DefCon: What I liked and didn’t like

Viewing 10 reply threads
  • Author
    Posts
    • #5415
      caissyd
      Participant

      Hey,

      I am still in Vegas and DefCon 18 ended a few hours ago. I wanted to let you know how it went, from my  own point of view. As a note, DefCon 17 was my first DefCon last year.

      Here is what I liked this year:

      • Some presentations were so good (about 30%). You could tell when a presenter has been speaking at RSA, Schmoocon, BlackHat, etc. They are usually structured and entertaining.
      • People are friendly and it is easy to start a conversation with pretty much everyone.
      • Most hackers are real nerds. Next year, I propose a new challenge for the crowd: find the ugliest person. It would be pretty easy… 🙂

      Here is what I didn’t like:

      • We were way to many for the Riviera Casino. Come on, already last year, we could barely moved in the hallway. This year, I missed 5 very, very interesting presentations because we were about a thousand waiting in the hallway!!! Everyone was very pissed about that…
      • Because of the above problem, we didn’t have enough time to go from the tracks 1,2,3 and 4 to track 5, which was separated from the others. 10 min wasn’t enough.
      • Compared to last year, a lot of presentations this weekend sucked: Bad speaker, no structure, taking about beer all the time, laughing at users, etc. I know it is DefCon and it is supposed to be “cool” and “underground”, but there is a limit to human stupidity…
      • We couldn’t get “real food” around (but that I knew from last year) You get tired pretty quickly at eating hamburgers and cheap pizzas.
      • People are so immature! I saw a guy getting drunk during his own presentation… Also, everyone is talking about “beer”. They are between 30 and 45 years old and all they think is “I am going to have a beer tonight!”. I was like that at 16… Come on, grow up!
      • About 20% of the goons think they are super heros. Like anywhere else, put a t-shirt on a guy with the word “security” on it and look at his head getting bigger and bigger…

      Bottom line, I paid my own airplane tickets (and it takes 10 hours, one way), paid the hotel, took 3 days off work to have about 5 good presentations of 50 minutes each. It cost me about $600/hour (I know I am pushing, butt still…).  I could have had 10 good presentations, but the rooms were full.

      Next year, I will wait until the presentations are on the internet…

    • #34233
      Anquilas
      Participant

      Thanks for the review m8! It will have me thinking twice before boarding a plane from Europe to Vegas for DefCon 😉

    • #34234
      SRVblackhat
      Participant

      Check out Mystere

    • #34235
      Anonymous
      Participant

      Based on your complaints, you might want to check out Def Con’s less trashy sister Black Hat ;D

    • #34236
      caissyd
      Participant

      Yes, I would consider RSA, BlackHat or Schmoocon next time I feel like traveling…

      But seriously, DefCon is becoming very big for the Riviera…

    • #34237
      dynamik
      Participant

      @H1t M0nk3y wrote:

      Yes, I would consider RSA, BlackHat or Schmoocon next time I feel like traveling…

      But seriously, DefCon is becoming very big for the Riviera…

      Thanks for the feedback! It sounds like it’s going to the Rio next year.

      I’m debating on taking a real vacation and going to Source/Brucon overseas. I can’t swing it this year, but I might give it a go next year. Shmoocon is also on my list for this year.

    • #34238
      gnix
      Participant

      I agree with H1t M0nk3y. This year we were definitely to many for the Riviera. The entire space outside of track1-5 wasn’t enough for the hundreds of people changing track and often the rooms were to small to handle everybody.

      In addition, most of the people were just there to drink. I saw people with beers and alcohol in the hallway, in the contest room and in the speaker rooms. Probably, most of them were more interested in alcohol and strange haircuts than security stuff.

      That said. I would like to suggest few presentations very interesting (from my point of view) and very well structured and entertaining.

      • Mastering the Nmap Scripting Engine (very good speakers)
      • Insecurity Engineering of Physical Security Systems (interesting stuff)
      • Exploiting WebSphere Application Server’s JSP Engine (very good speaker)
      • pyREtic – In-memory Reverse Engineering for Obfuscated Python (interesting stuff)

      Unfortunately, these are the only interesting presentations that I saw at Defcon 18 and I was wondering if you have some other presentations to suggest.

      gnix

    • #34239
      caissyd
      Participant

      @gnix, here are the presentations I liked:

      • Web Application Fingerprinting with Static Files
      • My Life As A Spyware Developer Very Good
      • Malware Freak Show 2: The Client-Side Boogaloo
      • Hardware Hacking for Software Guys
      • Repelling the Wily Insider
      • You Spent All That Money And You Still Got Owned… Very Good

      But again, I missed several presentations because the room was too full. So there may be other very good ones I didn’t get to watch.

    • #34240
      former33t
      Participant

      I’ll add to the sentiment that there were too many people for the Riv.  DEFCON either needs a new location next year or it needs to pre-sell tickets and limit numbers (like ShmooCon).  Personally, I’m all for a new location.

      So H1t M0nkey, I agreed with some of your picks and I didn’t get to see the last two.  I wasn’t very impressed with the Malware Freak Show.  Compared to many of the folks there, these guys were stellar presenters but the content was a little weak.  Of course, I may be biased since I work in mawlare all the time, but I thought it was lacking.

      The Nmap scripting engine talk was good.  Hardware hacking for the software guys convinced me to put an Arduino board on my Christmas list.  The GSM talk was great.  I wanted to see the “Powershell: OMFG” talk, but couldn’t get in the room.  I don’t see those slides on the CD.  Does anyone know where they are posted?

      The android rootkit talk was a little weak in that they basically described how they built a Linux rootkit.  The droid specific stuff took less than 10 minutes.

      The most memorable talks by far were “How I met your girlfriend” where the speaker talked about merging web hacking with the real world and “My life as a spyware developer.”  While the latter was a little light on tech, the guy presented well and it was well put together.

    • #34241
      Ketchup
      Participant

      The most memorable talks by far were “How I met your girlfriend” where the speaker talked about merging web hacking with the real world and “My life as a spyware developer.”  While the latter was a little light on tech, the guy presented well and it was well put together.

      This was the best presentation at Blackhat imho as well.

    • #34242
      Dark_Knight
      Participant

      @former33t wrote:

      I’ll add to the sentiment that there were too many people for the Riv.  DEFCON either needs a new location next year or it needs to pre-sell tickets and limit numbers (like ShmooCon).  Personally, I’m all for a new location.

      So H1t M0nkey, I agreed with some of your picks and I didn’t get to see the last two.  I wasn’t very impressed with the Malware Freak Show.  Compared to many of the folks there, these guys were stellar presenters but the content was a little weak.  Of course, I may be biased since I work in mawlare all the time, but I thought it was lacking.

      The Nmap scripting engine talk was good.  Hardware hacking for the software guys convinced me to put an Arduino board on my Christmas list.  The GSM talk was great.  I wanted to see the “Powershell: OMFG” talk, but couldn’t get in the room.  I don’t see those slides on the CD.  Does anyone know where they are posted?

      The android rootkit talk was a little weak in that they basically described how they built a Linux rootkit.  The droid specific stuff took less than 10 minutes.

      The most memorable talks by far were “How I met your girlfriend” where the speaker talked about merging web hacking with the real world and “My life as a spyware developer.”  While the latter was a little light on tech, the guy presented well and it was well put together.

      http://www.secmaniac.com/july-2010/blackhat-and-defcon-poc-code-released/

Viewing 10 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?