Who's all going to Black Hat/ Def Con this year?

YuckTheFankees

So the title says it all. Personally, I'm about 50/50 on whether I'm going or not.

Who's thinking about going? As usual, if a good amount of us go, we definitely should meet up and put a face to the name (I hope I meet a few Yankee fans lol)

jasong318

I'll be at DC, couldn't convince my employer to pay for BH this year

Jinverar

I am seriously concidering Def Con this year in August. It Will be my first time.

jasong318

do it! you won't regret it!

the_Grinch

The Yankees have fans? Go Nats! No Defcon for this guy!

NetworkingStudent

I want to go some day..How much does defcon cost? I have heard that if you do go you should have your phone off, because you might get hacked.

docrice

$180 for admission.

https://www.defcon.org/html/links/dc-faq/dc-faq.html

Should you turn your phone off? That depends. How do you feel about being in an electronically-hostile environment where everything in the air is probably monitored by people around you, and those who aren't might be shoulder-surfing your screen? Some people are willing to take the gamble. It's Vegas, after all. If you want to see yourself on the Wall of Sheep, keep your personal devices online.

http://www.zdnet.com/blog/ou/defcon-2007-wall-of-sheep-shame/660

I make it a point to attend both DEFCON and Black Hat each year if I can. I'm already booked for it for this year, plus a training course at Black Hat (although I'm only doing two days of training this time around, not four days like last year which meant I ended up staying in Vegas for ten days ... way too long for me).

jasong318

@networkingstudent I think it was DC19 when they put up a fake cell base station to demo mitm calls, so, yes there is a chance someone is going to screw with your phone, this is a hacker conference after all. Disable wifi, bt and don't do personal banking or other such stuff over your phone and you'll probably be fine. If you're super paranoid you can grab a disposable phone from cvs or walgreens and use that for the conference.

@docrice what training are you taking?

JDMurray

I'll be at DC21. Look for a reddish beard, shaved head (and hat), nerd glasses, and a Hawaiian shirt and that's probably me.

Nice they dropped the admission price like DT said they said would. Cash-only as always. I still wouldn't know how to prove I was there if the (ISC)2 ever audited the CPEs I claim for it.

paul78

I'm thinking about DC as well. I've never been and always just watch the replays on youtube. I'll be the one in the Red Sox baseball cap tauting the Yankee fans.

docrice

jasong318 wrote: »

@docrice what training are you taking?

I was originally scheduled for the Mobile Network Forensics class but they cancelled it for some reason. A real bummer. I decided to go with Digital Intelligence Gathering Using Maltego. I have a licensed copy of the software at work but really don't get to use it as often as I'd want.

https://www.blackhat.com/us-13/training/digital-intelligence-gathering-using-maltego.html

There are tons of red-team courses at BH, but I'm kind of burned out of the whole attacker-perspective training for a little while.

jasong318

That looks interesting, played with Maltego's community edition but have never really done anything with it. Eevryone seems to love it for osint but I just can't get the hang of it apparently to really make it shine. Let us know how it goes!

raybfree

I got a license of Maltego and I love it, especially when it can do so much for such for such a small fee. You should check it out.

010101

If you have to choose just 1 con, which is the best one to go to?
I've never been to any of them.

GoodBishop

I'm going to try to go to BH, but I make no guarantees.

JDMurray

010101 wrote: »

If you have to choose just 1 con, which is the best one to go to?
I've never been to any of them.

Defcon is cheap, overwhelming, only slightly dangerous, and you can't beat Las Vegas in August.

ipchain

Going to both, cannot wait!

jasong318

010101 wrote: »

If you have to choose just 1 con, which is the best one to go to?
I've never been to any of them.

If you mean between Black Hat and Defcon, I would go for Defcon. Last year, there was a lot of overlap between the talks. Plus, most of the speakers will probably be at Defcon once Black Hat is over, so you can hunt them down, buy them a beer and try to pick their brain Plus, there seems to a lot more socializing at Defcon, a chance to kick back with your peers in a more relaxed atmosphere and let loose!

As for cons in general, I really like my local Bsides events. A lot smaller for sure, but usually free, great talks, and doesn't (again, usually) require a hotel room

docrice

You certainly get better bang for the buck at DEFCON and some speakers from Black Hat do the same talk. It's the most well-known (and probably the most crowded) information security event and it's highly-immersive. It's also a bit more casual than Black Hat as BH generally caters to working infosec professionals (although plenty still dress casual at Caesar's Palace). DEFCON also feels much more ... "h@x0r-ish" with the punk hairstyles and other stereotypes in the crowd.

I've heard good things about BSides events, but never had a chance to go.