Announcement

Collapse
No announcement yet.

DC 14 Printed Con Program - Thoughts?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    I think that the talk synopsis should be in alphabetical by talk title, not by speaker. It's usually quite frustrating finding the talk I'm looking for. Either that or put them in Chronological order.
    Never drink anything larger than your head!





    Comment


    • #17
      i think the slogan contest winner should be picked early enough to include their quote in the book.

      (note: i didn get last years book, so this may be how its done now, i dont know....)
      the fresh prince of 1337

      To learn how to hack; submit your request

      Comment


      • #18
        Originally posted by KeLviN
        i think the slogan contest winner should be picked early enough to include their quote in the book.

        (note: i didn get last years book, so this may be how its done now, i dont know....)
        It is already in there, I made 2nd place one time and the goon shirt slogan the next year.

        How about adding some encrypted or secret code in the booklet somewhere amongst the normal words and breaks. MI5 did that in a newspaper one day and many broke the "unbreakable" code.

        Comment


        • #19
          Originally posted by astcell
          How about adding some encrypted or secret code in the booklet somewhere amongst the normal words and breaks.
          speaking of something like that, was the "where's leeto" conest ever a real event at a previous defcon? i can recall something like that amid the pages of one program a couple years back and knew some people wanted to find out more details of the game, but last i'd heard at that con, no one knew anything. was it supposed to be a game where you'd have to sniff out the clues, rules, and objectives? or was it a whole lot of nuthin'?
          "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
          - Trent Reznor

          Comment


          • #20
            The real story behind "Find Leeto"

            Originally posted by Deviant Ollam
            speaking of something like that, was the "where's leeto" conest ever a real event at a previous defcon? i can recall something like that amid the pages of one program a couple years back and knew some people wanted to find out more details of the game, but last i'd heard at that con, no one knew anything. was it supposed to be a game where you'd have to sniff out the clues, rules, and objectives? or was it a whole lot of nuthin'?
            Actually, "Find Leeto" was an intricate Alternate Reality Game 5 months in the making that was designed and executed by Ninja Networks. I oversaw the project.

            We kept completely quiet on it and this is (I believe) the first time we're going to come out and talk about it at all. I hope people read this because it's going to give you an idea of how much shit most people missed out on because they didn't follow some blatantly obvious clues, including some which were in the printed material handed to every Defcon attendee.

            The game was a mix of "hacking" and real life detective work, and included staged real-life events, fake websites, hidden items at the hotel, and hired actors at the con.

            We created a guy named "Leeto Burrito", portrayed by an actor, and gave him a twin brother, "Guido Burrito." The story goes like this (as much as I can remember as this was a couple years ago.)

            Leeto was a security consultant who found a major exploit in "BECWare v9.1.6", released by Big Evil Corporation. If their website looked anything like SCO's website at the time, that is a complete coincidence.

            A few hours before Leeto was set to publically release the exploit, he was kidnapped at a convenience store, the attack was caught on tape. I actually took a gas station in Sacramento, closed it down temporarily, and videotaped a staged kidnapping, complete with real Sacramento PD presence. This video was the first thing you'd have seen if you went to findleeto.com during Defcon 11.

            Guido Burrito (a hired actor named Matthew Donaldson) then set up this findleeto.com domain and came to Defcon to enlist hackers in the effort to find his twin brother, who he suspected was being held prisoner somewhere in Las Vegas. He put up tons of flyers at Defcon 11, and handed out business cards. The business cards contained a fake PGP key on the back that was part of the puzzle, and (if I remember correctly) could be decoded directly into a compressed audio file. The file contained morse code that provided a clue. There was also a barcode on the card that provided another clue. The phone number on the card worked and also provided clues.

            Ultimately, by following clues on the poster, the card, and the website, you would find Leeto Burrito's livejournal. On his livejournal, the most recent posting was from AFTER his kidnapping, and was a photo of an area behind the Alexis Park with the caption "Look Closer". This was a misleading clue - searching the area featured in the picture would turn up no results. However, searching the JPG file itself would return text from a comment field indicating that the image had been Stenographed and provide information needed to download the stenography tool. Upon doing so and running the utility on the image, you would be given a direct clue to the next part of the puzzle.

            Eventually you would discover a fax number, and be told that you need to fax a contact phone number to this number. If you did so, you would promptly receive a phone call from a mysterious person telling you to meet them behind a nearby building in an alleyway at a specific time. You would be told to bring friends because "it isn't safe."

            Nobody got this far. Upon showing up, a nervous looking man would appear and begin talking to you about Leeto. He would tell you that he's an employee of Big Evil Corp and that he thinks this is all a conspiracy, and that BEC would lose millions in government sales if Leeto's exploit was made public. However, almost immediately, a black SUV and a white van would pull up and men would get out, grab him kicking and screaming, and toss him in the van. He would scream about how they are "Trashing his rights" and he would point quite clearly to a small trash bin right next to you. Opening the bin after he was taken away in the van would expose a large box of 3.5 diskettes.

            These diskettes are the final piece of the puzzle. They all appear to be empty, but they are not. There is in fact a video file on each diskette that can be recovered, and this video file was taken by Leeto himself with his camera phone. It shows him bound and gagged, and he holds up a piece of paper with his room number at the Alexis Park on it.

            The first group of people to figure this out and go to that room would have found a hired actor (the same one that you'd seen walking around Con for 2 days, only this time portraying Leeto Burrito, the kidnapped brother) bound and gagged, tied to a chair. Upon releasing him they would have won the game, which included cash prizes courtesy of Ninja Networks and some nice recognition, at least from us. :)

            I'd brought DT up to speed on the game (it was printed in the defcon program, after all) and he was supposed to make some announcements during Con when we realized people weren't picking up on the really obvious clues. I'm not sure if he did as I didn't press the issue at that point. In any event, we were -shocked- that people could be so dense. Our actor reported back that people actually thought the whole thing was legit and that his brother actually had been kidnapped. People were offering their sincere apologies. I mean, a cursory look at the business card, the flyer, or the website, screams "fake", and that should have been enough to get people to at least go to the URL.

            Once you got to the website, it became quite obvious what was going on.

            To put the game together we had to carefully pace it - it had to be over by Sunday afternoon, so we actually had to insert "breakpoints" into the game, allowing us to control the flow. An example of such a breakpoint was the meeting in the alleyway. We controlled the time of the meeting, so it allowed us to do two things. Firstly, it allowed us to keep people from advancing too quickly, allowing other people to catch up a bit so that more people could have the full experience. Secondly, it allowed us to make sure that people had reached certain points by certain times. If nobody had reached breakpoint X, we knew where people were and could release more information to get people moving faster. The last few puzzles related to the diskette had no breakpoints, so the teams that reached this last "leg" (think about it working like "The Amazing Race") all had an equal chance of winning the game.

            Honestly, we put a -ton- of work in on this and spent a nice chunk of change, and I was really disappointed that the defcon crowd completely missed it. I mean, it was set up very carefully to make sure to involve people from many different walks of technical life. We had radio stuff with the morse code, we had plenty of computer hacking related things, and a lot of actual thinking and detective work. Not to mention we had a hired actor who was extremely well informed walking around Con offering advice and clues to anyone who would just ask him.

            All in all we had set up multiple fake phone numbers, rented vehicles, hired actors, made multiple websites, created mutiple livejournals that were carefully backdated for over a year, printed tons of materials, produced multiple videos, and basically put a lot of time and effort into the thing. Not to mention we had to silently run the thing while at Con (checking for faxes, keeping actors ready, keeping track of progress, etc) and still do all the usual Ninja Networks stuff.

            Basically, the project was a failure. Despite our best efforts, including our actor walking around con giving business cards to anyone that would take them, only a couple groups of people picked up on it, and even they didn't make it past the first 2 or 3 steps.

            We thought about doing it again the following year and making it more officially known, but decided against it. It was a lot of effort and the payout was abyssmal.

            Everyone in the Ninja Networks crew contributed something to the game, including but not limted to myself, felix, pac-bell, xe0n, nous, nkryptr, signine, junk, crackerjack, TW, and capnhook. I'm sure I'm forgetting a few people but everyone kicked in for something, and everyone kept their mouths shut.

            So there you have it. That's what findleeto was all about. Would have been a lot of fun.

            -barkode
            Last edited by barkode; March 16, 2006, 16:31.

            Comment


            • #21
              For replies about the leeto burrito contest, please take them here.
              (Replies here were moved to that thread.)

              Thanks!

              More comments about the Defcon program?

              Comment


              • #22
                Originally posted by blackbeetle
                Every few years, we grapple with redesigning the con program - whether it be size or content. Now is the time to chime in.

                1) Does anyone really "read" the program? Just about all the information in there can be found on various websites... is it necessary to reiterate it in print?
                2) Are there elements/sections that should be added?
                3) Are there elements/sections that should be removed?
                4) Should the program be physically larger (in dimension) or smaller (in dimension)? We know that the "pocket" size has been well received but physical dimensions does at times pose layout issues.
                5) Additional comments?

                I always read it. It's good for when there's downtime between talks or you're waiting for your plane home.

                I can't think of anything to add or remove. Can't I just like it for what it is?! :(

                The size has always worked for me. Maybe there should be a largeprint edition for those who are getting a up there in years...

                I could stand some more essays in the vein of Richard Thieme's musings. Any chance we could get some authors of Hacker canon, (Neil Stephenson, Steven Levy, Ray Kurzweil, William Gibson) to pick up their pen?
                cows like candy

                Comment


                • #23
                  For those of us who cannot get enough of Defcon, we even read the page numbers. Believe me, the program is better than a Star Trek script!

                  Comment


                  • #24
                    I tend to browse through it and read everything in it later. I love the little essay type things that are in it. (I want to write one!) Keep the thank yous.

                    I think it is good to put some of the info that can be found on websites in the program, not everyone has thier laptop at the con.

                    Maybe do a color tab thing on the side of the program pages, so you can flip through it really fast and stop at a color you want: ie, like the side color of the pages would be blue for events, or red for biographies about speakers, etc. Not an actual tab, just a printed color on the edge of the page.

                    Program size and thickness? Awesome. Love it.

                    Biographies about the djs and the goons? I know the goons are on the site, but it might be nice for newbies to know who they are bowing to.

                    that's all I can think about now, I'll post up more if there's anything else.
                    ======================================
                    DJ Jackalope
                    dopest dj in the galaxy. *mwah!*

                    send in the drop bears!
                    ======================================

                    Comment


                    • #25
                      Re: DC 14 Printed Con Program - Thoughts?

                      Please keep the printed program.
                      I do read it.
                      --BC,
                      Last edited by big chopper; July 1, 2006, 08:23.

                      Comment


                      • #26
                        Re: DC 14 Printed Con Program - Thoughts?

                        Agreed. Print extras because I, like others, like to keep a "pristine" copy to read and another copy for working notes and tracking my schedule.
                        DaKahuna
                        ___________________
                        Will Hack for Bandwidth

                        Comment


                        • #27
                          Re: DC 14 Printed Con Program - Thoughts?

                          Originally posted by DaKahuna
                          Agreed. Print extras because I, like others, like to keep a "pristine" copy to read and another copy for working notes and tracking my schedule.

                          You forgot to mention the one that usually ends up with some form of alcohol spilled all over it, or am I really the only one this happens to every year?
                          ======================================
                          DJ Jackalope
                          dopest dj in the galaxy. *mwah!*

                          send in the drop bears!
                          ======================================

                          Comment

                          Working...
                          X