DEF CON (also written as DEFCON, Defcon or DC) is a
hacker convention held annually in
Las Vegas
Las Vegas (; Spanish language, Spanish for "The Meadows"), often known simply as Vegas, is the List of United States cities by population, 25th-most populous city in the United States, the most populous city in the U.S. state, state of Neva ...
,
Nevada
Nevada ( ; ) is a state in the Western region of the United States. It is bordered by Oregon to the northwest, Idaho to the northeast, California to the west, Arizona to the southeast, and Utah to the east. Nevada is the 7th-most extensive, ...
. The first DEF CON took place in June 1993 and today many attendees at DEF CON include
computer security
Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...
professionals,
journalist
A journalist is an individual that collects/gathers information in form of text, audio, or pictures, processes them into a news-worthy form, and disseminates it to the public. The act or process mainly done by the journalist is called journalism ...
s,
lawyer
A lawyer is a person who practices law. The role of a lawyer varies greatly across different legal jurisdictions. A lawyer can be classified as an advocate, attorney, barrister, canon lawyer, civil law notary, counsel, counselor, solici ...
s, federal government employees, security researchers, students, and
hackers with a general interest in
software
Software is a set of computer programs and associated software documentation, documentation and data (computing), data. This is in contrast to Computer hardware, hardware, from which the system is built and which actually performs the work.
...
,
computer architecture
In computer engineering, computer architecture is a description of the structure of a computer system made from component parts. It can sometimes be a high-level description that ignores details of the implementation. At a more detailed level, the ...
, hardware modification, conference badges, and anything else that can be "hacked". The event consists of several tracks of speakers about computer- and hacking-related subjects, as well as cyber-security challenges and competitions (known as hacking
wargames). Contests held during the event are extremely varied, and can range from creating the longest
Wi-Fi
Wi-Fi () is a family of wireless network protocols, based on the IEEE 802.11 family of standards, which are commonly used for local area networking of devices and Internet access, allowing nearby digital devices to exchange data by radio w ...
connection to finding the most effective way to cool a beer in the Nevada heat.
Other contests, past and present, include
lockpicking,
robotics-related contests, art, slogan, coffee wars,
scavenger hunt and Capture the Flag.
Capture the Flag (CTF) is perhaps the best known of these contests and is a hacking competition where teams of hackers attempt to attack and defend computers and networks using software and network structures. CTF has been emulated at other hacking conferences as well as in academic and military contexts (as
red team
A red team or team red are a group that plays the role of an enemy or competitor to provide security feedback from that perspective. Red teams are used in many fields, especially in cybersecurity, airport security, law enforcement, the military ...
exercises).
Federal law enforcement agents from the
FBI,
DoD,
United States Postal Inspection Service
The United States Postal Inspection Service (USPIS), or the Postal Inspectors, is the law enforcement arm of the United States Postal Service. It supports and protects the U.S. Postal Service, its employees, infrastructure, and customers by enfor ...
,
DHS (via
CISA) and other agencies regularly attend DEF CON.
History
DEF CON was founded in 1993, by then 18-year-old
Jeff Moss as a farewell party for his friend, a fellow hacker and member of "Platinum Net", a
FidoNet protocol based hacking network from Canada. The party was planned for Las Vegas a few days before his friend was to leave the United States, because his father had accepted employment out of the country. However, his friend's father left early, taking his friend along, so Jeff was left alone with the entire party planned. Jeff decided to invite all his hacker friends to go to Las Vegas with him and have the party with them instead. Hacker friends from far and wide got together and laid the foundation for DEF CON, with roughly 100 people in attendance.
The term DEF CON comes from the movie ''
WarGames'', referencing the
U.S. Armed Forces defense readiness condition (DEFCON). In the movie, Las Vegas was selected as a nuclear target, and since the event was being hosted in Las Vegas, it occurred to Jeff Moss to name the convention DEF CON. However, to a lesser extent, CON also stands for convention and DEF is taken from the letters on the number 3 on a
telephone keypad, a reference to
phreakers. Any variation of the spelling, other than "DEF CON", could be considered an infringement of the DEF CON brand. The official name of the conference includes a space in-between DEF and CON.
Though intended to be a one-time event, Moss received overwhelmingly positive feedback from attendees, and decided to host the event for a second year at their urging. The event's attendance nearly doubled the second year, and has enjoyed continued success. In 2019, an estimated 30,000 people attended DEF CON 27.
For DEF CON's 20th Anniversary, a film was commissioned entitled ''DEFCON: The Documentary''. The film follows the four days of the conference, events and people (attendees and staff), and covers history and philosophy behind DEF CON's success and unique experiences.
In January 2018, the DEF CON China Beta event was announced. The conference was held May 11–13, 2018 in Beijing, and marked DEF CON's first conference outside the United States. The second annual DEF CON China was canceled due to concerns related to
COVID-19
Coronavirus disease 2019 (COVID-19) is a contagious disease caused by a virus, the severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2). The first known case was identified in Wuhan, China, in December 2019. The disease quickl ...
.
In 2020, due to safety concerns over
COVID-19
Coronavirus disease 2019 (COVID-19) is a contagious disease caused by a virus, the severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2). The first known case was identified in Wuhan, China, in December 2019. The disease quickl ...
the DEF CON 28 in-person Las Vegas event was cancelled and replaced with DEF CON Safe Mode, a virtual event planned for the same August 6–9 dates as DC 28.
In 2021, DEF CON 29 was held on August 5-8 in-person in Las Vegas and virtually (via Twitch and Discord). In-person attendees were required wear masks in conference areas and to show proof to COVID-19 vaccination. Attendees with verified vaccine records (verified by a 3rd party) were given a wristband which was required for entry into the conference areas.
Black Badge
The Black Badge is the highest award DEF CON gives to contest winners of certain events.
Capture the flag (CTF) winners sometimes earn these, as well as Hacker Jeopardy winners. The contests that are awarded Black Badges vary from year to year, and a Black Badge allows free entrance to DEF CON for life, potentially a value of thousands of dollars.
In April 2017, a DEF CON Black Badge was featured in an exhibit in the
Smithsonian Institution
The Smithsonian Institution ( ), or simply the Smithsonian, is a group of museums and education and research centers, the largest such complex in the world, created by the U.S. government "for the increase and diffusion of knowledge". Founded ...
's
National Museum of American History
The National Museum of American History: Kenneth E. Behring Center collects, preserves, and displays the heritage of the United States in the areas of social, political, cultural, scientific, and military history. Among the items on display is t ...
entitled "Innovations in Defense: Artificial Intelligence and the Challenge of Cybersecurity". The badge belongs to ForAllSecure's Mayhem Cyber Reasoning System, the winner of the
DARPA
The Defense Advanced Research Projects Agency (DARPA) is a research and development agency of the United States Department of Defense responsible for the development of emerging technologies for use by the military.
Originally known as the Ad ...
2016 Cyber Grand Challenge
The 2016 Cyber Grand Challenge (CGC) was a challenge created by The Defense Advanced Research Projects Agency (DARPA) in order to develop automatic defense systems that can discover, prove, and correct software flaws in real-time.
The event place ...
at DEF CON 24 and the first non-human entity ever to earn a Black Badge.
Fundraising
Since DEF CON 11, fundraisers have been conducted for the
Electronic Frontier Foundation
The Electronic Frontier Foundation (EFF) is an international non-profit digital rights group based in San Francisco, California. The foundation was formed on 10 July 1990 by John Gilmore, John Perry Barlow and Mitch Kapor to promote Internet ...
(EFF). The first fundraiser was a
dunk tank and was an "official" event. The EFF now has an event named "The Summit" hosted by the Vegas 2.0 crew that is an open event and fundraiser. DEF CON 18 (2010) hosted a new fundraiser called MohawkCon.
Trivia
Badges
A notable part of DEF CON is the conference badge, which identifies attendees and ensures attendees can access conference events and activities. The DEF CON badge has historically been notable because of its changing nature, sometimes being an electronic badge (PCB), with LEDs, or sometimes being a non-electronic badge such as a vinyl record. Conference badges often contain challenges or callbacks to hacker or other technology history, such as the usage of the
Konami Code in the DEF CON 24 badge, or the DEF CON 25 badge reverting to the look of the DEF CON 1 badge. DEFCON Badges do not (generally) identify attendees by name; however, the badges are used to differentiate attendees from others. One way of doing this has been to have different badges, a general conference attendee (HUMAN) badge, a Staff member (GOON), Vendor, Speaker, Press, and other badges. In addition, individuals and organizations have begun creating their own badges in what has become known as badgelife. These badges may be purchased in many cases, or earned at the conference by completing challenges or events. Some badges may give the holder access to after hours events at the conference. In 2018, the evolution of this came with what was termed "shitty addon's" or SAOs. These were miniature (usually) PCBs that connected to the official and other badges that may extend functionality or were just collected.
Workshops
Workshops are dedicated classes on various topics related to information security and related topics. Historical workshops have been held on topics such as Digital Forensics investigation, hacking
IoT
The Internet of things (IoT) describes physical objects (or groups of such objects) with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other com ...
devices, playing with
RFID
Radio-frequency identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. An RFID system consists of a tiny radio transponder, a radio receiver and transmitter. When triggered by an electroma ...
, fuzzing and attacking smart devices.
Villages
Villages are dedicated spaces arranged around a specific topic. Villages may be considered mini conferences within the con, with many holding their own independent talks as well as hands-on activities such as CTFs, or labs. Some villages include Aerospace Village, Car Hacking Village, IoT Village, Recon,
Biohacking, lockpicking,
ham radio, and the well known
Social Engineering Social engineering may refer to:
* Social engineering (political science), a means of influencing particular attitudes and social behaviors on a large scale
* Social engineering (security), obtaining confidential information by manipulating and/or ...
and vote hacking villages. In 2018 the vote hacking village gained media attention due to concerns about US election systems security vulnerabilities.
Use of handles
Attendees at DEF CON and other Hacker conferences often utilize an alias or "handle" at conferences. This is in keeping with the hacker community's desire for anonymity. Some known handles include DEF CON founder Jeff Moss's handle of "Dark Tangent". A notable event at DEF CON is DEF CON 101 which starts off the con and may offer the opportunity for an individual to come up on stage and be assigned a handle by a number of members of the community.
Cons within DEF CON
DEF CON has its own cultural underground which results in individuals wanting to create their own meetups or "cons" within DEF CON. These may be actual formal meetups or may be informal. Well known cons are:
* Queercon (meetup of LGBTQ community)
* Linecon (any long line has the potential to turn into a con)
* QuietCon (a meetup to hang out or talk quietly away from the hustle and bustle of the rest of the con)
* Skytalks
DEF CON Groups
DEF CON Groups are worldwide, local chapters of hackers, thinkers, makers and others. DEF CON Groups were started as a splinter off of the
2600 meetup groups because of concerns over politicization. Local DEF CON groups are formed and are posted online. DEF CON Groups are usually identified by the area code of the area where they are located in the US, and by other numbers when outside of the US. Examples include DC801 and DC201. DEF CON Groups may seek permission to make a logo that includes the official DEF CON logo with approval.
Relationship to other hacker cons
DEF CON is considered the "world's largest" hacker con. It is also considered one of the core conferences, with organizers and attendees using it as a model for other conferences.
Notable incidents
High-profile issues which have garnered significant media attention.
Entertainment references
* DEF CON was also portrayed in ''
The X-Files
''The X-Files'' is an American science fiction on television, science fiction drama (film and television), drama television series created by Chris Carter (screenwriter), Chris Carter. The series revolves around Federal Bureau of Investigation ...
'' episode "
Three of a Kind" featuring an appearance by
The Lone Gunmen. DEF CON was portrayed as a United States government–sponsored convention instead of a civilian convention.
* A semi-fictionalized account of DEF CON 2, "Cyber Christ Meets Lady Luck", written by
Winn Schwartau, demonstrates some of the early DEF CON culture.
*A trip to DEF CON for a hacker showdown figures into the plot of ''
The Signal The Signal may refer to:
* ''The Signal'' (2007 film), American horror film written and directed by David Bruckner, Dan Bush, and Jacob Gentry
* ''The Signal'' (2014 film), American science fiction thriller film directed by William Eubank
* ''Th ...
''. Director
William Eubank came to Las Vegas and screened the film at DEF CON Movie Night.
* A fictionalized version of DEF CON called "EXOCON" is the setting for the climax of ''
Jason Bourne'', the fifth film of the
''Bourne'' film series. The primary antagonist of the film, a fictionalized
CIA director (played by
Tommy Lee Jones
Tommy Lee Jones (born September 15, 1946) is an American actor and film director. He has received four Academy Award nominations, winning Best Supporting Actor for his performance as U.S. Marshal Samuel Gerard in the 1993 thriller film '' T ...
), is a keynote speaker at the event, mimicking DEF CON 20's controversial keynote speaker,
NSA director Keith B. Alexander.
* In the ''
Mr. Robot'' Season 3 opener "
eps3.0_power-saver-mode.h" Elliot and Darlene visit a qualifying tournament for the DEF CON Capture the Flag (CTF) contest. Sharp-eyed viewers will notice DEF CON's smiley-face-and-crossbones mascot Jack among the set decorations.
* Documentarian
Werner Herzog included DEF CON in his 2016 film ''
Lo and Behold, Reveries of the Connected World'', a film described as a "playful yet chilling examination of our rapidly interconnecting online lives".
Venues, dates, and attendance
Each conference venue and date has been extracted from the DC archives for easy reference.
See also
*
Black Hat Briefings
*
Chaos Communication Congress (C3)
*
Electronic voting
Electronic voting (also known as e-voting) is voting that uses electronic means to either aid or take care of casting and counting ballots.
Depending on the particular implementation, e-voting may use standalone '' electronic voting machines'' ...
*
Hack-Tic, a quadrennial European convention
*
Hackers on Planet Earth (HOPE)
*
Security BSides. A community supported conference with locations across the globe
*
Summercon. The first American hacker conference, organized by members of
Phrack
*
ToorCon, a yearly hacker conference held in San Diego, California since 1999
References
Further reading
*
DefCon's Moss: Undercover Reporter Damages 'Neutral Zone'" ''
Information Week''. August 6, 2007.
* Mills, Elinor.
NSA director finally greets Defcon hackers" ''
CNET''. July 27, 2012.
* Newman, Lily Hay
To Fix Voting Machines, Hackers Tear Them Apart WIRED August 1, 2017
External links
DEF CON
* {{official website, https://www.defcon.org
Official FAQDEF CON GroupsDEF CON v3 Tor .onion addresses
Multimedia
DEF CON: The Documentary
DEF CON: The Documentaryon
IMDb
IMDb (an abbreviation of Internet Movie Database) is an online database of information related to films, television series, home videos, video games, and streaming content online – including cast, production crew and personal biographies, p ...
A first ever look inside the DEF CON NOC (2008)The Story of DEF CON – video interview with Jeff Moss, a.k.a. Dark Tangent, the founder of DEF CON
Las Vegas Valley conventions and trade shows
Annual events in Nevada
Hacker conventions
Recurring events established in 1993
1993 establishments in Nevada