DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

DEF CON 29 Registration is LIVE!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • kathysrazor
    replied
    Originally posted by bitpusher View Post
    Also, this years restrictions exclude myself and my family from participating in person. We had been looking forward to returning physically to our hacking home for an extra year, and are quite sorry to have to participate only virtually again this year. Just had to cancel our room reservations - which really hurt. Hope some sanity returns next year, so that we can as well. Miss you all.
    I'm going to take a stab at it, but it sounds like this will be another one of those venues that doesn't really care about physical limitations. It was hard enough to breathe before I got COVID in 2020, and my lungs only got worse after that. I was one of the first to get fully vaccinated, avoided going out, and have a rescue inhaler. It's still hard to wear a mask for any period of time, and the inhaler only works for so long.

    It's easy to go "oh, just wear a mask all the time in public", but I find that the people saying that are almost always coming from a position of health and privilege. One thing the pandemic demonstrated was how many businesses and cities were willing to pay lip service to "except those with medical exemptions", but when the rubber hit the road they didn't care, regardless of documentation.

    Leave a comment:


  • bitpusher
    replied
    Greetings. DEF CON is a private event, so I fully support your right to set whatever arbitrary requirements you want for admittance.

    At the same time, I lament some of the choices made this year, which seem arbitrarily restrictive, based on an insupportable level of trust in government, and contrary to the individual empowerment of the hacker ethic.

    Also, this years restrictions exclude myself and my family from participating in person. We had been looking forward to returning physically to our hacking home for an extra year, and are quite sorry to have to participate only virtually again this year. Just had to cancel our room reservations - which really hurt. Hope some sanity returns next year, so that we can as well. Miss you all.

    Leave a comment:


  • KingRat
    commented on 's reply
    Thanks for handling that number6!
    Looking forward to seeing everyone!

  • Dark Tangent
    commented on 's reply
    Thanks for the follow up. Yes it is a global vaccination experiment, and what people learn now will be used for the next inevitable pandemic. My guess is that the mRNA process is so much faster and precise that it will be come the dominant technology.

    Absolutely don't travel or feel pressured to attend if you are not comfortable. Next year see what happens!

    To answer your question we are requiring whatever the original vaccination card you were given at the completion of your shot(s). We know people can counterfeit them, but that is a crime in the States and you would still be required to wear a mask.

  • lex-LOU-thor
    replied
    And thank you for your honest replies. Oh by the way - the loss of interest is for this year we'll see what happens given the context of future years - no one ever required my yellow vaccination card before within my own country. And question 2 was more about the process of validation, than collection or storage. Was wondering what evidence was going to be required.

    Leave a comment:


  • lex-LOU-thor
    commented on 's reply
    Understood - respectfully disagree. I fully understand you are a private event. No qualms there - just wanted to make sure I understood your mandates. Respectfully - I just lost my stomach for the event in total. I respect your decision - but given the issues with vaccines (note - I am NOT an anti-vaxer) - I have been taking a wait and see attitude since there has not been sufficient testing of the vaccines (since the processes were condense from 18 to 24 months to about 9). The numbers don't add up for me (IMHO - and this is just for me). I hope you all have a good conference and learn lots.

  • Dark Tangent
    replied
    1 - Yes
    2 - We won't collect or store any PII
    3 - We are a private event, so we can currently set our own standards. If a law forces us to allow people to not wear masks we would cancel the event

    Leave a comment:


  • lex-LOU-thor
    replied
    1) Just so I am clear - you MUST be vaccinated by a "vaccine" that has not been fully FDA approved (just approved for rapid deployment)?
    2) How do you plan to validate vaccination for protected PHI?
    3) How does changing CDC guidelines and State invoked mandates affect the MUST wear a Mask and be Vaccinated mandate for attending in person? Or does it?
    Respectfully - my apologies if I missed the postings elsewhere on this site.

    Leave a comment:


  • almus
    commented on 's reply
    "Would a vaccination card and photo ID work? Isn't that too much PII? If a photo ID could have "all but essential data for confirming the details on the vaccine card match the photo ID" what would that include? Is there a way for people to "mask out" details on a photo ID and vaccination card but still provide the *minimum* required to complete a chain of validating the person present is the one that matches the vaccination card? Is there a way to complete this process and not record data about attendees but meet enough requirements that the convention is not shut down?"

    This is exactly the problem. As the US, and most of the rest of the world is not issuing any sort of "proof" of vaccination, there is no answer here. If we were talking about "a night out at the bar" with a dozen people then the risk profile is much lower than at a Los Vegas convention with a community that prides itself in its ability to break rules. A vaccination card is easy to forge and there are too many people in this community that has already been very vocal about not getting the vaccine. I do not think there is any *reasonable*, *safe*, and * cost-effective* method that can be used to verify proof of vaccination and without that, it seems irresponsible to me to invite thousands of hackers to Vegas to share a space.

    If there was a reasonable way to administer antibody tests on-site, that would solve this, but that can not be done in a cost-effective and/or logistically reasonable way. I'm open to hearing that smarter people than me have this problem solved. I would love to come on-site this year, I just don't understand yet how that can be made reasonably safe.

  • Dark Tangent
    commented on 's reply
    With a vaccination such as J&J single shot 1 dose is considered vaccinated, but with a Moderna one of two doses would we be half vaccinated.

  • xangma
    replied
    Hi, the FAQ doesn't specify whether vaccination means at least the first dose, or both doses? Which is it? :-)

    Leave a comment:


  • number6
    commented on 's reply
    If you paid for an "in-person badge" those are picked up in-person if the in-person DEF CON happens.
    If you paid for a "virtual badge" those are to be mailed through some sort of postal service.
    If the DEF CON in-person event is cancelled, then the present plan (as of May 21, 2021) is to total the difference in price between in-person badge and the virtual badge, then subtract the cost of shipping from that, and use that result as a partial refund, then use a postal service to mail a virtual badge to the person.

    dmr wrote:
    "Also, how will the Covid vaccine status be checked and verified? Do you need to bring your CDC Covid vaccine certificate?"

    In case it is required, I would bring whatever card/evidence was provided to you as proof of vaccination. Better to have it and not need it than need it an not have it.

    As for "how the COVID-19 vaccine status will be checked" I don't have an answer for you on this, but new ideas are welcome...

    Let's assume you were in charge. :-)

    If you were DT, and you wanted to create a system that could avoid Denial of Service, but meet the requirements from (1) Hotel/Casino , (2) City of Las Vegas , (3) state of Nevada, (4) US Government for conventions/gatherings (if any) *and* avoid access to people's PII, or at least reducing access to PII to the least amount required, and record only what was required, what would you suggest?

    In order to avoid DoS, network-based systems are a bit problematic, so might be a non-starter. If a DoS can stop badges from being sold, that would be a problem. Badge purchases pay for running the convention.

    Would a vaccination card and photo ID work? Isn't that too much PII? If a photo ID could have "all but essential data for confirming the details on the vaccine card match the photo ID" what would that include? Is there a way for people to "mask out" details on a photo ID and vaccination card but still provide the *minimum* required to complete a chain of validating the person present is the one that matches the vaccination card? Is there a way to complete this process and not record data about attendees but meet enough requirements that the convention is not shut down?

    Suggestions and new ideas welcome.

    Thanks!

  • number6
    commented on 's reply
    Update, person that runs the online store ( https://shop.defcon.org/products/def-con-29 ) updated content. It now (May 21, 2021) reads:
    "If we are required to cancel the in-person conference, your purchase price will be adjusted to $85 + shipping cost to your location.
    For example, $300 - ($85 + $10)"
    Use of parenthesis allows for mathematical "order of operation" to force the sum of virtual badge and shipping be combined first, then subtracted from the cost of an in-person badge.
    Thanks again for the report. Content was made better by your constructive criticism.

  • number6
    commented on 's reply
    Disclaimer: I do not manage the online store or have any access to records for order, users, access to file for refunds, check progress of any order or support issue for the store. In short, I am *unable* to help with any specific order issues.
    Any issues with an order, request for refund, or more should be sent to the email address mentioned with the online store, or in email messages from the online store. As of this writing, that email address is presently "shop@mail.defcon.org" which may change in the future. Check the online store and order emails for the latest, best way to reach support for the online store.

    An offer just for breeze just for this issue because this online store is new and this process of online badge ordering is new : as for lack of response, I can try to see if messages are getting stuck in our spam filter, or blocked from being accepted....
    Last edited by number6; May 22, 2021, 01:29.

  • breeze
    commented on 's reply
    I have just emailed again in plaintext email in case the images from the original store order confirmation email being quoted somehow got my emails stuck in a spam filter.
Working...
X