I was recently contacted by Don from The Ethical Hacker Network (EH-Net) and asked if I was interested in attending the Black Hat USA 2014 Briefings as the winner of a monthly giveaway contest on his site. I had never been to either Black Hat or DEFCON, so I jumped at the chance to see what the fuss was all about. This is a short write-up on my conference experiences to help give future first-timers an idea of what to expect at Black Hat and DEFCON.
Before getting to my experiences as a BH/DC Virgin, let me share a little about myself. I’ve been performing digital forensics for five years and started studying hacking and pen testing about two and a half years ago. I originally started my studies to improve my forensics skills but it soon became my favorite hobby. I feel that it’s important to include this information, as there is a huge variety of ages, experiences and personalities of the attendees. What you bring as well as what you expect to do can drastically affect your own experience of these two events. Therefore, your mileage will most certainly vary.
Black Hat USA 2014
I didn’t attend any of the Black Hat Trainings, so I can’t talk about those. However, during the two days of the Briefings, I attended several panels, spent time in the “arsenal” room (explained below) and collected plenty of freebies in the business hall. The atmosphere at Black Hat was professional, and the briefings were well organized, well presented and always seemed to have plenty of seating. There was definitely no down time and a great mix of briefings and events going on nonstop. In fact, a few times over the course of those two days, I had to make some tough choices about what I wanted to do.
The official Black Hat bookstore contained a good mix of books and souvenirs (T-shirts, mugs, computer bags, hats, and so on). I think I left with five signed books and nine t-shirts, in addition to other free swag items I picked up from vendors in the business hall.
The “Arsenal” was a room with nine stations for open source software developers to demonstrate their software and answer questions. There were some big name projects demonstrated along with several I had never heard of before. The nine programs being featured changed every two and a half hours, so there was always a fresh supply of projects to check out.
In addition to the Briefings and Arsenal there were several sponsored workshops, but I didn’t have the time to attend one. One lesson I learned is that, between the arsenal, business hall, book signings and sponsored workshops, there would have been plenty to keep someone with a “Training Only” pass busy on the last two days of Black Hat.
Even with all of the positives listed above, the best part was seeing some old friends that I hadn’t seen in a while as well as making some new ones. There were several people who I’ve only spoken with online that I finally got to meet in person. I was also excited by how approachable well-known names in the field were and was fortunate enough to attend events with the authors of several books I routinely reference.
Normally Black Hat ending would have probably felt bittersweet, but not this time, since DEFCON was starting the next day. In the past, I’d heard a lot of people saying that DEFCON was too crowded to be enjoyable, so I wasn’t sure what to expect, especially after the reserved, quiet atmosphere of Black Hat. I ended up really enjoying both environments.
See some of the presentations in the Black Hat USA 2014 Archives.
While there were A LOT of people at DEFCON 22, I had a great time from start to finish. The $220 spent on DEFCON admittance got me an awesome DEFCON badge complete with blinking LEDs and a USB port, a “DEFCON Soundtrack” CD, a CD with PDFs of all of the speaker’s presentations, a sheet of stickers and an incredibly well done DEFCON program.
There were five different talks every hour on Friday and Saturday and four on Sunday. I went through the program as soon as I got it to identify several talks that I really wanted to attend. I ended up attending all but one of those talks. As for the one I missed, I arrived thirty minutes early but was informed by a “security goon” that I likely wouldn’t be able to get into the upcoming talk. I appreciated the heads up and went to the lock pick village and caught two, thirty-minute talks there.
As great as the talks were, the real draw for me were the “villages,” which were basically areas dedicated to specific topics. Some included workshops-like environments, while others were a mix of workshops and speakers. I caught talks at the Wireless Village and Lockpick Village and spent a while at the Hardware Hacking Village soldering a “DEFCON Darknet” badge kit I had purchased the day before. I didn’t have a chance to visit the Social Engineering Village, Tamper Evident Village, ICS Village or the Crypto and Privacy Village. There were great things happening at each; I just couldn’t find the time. I told my wife that I felt like I could have cloned myself ten times and kept all ten clones busy at DEFCON!
One big lesson I want to pass on: if something is really important to you, it’s probably important to a lot of people, so make sure to get there extremely early if missing it isn’t an option. I bought my “DEFCON Darknet” badge kit Friday morning but could never find an open station when I checked back throughout the day. I decided to show up early Saturday to grab a seat in the Hardware Village as soon as they opened, and there was already a line of others with similar thoughts. I was able to grab a station and assemble my kit but only because I was there extra early.
Final Thoughts on Black Hat and DEFCON
There were a lot of differences between Black Hat and DEFCON. One of the biggest was the vendor areas. As I mentioned earlier, the business hall at Black Hat had some awesome freebies, but most of the booths were offering enterprise solutions. In contrast, the vendor area at DEFCON contained nothing but booths targeted towards individuals and selling things like lock picks, t-shirts and Wi-Fi toys. The DEFCON vendor area was always incredibly busy and had some darn cool stuff.
Another recommendation: book your room at the hotel as early as possible. Due to my late trip planning, the Rio was sold out, so I stayed at the Luxor for the entire trip. The Luxor was perfect for Black Hat, since it’s connected to the Mandalay Bay by an inside bridge. The drive from the Luxor to the Rio for DEFCON was easy in the mornings and a little busier in the afternoon. The DEFCON talks were done at six each day, but the villages were open until nine in the evening, so it would have been nice to have a room on site to crash for an hour or so in the early evenings.
All in all, it was a great week. As soon as I heard DEFCON had announced the dates and locations for next year’s conference (which will have close to double the square footage), I made my reservations at Paris. Hopefully, I’ll be able to attend both conferences. The Luxor had plenty of rooms available this year when I booked late, so I’m not as worried for a Black Hat hotel room sellout.
I now see what all the fuss was about and plan on this being the first of many trips to Vegas to attend both conferences.
Matt Edmondson (GCFA, GCIA, GPEN, GWAPT, GSEC, CISSP, etc.) has been performing IT duties for approximately eight years including several years spent on computer forensics and mobile device forensics. Matt can be followed at @matt0177.Tags: black hatdefconhighlightopinion