.

DefCon: What I liked and didn't like

<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Sun Aug 01, 2010 11:40 pm

DefCon: What I liked and didn't like

Hey,

I am still in Vegas and DefCon 18 ended a few hours ago. I wanted to let you know how it went, from my  own point of view. As a note, DefCon 17 was my first DefCon last year.

Here is what I liked this year:
  • Some presentations were so good (about 30%). You could tell when a presenter has been speaking at RSA, Schmoocon, BlackHat, etc. They are usually structured and entertaining.
  • People are friendly and it is easy to start a conversation with pretty much everyone.
  • Most hackers are real nerds. Next year, I propose a new challenge for the crowd: find the ugliest person. It would be pretty easy... :)


Here is what I didn't like:
  • We were way to many for the Riviera Casino. Come on, already last year, we could barely moved in the hallway. This year, I missed 5 very, very interesting presentations because we were about a thousand waiting in the hallway!!! Everyone was very pissed about that...
  • Because of the above problem, we didn't have enough time to go from the tracks 1,2,3 and 4 to track 5, which was separated from the others. 10 min wasn't enough.
  • Compared to last year, a lot of presentations this weekend sucked: Bad speaker, no structure, taking about beer all the time, laughing at users, etc. I know it is DefCon and it is supposed to be "cool" and "underground", but there is a limit to human stupidity...
  • We couldn't get "real food" around (but that I knew from last year) You get tired pretty quickly at eating hamburgers and cheap pizzas.
  • People are so immature! I saw a guy getting drunk during his own presentation... Also, everyone is talking about "beer". They are between 30 and 45 years old and all they think is "I am going to have a beer tonight!". I was like that at 16... Come on, grow up!
  • About 20% of the goons think they are super heros. Like anywhere else, put a t-shirt on a guy with the word "security" on it and look at his head getting bigger and bigger...

Bottom line, I paid my own airplane tickets (and it takes 10 hours, one way), paid the hotel, took 3 days off work to have about 5 good presentations of 50 minutes each. It cost me about $600/hour (I know I am pushing, butt still...).  I could have had 10 good presentations, but the rooms were full.

Next year, I will wait until the presentations are on the internet...
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

Anquilas

User avatar

Full Member
Full Member

Posts: 169

Joined: Fri Mar 19, 2010 7:50 am

Location: Belgium

Post Mon Aug 02, 2010 2:16 am

Re: DefCon: What I liked and didn't like

Thanks for the review m8! It will have me thinking twice before boarding a plane from Europe to Vegas for DefCon ;)
Twitter: https://twitter.com/dietervds
Blog: https://synquell.wordpress.com (not much there yet)

The beginning of knowledge is the discovery of something we do not understand.
<<

SRVblackhat

Newbie
Newbie

Posts: 3

Joined: Sun Aug 01, 2010 4:09 pm

Post Mon Aug 02, 2010 9:54 pm

Re: DefCon: What I liked and didn't like

Check out Mystere
<<

Bane

Post Tue Aug 03, 2010 4:08 pm

Re: DefCon: What I liked and didn't like

Based on your complaints, you might want to check out Def Con's less trashy sister Black Hat ;D
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue Aug 03, 2010 8:33 pm

Re: DefCon: What I liked and didn't like

Yes, I would consider RSA, BlackHat or Schmoocon next time I feel like traveling...

But seriously, DefCon is becoming very big for the Riviera...
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Tue Aug 03, 2010 9:07 pm

Re: DefCon: What I liked and didn't like

H1t M0nk3y wrote:Yes, I would consider RSA, BlackHat or Schmoocon next time I feel like traveling...

But seriously, DefCon is becoming very big for the Riviera...


Thanks for the feedback! It sounds like it's going to the Rio next year.

I'm debating on taking a real vacation and going to Source/Brucon overseas. I can't swing it this year, but I might give it a go next year. Shmoocon is also on my list for this year.
The day you stop learning is the day you start becoming obsolete.
<<

gnix

Newbie
Newbie

Posts: 4

Joined: Sat Jun 13, 2009 11:43 pm

Post Wed Aug 04, 2010 11:48 pm

Re: DefCon: What I liked and didn't like

I agree with H1t M0nk3y. This year we were definitely to many for the Riviera. The entire space outside of track1-5 wasn't enough for the hundreds of people changing track and often the rooms were to small to handle everybody.

In addition, most of the people were just there to drink. I saw people with beers and alcohol in the hallway, in the contest room and in the speaker rooms. Probably, most of them were more interested in alcohol and strange haircuts than security stuff.

That said. I would like to suggest few presentations very interesting (from my point of view) and very well structured and entertaining.

  • Mastering the Nmap Scripting Engine (very good speakers)
  • Insecurity Engineering of Physical Security Systems (interesting stuff)
  • Exploiting WebSphere Application Server's JSP Engine (very good speaker)
  • pyREtic - In-memory Reverse Engineering for Obfuscated Python (interesting stuff)

Unfortunately, these are the only interesting presentations that I saw at Defcon 18 and I was wondering if you have some other presentations to suggest.

gnix
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Thu Aug 05, 2010 6:18 am

Re: DefCon: What I liked and didn't like

@gnix, here are the presentations I liked:

  • Web Application Fingerprinting with Static Files
  • My Life As A Spyware Developer Very Good
  • Malware Freak Show 2: The Client-Side Boogaloo
  • Hardware Hacking for Software Guys
  • Repelling the Wily Insider
  • You Spent All That Money And You Still Got Owned... Very Good

But again, I missed several presentations because the room was too full. So there may be other very good ones I didn't get to watch.
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

former33t

Full Member
Full Member

Posts: 226

Joined: Sat Feb 14, 2009 12:33 am

Post Mon Aug 09, 2010 6:39 pm

Re: DefCon: What I liked and didn't like

I'll add to the sentiment that there were too many people for the Riv.  DEFCON either needs a new location next year or it needs to pre-sell tickets and limit numbers (like ShmooCon).  Personally, I'm all for a new location.

So H1t M0nkey, I agreed with some of your picks and I didn't get to see the last two.  I wasn't very impressed with the Malware Freak Show.  Compared to many of the folks there, these guys were stellar presenters but the content was a little weak.  Of course, I may be biased since I work in mawlare all the time, but I thought it was lacking.

The Nmap scripting engine talk was good.  Hardware hacking for the software guys convinced me to put an Arduino board on my Christmas list.  The GSM talk was great.  I wanted to see the "Powershell: OMFG" talk, but couldn't get in the room.  I don't see those slides on the CD.  Does anyone know where they are posted?

The android rootkit talk was a little weak in that they basically described how they built a Linux rootkit.  The droid specific stuff took less than 10 minutes.

The most memorable talks by far were "How I met your girlfriend" where the speaker talked about merging web hacking with the real world and "My life as a spyware developer."  While the latter was a little light on tech, the guy presented well and it was well put together.
Certifications: CREA, MCSE: Security, CCNA, Security+, other junk
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Mon Aug 09, 2010 7:00 pm

Re: DefCon: What I liked and didn't like

The most memorable talks by far were "How I met your girlfriend" where the speaker talked about merging web hacking with the real world and "My life as a spyware developer."  While the latter was a little light on tech, the guy presented well and it was well put together.


This was the best presentation at Blackhat imho as well.
~~~~~~~~~~~~~~
Ketchup
<<

Dark_Knight

User avatar

Sr. Member
Sr. Member

Posts: 294

Joined: Mon Aug 11, 2008 7:03 pm

Post Mon Aug 09, 2010 7:33 pm

Re: DefCon: What I liked and didn't like

former33t wrote:I'll add to the sentiment that there were too many people for the Riv.  DEFCON either needs a new location next year or it needs to pre-sell tickets and limit numbers (like ShmooCon).  Personally, I'm all for a new location.

So H1t M0nkey, I agreed with some of your picks and I didn't get to see the last two.  I wasn't very impressed with the Malware Freak Show.  Compared to many of the folks there, these guys were stellar presenters but the content was a little weak.  Of course, I may be biased since I work in mawlare all the time, but I thought it was lacking.

The Nmap scripting engine talk was good.  Hardware hacking for the software guys convinced me to put an Arduino board on my Christmas list.  The GSM talk was great.  I wanted to see the "Powershell: OMFG" talk, but couldn't get in the room.  I don't see those slides on the CD.  Does anyone know where they are posted?

The android rootkit talk was a little weak in that they basically described how they built a Linux rootkit.  The droid specific stuff took less than 10 minutes.

The most memorable talks by far were "How I met your girlfriend" where the speaker talked about merging web hacking with the real world and "My life as a spyware developer."  While the latter was a little light on tech, the guy presented well and it was well put together.


http://www.secmaniac.com/july-2010/blackhat-and-defcon-poc-code-released/
Last edited by Dark_Knight on Mon Aug 09, 2010 7:42 pm, edited 1 time in total.
CEH, OSCP, GPEN, GWAPT, GCIA
http://sector876.blogspot.com

Return to Other

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software