Defcon 16 - Geeks in Las Vegas

I've finally found some time to make this blog post at the request of RaT and other SOLDIERX members. This post has been delayed because of my research, professional career and some issues with Durandal. After I saw what was going on with him, I decided to stop talking to him and ceased a programming project that I was doing for him. He became angry and started to attack me on a personal level. Now that he's no longer affiliated with this site in any way, I feel that this post is long overdue.

Defcon 16

I was supposed to fly out with Durandal ( remember he was supposed to help with my Defcon 16 speech ). My stance is that he bailed out on account of not knowing the material like he had claimed ( he confessed to knowing nothing about modem firmware when I kept asking him for his slides ). Durandal's stance is that he bailed out on account of a fishing trip and not wanting to get arrested. According to him, he was under investigation and would be apprehended in the case that he showed his face at Defcon. I ended up talking to some really cool people at named devDelay and bitemytaco. We talked about the speech and they ended up deciding that they could take over Durandal's position as my co-speaker! This was awesome news since had recently released haxorware for the SB5101. Who better to talk about the future of modems than the guys who released the newest and best firmware? I ended up meeting up with devDelay a week before Defcon to go over the speech/slides/etc. I also received the SOLDIERX shirts 2 days before my flight. Looked like everything was going to go even better than planned.

So I flew into Las Vegas and gave cisc0ninja a call. I ended up running into Yang at the airport ( Yang is a former marine that I was in the service with ). I was like, "what the hell are you doing here Yang?" and he let me know that he was actually going to Defcon. Unfortunately cisc0ninja and his wife were on the other side of Vegas, so it looked like I was going to be stuck in the airport for awhile. At least I had Yang as company. I decided to give devDelay and bitemytaco a call and they informed me that they would just come pick me up. About 20 minutes later, I got to meet bitemytaco for the first time. He turned out to be a really cool guy who was not only knowledgeable in computers, but was also pretty good as a businessman.

I met up with everybody ( cisc0ninja, dragonlady [his wife], Ryan [from RedHat], devDelay, bitemytaco, and some guys from fight club ) that night and we all really just hung out and had a bite to eat at the Peppermill Restaurant and Fireside Lounge. It was nice to enjoy some good food with many people who I had not seen in over 4 years. Turned out that devDelay got his badge early by social engineering Agent X into thinking that he was Durandal. We all thought it was pretty funny and made jokes about him getting arrested since Durandal kept making the claim that he would get arrested if he went to Defcon. I went to bed somewhat early in order to wake up early for my badge and in preparation for my speech.

The next day I went through the registration and got my speaker badge. The badges have come a long way since Defcon 12 ( the last Defcon that I went to ). I'm really glad that they decided to let KingPin start doing their badges. After I took care of business, I met up with devDelay and bitemytaco to review our slides. We ended up meeting this guy named Alex Pilosov who was giving a talk on MITM attacking the Internet via BGP. He really seemed to know his stuff about DOCSIS as well. We ended up forgetting to bring a remote control or DVI-VGA adapter for devDelay's Macbook Pro, so we went searching for one. One of the CTF participants loaned us his, so I decided to give him a free SX shirt as thanks.

Our speech went really well, attracting so many people that they had to close the doors. If you look at some of the Defcon 16 pictuers on this site, then you can see what I am talking about. We actually had to cut the speech a little short because we were trying to cram about two hours or more worth of information into fifty minutes. There was such a mob to get to Q and A that I ended up losing devDelay and bitemytaco in the mix. I was answering questions alone for about 20 minutes before they arrived. We had planned on giving out some free swag ( them from and I had some SX swag provided by RaT ) so bitemytaco ended up telling people to come up to the podium for said named swag. Big mistake! We were rushed by geeks filled with desire for free stuff.

That night we decided to go to various events and gatherings. I personally went to the IDefense party ( since I used to contribute to VCP ) and a private party that had some Facebook and TOR developers. The private party was pretty cool because I actually got to discuss some of the TOR vulnerabilities. Bitemytaco, devDelay, cisc0ninja, Ryan and others went to the Facebook party at some club, but I did not attend this event. All of the events were pretty cool, looked like IDefense spent a ton of money once again for their Defcon event. I made some decent contacts for my research group and had a good time while I was at it.

I ran into some cool people from the past like Claudius, queeg, flea, Black Orchid, Jason Scott and Dave Aitel. I even saw Captain Crunch stumbling around. He wasn't too pleased about the BadGer stuff being posted to SX, but I told him I couldn't do anything about it. He'd have to take that up with RaT and BadGer as I am not in control of anything on The next night I ended up going to the Village Seafood Buffet at the Rio. I would advise anybody who goes to Vegas to try eating there at least once ( if you like seafood ).

I'm not going to bore the readers of this post with all of the details of Defcon 16. I will say that it was neat to see how large Defcon has grown ( although I do miss the old Defcons at the Alexis Park ). I also liked how there was somewhat of a focus on hardware this year. It seems like manufacturers are not putting a lot of effort into securing hardware. Overall I felt that Defcon 16 was a blast and I may go to Defcon 17. I'm not sure if I present or not, depends how brave I feel about taking my current research public Wink

( In true Midnight Pointers fashion )
With that I bid you goodnight.