DEF CON

This article is about the computer security convention. For other uses, see Defcon (disambiguation).

DEF CON
Status	Active
Genre	Security Conference, Hacker Conference
Begins	June 9, 1993 (1993-06-09)[1]
Frequency	Annual
Venue	Caesars Palace
Location(s)	Las Vegas, Nevada
Years active	31
Founder	Jeff Moss
Previous event	August 4–7, 2016
Next event	July 27–30, 2017
Website	defcon.org

DEF CON (also written as DEFCON, Defcon, or DC) is one of the world's largest hacker conventions, held annually in Las Vegas, Nevada, with the first DEF CON taking place in June 1993. Many of the attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, phone phreaking, hardware modification, and anything else that can be "hacked." The event consists of several tracks of speakers about computer- and hacking-related subjects, as well as social events Wargames and contests in everything from creating the longest Wi-Fi connection (aircrack-ng) and hacking computer systems to who can most effectively cool a beer in the Nevada heat.

Other contests, past and present, include lockpicking, robotics-related contests, art, slogan, coffee wars, scavenger hunt and Capture the Flag. Capture the Flag (CTF) is perhaps the best known of these contests. It is a hacking competition where teams of hackers attempt to attack and defend computers and networks using certain software and network structures. CTF has been emulated at other hacking conferences as well as in academic and military contexts.

Federal law enforcement agents from the FBI, DoD, United States Postal Inspection Service, and other agencies regularly attend DEF CON.^[2][3]

History

DEF CON was founded in 1993 by Jeff Moss as a farewell party for his friend, fellow hacker, and member of "Platinum Net", a Fido protocol based hacking network out of Canada.^[4] The party was planned for Las Vegas a few days before his friend was to leave the United States, because his father had accepted employment out of the country. However, his friend's father left early, taking his friend along, so Jeff was left alone with the entire party planned. Jeff decided to invite all his hacker friends to go to Las Vegas with him and have the party with them instead. Hacker friends from far and wide got together and laid the foundation for DEF CON, with roughly 100 people in attendance.

The term DEF CON comes from the movie WarGames, referencing the U.S. Armed Forces defense readiness condition (DEFCON). In the movie, Las Vegas was selected as a nuclear target, and since the event was being hosted in Las Vegas, it occurred to Jeff Moss to name the convention DEF CON. However, to a lesser extent, CON also stands for convention and DEF is taken from the letters on the number 3 on a telephone keypad, a reference to phone phreakers.^{[citation needed]} Any variation of the spelling, other than "DEF CON", could be considered an infringement of the DEF CON brand. The official name of the conference includes a space in-between DEF and CON.

DEF CON was planned to be a one-time event, a party for his friend, but he kept getting e-mail from people encouraging him to host again the next year. After a while, he was convinced to host the event again, and the attendance nearly doubled the second year.^[5] In 2016, 22,000 people attended DEF CON 24.

Black Badge

The Black Badge is the highest award DEF CON gives to contest winners of certain events. Capture the flag (CTF) winners sometimes earn these, as well as Hacker Jeopardy winners. The contests that are awarded Black Badges vary from year to year, and a Black Badge allows free entrance to DEF CON for life, potentially a value of thousands of dollars.^[6]

In April 2017, A DEF CON Black Badge was featured in an exhibit ^[7] in the Smithsonian Institution's National Museum of American History entitled "Innovations in Defense: Artificial Intelligence and the Challenge of Cybersecurity". The badge belongs to ForAllSecure's Mayhem Cyber Reasoning System,^[8] the winner of the DARPA 2016 Cyber Grand Challenge at DEF CON 24 and the first non-human entity ever to earn a Black Badge.

Fundraising

Since DEF CON 11, fundraisers have been conducted for the Electronic Frontier Foundation (EFF). The first fundraiser was a dunk tank and was an "official" event. The EFF now has an event named "The Summit" hosted by the Vegas 2.0 crew that is an open event and fundraiser. DEF CON 18 (2010) hosted a new fundraiser called MohawkCon.

Notable incidents

High-profile issues which have garnered significant media attention.

Year	Description
1999	On July 10, 1999, the Cult of the Dead Cow hacker collective released Back Orifice 2000 at DEF CON 7, in what was, at the time, the largest presentation in DEF CON history.
2001	On July 16, 2001, Russian programmer Dmitry Sklyarov was arrested the day after DEF CON for writing software to decrypt Adobe's e-book format.
2005	On July 31, 2005, Cisco used legal threats to suppress Mike Lynn from presenting at DEF CON about flaws he had found in the Cisco IOS used on routers.[9]
2007	In August 2007, Michelle Madigan, a reporter for Dateline NBC, attempted to secretly record hackers admitting to crimes at the convention. After being outed by DEF CON founder Jeff Moss during an assembly, she was heckled and chased out of the convention by attendees for her use of covert audio and video recording equipment. DEF CON staff tried to get Madigan to obtain a press pass before the outing happened.[10] A DEF CON source at NBC had tipped off organizers to Madigan's plans.[2]
2008	Main article: Massachusetts Bay Transportation Authority v. Anderson MIT students Zack Anderson, R.J. Ryan and Alessandro Chiesa were to present a session entitled "The Anatomy of a Subway Hack: Breaking Crypto RFIDS and Magstripes of Ticketing Systems." The presentation description included the phrase "Want free subway rides for life?" and promised to focus on the Boston T subway.[11] However, the Massachusetts Bay Transit Authority (MBTA) sued the students and MIT in United States District Court in Massachusetts on August 8, claiming that the students violated the Computer Fraud and Abuse Act (CFAA) by delivering information to conference attendees that could be used to defraud the MBTA of transit fares.[12][13] The court issued a temporary restraining order prohibiting the students from disclosing the material for a period of ten days, despite the fact the material had already been disseminated to DEF CON attendees at the start of the show. In 2008's contest "Race to Zero," contestants submitted a version of given malware which was required to be undetectable by all of the antivirus engines in each round. The contest concept attracted much negative attention.[14][15]
2009	WIRED[16] reported that an ATM kiosk was positioned in the conference center of the Riviera Hotel Casino capturing data from an unknown number of hackers attending the DEF CON hacker conference .
2011	Security company HBGary Federal used legal threats to prevent former CEO Aaron Barr from attending a panel discussion at the conference.[17]
2012	The director of the National Security Agency, Keith B. Alexander, gave the keynote speech.[18] During the question and answers session, the first question for Alexander,[18] fielded by Jeff Moss,[19] was "Does the NSA really keep a file on everyone, and if so, how can I see mine?" Alexander replied "Our job is foreign intelligence" and that "Those who would want to weave the story that we have millions or hundreds of millions of dossiers on people, is absolutely false…From my perspective, this is absolute nonsense."[18] On March 12, 2013, during a United States Senate Select Committee on Intelligence hearing, Senator Ron Wyden quoted the 2012 DEF CON keynote speech and asked Director of National Intelligence James Clapper if the U.S. conducted domestic surveillance; Clapper made statements saying that there was no intentional domestic surveillance.[18] In June 2013 NSA surveillance programs which collected data on US citizens, such as PRISM, had been exposed. Andy Greenberg of Forbes said that NSA officials, including Alexander, in the years 2012 and 2013 "publicly denied–often with carefully hedged words–participating in the kind of snooping on Americans that has since become nearly undeniable."[18]
2013	On July 11, 2013, Jeff Moss posted a statement,[20] located on the DEF CON blog, titled "Feds, We Need Some Time Apart." It stated that "I think it would be best for everyone involved if the feds call a ‘time-out’ and not attend DEF CON this year."[21] This was the first time in the organization's history that it had asked federal authorities not to attend.[20] Actor Will Smith visited the convention to study the DEF CON culture for an upcoming movie role.[22]

Entertainment references

• DEF CON was also portrayed in the The X-Files episode "Three of a Kind" featuring an appearance by The Lone Gunmen. DEF CON was portrayed as a United States government-sponsored convention instead of a civilian convention.
• A semi-fictionalized account of DEF CON 2, "Cyber Christ Meets Lady Luck" written by Winn Schwartau demonstrates some of the early DEF CON culture.^[23]

Venues, dates and attendance

Each conference venue and date has been extracted from the DC archives for easy reference.^[24]

DC	Hotel	Days	Year	Attendance
DEF CON 25	Caesar's Palace	July 27–30	2017	N/A
DEF CON 24	Paris Hotel and Bally's Hotel	August 4–7	2016	22,000
DEF CON 23	Paris Hotel and Bally's Hotel	August 6–9	2015	15,000
DEF CON 22	Rio Hotel & Casino	August 7–10	2014	16,000 [25]
DEF CON 21	Rio Hotel & Casino	August 1–4	2013	12,000 [25]
DEF CON 20	Rio Hotel & Casino	July 26–29	2012	N/A
DEF CON 19	Rio Hotel & Casino	August 4–7	2011	N/A
DEF CON 18	Riviera Hotel & Casino	July 30–August 1	2010	N/A
DEF CON 17	Riviera Hotel & Casino	July 30–August 2	2009	N/A
DEF CON 16	Riviera Hotel & Casino	August 8–10	2008	N/A
DEF CON 15	Riviera Hotel & Casino	August 3–5	2007	N/A
DEF CON 14	Riviera Hotel & Casino	August 4–6	2006	N/A
DEF CON 13	Alexis Park Resort	July 29–31	2005	N/A
DEF CON 12	Alexis Park Resort	July 30–August 1	2004	N/A
DEF CON 11	Alexis Park Resort	August 1–3	2003	N/A
DEF CON 10	Alexis Park Resort	August 2–4	2002	N/A
DEF CON 9	Alexis Park Resort	July 13–15	2001	N/A
DEF CON 8	Alexis Park Resort	July 28–30	2000	N/A
DEF CON 7	Alexis Park Resort	July 9–11	1999	N/A
DEF CON 6	Plaza Hotel & Casino	July 31–August 2	1998	N/A
DEF CON 5	Aladdin Hotel & Casino	July 11–13	1997	N/A
DEF CON 4	Monte Carlo Resort and Casino	July 26–28	1996	N/A
DEF CON 3	Tropicana Resort & Casino	August 4–6	1995	N/A
DEF CON 2	Sahara Hotel and Casino	July 22–24	1994	200 (rough estimate)
DEF CON 1	Sands Hotel & Casino	June 9–11	1993	100 (rough estimate)

Further reading

• "DefCon's Moss: Undercover Reporter Damages 'Neutral Zone'." Information Week. August 6, 2007.
• Mills, Elinor. "NSA director finally greets Defcon hackers." CNET. July 27, 2012.

References

1. "Def Con 1 Archive". Retrieved 2017-04-23.
2. Zetter, Kim (3 August 2007). "Dateline Mole Allegedly at DefCon with Hidden Camera -- Updated: Mole Caught on Tape". Wired Blog Network. Retrieved 2007-08-15. According to DefCon staff, Madigan had told someone she wanted to out an undercover federal agent at DefCon. That person in turn warned DefCon about Madigan's plans. Federal law enforcement agents from FBI, DoD, United States Postal Inspection Service and other agencies regularly attend DefCon to gather intelligence on the latest techniques of hackers.
3. "DEFCON 15 FAQ's". Retrieved 9 Feb 2011. Lots of people come to DEFCON and are doing their job; security professionals, federal agents, and the press.
4. Tangent, The Dark. "DEF CON® Hacking Conference - About". www.defcon.org. Retrieved 2016-03-12.
5. Jeff Moss (July 30, 2007). The Story of DEFCON. Retrieved 9 Feb 2011.
6. Tangent, The Dark. "DEF CON® Hacking Conference - Black Badge Hall of Fame". www.defcon.org. Retrieved 2016-03-12.
7. "Innovations in Defense: Artificial Intelligence and the Challenge of Cybersecurity". americanhistory.si.edu.
8. "Mayhem Wins DARPA CGC". https://forallsecure.com. {{cite web}}: External link in |website= (help)
9. Lamos, Rob (31 July 2005). "Exploit writers team up to target Cisco routers". SecurityFocus. Retrieved 2004-07-31.
10. Cassel, David (4 August 2007). "Transcript: Michelle Madigan's run from Defcon". Tech.Blorge.com. Archived from the original on 2007-09-08. Retrieved 2007-08-15. {{cite web}}: Unknown parameter |deadurl= ignored (|url-status= suggested) (help)
11. Lundin, Leigh (2008-08-17). "Dangerous Ideas". MBTA v DefCon 16. Criminal Brief. Retrieved 2010-10-07.
12. Jeschke, Rebecca (2008-08-09). "MIT Students Gagged by Federal Court Judge". Press Room. EFF.
13. Massachusetts Bay Transit Authority v. Zack Anderson, RJ Ryan, Alessandro Chiesa, and the Massachusetts Institute of Technology (United States District Court District of Massachusetts), Text.
14. "Race to Zero". Contest concept.
15. McMillan, Robert (April 2008). "Security Vendors Slam Defcon Virus Contest". IDG News Service.
16. Malicious ATM Catches Hackers | Threat Level | WIRED
17. "Legal Threat Pushes Former HBGary Federal CEO Out Of DEFCON". Business Security. Archived from the original on 2011-08-10. Retrieved 8/10/2011. {{cite web}}: Check date values in: |accessdate= (help); Unknown parameter |deadurl= ignored (|url-status= suggested) (help)
18. Greenberg, Andy. "Watch Top U.S. Intelligence Officials Repeatedly Deny NSA Spying On Americans Over The Last Year (Videos)." Forbes. June 6, 2013. Retrieved on June 11, 2013. "Eight months later, Senator Ron Wyden quoted[...]"
19. Wagenseil, Paul. "Hackers Don't Believe NSA Chief's Denial of Domestic Spying." (Archive) NBC News. August 1, 2012. Retrieved on June 13, 2013.
20. Whitney, Lance. "Defcon to feds: 'We need some time apart'." CNET. July 11, 2013. Retrieved on July 12, 2013.
21. Blue, Violet. "Feds 'not welcome' at DEF CON hacker conference." ZDNet. July 11, 2013. Retrieved on July 11, 2013.
22. "Will Smith Makes Unexpected Appearance At Defcon Hacker Conference". Retrieved 2013-08-09.
23. Winn Schwartau. "Cyber Christ Meets Lady Luck" (PDF). Archived from the original (PDF) on 18 July 2011. Retrieved 9 Feb 2011. {{cite web}}: Unknown parameter |dead-url= ignored (|url-status= suggested) (help)
24. "DEF CON® Hacking Conference - Show Archives". www.defcon.org. Retrieved 2016-04-09.
25. "Richard Byrne Reilly" (2014-08-12). ""Black Hat and Defcon see record attendance — even without the government spooks"". Retrieved 2017-06-07.

External links

DEF CON

• Official website
• Official FAQ

Multimedia

• DEF CON: The Documentary
• DEF CON: The Documentary on IMDb
• A first ever look inside the DEF CON NOC (2008)
• The Story of DEF CON - video interview with Jeff Moss, a.k.a. Dark Tangent, the founder of DEF CON
• Transcript, audio, video of Jess Moss describing DEF CON's inception

Similar Conferences

• Black Hat Briefings
• Chaos Communication Congress (C3)
• Hack-Tic. 4-yearly European version
• Hackers on Planet Earth (HOPE)
• Summercon. The first American hacker conference, organized by members of Phrack
• ToorCon. A yearly hacker conference held in San Diego, California since 1999
• Security BSides. A community supported conference with locations across the globe

Venues

• Paris Las Vegas
• Bally's Las Vegas
• The Riviera Hotel & Casino
• The Alexis Park Resort & Hotel