My face should have loaded here :(
Erik Farmer
Programmer

Def Con 24

I haven't been to a conference since I worked E3 in 2013. Actually that's a lie; I went to Blizzcon in 2014 (and get to go again this year w00t)

Even with 3+ years of experience I wasn't quite prepared for attending my first DefCon

I really had no idea what I was in for when my friend, a Senior Engineer at Netflix with just a glimmer of nefarious intent, suggested we head to Las Vegas and learn all about information security (it's easier to sell that to your manager than going to a 'hack all the things' conference) but the event guide seemed promising and the combinations of workshops and talks looked to be beneficial even to someone like myself with little experience or practical knowledge of the field.

Here's what I had hoped to attend:

  • Workshop: Writing your first exploit
  • Talk: 411 - A Framework for managing security alerts.
  • Workshop: C/C++ Bootcamp for hackers
  • Exploit Development for Beginners
  • Advanced Blind SQL Injection Exploitation
  • Ninja level Infrastructure Monitoring : Defensive approach to Security Monitoring & Automation
  • Hands-on Cryptography with Python
  • How to get good seats in the security theater? Hacking boarding passes for fun & profit.
  • So you think you want to be a penetration tester

Here's what I actually saw:

  • More than 4 different lock picking vendors
  • An actual course on lock picking
  • A projector showing every device sending credentials on an unsecured network.
  • Various talks on the ecosystem of security and some best practices
  • SNES hacking
  • Wifi hacking
  • Car hacking
  • Refrigerator hacking
  • Human hacking

It. Was. Awesome. Definitely an experience a developer should have at least once. I certainly got my (companies) money's worth. Between getting to sit in at dinner and talk to the Netflix engineer's in attendance, learning some better AWS IAM management skills, and learning common security pitfalls and the appropriate mitigations I got to round out my skill set or if anything else a better appreciation for how easy it is to compromise EVERYTHING.

back