A N00b’s Reflection of DEF CON 31

The Road to DEF CON

The Road to DEF CON is different for everyone. Some people like me work in the industry, others may be students, artists, vendors, press, or just people with an interest in hacker culture. The beautiful thing about DEF CON, is that it does not discriminate and there is always something to learn and people to meet provided you have the cash to get in. This was my first DEF CON. I have tried to attend 3 years now, but due to costs and inability to get a reimbursement from my employer, I hadn’t made my way until this year. That being said, I paid out of pocket to attend and as of the date of publishing, I have not been reimbursed for my attendance. As of now, I am working on rectifying that. UPDATE: As of August 23rd, 2023, I have been reimbursed for this trip. Normally I try to write these posts somewhat chronologically, however in this case I am going to have to sort by topic.

DEF CON Proper

DEF CON (Summer Camp) was the core of the experience for me. I pre-registered for a Human Badge (normal admission), and a Red Team Village badge (optional, it was cool). I arrived to Vegas on Wednesday for the con, and then had my badge and merch by Thursday afternoon. Linecon is real folks, and it puts Disney World to shame. I attended the DEF CON 101 panel on Thursday evening, where The Dark Tangent discussed with some of the con organizers on how they would recommend getting the most out of the con. I think they offered some solid advice, and would recommend any n00bs to attend the panel for their first time. I also wandered through the hotels thinking villages opened on Thursday, but it appears that I was mistaken. I ended up spending most of Thursday trying to find my bearings.

Friday I started my day watching the DEF CON 101 talk (not a panel, separate talk) picked up my Red Team Village badge, and tried to spend time in the RTV workshops. I found out that you needed to pre-register or get in line extremely early. I then looked for how to find the DEF CON workshops, and also discovered that those were pre-register only. From there, I wandered through some villages, shoulder surfed some folks while asking pointed questions, and tried to keep my phone topped off since I forgot to charge it the night before. I also made a crappy tinfoil hat, listened to a talk about vehicle security in the Car Hacking Village, made my way through the vendor hall, and then eventually linked up with some friends.

Saturday I spent a few hours in the Physical Security Village, then found the Tamper Evident Village and Lockpicking village. I spent some time there Sunday learning how to use acetone to get into boxes to replace it’s contents, and picking locks some beginner locks before heading to Caesar’s Palace after the con closed up, then to the airport home. When I go back, I will do a better job of pre-registering for stuff I want to see. I think that would greatly increase the value I would get out of the con. Pre-Registering for the badges managed to get me to skip Linecon and allowed me freedom to do other things. Like collecting an unholy number of stickers. I did not go to many talks since most are recorded and will be on Youtube and the DEF CON media server. I wanted to maximize time meeting folks, and I think I did well in that. I elaborate a little more farther in the post.

Las Vegas - Hotter than Hell

I’m a warm blooded Minnesotan. There’s a reason why on my socials you usually see snow covered trees for banner images. I love the snow and cold, and hate the summer heat racking up the electric bill and making me sweat at my desk. So Vegas is essentially my equivalent to hell on earth. We had an average high over 100 every day I was there with a low of around 90. Everything in Vegas is hot. There is no escape, and little reprieve. The reprieve is mostly your hotel room if you set it to arctic, and misters in the Linq mall. The person I shared the hotel room with had set the thermostat to 65 and I was grateful. Hauling around a backpack full of con goods will make you sweaty and swamp ass is a constant struggle with no good TP to be found. The noise, lights, crowds, and the smell of stale cigarettes are constant, and “Vegas Fatigue” hits after about 3 days in my case. Hats off to those of you who live there or who attend multiple conferences. I have no idea how you do it.

The best way to mitigate this is honestly following the 3-2-1 rule. 3 hours of sleep, 2 meals a day, an 1 shower a day. The rules that mitigates this problem specifically is 1. Shower at least once a day, and pack wipes if you must. I wore a blue IKEA bucket hat that probably hurt more than helped, since it’s made from the blue tarp bags, and an outer shirt helped a lot. You do not want tight fitting clothes out there. Additionally, for the love of all you hold dear, when you get out there buy a case of water and another one of Gatorade. Even if you remain sober the whole time, you will really want these to keep yourself hydrated. If you are not peeing clear, you need to drink more water. This is paramount. Doubly so if you are drinking while you are out there.

It’s Called Sin City For a Reason

I am not a gambler, so I did not spend any time sitting at slots or playing blackjack. I however enjoy drinking from time to time, and I drank quite a lot while I was in Vegas. Way more than I normally would. Being able to order drinks to go was certainly a highlight, especially since in Minnesota where we have fairly restrictive alcohol laws. Even though the drunkest state in the union (Wisconsin) being right over the St. Croix. Something to keep in mind for would-be alcoholics on the go, hotel booze is extremely expensive. If you get booze from bars outside the hotels, it’s much more reasonable. While I am mentioning vices, be aware that when out on The Strip between 2000 and 2330, you will likely see dudes in pink t-shirts slapping together trading cards and trying to hand them out. Those are hooker ads. Also the hookers are out for parts of the night too. I did not partake, but the guy I was rooming with managed to collect 26 trading cards between The Bellagio and The Flamingo. No calls were made however, and for that I am fairly grateful.

People and Socializing

My primary reason to get out to DEF CON 31 was to meet folks. Some folks I knew from online, some folks I never met before, and some old friends from college that I was catching up with. I spent most nights with some college buddies and their friends. I will not name them since I don’t have permission, however catching up with that group was great. It’s been some time since I saw some of these folks and being able to meet new people through them was invaluable. I met some real heavy community contributors working on projects that are used every day, got to hear what they have to say, and I could just sit and listen. One of my favorite things about Summer Camp was that I was never the smartest person in the room. Not even close.

The parties were fun. I got out there on Wednesday, and I met up with a buddy and his manager to a pool party. I wish I could have stayed out a bit longer but because I was jet lagged, it was a struggle to stay out. I think we got back to the hotel room around 0200. I got dinner with some friends, along with their friends a few times. I got to meet some big names in the industry. Zach Hill and Heath Adams for instance. I ran into them in the IoT Village Friday, and I was totally taken aback. I had no idea they were sponsoring it, and I absolutely did not expect to see them. I greeted them, shook hands, then took off because I couldn’t figure out what to say. I went back a few hours later and they were gone. Can’t say I am surprised. Maybe next year.

I also got a chance to meet NahamSec on Saturday also in the IoT Village. A much less awkward handshake this time, but I don’t look up to him the same way that I do Zach and especially Heath, who I would give credit to for inspiring me to aim my career down the offensive path. So meeting NahamSec was a bit easier. I attended the AMA with Tib3rius in the AppSec Village and ended up meeting some of the good folks at White Oak Security there, at least until they went to lunch. I met some people I know from a private discord server, and another person I know from the Bishop Fox discord server. Dinner was had with some Rapid7 folks a few times too. It was nice to put faces to names.

Takeaways For Next Year

Overall, I had an excellent time. There would be some changes I want to make next year however. First, pre-register for a workshop or two if possible. There were some really cool concepts that I would have loved to dive into, had I known this. The second thing I would change, is look for a hotel room that has a microwave. The Flamingo isn't particularly expensive. And it shows in the rooms. Maybe next year I will book a room outside the DEF CON room block? I’m not sure though. I’ll have to compare when they open again next spring. Thirdly, I would see if I can find a hotel that has a pool open later. I still can’t believe the pool at The Flamingo closes at 1800. That’s nuts.

The fourth thing I would do next year, is bring a flask. This should help me save a bit of cash on bar drinks by mixing my own. Some vodka from Walgreens and a mixer and I would be good to go whenever not at the con. The next change I would make, is bring more cash and rely on my credit card a little less. I ended up donating some cash to the EFF and it impacted my ability to pay at some cash-only stands. I didn’t trust the ATMs. Finally, I would like to be a little more decisive on what I want to do. For instance, I wanted to do Dungeons@DEFCON and unfortunately did not realize I had to be there Friday to sign up.

I didn’t detail every little thing I did while I was out at the con. This article would be double in length at least if I tried. However, I hope this provides some useful information on things to keep in mind if you were to attend DEF CON for the first time. I had an absolute blast and I will be attending next year.