This year I decided to attend Defcon not as a regular attendant but as a volunteer. When I started looking for volunteering options I saw a post on twitter asking for volunteers for two new villages – the Red Team and the Aviation villages. I got registered for both and was accepted on both.
The Red Team Village preparation was very organized and professional. We had weekly calls, we had assignments, that was also a register site used to volunteers sign in what time they could be available with things like setup, different stations and tear down. So many things tthink of and so many challenges that appeared but the result was great by the end.
I loved the setup with different stations, web hacking, exploit development, network hacking, etc. There was also a DJ there all the time.
We had over 25,000 people that attended Defcon 27 and the Red Team Village was very popular having always a line just to enter the room. Surprisingly I observed most people struggled to get through the challenges. This made me reflect a little bit in terms of who we are as security professionals and the level of skills we have. Defcon is the largest and oldest hackers conferences.
The aviation village was a little different. It was also We didn’t know too much about it before it actually happened during setup. There were military people involved from navy and air force, DHS was present as well and I understand security clearance was a major issue that’s why nothing was able to be discussed with the volunteers. We were surprised during the setup with the unload of the F-35 Flight simulator. The village also counted with a can bus for airplanes presented by Rapid7, Synack worked on a live CTF, there were also Lego devices connected with bus pirates and other micro controllers for the public to connect and try inject commands for change speed of the propeller, and things like that. Also there was a lego airport set up were exploits were used to shutdown airport power, pump stations and get it completely messed up.
The villages are becoming so big and so many! The cloud village was also a new one this year, the AppSec, and I love them because normally you can not only listen to good and specific talks, but you normally can interact, try something put hands on, participate on CTFs if you want. That was a great idea and I like it grows every year.
The conference is huge and specially for n00bs you need some sort of preparation before you go to Defcon. Select the talks you want to see, and put on the agenda with the time and location. When one talk ends your next talk you want to watch may be on a completely different building and you have to consider the time to walk to there. Walk in the middle of Las Vegas summer, that is hot and dry, You must drink lots of water, and you will do lots of exercises walking, there is no doubt about that.
Everybody I spoken too it was so nice, people are willing to share, to explain, to talk and that’s the great part of Defcon. The people that are in there.
I friend of mine was trying to buy a Raspberry Pi 4 there but nobody was selling. I was surprised the vendor area didn’t have anything like that or vendors like Adafruit or Makers products. This is the perfect place to have them in my opinion.
The funniest part of that is that I took my wife, son and dogs with me this time as I drove to Vegas and my wife saw a little bit of the conference and the people and she get amazed and said that now she is certain that I am crazy 🙂
See you next year Defcon!
Also check: Newest Course on LinkedIn Learning – Hacking IoT devices by Luciano Ferrari