First Early Release Video from DEF CON 26!
For your first post-DC26 (and pre-DC27!) weekend, here's the first video release - Rob Joyce, Senior Advisor for Cybersecurity Strategy at the NSA giving his presentation 'NSA Talks Cybersecurity'.
From the abstract:
"The National Security Agency (NSA) has authorities for both foreign intelligence and cyber security. This unique position gives NSA insights into the ways networks are exploited and the methods that are effective in defending against threats. Over time, NSA has adapted the focus of its security efforts and continues to evolve with technologies and the adversaries we face. The talk will look back at some of the inflection points that have influenced NSA and US Government cybersecurity efforts and look at what is necessary to stay safe in the new environment."
As always, enjoy and share widely.
Caesars Palace Update
A team from DEF CON management met with Caesars on Tuesday. They are looking into the reports we presented, and we’ll share what we can as those investigations play out.
Here’s an overview of the current policy as shared with us:
1. DND tag on the door too long triggers a security visit.
2. That security visit is supposed to be by hotel security staff who are clearly identifiable as hotel security staff.
3. That visit should be comprised of a visual survey of the main segments of the hotel room, with no fiddling about in personal belongings.
This means that entering rooms and taking a quick look around does not violate the hotel’s policies.
But it also means that reports of opening closed bags, confiscation of personal effects, and reluctance to self-identify and/or allow guests to verify the legitimacy of the security officers all fall well outside of the policy.
Please know we are not letting this go. We are sympathetic to the new terrain major hotels find themselves in, but our main commitment is to our community. We intend to stay on this until we’re satisfied these issues are resolved for next year.
Updates as we get them.
DEF CON 26 is a Wrap!
Just like that, DEF CON 26 is in the books. We want to thank all of you for making such a success of our little hacker party every year - there is truly no community anywhere like the DEF CON community.
The Dark Tangent announced in closing ceremonies that next year we'll be back at Paris/Bally's. Also a bit of Planet Hollywood. Even more space, but less exposure to deadly solar radiation. We're already planning ways to use it all.
This was a big year for us. We doubled the villages. We grew the workshops. We pumped up demo labs and contests, and we even learned how to set up the crazy lightshow required by the mighty Juno Reactor - which you will get to see shortly, since they let us record their set. (Yay Juno Reactor!) Also, we did that thing in Beijing that went so nice we're doing it twice.
We're gonna take everything we learned from this year's crazy expansions, fine-tune things and bring all that new wisdom to DEF CON 27. If you have ideas, email@example.com stands ready to accept them.
Thank you for all that you share with us, all of your enthusiasm and love that animates everything that happens here. Congratulations to everyone who won something, or learned something, or tried something weird and new. Cheers to all our old friends and our brand new ones. We love you, and we can't wait to get together with you next year.
Music Lineup Update
Tonight's music selection has shifted a little in transit - same great lineup, just in new timeslots. Make sure to share with anyone you think is interested in music and joy.
The new lineup:
21:30 - 22:30 - Skittish and Bus (@Skittishandbus)
22:30 - 23:30 - Zebbler Encanti Experience (@zebbler and @encanti)
23:30 - 00:30 - Miss Jackalope (@djjackalope)
00:30 - 02:00 - Juno Reactor (@junoreactor)
02:00 - 03:00 - s7a73farm (@s7a73farm)
DEF CON 26 CD!
Let’s set the mood, people. Head over to the DEF CON media server for the whole OST Soundtrack to DEF CON 26 in several delicious digital flavors for your downloading pleasure. If you’re BT inclined, there’s a torrent file in there too.
Here’s the stellar lineup of future favorite jams we’ve assembled for you.
Skittish & Bus - OTP
Dual Core - Apex Predator (featuring Tribe One)
T-4-2 - Digital Boyz
ISHI - Diamond Door (Left-Right Remix)
The TroubleShooters - This World
Haaj - Reactor Containment
FWLR & JELO - Even The Noble Shall Fall
MC Frontalot - Colonel, Panic!
MODERNS - Figuratives (DEF CON Edit)
Ascendant - Source Transmission
Mikal kHill - Mouser's Back
Icommitfelonies - Hashdump
Haaj - Gamma Rays
If you run through all of this and it’s still not Thursday morning, please continue pregaming with the DEF CON channel at SOMAFM. http://somafm.com/defcon/.
It’s almost here, luminous humans of the DEF CONiverse. Our reunion is at hand.
DEF CON 26 WiFi Reg is Live!
The DEF CON 26 WiFi Reg page is live, with all the info you need to securely log in to the wireless network on the DEF CON conference areas.
Please read carefully - there's new cert information and there are pretty explicit instructions for your specific OS.
It's not a trap.
DEF CON 26 ATTENDEE REPORTED INCIDENT POLICY
As a followup to my last post we realized that if we were hoping people would emulate our policies at other conferences we may as well release our attendee incident reporting policy as well. The version given to all the DEF CON Goons is the same as below but also includes confidential reporting phone numbers.
ATTENDEE REPORTED INCIDENT POLICY
DEF CON does not tolerate harassment of any kind, be it racial, sexual, physical, political, intellectual, or emotional. Every Goon shall take each report by an attendee seriously, and not dismiss any of them. Never turn an attendee away. It is not a Goon’s duty to judge anything that an attendee says, regardless of opinions of the attendee, the person they’re reporting, or the reported issue itself.
Reported/Observed Harassment or Assault
When an attendee reports harassment or assault to any Goon follow this procedure:
1. Get a second Goon to be with you to listen to the report.
2. Have one goon contact a SOC goon via the SOC Contact Procedures
3. Make a warm hand off with the attendee to the SOC Department.
4. Let the SOC conduct their investigation and handle the incident from there.
5. Be available to answer any questions from the SOC or venue security.
Interaction with Social and Traditional Media
DO NOT SHARE photos or videos. Please let the responding SOC GOONS know if you have any video or pictures, they may end up being evidence, but out of context could cause problems.
During or after an incident, you may be asked to comment on the situation. DO NOT make any comments to reporters, and do not post about the incident on social media. As a Goon, the media will treat anything you say as an official statement from DEF CON. Commenting prematurely before we understand the situation could cause more confusion or reveal identities that should remain confidential so please refrain from speculating and work with SOC / PRESS to help them understand what happened.
Refer all media inquiries to the DEF CON Press Department (firstname.lastname@example.org or send them to the press room)
DEF CON 26 Support Resources!
In my last post about the DEF CON Code of Conduct, I mentioned that I wanted to make sure that the community had all the tools necessary to get involved and report problems when they arise.
In this post, my last before the con, I'll talk about some of the new efforts we are deploying for DEF CON 26. It will be our first year for some of these, so we are looking for feedback. You will notice a theme of transparency, appropriate given the theme of this year's con!
NEW WAYS TO REPORT ISSUES: The DEF CON Support Hotline
You can reach DEF CON staff during normal hours of operation (8am to 4am) to anonymously report any behavior violating our code of conduct or to find an empathic ear by calling +1 (725) 867-7255. Trained community volunteers will be standing by to help any attendees.
You can still report issues by going to any Info Booth or talking to any SOC Goon, but sometimes you may not want to be walking around in person with a problem, and so this year we have added a phone option.
NEW SUPPORT RESOURCES:
We are collaborating with several organizations including Kick at Darkness, The Rape Crisis Center Las Vegas, and the Nevada Coalition to End Domestic and Sexual Violence to provide expert resources for survivors, including dedicated support for LGBTQ+. When you call the Hotline you will reach DEF CON community Goons trained to help in these areas.
NEW WAYS TO IDENTIFY GOONS:
In the past there has been some confusion by attendees with what Goon they were actually talking with.
New for DEF CON 26 Goons should all have visible patches with their nickname on them so it is easier to remember who you talk to about what. The name patches should be attached to the front of the Goon's lanyards and be more visible than the back of a shirt that might be covered by a backpack.
Please use the name on the patch if you have any feedback on Goons, good or bad. Feedback can be sent to email@example.com, written and dropped off at registration, or if serious enough called into the Hotline.
MORE DETAILED TRANSPARENCY REPORT:
Based on the positive community response to our closing ceremony transparency report, we plan to do this every year and hope other conferences do as well.
As people get comfortable reporting issues I expect the numbers to increase, and only by facing these issues head on can we hope to prevent them. It requires courage to speak truth to power, or to report something that is unpleasant in your community, but together we can make things better.
See everyone soon!
The Dark Tangent
DEF CON 26 Hacker Tracker!
A must have for your burner phone - the DEF CON Hacker Tracker puts all the talks, contests, events and parties all in one easy-to-navigate package. It’s available in both android and Apple flavors and it’s free.
Media Treats for DEF CON 26!
Less than 2 weeks to DEF CON 26 - how about a little treat to get you in the mood? Head over to the DEF CON Media Server for a sweet video and a single from DEF CON favorites Skittish and Bus, straight from the DC26 Soundtrack.
Get hyped, fam. We're in the home stretch.
DEF CON Code of Conduct
When I designed the updated DEF CON Code of Conduct in 2015, I had a few goals in mind. Make it simple to understand, express in broad strokes what kind of behavior is not acceptable, and don't be too specific.
I wanted it to act as a template for other conferences, if they chose to do so. It was legally reviewed by our outside law firm and a specialist. In 2018, it's looking like it may get seriously crash tested.
The Code of Conduct assumes people are acting in good faith and not creating intentionally elaborate, dishonest or disingenuous claims of harm. "Ah ha! This is where the bad actors will attack the CoC" you may be thinking.
As a conference of hackers, our CoC is intentionally flexible: like a spoon in the matrix. We describe generally what is not acceptable as opposed to trying to enumerate 42 different bad behaviors.
Besides the CoC, DEF CON has several structural factors that are to our advantage when dealing with people intent on disruption. This is not our first conference, and as such we have a department dedicated to dealing with this problem. We have also had time to plan with hotel and casino security should we need their involvement. We take this issue very seriously and choose to err on the side of removing people, rather than allow them to spoil the conference for those who just want to contribute in a positive way.
Finally, I have always said that DEF CON is what you make of it. I want to make sure our community has all the tools necessary to identify and report unacceptable behavior. Together, we will have all the pieces in place to act quickly and professionally, no matter what the issue is.
The Dark Tangent
Party at DEF CON 26!
Many people love parties. Facts.
If you are one of those party-loving people, this update will fill up your smile tank. The Parties and Meetups Page is LIVE! Use it to learn all about the DC 26 party/meetup scene. Then, when the time is right, party with other partiers. Or meet up with people who share your interests.
Go get your life. It's all the best.
Friends of Bill W at DEF CON 26
For all those Friends of Bill W. looking for a meeting, or just a quiet moment to regroup from the Vegas of it all, we have you covered. There are meetings throughout DEF CON - Noon and five pm Thursday through Saturday and Noon on Sunday. The location is the same as last year, in Office 4 Behind the DEF CON Info Booth.
Stop by and refresh yourself. We'll be here.
Contests and Events at DEF CON 26 posted!
Now that you’ve had a whole day to absorb the epic Village list, we’ve got some more goodies for you. The Contests and Events page is now LIVE, and it’s also quite a bit to take in.
Ranging from the straightforward elegance of the Tin Foil Hat Challenge to the complexity of an Industrial Control Systems CTF competition, there’s contests here for just about any hacker discipline, and every level of skill or experience. Contests are also a great way for the shyer among us to beat the icebreaker blues and get right into some fun with a bunch of likeminded strangers.
The more extroverted attendees can still opt for a Charity Mohawk or the cringetastic glory of Hacker Karaoke.
Block off a little time for pre-con recon and make a plan to make sure you get to sample widely from the smorgasbord of C&E offerings.
Our reunion draws ever closer, fam. Get amped.
So Many Villages!
DEF CON 26 is less than a month away, and the DC26 Villages page is live and ready for your attention! Bring a snack, though - there’s a lot of villages this year. Twenty-eight (28!) villages, covering a pretty staggering array content.
Internet of Things
Crypto and Privacy
Voting Machine Hacking
Mobile Museum of Vintage Technology
CAAD (Competition on Adversarial Attacks and Defenses)
Industrial Control Systems
Chances are there’s a few things in that list you want to level up on.
As always, the Villages are generated by the interest and effort of DEF CON Community members looking to share their interests and obsessions with you. Come through and show them some love and learn something new. If your obsession isn’t represented, maybe it’s time to write up a proposal for DEF CON 27!
Demo Labs for DEF CON 26 Posted!
More DEF CON 26 goodies for your perusal – Demo Labs are Live! You should take a moment to check out the lineup, and set aside some time to visit when you’re at the Con. In addition to being a cool way to see what your fellow hackers are working on, it’s an opportunity to offer your expertise, meet potential collaborators and help push the community forward.
Demo Labs are interactive, so, you know, interact.
Just over a month, people!
DEF CON 26 Workshops!
Another milestone on the Road to DEF CON 26! The workshops page is live on the DEF CON site. Registration is still a ways off - July 8, to be precise, but now is the perfect time to get yourself familiar with the offerings. The spots traditionally fill up pretty quick, so be ready to claim your seat when the light turns green next month, maybe even consider a few backups.
It’s officially summertime in our host hemisphere - the season of DEF CON has begun!
The Entire lineup of DEF CON 26 Talks is Live!
DEF CON family, the time of our reunion approaches. In just a few days, summer arrives in the Northern Hemisphere. The pages of the calendar turn, ever closer to August. Today comes the surest sign - the DEF CON 26 speaker list is live on DEFCON.org.
The wait is over - dig into the list to start your conference planning! We’re proud of the lineup we’ve created this year, and we think whatever your particular itch you’ll find some talks and panels that scratch it for you.
We’d also like to take a moment to thank the undersung heroes of the Selection Committee. They devote crazy amounts of time and energy to working through hundreds and hundreds of proposals to make sure the best ones make it to the top of the pile. They work hard, they make us great and they deserve your appreciation.
It’s almost here, hacker fam. Can you feel it?
DEF CON 26 Entertainment Announcement: Juno Reactor!
DEF CON believes in balance. For all the forebrain overstimulation we provide by day, we provide an antidote at night - a carefully curated beat menu to work out your funky lizard underbrain.
To that end, we are so proud to announce that some of those healing beats will be provided to you by the mighty, mighty Juno Reactor! You know Juno (government name: Ben Watkins) from decades of sonic bad-assery that includes the high-energy proto-trance of his debut ‘Transmissions’, the beat science of 2004’s ‘Labyrinth' and wildly cinematic soundscapes that adorn projects like ‘The Matrix Trilogy’, ‘2017 Gran Tourismo’ and ‘Drive’.
This performance will be hot on the heels of the June release of ‘The Mutant Theater’ - expect serious rhythm and highly interactive stage show that’s been described as ‘Labyrinth meets Barbarella’.
Check out Juno Reactor’s work. Get excited. This is gonna be special.
Roundup of DEF CON Updates!
Early bird reg for DEF CON China [beta] has now closed. Online reg remains open for those who prefer it, but please be aware that the standard DEF CON method of paying at the door works just fine.
The passing of one major deadline doesn’t mean you have no reason to stay up all night sweating over a presentation idea. Many of the DEF CON 26 open calls closed May 1, but there are still villages and events still wide open for submissions. For example:
The brand-new Ethics Village (ethicsvillage.org) is accepting talk submissions until June 22.
Car Hacking Village (carhackingvillage.com) is still open.
Hardware hacking village is looking for talks, art and demos. Check their forum thread for more info.
Crypto and Privacy Village is open until June 15 (Cryptovillage.org)
AI Village CFP closes June 15 (https://goo.gl/forms/g50hhGITiOWEbo002)
Follow @defcon for village announcements as we get them!
Got a clever youngling you’re thinking of bringing along to DEF CON 26? Social Engineering Village has SE Capture the Flag contests for kids and teens - Find all the details at social-engineer.com!
New Soldering Skills Village at DEF CON 26!
Announcing new for DEF CON 26, the Soldering Skills Village! The SSV will focus purely on soldering and making at DEF CON while the HHV will focus on bringing more hardware hacking resources than ever before!
The change-up is beneficial for everyone, it means both villages can get quiet and well-lit spaces. It also means the two volunteer groups can better support the DEF CON community in their own ways. Both villages will maintain an open share of knowledge and volunteers between them. The SSV and HHV will coexist at DEF CON and provide the most that they can to all DEF CON attendees!
Also: Got something you want to show off, teach, or blab on about? Let us know about it! Shoot an email to [email]firstname.lastname@example.org[/email] Now accepting submissions for demos, talks, art, anything hardware you want to show off!
More info at https://www.dchhv.org
Space Announcement for DEF CON 26!
DEF CON 26 is getting close and now is the time to let everyone in on some big changes we've got in store. We've accepted a record number of villages and are growing the number of workshops from last year. To hold all this goodness we are growing to include the Flamingo hotel.
- DEF CON has has accepted more villages than ever before and needs to grow.
- DEF CON is spreading to two hotels, Caesars Palace and the Flamingo.
- This lets us do more stuff + evening pool parties.
For DEF CON 26 we will try something we have never done - Split the con between two hotels! No, not like Paris + Ballys, they are connected. I'm talking Caesars Palace and the Flamingo across the street.
"That's Crazy!" you say. "Why do we need that much space?" you say. Check this out: The number of villages will almost double from last year to about 25. Parties should increase. More contests are under development. DEF CON needs space to support all the awesome projects from the community and I'd really like to throw some pool parties. That is all now possible.
In the next month you will hear more specifics but I want to answer some questions here:
- How will the space be split? The Flamingo will hold some of the "destination" events to relieve pressure off of Caesars Palace. Current planning includes Workshops, DEF CON 101 track, some villages and contests, a chill out space, pool parties, and more once we finish planning.
- Will there be DC TV at the Flamingo? Yes DC TV will be in the Flamingo and as many other hotels as we can wire. A more definitive list soon, but we are building on what we did last year.
- If you ran a village or contest last year you should count on the same or more space you got last year. If you are running a first time event we will work to meet all of your needs. If you want even more space or a dedicated spot at the Flamingo we can work on making that happen.