I figured that surely this would be a sticky post somewhere, but I can't find one. Perhaps my forum search-fu is weak. After all, I am a noob (first DEFCON). π
Someone on Twitter posted this link, which is pretty comprehensive.
https://theplaceboeffects.wordpress....r-summer-camp/
Basically, I'm trying to decide what devices to bring, how to configure them for decent security without getting too crazy, and tips for how to avoid the wall of sheep while at the con.
I realize that security is never 100% and that focused attacks are very hard to stop. I'm looking for the basics here - how to be safer than not, how to avoid silly mistakes, and how to be respectfully cautious and still enjoy the con. So far I'm thinking the following:
- Update OS and apps on devices, back them up completely beforehand
- Turn off Bluetooth and Wi-Fi on my laptop and iPhone
- Use cellular data where necessary, using a VPN
- For laptop, use wired/USB tether to iPhone for internet
- I'll be running Kali on my laptop, but can dual boot to Win10 Pro if needed
- Avoid unknown USB devices
- Avoid all USB charging ports (or use a data blocker)
- Reboot my iPhone at least daily
Less sure about this one: "Uninstall or do not use applications that have access to financial or personal data. I know youβre going to use Twitter, Facebook, Slack, etc. Just make sure to change those passwords when you get home." What about LastPass? It requires Face ID to open, or I could require vault password - but I'm going to need access to that. I guess I could use the web version. Probably can remove bank apps, shouldn't need them - but they require secondary login to access, as well, so are they safer?
Do the suggestions change for DEFCON floor vs hotel room? (I'm staying in the DC hotel block.)
Thanks in advance! π
Someone on Twitter posted this link, which is pretty comprehensive.
https://theplaceboeffects.wordpress....r-summer-camp/
Basically, I'm trying to decide what devices to bring, how to configure them for decent security without getting too crazy, and tips for how to avoid the wall of sheep while at the con.
I realize that security is never 100% and that focused attacks are very hard to stop. I'm looking for the basics here - how to be safer than not, how to avoid silly mistakes, and how to be respectfully cautious and still enjoy the con. So far I'm thinking the following:
- Update OS and apps on devices, back them up completely beforehand
- Turn off Bluetooth and Wi-Fi on my laptop and iPhone
- Use cellular data where necessary, using a VPN
- For laptop, use wired/USB tether to iPhone for internet
- I'll be running Kali on my laptop, but can dual boot to Win10 Pro if needed
- Avoid unknown USB devices
- Avoid all USB charging ports (or use a data blocker)
- Reboot my iPhone at least daily
Less sure about this one: "Uninstall or do not use applications that have access to financial or personal data. I know youβre going to use Twitter, Facebook, Slack, etc. Just make sure to change those passwords when you get home." What about LastPass? It requires Face ID to open, or I could require vault password - but I'm going to need access to that. I guess I could use the web version. Probably can remove bank apps, shouldn't need them - but they require secondary login to access, as well, so are they safer?
Do the suggestions change for DEFCON floor vs hotel room? (I'm staying in the DC hotel block.)
Thanks in advance! π
Comment