so basically just be here talk to your friends have fun make new friends have a good time and I'm going to introduce Civiak for I think it's this Kevin Gerhunt or for parties don't for me hey guys my name is Civiak for those of you who don't know me apparently everybody felt that I would be qualified to talk to you about parties and maybe do a little light education here everybody I'm assuming heard DT talk earlier about the society I mean the group of people that you're here with are unique and probably yeah you probably won't find a set of them anywhere else imagine trying to remember where I heard getting drunk and passing out crack and machine guns at your local junior high school chess club is pretty much what you're facing I mean a lot of us are endurance drinkers you've got the opportunity at this point to sit down relax and get drunk have a drink talk to chat with the people that are talking up here today I mean the people that do any of the talks here for the most part you have the opportunity to sit down and ask them all the one-on-one questions that you probably ever want to I learned more probably at my first pool con than I learned shit than any number of talks that I've ever been with you know take the time take the time be warned I mean there are a bunch of parties just to name off a few you got the ninjas you got the penthouse party upstairs you got the hacker pimps you got Caesar's challenge these are just a few off the top of my head be warned it sucks but there are going to be some parties you don't get into it happens don't don't be that guy don't be that guy take it go find something else to do when you get into a party probably one of the most important things I can impart to anyone who's ever been to DEF CON don't be a douche bag if you go in if you get in if you luck out and find your way in if you wake up at a party it happens it happens don't be bad don't be don't be a dick you've got the ability to sit and talk to people you've got the ability to quite possibly get invited back to another party it's you know it's a real important part of the social scene here see what else what else do I have here try to be responsible esk you don't have to be entirely responsible but I mean look like it occasionally if someone larger than you says hey shut up for just a minute you know it's probably best not to poke a sleeping bear with a stick I think there are pamphlets on that somewhere here really I mean relax have a good time my first DEF CON it was very uptight I came here with a large group of people who were well versed in the scene and who all ditched me for ten minutes found myself in the bar being asked for an AOL CD at the Alexis Park so relax go with it there's a lot of pressure there's a lot of pressure my peer group when I get asked how well do I know Linux or Windows Administration or anything else on a scale of one to ten it's not fucking fair my peer groups are 15s and 20s there's a lot of pressure on everybody here take a deep breath just relax I mean everybody else you're a human you've got the opportunity to sit down and do a couple of shots with the most brilliant people on the face of the planet really you guys are what make the con con and you bringing the new information mixing it with the old information mixing it with the asshole information makes the world's biggest impact on the entire scene guys so relax have fun we'll see you upstairs at the penthouse or see you at the toxic barbecue take it easy I'm Hi Wiz and this is thank you deaf con is an adult event so this talk is geared towards that and if there's children here or if you're upset when people say the words like shit and fuck then leave now this is the only warning I'm gonna give and I'm not gonna apologize for anything I say so if there's anyone that has sensibilities easily offended leave now seriously first I'd like you to go over some terminology that you may hear at deaf con that you may not be 100% familiar with some of these many of you already know and may have your own definition for but they may be slightly different at deaf con than in your vernacular you may even disagree with some of the shit I say but um fuck you if you do personal hygiene something you need to take seriously here this is not your parent's basement so please remember to bathe daily and lather on copious amounts of deodorant it gets extremely hot here and no one wants to smell your stank aroma you should have clicked a while ago seriously next one noob nooby noob this is what many of you if not most of you are some assholes will use the word as an insult but it is not an insult it just means that you are new or uninitiated into the hacking and deaf con community if someone makes fun of you because you're a noob chances are they have a very small penis you can get the next one a scene whore is someone who pretends to be interested in the same topics as everyone else just to be included in the group they tend to come here for the deaf con party but not really care about the talks contests, community or hacking in general next a script kitty is one step I think he's in the room somewhere is one step above a scene whore if someone calls you a script kitty it is a pejorative they have very little skill beyond being able to run a program you can go next a hacker that's Romer he runs the vendor area hackers thieves steal con artists scam vandals the face criminals commit crimes hackers create improve explore and discover and honest to God that's all I have to say about that ass hat and a fucktard something you don't want to become known as the people who have a bad attitude or ruin the fun for everyone else by being a fucking retard or wearing their ass as a hat you can get next these are the types of people who attend DEF CON you may be asking yourself how many feds there are here to be honest the fed to hacker ratio is 5 to 1 so chances are good that everyone is sitting around you as a fed you may also be curious if there are females or gays or asians insert your other minority here represented at DEF CON luckily I made a nice little pie chart to show you to view the DEF CON attendees the margin of error plus or minus 1 as for females though watch out because those females are just as likely to be trained as your drag queens and let me promise you if you're a straight male that's one Easter egg you don't want to find jackalope is not a drag queen by the way I'm the real deal alright you can get the next one the security goons are the jack booted thugs of DEF CON if you see something bad going on tell one of the red shirts if you do something stupid or illegal these are the people you'll have to answer to if you do something really bad you may have to deal with hotel security and los vegas metro remember people have been banned from DEF CON and the hotel for doing stupid shit get the next one the media there really are two types of media people that you'll find at DEF CON the mostly good ones who actually care about tech and hacking and then the ones you know they're the guys who have pretty good understanding of technology they run certain blogs and podcasts then you have Michelle Madigan the scum sucking bottom feeders who are here for a sound bite or to expose the evil hackers you need to remember these are the type of fuckers who get their kicks from necrobiality giving these cock goblers an interview is entirely up to you but just remember who you're dealing with and what their motives may be your nick and handle if you're brand new you may be curious about this handles did start with anonymity but now are a staple of the hacker community your handle is your unique name within the community when dealing with people there may be multiple people with the same given name but only one person with a certain handle and your choice of handle really does matter if you have a stupid handle you always run the risk of someone renaming you to give you some personal examples there was a guy by the name of Digital Wiggle and we renamed him Tinkerbell or Tink for short the script KDI showed earlier his was A. Ender or some shit like that we renamed him Lord Nikon then there was a guy 802.11 we renamed him Cockburn all the names have stuck so if you're saying to yourself that you're renaming won't take well you're wrong if your handle is too long or complex shorten it yourself you can keep the long handle in written form but using abbreviation like God minus one becomes GM one if you don't have a handle yet there's two schools of thought on the matter one you can pick one for yourself and hope that it's not too stupid or long or two you can wait until someone give you a handle if you don't have a handle already you're concerned that you might pick a stupid one in this case you normally won't get a bad one like you would if you had a stupid one to begin with for efficiency's sake you may also wish to pick a handle that'll double as a prison nickname your avatar badge these are the extra badges you may see people wearing around their necks if you want to meet people and have them remember you go make one before tomorrow it's very easy to do all it consists of is your online visual representation i.e. your avatar and your handle after the questions and answers at the end of the session you're free to come up here and we'll teach you how to make one Twitter is a good way to stay in the know what's going on around DEF CON the hashtag for DEF CON 17 is pound DEF CON make sure you follow to know what's going on sex most of you probably aren't familiar with this concept fear not though you're not going to get lead here the only person who may have sex with you is your girlfriend in Canada unless of course you're from Canada and then your girlfriend in whatever country you go is less than yourself and so on and so forth unless you're from Italy since there is no country less than you thanks you can get the next one sleep sleep is for the weak you have plenty of time to sleep when you're dead or home on a Friday night if you don't want to you know fuck that I'll get the next one alcohol it's a great way to make friends and influence people it's a social lubricant if you want to make friends here buy people drinks yes Sharpie you know it's the mark of the tard if you get drunk how about you shut up and let me talk if you get drunk and pass out people will sharp you even if you take your shoes off could you? and a big mouth you can get the next one saying cheese when someone at DEF CON takes your picture's friend or foe the proper way to say cheese is to flip them off you may be wondering why people flip off their friends but really isn't it obvious behind that seeming aggression is some seriously suppressed lust for hot man on man action and attitude if you had an attitude coming in here when you leave this room you need to check it at the fucking door no one cares how leet or special you think you are unless by special you mean short but special the kind that has to wear a helmet and a harness when playing around the house these are the rules to survive by prostitution is not legal here while prostitution is legal in some counties in Nevada Las Vegas is not one of them don't use the ATM at the RIV this one is self-explanatory it's like leaving your child at Nambla Daycare you're just asking for your shit to get stolen or fucked up you can go to the next one don't take pictures or video without permission this is the official policy of DEF CON I've seen people who have had their pictures taken without permission get very angry and break the camera of the people who took their pictures I've also seen the jackass photographers get punched in the face when they decided that people wouldn't notice or wouldn't care do not connect to the DEF CON network not unless you want your computer to be anally raped and not like the nice kind of anal not like Brokeback Mountain where they spit on the dick first no I'm talking about the prison rape kind of shit the one where they don't stop at the elbow and it's not fun like in the movies when the DEF CON network has had its way with you your computer will become the proverbial hacker cum dumpster hack the contest if you decided by this point to submit to the ultimate challenge of the DEF CON and enter a contest then hack them this is a hacker conference the rules of the contest are guidelines and if it's not specifically forbidden or spelled out there's always a way to circumvent it in the case of the contest it's always better to ask for forgiveness than permission more often than not you'll be given points if you do something and then convince the judges of it then if you go to the judges and ask beforehand just ask any scavenger hunt winner for the past five years who now holds a black badge don't be an ass hat or fuck tart I already told you what an ass hat and fuck tart are so don't ruin everyone's fun by being one socialize you have 361 days a year where you'll sit on your computer and not be social you're at DEF CON so log off IRC put the laptop away and go make some friends face to face stay hydrated you need to remember you're in the desert and your body needs fluids just because there's a lack of sweat or your body feels cool it does not mean you're not becoming dehydrated drink plenty of fluids and even more if you decide to drink alcohol follow the 3-2-1 rule daily at a minimum following three hours of sleep two meals and one shower and as I said before lather on that fucking deodorant if you want to plan the ultimate DEF CON trip you need to be an active participant don't be a lurker get out there and get involved go to some villages, participate in some contests hang out and socialize make some friends and don't be a fly on the wall you may not know a lot you will make mistakes but there is nothing wrong with that as long as you don't act elite or as an ass hat or have a standoff as attitude you'll make friends here and you'll learn a lot but that is only possible if you put yourself out there every hacker at this conference was a noob at some point every one of them made mistakes and all the good ones don't front if they don't know something they ask questions a huge part of being a hacker is the unsatiable thirst for knowledge so now you have the choice you can have amazing DEF CONI and adventure and walk away from this event with more knowledge and friends or you can be too timid and make a mistake and lurk on the periphery the choice is up to you before the Q&A yeah, go I'm just going to thank some people I'd like to thank my co-organizers well, she talked so, I don't know your dick is pretty big, training Thorn and Valkyrie I'd like to thank all the speakers, D.T. Locke Noid, Russ, Jackalope DePrez, Los Siviak Zach, all the monkey butlers Zsquared, Zodia, Farmer Pete Zord, Dallas Banshee AST Cell, the DEF CON staff particularly Nikita and Neil and all of you who decided to show up for the talk but most importantly, my better half runner up who's sitting right next to me and now for any questions any questions the question was, what can you tell like a lot of things at DEF CON that's a contest called hack the badge so for me to answer that would mean Joe kicking my ass for telling you secrets about the badge the intent is for you to discover it on your own there are things if you look through the programs you will see random graphics that you're like, what the hell is that if you're an inquisitive person or a hacker you're like, I want to know what that shit means find out, it may lead you down a path that you'll never leave and it's an interesting intellectual journey in a lot of cases and sometimes it's just some really messed up stuff that you'll see here at DEF CON actually I would suggest that you seek out Renderman and Gray because they are very adept at finding out these secrets does that work for you? you're welcome render thinks I create my contest every year to personally torture him I know, I know alright, get the fuck out first of all not all of our speakers are here but they gave up their personal time to come and talk with you because actually they really do in a way love you second of all, I want you to give it up for this guy this guy this girl and this guy because again, these are people that do a lot of contributing to our community and that's how we view it our community so give it up for them too and give it up for yourselves because you're here go forth and prosper thank you so much for showing up for this this just freaking amazes me bye bye