HomeBlogsAmp's blog

Defcon 21

10 August, 2013 - 06:33 — Amp

This is going to be a different write-up than what I saw with how Blake wrote up one of the Defcons. I wish to talk about the positive and negative about Defcon, but first I will explain why I finally went back. In the past decade, circumstances beyond my control had kept me from doing so. However, this year I decided to make this happen as at the time I made this decision, it may very well have been my last clear chance at going. In addition, due to what I consider a less than stellar experience with academia (I am about to graduate and feel that I should have learned far more than I did to be honest) I wanted to see a different perspective. Overall, I saw both the good and the bad.

The Good:
- The Villages were good for learning new skills.
- The Darknet Project, while flawed, was a great experiment to teach neophytes good skills.
- Some really good contests that give an effective test of skill.
- Some pretty good parties and one of the best music sets I have heard in the past decade. (Seriously, I wish more places would play sets like this.)

The Bad:
- The larger area for Defcon works against having small groups come together sometimes.
- Other crew members have stated that this year's speakers were less than stellar. (Due to my unforeseen success in the Hackers Against Humanity tournament, I was more preoccupied with that and Darknet than with the speakers.)
- Some aspects of the con felt a bit less lively than before in the eyes of some crew members and I do agree with some of these concerns.

On a more personal note, I did not mention Hackers Against Humanity in this as I feel that it was a small event when looking at Defcon as a whole. I will state however that I love Cards Against Humanity and the Hackers variant sometimes reaches darker levels of humor. Winning one of the decks in the tournament was surprise as I expected to lose in the first round and was mainly interested in just seeing how good the game was. To go with the theme of "horrible prizes for horrible people" I also won three LaserDiscs, a 80s styled iPhone case, and a EL Wire Kit!

In addition to this, I did do some of the missions related to Darknet. The point of Darknet was to serve as an introduction to less experienced individuals at Defcon and aside from a few hiccups, it seems to be pretty good. It was also from one of the quests given that I learned how to solder hardware which was something I wanted to do for quite a while, but never had the opportunity until this event. There wasn't really a prize per say for that event as the point of it was to teach and get players to work together on the stuff, but next year that may change apparently so I hope they do continue with this event.

One major downside that I do wish to elaborate on is that this is definitely the Defcon that I know from past years. Some aspects of it did feel too sanitized and sterile when compared to some of the chaotic fun of past years. Some of the chaotic elements actually gave Defcon a unique appeal even though some of them can be considered undesirable. Then again, I think the continued growth of the event is one of the biggest factors into this.

Another issue that both me and Blake had was with one aspect of Roots where the kids were taught how to find 0-Day and "responsibly disclosed" them to companies, with some having bug bounty programs. In particular, the grievances we both have were best covered by Spender from grsecurity on http://seclists.org/dailydave/2010/q2/58 when he denounced responsible disclosure in its most prevalent form. There are concerns that the kids were coached through this process as well, but the biggest concern we have is that the route of disclosure taken may not be the best one.

The big thing I did take away was this. There is still something to learn from Defcon by approaching people and going to the villages. However, this year felt a bit too sanitized in the eyes of some members of our crew that attended and I can see where they are coming from. For those looking for an event in the vein of past Defcon events, smaller events may be far more beneficial. Overall, this was definitely a "Your mileage may vary" event.