Each summer when the weather is hottest, I pack my bags and head out to Las Vegas, Nevada. Why would I leave my nice home by the ocean and go to a blistering desert? Only one thing would make me and that is DEFCON. DEFCON and its more professional compatriot, Black Hat, is what amounts to the leading hacking conference in the world. Now, this might sound like it is less than legitimate in nature and, in some ways, it is. Blackhat hackers (the bad guys) are joined by whitehats (aka security researchers) and grayhats. What color is my hat? At a gathering like this, I wear strictly Mickey Mouse ears and I use them to listen to everyone else.
A massive range of topics is discussed during such a conference, which has grown to include thousands of people interested in wireless and ATM security, lock picking, Web hacking, and more. More than 100 lectures, workshops, hacking competitions, and a computing museum may give you a basic idea on what goes on at DEFCON. This was DEFCON 18, the 18th annual conference. There will be other DEFCON conferences in Asia and Europe and, soon, South America and the Middle East as well.
But Vegas is the daddy of them all. More than 10,000 hackers attended this year’s DEFCON and there I learned some startling facts.
- WPA2, the current standard in wireless security, is broken.
- Vulnerabilities have been found in nearly everything (too many to list here).
- An ATM can actually be hacked to spit out money just like in the movies!
I will write more about the specific issues I saw this year later. Until then, if you have a professional or personal interest in computer security, you should join the government agents, system administrators, doctoral candidates, future angels and demons of the Internet, and me at DEFCON 19 next year. I’m easy to spot, I will be the one listening in. You can find out more at DEFCON’s official site.