28/09: ZDNet UK's IT Priorities Conference
Home News Insight Reviews Downloads builder
Hardware Software Communications Internet Business Comment Archive
E-commerce Security Web Services

top search
Click here
News > Internet > Security

Friday 27th August 2004

DEF CON: Fear and fascination in Las Vegas
Robert Lemos
August 04, 1998, 14:09 BST

(Editor's note: ZDNet News reporter Rob Lemos holed up in Las Vegas for three days of fun and games at DEF CON, the mother of all hacker and computer security conventions. Considering how in its six years of existence, DEF CON has never been invited back to any of the hosting hotels, this promised to be a reporter's paradise. And so it was.)

If information is a virus, DEF CON 6 attendees were a crowd looking to get infected.

From breaking smart card codes to taking over Windows 9x machines, from knowing your rights when face-to-face with law enforcement to picking mechanical locks, DEF CON 6 offered something to everyone.

And very few of the attendees matched the renegade stereotype inspired by notorious tales of hacking carried out by the likes of Kevin Mitnick, Robert Morris and others. This crowd varied from "legitimate" hackers in the know to kids looking for pointers to security professionals and government officials watching from the sidelines.

Despite a crowd close to 2,000, the conference was fairly tame this year -- the hotel is even considering asking them back, according to the manager of Jackie Gaughan's Plaza Hotel. "There were a few pranks, but nothing malicious," he said. At one point, a few attendees found the hotel security radio frequency and were harassing the guards over the air. "It wasn't a bad group," said the manager on Monday.

Last year, the activities leaned more towards vandalism, when several kids from the conference stole one of the hotel satellite dishes from the roof of the Aladdin. Two other hackers, who became embroiled a fistfight arising out of a professional disagreement, got booted from the event. Needless to say, that hotel didn't invite DEF CON back.

If the Plaza decides to again roll out the welcome wagon, it will mark a signal event in the history of DEF CON. For the last six years, the conference has worn out its welcome and has had to change venues.

Many of the actual hackers were clustered around local area network connections attempting to break into six servers that the DEF CON über hackers had set up for that purpose. This "capture the flag" contest would go to the team that took control of the largest number of servers. None of them knew which servers had which operating systems beforehand. Other groups traded information, access and techniques away from the main conference room and the clusters of media and government workers. While speakers occasionally stabbed at the media, the hackers recognised their love-hate relationship with publicity. "We hope they can get it right this time," said one member of the Cult of the Dead Cow, a media-oriented hacker group that released a program that has the potential to control remote Windows 9x computers.

On the other hand, digs at the government were the rule. The best way to win instant recognition was to "Spot the Fed" -- an annual game in which contestants attempted to find federal officials who came to DEF CON to observe. When found, the agents were brought up on stage and asked to prove they are not federal agents. Employees from the low-profile National Security Agency, the Federal Bureau of Investigation and the Department of Defence all suffered from jeers after being unmasked.

The usually packed conference room was also overflowing with government-wary paranoia. Ian Goldberg, a graduate student at University of California at Berkeley who analysed the shortcomings of the encryption on GSM cell phones, found that one company's system used 54 bits rather than the full 64 bits that it could have used. This significantly weakened the security of the cell phone system. His loaded question: "Someone had an interest in undermining the crypto -- I wonder who that was?" Another speaker, Michael Peros, a Florida-based electronics counter-surveillance consultant, told attendees of a case of illegal wiretapping by police and state officials involving more than 65,000 individual incidents of wiretapping. His warning: "You had a situation where the government had no accountability for their actions." After intense interest from the attending hackers, Peros plans to post the evidence shown during his presentation on his company's Web site.

The ZDNet UK IT Priorities Conference, 28th September 2004
Based on the insight gained through our proprietary IT Priorities research, this event is focused on the seven most important investment areas as identified by your peers: e-business, mobile and wireless security, software licensing, Voice over IP, hacking, Linux on the desktop and 3G.
Register today to secure the Early Bird Rate (offer expires after 31st August)

Email this Print this
Post your message here
Enjoy this article? Don't miss any of ZDNet’s great security content. Security Update gives you comprehensive business intelligence about a variety of security issues delivered straight to your inbox. Subscribe for free weekly updates:
 Manage my newslettersMore...
Also in News
MandrakeSoft releases mobile Linux device
MoD to track its wheels
Breakthrough promises hotter, tougher, faster chips
Toshiba ramps up flash memory output
KDE to include Google-type desktop search
News sites embrace paid-search ads
European mobiles dial up ringback tones
Cambridge firms anticipate bumper year
Microsoft MOM's release imminent
Server sales climb solidly
Must Read News
Rbot virus spies on surfers
Polish police smash gang of 100 hackers
First virus hits 64-bit Windows
Political site leaves backdoor open
Latest Features
Tightly shod footprints toughen security
Under-skin ID tags generate concerns
Reading with your ears
E-commerce celebrates double figures
Latest Talkback
"Who said that not having the money to buy music was ok? that fool should and pr..."
Read story...
"I too can not get the symantec live update to work. i have had norton virus prot..."
Read story...
Latest White Papers
MailFrontier Enterprise Gateway: Securing your email and your enterprise
Close up and personal
XML Backgrounder (UK)
Check Best Prices
Digital Cameras

Contact Us| Privacy| Terms| Permissions| ZDNet UK RSS Feeds| International| Advertise| Corrections| Site Map| Builder| silicon.com About CNET Networks
Copyright © 2004 CNET Networks, Inc. All Rights Reserved.
ZDNet is a registered service mark of CNET Networks, Inc. ZDNet Logo is a service mark of CNET NETWORKS, Inc.