H is for Hax0r
Jason and I just got back from our annual trip to Las Vegas for DefCon, the largest hackers conference in the world.
For those of you who lack the experience or imagination to envision what a hackers conference is like let me describe some of what you might experience at this event.
The first thing you do when you get to DefCon is pay your registration fee and pick up your badge. This seemingly quick and simple task is not always so. While anyone can attend DefCon, it’s not some exclusive event, the $140 registration fee can only be paid in cash. Why cash? When you have helped attendees improve their credit card fraud, lock picking, and identity theft skills for many years you’re usually a little hesitant to be on the receiving end of those skills. Also, many of these geeks are a bit skittish about showing up on “the grid”, probably because they know how easily that grid can be compromised or modified. They therefore prefer the anonymity of a cash transaction. Every year you’re bound to see some would-be-registrant try to enroll using their credit card while everyone just stares at them like they are ludicrous.
Even if your wallet is plump enough that you don’t have a cash-payment dilemma, your registration woes are not necessarily over. Only a limited number of the sweet hackable badges are available every year and they always seem to arrive in odd untimely shipments. This means you may get stuck with a paper badge if you come to the registration booth when they have temporarily, or permanently, run out of the electronic ones. If the unpredictable shipping patterns of the badges are a scheme to work the nerds into a badge frenzy then it’s a ploy that works very well; every year random attendees offer to buy our nifty badges from us but of course we refuse.
Once you have paid your fee and hopefully acquired a cool electronic batch, not a lame paper one, it’s time to make your way down the geek infested corridors to the lecture halls. These passageways are always packed but this year the conference was especially crowded. After you manage to weave through the sea of unwashed nerds you may have to wait in line to get into your lecture of choice; the more popular tracks often have long winding wait lines that wrap around awkwardly and make the already swarming halls almost unmaneuverable.
When you are finally seated (if you are fortunate enough to get a seat) and ready to listen to your selected speaker you will find yourself surrounded by every breed of nerd known to man: the goth/punk geeks with their blue Mohawks and combat boots who look like (and quite possibly are trying too hard to look like) people from a hackers movie, the stinky unkempt nerds dressed in clothes so unfashionable that either DefCon is one of the few times they leave their mothers’ basements or they are trying to make some statement about how society’s rules don’t apply to them, the feds with their neat haircuts that attempt unsuccessfully to casually blend in by wearing black t-shirts instead of their standard uptight button ups, and the poser hackers that try to appear elite but really work at Convergys doing technical support and wouldn’t know a SQL injection or a buffer overflow if it hit them in the face. Of course, you will also see plenty of normal looking geeks mixed in with all the irregulars; those that are average appearing have learned to successfully camouflage their nerdy interior and you’d never pick one of them out in a crowd. If you are lucky you will sit by geeks that don’t reek and if you are unlucky you will have to take little breaths until you are free of geek funk.
The topics you’ll have the option of studying at DefCon include: how to build a lie detector and beat a lie detector, how to hack Facebook privacy, the laws of laptop search and seizure, air traffic control insecurity, how to build a cyber army to defeat the U.S., practical cell phone spying, safe hideouts for malware…and many others that honestly seem of somewhat questionable legality and of fairly malicious intent.
If, after you have packed your brain with ways to hack pretty much everything, you’re still thirsty for some hands-on learning you might want to try the lock picking village where you can discover how to break and enter with grace. Or you can use your mad skills to create a killer cooler and enter the Beverage Cooling Contraption Contest. If you would rather turn your brain off for a bit and just socialize with the unsocializable you can attend the Zombie Ball. Whatever your pleasure, there are always many activities-from the nerdy to the quirky-to keep you occupied at DefCon.
If after reading my depiction of DefCon you find this convention baffling, no worries. I’ve attended it the last three years and I still find it baffling. It attracts the seedy underbelly of computing, corporate security specialists, government officials, and the casually curious geek. All these unlikely allies are willing to put aside the question of the morality of hacking for a few days in order to discuss the hows of hacking. But despite this temporary truce between natural enemies, as you sit in the giant packed ballrooms at DefCon listening to lectures on topics that often involve system vulnerabilities and security loopholes you can’t help but wonder if the guy sitting next to you has ever tried to take over your computer network or if he will try after what he’s just learned.
Yes, if the hacking lingo and technical details at DefCon don’t perplex you the culture anomalies and paradoxes certainly will. You will be intrigued and mystified, also possibly angered and disgusted, but you will certainly not walk away disappointed.