My First DefCon

DefCon 25 was an amazing experience! While I had heard that DefCon could be an unwelcoming place to newcomers and women I did not find this to be the case personally. Attending DefCon was hands down the best conference experience I have had so far.

While I did miss the first day due to working as a Conference Associate at BlackHat that was also part of how I earned a DefCon badge in the first place. I was also able to share a hotel room with a couple of friends.

I loved the social environment of DefCon. People came from such diverse backgrounds and had highly varied reasons for attending. I met people who simply came along with a group of friends who were into hacking and others who worked in video game design and wanted to transition into a cybersecurity career. There were students, well establish cyber security professionals, aspiring music teachers, professors, web developers, pentesters and hobbyists from all over. It was easy to meet friendly people and a lot of fun! A piece of advice I received several times, which I fully stand behind is “Prioritize the villages, demonstrations, sky talks and people over talks. Talks will be online later but certain opportunities need to be taken advantage of during the conference.

The vendor area was also quite a bit of fun itself. I picked up my first set of lock picks there and scouted out interesting books and tools. I learned about Security Weekly podcast  there and got to flip through a bunch of No Starch Press books while I was there. For example, I got to take a look at The Manga Guide to Crypto which still only available to preorder right now. There are also independent visual and musical artists who you can buy directly from. You can also find groups like Hackers For Charity in the vendor area where you can learn more, make a donation or purchase goods.

At some point, I became tired enough that I wasn’t really sure what to do with myself for the remaining hour of the conference that day. So, I got in line to get a mohawk at Mohawk Con. For a suggested donation of $20.00 volunteers will give you a mohawk. This year you could choose what percentage of your donation went to the Electronic Frontier Foundation, Hackers For Charity and Mohawk Con itself. I had a great conversation while waiting in line and had a lot of fun with the whole process.

One of my favorite things I learned about was that there are people and organizations using hacking skills in order to track down human traffickers. When they have enough incriminating evidence the government can be tipped off, start their own investigation and prosecute. Several people have been saved from human trafficking in this way. I found this incredibly inspiring to hear about and it only makes me want to progress more. I would like to be able to put the skills I develop into such good use.

If you are thinking about going to DefCon start planning your trip now! Find out if you have a local hackerspace or local DefCon group. Learn about the conference and how to stay both digitally and physically safe, and go for it! You’ll be glad you did.

 

 

First BlackHat USA and the Conference Associate Program

This summer I had the opportunity to work at BlackHat USA as a conference associate and attend DefCon, both for the first time. Having never been to Las Vegas or such major conferences I was ecstatic for the opportunity.

My experience at BlackHat was primarily shaped by the Conference Associate program. Through this program students and alumni from certain universities can apply to work  as BlackHat support staff. Conference associates are put up in hotel rooms in or near the venue, earn a wage, get about one meal a day, and earn access to conference briefings online in addition to scoring a DefCon badge. While most the day was spent preparing for the conference or helping attendees, evenings provided ample opportunity to meet new people and make new connections. I made friends with peers in the program and had the opportunity converse with professionals about career development. I even met some of my online friends face to face for the first time!

The opportunity to ask professionals face to face what they are looking for in good candidates for various roles was extremely helpful. Additionally, it was great to learn about the highly varied backgrounds that brought them to their current point. There are stereotypes about who is interested in cybersecurity, and an idea that everyone starts in tech in the first place. I’ve found that isn’t the case. The greatest common denominators seem to be curiosity and drive.

I had also thought I wouldn’t know anyone there but I learned that several professionals from the DC 801 area worked in the NOC. Some of whom I had met at previous security conferences. As someone working at the conference rather than attending it, the social opportunities are the highlight. When it comes to networking, I am someone who is more interested in becoming friends with people who have similar professional interests than I am in rapid fire business card distribution. What I learned from my first multi-day major conference is that it is a better than usual opportunity to build relationships. Everyone is away from home, and to a potentially lesser extent away from work, and therefore ready to talk and play.

Some real highlights for me included making friends with my roommate and other conference associates, meeting Tarah Wheeler and getting my copy of Women in Tech signed, and discussing career development with pentesters over lunch.

If you have the opportunity to work as a conference associate through your school, like UVU or UAT, I highly recommend it. Earning a wage there can help with your travel expenses and make it a bit easier to get to DefCon. The one downside this year was we received our DefCon badges after BlackHat the same Thursday that DefCon started.

 

 

My tips regarding a first time Vegas visit and BlackHat USA:

  • Pack light and purchase snacks at the local walmart or to order from Amazon Prime Now if you don’t have access to a car or don’t want to get an Uber. (Take it from someone who packed 3 boxes of clif bars.)
  • Uber is super expensive! Account for this when you choose your hotel room. I walked a lot to save money but The Strip is designed to corral consumers, not to be walkable.
  • Drink a ton of water. Drink more water than you think you need and purchase it from a supermarket or walmart. Otherwise you can end up paying $10.00 for a bottle of water. Get some aspirin too while you’re at it.
  • Bring your own portable battery. You don’t want to be plugging into any old USB port after all. Burner phones/devices are also a good idea but it’s still important to maintain physical control and not make any unecessary connections. 
  • Bring cash and store it securely so you don’t need to withdraw from machines.
  • BlackHat: If you are a student and venture into the vendors area it is helpful to have specific questions or to go with a professional. Not everyone on the vendor floor knows how the product they are pushing works and if they do they likely want to speak with someone who has decision making power in a business. However, it should be noted some vendors love talking to students because they see them as potential contributors, future customers or possible interns.
  • BlackHat Conference Associate: If you have time to explore during the conference itself try to go see demos instead of talks. You can get access to talks later unlike Arsenal Demos.
  • BlackHat USA: If you wait until the last day to purchase apparel you can probably get it on sale. However, if you are an average sized male be aware your size may not be available by the time the sale comes.  
  • Wear quality shoes made for walking which have already been broken in. This is not the time or place to break in a new pair of shoes or suddenly transition to minimalist footwear.
  • Pace yourself when it comes to alcohol. Never leave your drinks unattended and drink plenty of water!
  • Go to bed early enough to enjoy the next day! By the end of a week I hadn’t met my personal sleep requirements so Def Con was more difficult than it need otherwise be.
  • Give yourself time to recharge your batteries at night as well. Especially if you are an introvert, it can be exhausting to meet so many people and be in such busy places all day. Take some time to read a book, take a soak, go for a jog or take care of yourself in some other way.
  • Walk the strip at least once. You see so many interesting things, displays and people. Go see the fountain show at the Bellagio, you will not regret it.

 

First blog post

My name is Charlie, and I am starting this blog in order to write informative articles accessible to the average user regarding security, as well as to document my own personal projects and studies.

Two years ago I decided to move across the country and change my major from illustration to information technology. Once I made that shift cybersecurity caught my eye and motivated me to continue learning more. As I get more involved in my local cyber security community the more exciting it becomes. I recommend to any tech enthusiast to check out meetup and look for conferences in their local area. You learn things you may not have otherwise, meet new people and have a great time doing it. At DefCon this past August I learned about several charities dedicated to bringing technology into people’s lives and even using hacking skills to bring down human traffickers. This opened up my eyes to the potential for good that can come out of dedication to this path and increased my desire to make a meaningful contribution. I have high goals but, after all, every journey begins with a single step.

There is always something new to learn in computing so let’s have fun with it and teach each other!