Defcon Summary

Well Defcon has concluded and I’m back in good old Minnesota. It saddens me to know that the convention is over but I don’t know how many more days of partying I could handle. I met some great people and look forward to meeting them again next year at Defcon 20.

So how about the convention? The convention itself was great. This was the first year in our new location, the Rio Hotel and Casio, and I must say it was a far better venue than the Rivera was. The Rivera was becoming too small for the thousands of attendees which was easily seen with the cramped hallways and speaker rooms overflowing with people. The Rio is huge and traffic flow was much better than last year which is good when you have somewhere between 11,000 and 12,000 people attending.

There were some good talks including one by Deviant about breaking into handgun safes. Needless to say most of the handgun safes you can purchase in stores such as Cabela’s and Gander Mountain are pathetically easy to get into without the key or thumbprint (yes he covered saves with biometrics as well). When the talk is posted I’ll link to it here.

Although I already knew that using Internet kiosks was a bad idea and therefore I avoided it, I never knew just how easy they were to hack. If you every sit down to an Internet kiosk and feel the need to hack it just visit this website. The site itself includes tons of ways to bypass the “security” found in most Internet kiosks. Likewise you shouldn’t used those kiosks as you have no idea what somebody has done to them.

The creators of the Wireless Ariel Surveillance Platform (WASP) gave a presentation on their drone. Although no live demonstration was given the capabilities they mentioned were impressive. The WASP is able to intercept and crack a lot of Wi-Fi traffic (it even includes a word list for attempting to break Wi-Fi Protected Access (WPA) secured networks) as well as intercept Global System for Mobile Communications (GSM) phone calls and text messages. The entire unit weights a mere 14 pounds.

Another presentation I found very interesting was the one on cellular security. The speaker examined the traffic sent over a standard Android phone. He covered several popular applications and it’s rather surprising the type of information some of those applications send back home. This, again, is nothing that most people didn’t already know but few have actually released the exact information that was being returned.

Dan Kaminsky did his talk which is always a pleasure to watch. I’ll have to wait for Defcon to publicly post his talk so you guys can watch it but there was one part that really made the Austrian economist in me laugh. He was able to insert ASCII art of Ben Bernanke into the Bitcoin network which will remain there for all eternity (eternity being measure as the lifespan of the Bitcoin network).

Outside of the talks the usual assortment of parties and boozing were had by most. On Saturday night the Freakshow party was thrown in the pool area of the Rio which included some impressive entertainment including a guy break dancing and moon talking on stilts. There were also a couple of scantily clad ladies rolling around the pool in a giant ball. This being Defcon nerdiness was present and a few of my friends and I attempted to calculate the girls weight by using the radius of the ball and the depth at which is sank into the water. What else can you expect from engineers?

Of course no post about my adventures involving flying would be complete without a little comment regarding the Transportation Security Administration (TSA). This year I decided to have a little fun and wore this shirt when I flew out of Minneapolis and this shirt when I went through in Las Vegas. I forgot most TSA agents are illiterate and therefore would not notice my witty shirts. OK, I’m assuming illiteracy is the reason I didn’t receive extra special attention but either way the TSA basically left me alone for once. Still I would like to close this post by saying fuck the TSA.