Defcon runs July 30th through August 1st
July 27, 2009
Defcon, one of the most important and probably the most popular Internet security conference of the year starts Thursday and runs through Sunday, August 1st, and as always, it will be held in Las Vegas, Nevada.
Originally started by Jeff Moss, CEO of Red Hat, Defcon brings together some of the top security experts from around the world, along with thousands of "hacker wannabes" whose pranks in previous years (hacking the elevators and ATMs) have even led to bans at certain hotels.
Moss was recently named to the Homeland Security Advisory Council.
But Defcon is also a semi-neutral ground where people who blur the lines of legality mingle with U.S. federal agents whose job it is to hunt them down.
Moss also runs Defcon's big-sister conference, Black Hat, which runs Wednesday and Thursday at the more upscale but no less kitschy Caesars Palace. While Black Hat is more professional, with vendor tables in the lobby and respectable product presentations in meeting rooms, Defcon is a "script kiddies" hunkered over laptops lining the hallways at all hours of the night and gray-haired hackers who were likely teens when they first started coming to the event.
The conference is usually one of the best it can be, but Defcon is also known for the activities going on outside of the sessions, such as so-called hacking contests and other similar venues.
There's Hacker Jeopardy, geo-caching events, a beverage cooling contraption contest, organized target shooting, a Capture the Flag penetration testing competition, lock picking workshops, a PGP Key Signing Party, a scavenger hunt, the highly popular Spot the Fed contest, a competition to find the best social engineer, a Cannonball Run car race described as "a race against time over 288 miles of road" from Redondo Beach to Las Vegas on Thursday, and even an artwork contest.
Internet security isn't what it used to be anymore...
The research topics run the gamut of vulnerabilities and exploits on everything from iPhones to smart grids. One session deals with air traffic control security. Others have to do with injecting electromagnet pulses into the wiring system of jets, insecurities with Firefox plug-ins, cloud computing security issues and a new tool to send controversial news to censored countries without using proxy servers.
"We had been expecting 30 percent fewer attendees and in reality we're only going to have 10 to 15 percent fewer," Moss said. "The market went down and all of this research came up. Even with the global economic recession that has hit us since last fall, attendance at the conference will almost be packed as much as previous years."
Two Hewlett-Packard researchers plan to demonstrate a proof-of-concept browser-based darknet type of network called "Veiled" that allows for the creation of a secure, decentralized peer-to-peer network in which no client software is downloaded.
"The clients are the owners of the files and there is no single point of failure," said Matt Wood, a senior researcher in the Web Security Research Group at HP Software and Solutions. "No one in the government can go to you and say we need the files."
Interesting session titles include "Cracking 400,000 Passwords, or "How to Explain to Your Roommate why the Power Bill is a Little High," "Manipulation and Abuse of the Consumer Credit Reporting Agencies," "Hacking Capitalism 2009," and "Smart Parking Meter Implementations, Globalism, and You --aka Meter Maids Eat Their Young--."
As you might expect, over the years, not all conferences went smoothly...
At the 2008 conference, a talk on hacking smartcards used in the Boston subway system was blocked after a federal judge granted the Massachusetts transit authority's request for an injunction. In 2005, a security researcher was sued after giving a presentation at Defcon on how attackers could take over Cisco Systems routers.
Then in 2001, the FBI took Russian crypto expert Dmitry Sklyarov into custody at his Las Vegas hotel the day after he gave a Defcon talk about insecurities in e-book security software. All cases were eventually settled, but the negative publicity it generated left some event organizers a bit disappointed.
This year, Defcon even averted another type of legal debacle: the importation of its microprocessor-dependent badges, which are needed for the badge-hacking contest!
Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.
You can link to the
Internet Security web site as
much as you like. Read our section on how your company can participate in our
reciprocal link exchange program
and increase your rankings
in the major search engines such as
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing