Defcon 31

Thursday 10th – Sunday 13th August 2023

I’m sitting at Harry Reed airport waiting to fly home. I finally managed to return to Defcon after a four year gap, mainly due to Covid. I knew deep down that I had missed coming here, but I had not realised just how much!

So the last time I was here was 2019. The air ticket I have just used was my 2020 ticket, BA would not refund me. I was slightly arm-twisted into coming back as the voucher from BA was expiring, but it didn’t need much of a twist.

This event was just amazing. Amazing. I arrived three days before it began, to try a few other ‘things’ in the area. When the hotel began to show signs of others arriving for Defcon, which would have been a day later, I began to get that old feeling of belonging.

Once the event began, there was that instant camaraderie between those of use with ‘that’ badge hanging round our necks. If you saw someone walking towards you, or they got in the same lift, there was that nod or slight smile of recognition. I messaged my daughters and said this is the place I feel normal. Others look like me and sound like me!

I joined linecon at around 0445 on the Thursday and it was as much fun as I remember with the beach balls. (You have to be there!) When the line starts moving and you have your $440 cash in your sweaty hand, you can’t wait to have that badge in your hand. Sadly it was a non-electronic year this time, but we know that is a thing every other year or so.

Once the events began in full on the Friday then it became amazing. I saw some superb talks and missed far more. I was up early each morning to make my list, which was never really kept to. But at least I know which talks to look out for once they get online.

The villages were as good as ever, but I only ever peer over shoulders to see what’s going on. I planned but didn’t make it to any Demo Labs, I had two on my list but don’t think they are recorded sadly.

The vendor area was the usual mayhem. Having been in the first 50 in, it very quickly gridlocked and had to be changed to a one way in, one way out system. The Goons adapt very quickly and it was very effective – albeit meaning there was a huge ‘line’ (queue!) to get in each time! One thing that amazed me was the queue for Hacker Warehouse. That stretched out and down the hall for three days. I think that may have been mainly because they were selling Flipper Zeros, which I get the impression was the device of most desire this year! I could not be bothered to wait and managed to get one ordered for delivery at home for less – I was pleased with that. I did manage to score a Packet Squirrel and a Sharkjack Cable from Hak5 – looking forward to playing with those.

My fave talks were the live hack in War Stories where the anon guy live-hacked Seed Buckets. It was all very fast, but I did follow and it was inspiring. The other excellent talk was on snooping BLE and the Axion Signal used by various devices used by the Police. It seems that bodycams, tasers, even car mounted gear such as dashcams all talk and can all be triggered by each other. Makes sense, but as the speakers pointed out, it means you can track Police by the BLE broadcasts.

I had a very nice conversation with Ian McAndrew on the Capitol University stand in the exhibitors area. An absolutely delightful conversation which began when I heard his English accent. It turns out he is the Dean! One of those conversations that lifts the visit and stands out.

Probably the one thing that happened that will stick in my mind though is the SODA machine. So this is a standard soda dispensing machine in the main chillout area. I say standard, behind the clear buttons were the names of various OSs, so Kali, Debian, OpenWRT Lite, Server 2022 etc etc. You put your dollar in and a slip of printed paper emerges from the drink slot. Now you have to connect to the Defcon wifi (!!!) and then use the creds on the slip to get an anonymous SSH shell on the OS you chose – it spins up a vm just for you. How BLOODY amazing is that? Sadly I was not even able to connect successfully to the wifi! But I had a damn good try and felt I actually knew what I was doing in trying. It involved downloading a cert offline and installing that, then creating a new wpa_supplicant profile to connect with. I was not quite sure how to start wpa_supplicant, even though I have done this before on RPis.

So next year, I shall arrive with a fresh Kali install and a brain that knows how to do all that beforehand. Hopefully the SODA machine will return. Oh, btw, SODA stands for Shell On Demand Appliance. Obviously. A very neat idea.

What makes this so special for me is that it was the first time I had taken my laptop out of my bag and used it in public at a Defcon and actually felt like I knew what I was doing! A beer, a seat, loud music in the room from the DJ and others around me tapping away too. Wow.

And then there was a bomb threat and we were all evacuated from the building!!!!!! A perfect ending to that moment really 🙂

I would like to mention Soma FM who were providing most of the perfect sounds in the chillout room. I listen to the them at home year-round and they are a perfect fit in that area.

So here’s to next year. A good friend is coming with me (hopefully) next time, so that will be different for me. I. Can’t. Wait.

Were you there too? Please leave a comment.