Cатсн²² (in)sесuяitу / ChrisJohnRiley

As many people are aware, the big „Hacker Summer Camp“ took again place in Las Vegas this August. This get-together describes the occasion of Black Hat, for the Business sponsored InfoSec employee, BSides Las Vegas, for the techies, and DEF CON, which apparently became object of both type of folks already years ago, and many more little side conventions.

As these types of conferences are usually a big chance to meet all of the friends that you don’t see the rest of the year, attending many talks is never a goal. Especially not, as these days most of the talks are recorded. As for the full lists of recordings, please check the following links:

• BSides Las Vegas: http://www.irongeek.com/i.php?page=videos/bsideslasvegas2014/mainlist
• PasswordsCon: http://www.irongeek.com/i.php?page=videos/passwordscon2014/mainlist
• DEF CON Wireless Village: http://www.irongeek.com/i.php?page=videos/DEF CON-wireless-village-2014/mainlist

The DEF CON 22 Talks will be published by the speakers on YouTube, or can be bought, some of the slides are also already available here: https://www.DEF CON.org/html/links/dc-archives/dc-22-archive.html

The Black Hat Talks will show up here: https://www.youtube.com/user/BlackHatOfficialYT

Over the last few weeks already many Blogposts arose that listed personal favorite talks and what the learnings are. For such a reference, check out other European sites like http://www.scip.ch/?labs.20140819 in German or http://blog.csnc.ch/2014/08/blackhat-and-def-con-usa-2014/ in English.

The big topics this year were infections over USB and wireless transmission of signals like the ones that can be read with a HackRF. One topic that isn’t completely over yet, is hacking of Point of Sale devices. Although they are usually very specific by the country the research originates, and therefore can’t be applied to every vendor or product. They are still interesting though and give new hints on what to consider when securing such an infrastructure.

As an outlook we were informed at the Closing Ceremony of DEF CON, that the next year DEF CON will be hold at the Paris and Bally’s. With DEF CON becoming not only bigger in numbers of attendees, but also space, and seeing the changes that just happened to the German Chaos Communication Congress, I personally like the change. More space can give more ways to be creative.

The CCC has become a very colorful but dizzying experience, which makes it hard for new people to find navigation or orientation in. But CCC, early on, started having villages where like minded people and friends have a “public” space where they can be found and present their stuff. The concept becomes very visible at the hacker camps, where usually even more equipment is brought in and spaces are decorated with lots of creativity and love. DEF CON has also started with the villages, by having for example, Hardware, Social Engineering and Wireless villages. This concept of organized interest groups can be quite a help, if an event becomes too big. I personally also wouldn’t mind seeing more talks in villages, which have smaller audiences but also give the speaker more chance to interact and talk, learn and share information. I always feel sorry for speakers who prepare a talk and only get to hold it once. Presenting a talk several times with slight variations, depending on the target audience, might improve the rate of knowledge exchange and therefore be beneficial for both sides. The big talks still should be held in big rooms of course, but information overflow has become such a big topic, that the concept of split, addressed information might help. If there were more spaces like DEF CON SkyTalks, the chance exists that the quality of the presented information would also improve again.

– Des