Announcement

Collapse
No announcement yet.

How would you make Defcon 21 better?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Re: How would you make Defcon 21 better?

    Good way to learn Boolean Logic. Imagine the possibilities.

    Comment


    • Re: How would you make Defcon 21 better?

      Would it be possible to open up the larger room for hacker jeopardy and 10,000 cent pyramid? The entire back portion of the room was standing room only one of the nights, even though it was already held in the large room.

      Comment


      • Re: How would you make Defcon 21 better?

        I would like to see some lock picking contests, particularly head to head stuff. Or maybe just like an open "lock boxing ring" type thing were 2 or more people can square off in a head to head picking / impressioning / bypass contest for bragging rights, and of course the humiliation of defeat and public ridicule for the loser. :)

        Maybe something like the black bag / gringo warrior challenge but scaled down and open through out the con.


        I know all things require volunteers and equipment. If there's anyway I can help something like this happen please let me know.

        Comment


        • Re: How would you make Defcon 21 better?

          More people opting out- specifically on the flight back home. And someone filming the hysteria.
          |

          Comment


          • Re: How would you make Defcon 21 better?

            I am curious on peoples opinions about having a Tamper Evident village next year?

            We have so many tags, bags, and tapes and the contest has been around now for three years I want to try something new. The idea is to have a village, like lock picking, where people can play. Of course it will not be as large or as popular as LPV but it will hopefully inspire a wider audience to get involved. I am hoping then that I can work with another group do the TE Contest (MFP perhaps?)
            PGP key: dtangent@defcon.org valid 2020 Jan 15, to 2024 Jan 01 Fingerprint: BC5B CD9A C609 1B6B CD81 9636 D7C6 E96C FE66 156A

            Comment


            • Re: How would you make Defcon 21 better?

              Originally posted by Dark Tangent View Post
              I am curious on peoples opinions about having a Tamper Evident village next year?

              We have so many tags, bags, and tapes and the contest has been around now for three years I want to try something new. The idea is to have a village, like lock picking, where people can play. Of course it will not be as large or as popular as LPV but it will hopefully inspire a wider audience to get involved. I am hoping then that I can work with another group do the TE Contest (MFP perhaps?)
              I personally would really like this.

              Comment


              • Re: How would you make Defcon 21 better?

                That would be awesome. I "helped" on a tamper evident team a few years ago and had a great time, but I don't care that much about the competition or have the time to commit to a contest, but a place to wander in when you have a free hour sounds great!
                --- The fuck? Have you ever BEEN to Defcon?

                Comment


                • Re: How would you make Defcon 21 better?

                  I was on one of the ad-hoc fail teams the first year and would take advantage of being able to wander in and talk with any of the guys from the other teams.

                  Cheers
                  9 dollars and 40 cents? That's an outrage! If I were you I wouldn't pay it! - Groucho Marx

                  Comment


                  • Re: How would you make Defcon 21 better?

                    Originally posted by Dark Tangent View Post
                    I am curious on peoples opinions about having a Tamper Evident village next year
                    we've long-thought that this content deserves its own showcase at DEFCON. i recall that last year the room we were in for the Lockpick Village had a smaller room on the other side of an airwall and this small room was relatively unused. If that became the Tamper Village it would be able to possibly have one doorway open as a connector between us and them.

                    There's a lot of natural cross-over between picking and seal tampering. Hell, we even run these two topics as semi-connected trainings at Black Hat now, as you know. I think there'd be a lot of synergy and cross-pollination if the two Villages were linked. (but still having their own entrance/exit doors into the main hallway, of course)

                    This would also allow us to help with staffing, since DataGram and Scorche and Cowboy hang with us in the Lockpick Village so often and we could have them (as well as some others from our staff who have ties to this knowledge) float between at times to cover crowd management.
                    "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
                    - Trent Reznor

                    Comment


                    • Re: How would you make Defcon 21 better?

                      I usually unplug from the forum for a bit after con, but this time, I started a new job and never really plugged back in. New Year came and went and I'm making time to step away from work and get back into things I actually like doing.

                      So last year I published an essay that I had sent to DT about making DC20 better. It sparked some discussion and in subsiquent conversations was well accepted by staff and orginizers. I know this because no one punched me at DC20 because of it.

                      If you want to refresh your memory, it is here: http://www.renderlab.net/rants/Defcon-suggestions.pdf

                      Some things were addressed, some still remain. Here's some of the updated status of things in my mind:

                      <RANT>

                      The CFP process still rocks (thanks Nikita!). Though still amused at the Kaminsky thing.

                      The lines moved so much faster and anyone who complains should compare to the last year at the AP. If you were there waiting, well you're a shnook and should have been sleeping in or doing to DC shoot or something else. DT has assured that badges will not run out in future and I trust that. Show up later and still get a badge.

                      Somone mentioned that if you can't present something in 50 minutes, you really have something huge or you should really go back to working on your talk. I tend to see the opposite problem. 50 is 45 minutes of step by step or 'filler' on stuff we already know or could be digested and the last 5 minutes is the cool stuff. It's a pet peeve of mine and alot of the corporate types tend to do those talks because they play well at other sec cons, but the audience here is different and they should acknowledge that. An example is Charlie Miller's Apple battery hack a couple years back. Great work, but did'nt need 50 minutes IMHO. It's an astute audience and in most cases, un-needed dressing around the meat of the hack. My talk was a great deal of background and process, but for something like the air traffic control system, nessecary, particularly since it did'nt end with 'reported to vendor, patched last week'.

                      As for the quality, I reserve some judgement since I attended few talks this year and as a speaker, I admit some bias. I mention in my essay some pet peeves and things I've noticed. I echo Deviant's points that Defcon is the high point of sec cons and can/should bring in the best bang they can. That said, excluding good ideas because of inexperienced speakers is'nt in line with this community. Some people can't beta test talks or get experience on the circut due to finances or geographical isolation. Thier one and only con speaking change may be Defcon. That said, the bar for the content should be set a bit higher if the speaker is an unknown quantity. I'd rather goto a newb talk by an entertaining speaker rather than an regular talk by someone who cannot form a complete sentance. That said, if the content is elite, I'd be willing to put up with more

                      I was on the speaker selection commitee for HOPE this past year and learned alot of the difficulties the selection people have. That said, due dilligence in vetting the speakers previous speaking experience goes a ling way to keeping the audience happy. I remember at another con that was great content, but the speakers inexperience really took away from the talk and made it almost painful to be there. Now that same speaker has improved greatly since then, but it would have to be a stellar topic with lots behind it to want them to speak as they first did.

                      One issue that irked me slightly was the overlap of Andrei's ADS-B talk at Blackhat and my own. Since BH is before Defcon, his talk got much of the attention, which is not unexpected and actually quite welcome since we both had the same goal of getting info out. The problem was the overlapping of topics caught me by surprise. If He was presenting at BH and likely submitted to Defcon, why were both accepted? Often the same speaker presents at both. I would have expected selection to favor the continuation of the momentum at BH and have Andrei speak at DC, rather than myself on the same topic. No idea if the BH and DC selection people even see one anothers submissions or if there is any coordination.

                      I totally agree with Deviant and others that the number of talks is too high. Between 5 tracks, villages, skytalks, it's impossible to see everything. Fewer tracks, bigger rooms, tighter vetting of speakers to get the best we can.


                      Related to the above is that there is way too much going on at any given time. Never thought I'd say that about Defcon but I experienced it this year. I barely saw any of my friends because with so much going on, the chances of being at the same event were limited. Throw offiste events like the Ninja party and it gets worse. Again, in the essay:

                      - Talks 10am-5pm
                      - Villages run to 7pm
                      - 'Official' parties start 8ish.

                      Basically the idea is that you reduce the distractions to allow people time to eat, shower, change, meet up and have an hour of social time because there is nothing major happening. It's a calm before the storm that helps facilitate being social, as well as the 3-2-1 rule.

                      Getting select speakers to do their talk a second time during this period may also be an option. If there's an encore presentation, those that could'nt get in first time around are not totally screwed.

                      Related to that was the chill out room. I found it very loud in there and not condusive to sitting around and hanging out, particularly the stand up cocktail tables that ended up as defacto trash collectors. More couches please. I like what they were playing, but there was not much chill in the room.

                      Defcon Kids: Keep doing what you are doing, I saw no issues there. Though I'm not a fan of the 'kids' badge unless it is specifically restriced access after X o'clock and therefore reduced value to the wearer.

                      Keynotes: Adam Savage was cool, Same with Gen. Alexander, but frankly do we need them? It's not like we are hurting to put butts in seats that we need to bring in celebs. Do we need to have non-community celebs show up? The logistics and headaches they cause in terms of lines and security may not always be worth it (The goons and other security walking around and the fact you were afraid to even scratch yourself during the Generals talk says something).

                      I did'nt note any advertising that was over the top (not looking as hard this year) so whomever was keeping an eye on that, good job.

                      Reading through all these posts shows there's some good ideas out there. Keep them going with them.

                      A few random things:

                      The suggestion of a Badge integration of Name/Area code fill in area; I like this.

                      Grey Frequency and I dress up because I remember one couple from DC 7-9ish who went all out in thier costumes back in the day and appreciated the effort and want to continue that. I invite others to dress up more (formal or halloween) in the evenings. It's a great deal of fun and makes for a great project through the year to plan. Any suggestions on how to get more people to 'dress up'

                      To anyone that thinks Goons are big ol' meanies, a few words. Think about the community we are in and our traits. We tend towards anti-authoritarian. Goons are a nessecary authority. If they are yelling and being imposing, it's because alot of people won't recognize thier authority unless it's reinforced with a primal sense of maybe getting your ass kicked. I know many of the goons. They keep us safe and intercede before cops, hotel security gets involved and take thier duties seroiusly. If them yelling to get the point accross bothers you, either A) Realize they are nessecary and stop being a dick that is causing them to yell. B) Show up a week early, help setup, walk 20 miles or more in 8 hours around the hotel each day without drinking heavily, being able to participate in events you want to or seeing talks you want to see and dealing with people who are being dicks. If you do either A) or B) and the goon continues to be a big meany, you then have a right to complain.

                      I'm sure I'll have more, but for now, that's it.

                      </RANT>
                      Never drink anything larger than your head!





                      Comment


                      • Re: How would you make Defcon 21 better?

                        Originally posted by Dark Tangent View Post
                        I am curious on peoples opinions about having a Tamper Evident village next year?

                        We have so many tags, bags, and tapes and the contest has been around now for three years I want to try something new. The idea is to have a village, like lock picking, where people can play. Of course it will not be as large or as popular as LPV but it will hopefully inspire a wider audience to get involved. I am hoping then that I can work with another group do the TE Contest (MFP perhaps?)
                        Get tamper evident materials which mark the contents of the container, such as the ink bombs banks use to mark money from a robbery. Then put a black badge in the container and it is only valid if it remains uninked.

                        Comment


                        • Re: How would you make Defcon 21 better?

                          And what? Everyone gets X amount of time to try? How would you manage it?
                          |

                          Comment


                          • Re: How would you make Defcon 21 better?

                            Originally posted by Dark Tangent View Post
                            I am curious on peoples opinions about having a Tamper Evident village next year?
                            Yes, please. We could chain Datagram and MMCA's team (is Datagram on it, i can't remember) to a table and make them show us voodoo.

                            But actually, it would be absolutely awesome to have some stuff to play with because a lot of it is hard to get in small quantities and/or still attached to things that we don't want to have evidence of tampering of.

                            Tamper Evident attached to Lockpick Village would be off the hook.
                            ======================================
                            DJ Jackalope
                            dopest dj in the galaxy. *mwah!*

                            send in the drop bears!
                            ======================================

                            Comment


                            • Re: How would you make Defcon 21 better?

                              Originally posted by Dark Tangent View Post
                              Does that mean you volunteer for the review board next year? Just 300-400 or so submissions to review! We would love to have you.
                              Actually, if there is room in that review board, this would be a way that I could actually contribute. I'd be glad to help out.

                              Walt

                              Comment


                              • Re: How would you make Defcon 21 better?

                                Originally posted by renderman View Post

                                <snip>

                                Related to the above is that there is way too much going on at any given time. Never thought I'd say that about Defcon but I experienced it this year. I barely saw any of my friends because with so much going on, the chances of being at the same event were limited. Throw offiste events like the Ninja party and it gets worse. Again, in the essay:

                                - Talks 10am-5pm
                                - Villages run to 7pm
                                - 'Official' parties start 8ish.

                                Basically the idea is that you reduce the distractions to allow people time to eat, shower, change, meet up and have an hour of social time because there is nothing major happening. It's a calm before the storm that helps facilitate being social, as well as the 3-2-1 rule.

                                <snip>
                                Renderman, I have to disagree with both you and Deviant here. One of the *best* things about DefCon, is that there is so much to do. I'm not knocking either of you, but I think it's kind of selfish to proceed with the idea that because you didn't "get to see your friends" or "get to see everything" that there should be less stuff (to see/do).

                                Why start trying to "limit" things? What if someone said "Hey, let's get rid of all the villages, they distract from the talks". How bout "Let's get rid of all the parties and keep the hacking things open later".

                                Maybe my Libertarian side is bleeding through here, but if we start "limiting" different aspects of DefCon don't we run the risk of limiting people that attend the event?

                                One of my favorite things that DefCon does is this: If you have an idea and are willing to put in the work, by and large DT/DEFCON will let you try it. They'll even create an Unofficial forum for you. So, (personally) I'd really hate to see any "limiting" at DefCon, 'cuz it runs the risk of some people with some really cool idea's being left out in the cold.

                                If someone feels that there is "too much to do", instead of trying to control everyone else by putting "limits" on what is done (and when). Maybe that person just needs to prioritize better for themselves.

                                As I said, I'm not *trying* to take shots at you here, and I think everyone appreciates the fact that you took the time and energy to create that document and post your thoughts. However, I do have a response to something else you said in your document.

                                Culture:
                                When did Defcon go from a hacker convention to a security convention?
                                It's interesting that you said, and then went ahead and made your bio for DefCon 20 like this:

                                Brad Haines (RenderMan) CISSP, is a Whitehat by trade, Blackhat by fashion. A very visible and well known member of the wardriving and hacker community, he does whatever he can to learn how things work, how to make them better and to teach people the same. A firm believer in the hacker ethic of openness, sharing, and collaboration. Never afraid to try something new, he can usually be found taking unnecessary risks for the sake of the experience.
                                Twitter: @ihackedwhat
                                If you truly want it to remain a "hacker convention" and not a "security convention", why not start with yourself and your own bio (when you present)?

                                From your paper:
                                Look at the DC7 speaker list and there are is only a tiny number of speakers using real names, the rest are all nicknames and hardly any company affiliations mentioned.
                                that was written of course by, Brad Haines (RenderMan), CISSP.

                                As I said, I'm not trying to ridicule you here. But if we want something to be different, we need to start with ourselves before others.
                                And I heard a voice in the midst of the four beasts, And I looked and behold: a pale horse. And his name, that sat on him, was Death. And Hell followed with him.

                                Comment

                                Working...
                                X