Ten Things You Missed at DEF CON 22 That You Won’t Read About Anywhere Else

John Gunn, August 11, 2014

DEF CON is now officially the largest gathering of hackers in the world. Actually, it is the largest gathering of hackers, wannabe hackers, noobs, posers, IT security pros and undercover agents. This year it’s reportedly 25,000 strong and outgrowing another facility.

There are hundreds of stories covering the most news-worthy hacks and vulnerabilities including innovative attacks on Bluetooth, USB, Wi-Fi, autos, Google Glass, airplanes, medical devices, and all sorts of infrastructure. But that’s not what this post is about. Instead, I present a quick tour of what you missed by not attending DEF CON until next year.

  • It’s Cash-only.  From the badges to food to alcohol and everything else. Hey, would you trust this crowd with your credit or debit card number? (btw, a badge is less than 1/10 the price of Black Hat).
  • Average Wait of 3+ Hours for a Badge.  They started lining up at 2PM the day before and many partied through the night waiting for 8AM badge sales. By midday on Thursday, the line was still almost 4 hours long. But if you waited too long, then you missed out on the very cool and extremely hackable electronic badge.
  • Orientation Session. This is where conference management admonishes attendees to follow the DEF CON 3-2-1 Rule; a minimum of 3 hours of sleep, 2 meals, and 1 shower per day – with so many people crammed together so tightly, the last part was much appreciated.
  • DEFCON Official who “Shots the Noob.” All presentations given by first-timers are interrupted about halfway through by conference officials who join the presenter in a round of whiskey shots, sometimes two rounds. They should try that at Black Hat.
  • It’s Not the Presentations. DEF CON 22 has an incredible number of get-togethers, competitions, lounges, and gatherings. These all combine to create an environment where knowledge is shared and transferred freely. Where else can you hear a horde of thousands applauding a successful demonstration of a hack or the deafening chant, in unison, of “don’t f--- it up!” at Hacker Jeopardy contestants?
  • Ultimate Egalitarianism. The badges say it all. There are no names, no titles, no business cards, no corporations, no hierarchy. Everyone is truly equal and everybody talks to everybody with no ulterior motives (except in the social engineering competition).
  • Communications Shutdown. You turn off your Wi-Fi, Bluetooth, and everything else on your mobile, and any time your phone does the same quirky things it’s been doing for the past year, you suddenly think, “OMG, I’ve been hacked!”
  • Political Correctness.  At DEF CON, PC is in the heart and not in one’s words. The DEF CON community still shares jokes and doesn’t hold back on just about anything or anybody. And it’s funny, not hateful, and it just flows in a beautiful, totally non-offensive way. If only…
  • SKYTALKS. These are the oral presentations that are not on the schedule, and where photography and recording is not allowed. If you attend them, you’ll know why.
  • The Community. Imagine a Woodstock for tech lovers and you have DEF CON - people sharing with each other without limit. There is likely no greater exchange of useful IT security information anywhere else on the planet. And where else could I have my drink paid for by an anonymous guy who left $100 on the bar and told the bartender “free drinks for the next 20 people.”

DEF CON is the embodiment of passion for technology. It is like being back at University. It is a love fest for all things related to IT security and an affirmation that we are all in this together. So don’t fear the hacker, the hacker is you. I’ll see you at DEF CON 23, drinks are on me.

John Gunn is OneSpan’s CMO and brings two decades of leadership experience in the IT security and software segments. Before joining OneSpan, John led the Security Solutions Group at Harland Clarke where he launched a popular SaaS consumer identity protection and anti-fraud solution.