Hacking the planet DefCon harbors sex, geeks and rock 'n' roll in one sleepless package By Joshua Ellis and Patty Walsh There's a scene in the retarded hacker flick Swordfish
in which slick mastermind John Travolta gives grungy super-hacker Hugh
Jackman a challenge: hack into the National Security Agency in a minute
or less, while some hot club whore blows him under the table. This
has probably never happened to any hacker in history -- but if it did,
it would probably have happened at DefCon. What began 12 years ago as a
Vegas get-together for a small group of geographically disconnected
online friends has become a gigantic free-for-all in which thousands of
hardcore hackers, wardrivers, security consultants, federal agents,
wannabes and groupies do their level best to outthink, outdrink and
outparty one another. In the truest
sense, hacking is not an act; rather, it is a viewpoint, a set of tools
for thinking about how to interact with systems. The late Judith
Milhon, one of the first female hackers ever, defined hacking as "the
clever circumvention of imposed limits." The early hackers at MIT and
Stanford had limited access to the huge, expensive mainframes on which
they worked, and so they devised clever and exotic ways both to gain
more time and make their programming time more efficient. One
classic story details a computer manager who began locking the door to
the computer room to keep the scruffy hippies out at night. When he
returned in the morning, he found the entire door to his office had
been removed, along with an apologetic note explaining that it had
gotten in the way of someone's work. Of
course, things have changed over the decades. These days, your average
hacker is just as likely to be a 17-year-old junior punk or goth with
an anarchy T-shirt and a sticker of Tux the Penguin (the mascot for the
free operating system Linux) on his or her laptop. And while DefCon may
have begun as an invite-only affair for the old guard of the computer
security elite, these days you're more likely to see the punk kid
sitting poolside, making out with a goth chick wearing nothing but
strategically placed duct tape, drunk on vodka and Red Bull and the
simple gleeful awareness that comes from being surrounded by 5,000
people who are just like you. This
is what DefCon has come to represent for the hacking community: a
combination of trade show and Burning Man, debauchery and
deconstruction in one sleepless package. There
are three swimming pools at the Alexis Park Resort Hotel. Pool one --
the pool closest to the entrance and the convention area -- belonged to
the Goons, the security/logistics crew at DefCon. Generally chosen for
their size or physique, they can be intimidating bastards if you don't
know what you are doing or where you are going. Pool
two was the social hot spot of DefCon, where the notorious and the
newbies partied together. It was also the site of QueerCon, the Friday
night party hosted by members of the Seattle 2600 group for gay members
of the scene. Pool three, at the
back end of the hotel, was generally more sedate, despite the
occasional presence of massive sound systems and drum 'n' bass and
industrial DJs. After-hours
socialization at DefCon has always consisted of an endless pilgrimage
-- back and forth between the pools and the parties held in private
rooms and the never-ending Capture the Flag event, where hundreds of
sleep-deprived geeks huddled in a massive convention hall for 36 hours
to protect and defend one another's networks. The scores were posted on
a giant projection screen at one end of the hall -- which would
occasionally switch over briefly to random footage of a pimped-out Ken
doll beating up Barbie Ike Turner-style, or the trailer for A Clockwork Orange, or old GI Joe cartoons overdubbed with pedophilic dialogue. In
the dark, the attendees look like the ghosts of long-dead cowboys in
black leather and quiet medieval monks, flitting between the palm trees
and stucco buildings, chatting away about buffer overflow violations,
SSH tunneling, and, always, getting laid. Sometime
during Friday night or Saturday morning, Southern Californian geeks
Brandon and Dan had gotten naked with a couple of the party girls that
are part and parcel of the DefCon experience. When they'd awoken, the
girls had vanished -- along with their clothes. They spent the next day
and night clad in nothing but beach towels with vinyl backpack straps
serving as belts, trying to hunt down the skanks who'd made off with
their clothes. Their clothes were
nowhere in sight at DefCon veteran Bus Driver's party, but neither were
the clothes of the local strippers he'd hired to entertain a suite full
of sweating, drunken nerds. Surprisingly enough, the pros were
something of a bust. It wasn't until a few talented amateurs got up on
the coffee tables and started flinging their clothes, swaying to the
rhythm of the jungle music pumping outside, when things really began to
pick up. This
has much to do with the hacker preference for pale nerdy girls over
Botoxed boobie queens. The dancers seemed to leave in something of a
huff, unhappy to be ignored in favor of a bunch of small-breasted geek
girls in Mardi Gras beads and panties with penguins on them. Every
convention in Vegas is a breeding ground for random illicit sex. But
DefCon is one of the few conventions where random, illicit sex is a
primary reason to attend -- a fact which amuses and disgusts a lot of
veteran hackers. "The past couple of
years, I've talked to people who don't even know anything about
computers," one older scenester told us. "They just heard it was a
great party. It's like Burning Man -- now, half the people are just
wandering around looking for the naked girls." While
the pools were an endless array of amusement and indulgence, a more
refined, prominent event took place: the Black and White Ball. The
Black and White Ball is like a warped version of prom, minus the jocks,
the popularity contest and the superficiality. Among
the guests were Jesus and his Disciples (a group of hackers sporting
nothing but white sheets, with "Jesus hacker" carrying the Holy Bible),
an S&M bondage couple, some guy dressed up in pimp attire with a
three-foot afro wig, and Renderman, the notorious Canadian hacker known
for his black fedora hat and his zoot suits. Another
point of interest was the first annual Dunk the Geek, where a speaker,
goon or inebriated hacker would sit in a dunk tank and await his or her
ice-cold fate for a charitable cause -- the Electronic Frontier
Foundation, a non-profit organization that defends digital rights. The
EFF is often considered to be the ACLU of cyberspace. They're legendary
for fighting corporate and government interests when they interfere
with the rights of cybercitizens. That fight is getting more and more
serious every day. It's difficult to
get anybody to go on the record at DefCon, and with good reason: In the
recent political climate of America under the PATRIOT Act, a lot of
these people could easily be construed as terrorists. Thanks to the
Digital Millennium Copyright Act, almost everyone there -- including at
least one of the CityLife reporters covering this story --
violate federal law several times a day. Most attendees feel that the
laws are unjust and stupid, made not for the protection of the people,
but for special interests in business and government. One
of the strangest things about attending DefCon is the odd mixture of
dissent and laissez faire objectivism. Most hackers seem to be
libertarians: they're interested in self-preservation and the rights of
the individual, often to the exclusion of others. There is a core of
arrogance, of genuine belief that hackers are somehow above not only
laws, but the people around them, by sheer virtue of intellect. There
are exceptions of course. The hacker group Cult of the Dead Cow (which
didn't make much of an appearance at DefCon this year) have been
exploring the possibilities of "hacktivism" for a few years now: the
idea of using their skill set and knowledge for the benefit of
humanity. Other hackers work to bring technological infrastructure to
developing nations. But
the majority who attend DefCon seem concerned mostly with learning the
latest tricks, getting the greatest schwag and finding the hottest
girls (or guys). Even the arrest of programmer Dimitri Skylarov for
discussing theoretical ways of cracking DVD encryption schemes at
DefCon 9 in 2001 didn't seem to arouse the crowd too much. That
happened just over a month before 9/11, and the climate has changed
drastically since then. There seem to be less attendees who are willing
to openly announce that they work with the federal government (though
there may actually be more feds around now than ever before). The
feeling of paranoia has increased noticeably over the past three years;
in some sense, it has put a slight damper on the general explosion of
hedonism and goofiness that has always marked DefCon. What happens in
Vegas stays in Vegas unless, of course, it gets you hauled off to
Guantanamo Bay. So what does the
future hold for DefCon? Probably a lot less of the old guard and
substance of previous years. "Every year, I tell myself I'm not gonna
come," one pioneering hacker told us. "I book my ticket later and
later. There have been some years where I didn't even show up until the
first day -- somebody would call me and say 'Dude, you've got to make
it out here.' But I find less and less reason to come every year." The
consensus amongst the older hackers seems to be that DefCon is
increasingly about style over substance, and that it is becoming more
and more mainstream, attracting more clueless wannabes and
party-seekers than those who are genuinely interested in the scene
itself. Most
of the more mature scenesters stay in their rooms, or use the time
between seminars and talks to check out the Vegas nightlife rather than
the poolside scene. One notable exception this year was Apple
co-founder Steve Wozniak, who showed up in a giant blue Humvee with a
satellite dish on the roof for constant Internet access, and who spent
much of DefCon whizzing around on his Segway with a big grin on his
face. Then again, you find the same
attitude in people who've only been attending for two or three years
but already consider themselves old hands. As jaded as attitudes might
be, and as disdainful as everyone seems to be, they still show up every
year. The end of DefCon is
traditionally marked by an awards ceremony, where prizes such as Best
Buy gift certificates, books, swag, and über-hacker black badges (which
are lifelong free access passes to DefCon) are given to those that
succeeded in the various contests, be they important or utterly absurd.
This year was marked by several new contests, with a few unintentional
new entries like the hamburger-eating contest. Apparently,
some hackers got together and went to In-N-Out. A hacker ordered a 10
patty "animal burger," and before the guy knew it, fellow hackers were
placing bets on who could top that massive stack. He actually surpassed
his own record by gorging himself on an impressive 20 patty burger
(with fries on the side, of course). The
lock picking contest is a DefCon favorite, and this year it included an
"obstacle course," where the object of the game was to pick the most
locks in the best time, with eight different locks in a row. Then
there was the illustrious wardriving contest. Wardriving -- a term
invented by Dis.org vets Seric and Peter Shipley -- consists of driving
or walking around while looking for unsecured wireless Internet (or
wi-fi) access points. It's derived from the old hacker practice of
"wardialing," in which an automated program dials every possible number
in an area code, noting down which numbers have modems attached to them
(you can see an example of this in the classic hacker film Wargames, starring Matthew Broderick and Ally Sheedy's breasts). Perhaps
the highlight of the awards ceremony was the Second Annual DefCon Wi-fi
Shootout Contest. The goal of the contest was to reach the greatest
possible connect distance between two wi-fi stations via innovative
antennae designs and ingenious engineering skills. Three
young college students from Ohio using the team name P.A.D. took home
the gold and received several standing ovations for breaking the world
record for the longest wi-fi distance with a whopping 55.1 miles, using
a home-brewed 600 megawatt signal amplifier. Though their parents tried
to talk them out of their far-fetched plan for fame and glory, P.A.D.
drove all the way to Vegas from Cincinnati in a mini-van with a
satellite-like receiver disc duct-taped to the roof of the vehicle. As
they stood near the podium and described their journey, you could see
the sparkle in their eyes. While DefCon has become more mainstream over
the years, and some say that substance has dissipated from the true
core of the event, there was no denying the passion that flowed through
the veins of these kids. It was their time to shine in the spotlight,
and DefCon was their forum to finally fit in with a crowd. And
that seemed to be the recurring theme of this and every DefCon: for
those few days they're in Las Vegas, these hackers don't have to worry
about getting their asses kicked for their clothes or their often total
lack of social skills. At DefCon, they can be heroes, if just for a
day, standing in front of all their fellow geeks, winning awards for
feats of prowess that most of their peers and even family members
couldn't even begin to understand. And
then they slip away into the night, back to the real world, to their
jobs as system administrators or security experts, to their dorms and
high schools; anonymous again amongst the beautiful people, waiting
another year for their time to shine. Joshua
Ellis is a writer, rock star and Web guru. You can save your soul at
column.zenarchery.com, the Website for his weekly column All Tomorrow's
Parties. Patty Walsh is a freelance journalist.
|