DEF CON GROUPS: Panel Discussion
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Title of Series | ||
| Number of Parts | 322 | |
| Author | ||
| License | CC Attribution 3.0 Unported: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/39748 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
|
DEF CON 26231 / 322
18
27
28
40
130
134
164
173
177
178
184
190
192
202
203
218
219
224
231
233
234
235
237
249
252
255
268
274
287
289
290
295
297
298
299
302
306
309
312
315
316
00:00
Group theoryCore dumpDrum memoryInflection pointCore dumpGroup theoryForm (programming)Coordinate systemProjective planeMereologyRight angleEmailPoint (geometry)Table (information)AreaSpacetimeSession Initiation ProtocolOnline helpMathematicsFlow separationWebsiteFunctional (mathematics)Lattice (order)1 (number)
02:17
Group theoryDegree (graph theory)Planar graphContent (media)AreaHypermediaGroup theoryCore dumpWeb 2.0EmailCodeCodeSpacetimeDigitizingHacker (term)Lattice (order)Data managementSlide ruleBinary codeDialect
04:56
Group theoryUser-generated contentVideo gameArc (geometry)Universal product codeTable (information)Group theoryInformationMereologyTelecommunicationLine (geometry)Personal digital assistantAreaMusical ensembleFrequencyProcess (computing)Multiplication sign
07:14
Menu (computing)Gamma functionDensity of statesGroup theoryBitEmailLocal GroupMaterialization (paranormal)Sign (mathematics)Slide ruleLine (geometry)Greatest elementTerm (mathematics)Covering spaceTouchscreenPhysical lawFlow separationDifferent (Kate Ryan album)Fuzzy logicMultiplication signRule of inference
09:22
EmailUsabilityOnline chatGroup theoryRight angleSimultaneous localization and mappingHill differential equationDiscrete element methodBitSlide rulePresentation of a groupLocal ringField (computer science)Group theoryEmailDifferent (Kate Ryan album)Video gameSheaf (mathematics)TelecommunicationRouter (computing)Uniform boundedness principleProbability density functionMereologyLattice (order)Hacker (term)Self-organizationBit rateClosed setStapeldateiSoftwareTouch typingOptical disc driveMultiplication signShared memoryGame theoryInternetworkingWordConnected spaceAreaOnline helpProcess (computing)Level (video gaming)Social classSocial engineering (security)WhiteboardPi
14:58
Right angleGroup theoryOnline chatSimultaneous localization and mappingTrigonometric functionsPeer-to-peerSpacetimeGroup theoryConstructor (object-oriented programming)Self-organizationFrequencyElement (mathematics)AreaType theoryUniform resource locatorUniverse (mathematics)WebsiteUniform boundedness principleWordBounded variationLocal ringMultiplication signSoftwareLibrary (computing)Different (Kate Ryan album)Lattice (order)Information securityElectronic mailing listHacker (term)Free groupLecture/Conference
20:35
Lattice (order)Group theoryHacker (term)CollaborationismKernel (computing)MereologyRight angleTelecommunicationPoint (geometry)SoftwareInformationLocal GroupElectronic mailing listDialectUniform resource locatorTheory of everythingNumberProcess (computing)Physical lawAreaMoment (mathematics)BuildingPartial derivativePresentation of a groupProjective planeContext awarenessMultiplication signGoodness of fitLocal ringInformation securityOpen setSpacetimeLecture/Conference
26:59
InformationGeneric programmingGroup theoryWeb 2.0TelecommunicationAddress spaceProjective planeMaizePlanningScheduling (computing)Multiplication signLattice (order)Right angleSpacetimeOpen setKey (cryptography)Presentation of a group1 (number)Beat (acoustics)TwitterDifferent (Kate Ryan album)VideoconferencingHacker (term)Local ringLogical constantWeb crawlerAsynchronous Transfer ModeThermal conductivityLecture/Conference
33:23
Lattice (order)Information securityRight angleGoodness of fitAuthorizationHacker (term)Interactive televisionInformationProxy serverPhysical systemCore dumpGroup theoryReal numberFacebookVector potentialTwitterVideo gameWordPhysicalismContext awarenessNeuroinformatikCodeDressing (medical)SpacetimeMereologyObject-oriented programming
36:08
Port scannerRight angleGroup theoryInformation securityBuildingQuicksortClosed setDampingUniform resource locatorLattice (order)Information privacyProjective planeHacker (term)Logistic distributionGoodness of fitStatement (computer science)Organic computingMultiplication signEvent horizonSpeech synthesisInformationMetropolitan area networkHand fanFree groupSpacetimeOrder (biology)Message passingWebsiteImage registrationSystem identificationProcess (computing)Gastropod shellIdentity managementEmailMereologySelf-organizationLocal ringHeegaard splittingMatching (graph theory)AliasingWave packetBitReal numberProxy serverLecture/ConferenceMeeting/Interview
Transcript: English(auto-generated)
00:00
So, this talk is about DEF CON groups. We're getting close to the end. We're in the final stretch of this DEF CON. Maybe you're thinking to yourself, I would like this to continue in some form or fashion. That's what they can talk to you about, because this is the core group that runs, takes care of DEF CON groups.
00:21
Thanks, you three. I appreciate that. So, DEF CON groups, basically, we're going to discuss what are DEF CON groups, how can you get involved if there's not a DEF CON group in your area, how to start one. If you are already involved in a DEF CON group, you know, some ideas as far as projects, meeting spaces, how to promote your group, and so on.
00:45
So, we're going to start off by, you know, introducing ourselves. We're basically the core team. We're the ones that, in the background, try to help DEF CON groups grow and just function from day to day. Obviously, the one and only Jeff Moss, we're not sure
01:02
if he's going to be able to swing by or not. Hopefully, he is at some point. And then, some guy named Jason, what is his name? It's the guy taking selfies with your cell phone right now. Yeah, so, I made the mistake of leaving my phone on the table. I'm surprised
01:20
he hasn't stolen my badge yet, either. So, thanks, buddy. Next, myself, Brent White. I'm the global coordinator. I try to think of meaningful things to tell Jason to do so that he can give me excuses as to why he shouldn't do those. And then, it basically gets handed down to April Wright, who, anyone who sends an email about, hey, we want
01:43
to start a group, hey, we need updates to our group, April will respond to that and send it on for someone else to handle the things that she is not able, which is zero. So, we also have Casey. Casey is also part of the registrar and any updates and things.
02:07
And he's got some stuff to talk to you about soon. Darrington, who, unfortunately, was unable to make the talk, Darrington is the one that actually makes the changes to the websites and several other things. Then, we have Tim Roberts down at the end,
02:22
who also handles web content. And then, Supes, who couldn't make it this year, who also is our social media manager. And so, that's basically us, your DefCon Group's core team. Thank you. April, you want to take over this slide? Because I've been talking enough.
02:56
Okay, so starting a new group, anybody can do it. If you have the interest in meeting
03:03
other hackers in your area, my group is celebrating our one year anniversary. So, after last year, we just, thank you. We came home from DefCon and decided to start a group and within a couple months, we were up and running and we've been going ever since. So, there's a great post, it's great because I wrote it. There's a great
03:23
post on the website about how to start a DefCon Group. It goes through, so you're thinking about starting a DefCon Group. What do you need to think about? Looking at spaces, trying to find other people, how to advertise, and then finally, how to send us your submission
03:41
to actually start your group and make it official. One thing that happens a lot is that we get emails with submissions that we want to start a new group and we're like, we want to be DefCon 42. Everybody wants to be DefCon 42. You cannot be DefCon 42. It's based on your calling code and your area code. So, it's from the U.S. We're U.S.
04:03
centric, unfortunately. So, if you are in another country, it might be like 11 something, something, something. Just want to add to, no, your group name cannot be 007. Or any binary. So, yeah, there's some examples here. So, in the U.S. and Canada, and there's
04:26
this North American telco thing that actually dictates that we only have to dial three digits. So, in those areas, you can have a three digit name. If you are in an area where, let's say, you're in 617, like where I'm from, and somebody else wanted to start
04:43
at another 617 group, they would be 617-A or 617-B or if there were more than that. When there's overlapping area codes, you can pick which one you want. Easy. Casey?
05:04
Thank you, April. I guess summer camp is about coming to an end. So, just a quick show of hands. How many people in here are associated with an active group? Okay, great. So, I
05:21
assume the rest of you are here because perhaps you want to be associated with an existing group. Is that correct? One of the things that we noticed when we first started working on this is that we did have a lot of inaccurate and outdated information. So, we're starting an initiative to verify all the contact information that we have on our
05:44
existing groups. So, our contact information, your website information, the frequency that you meet, where you meet, the times that you meet, areas of specialty, et cetera, we need to get that updated so people can find you and people can find you accurately and efficiently. So, through that process, any nonresponsive groups will be purged after a
06:07
60-day period and then we'll start the process of trying to get an active group in your area again so everyone can partake in the fun of DEF CON. We want to ensure your
06:22
group remains active and the other thing is we want to promote active assistance and communication between groups, too. That's also important for all the groups to help each
06:41
other. And, you know, the very bottom thing or the very bottom line is that we, this community, we want to be any assistance to you guys and help you in any way that we can make
07:00
your groups better. So, thank you. Don't worry, Casey, I'll do it. There you go. Oh, yeah, this was Darrington's slide, so I'll cover it. So, we've actually, well, we've
07:22
had some questions about how you can use the smiley and the actual term DEF CON and your group names or promotional materials. So, just an FYI, branding laws do apply here. It's like you can't just go and say, hey, we're having a DEF CON meet up, you know, you can't
07:43
like, and Jason can clarify on this a little bit, too, but you have to actually specify that it is your group and it's not DEF CON, like just DEF CON. There is a, you know, a little bit of a difference in your local groups. So, that is very important to keep in
08:00
mind. If you do use the skully logo, if you're not familiar with what skully is, it's the bright green thing at the bottom of the screen. If you do use that in your logo, you do need to have the registered trademark sign on that just to show that it is registered and it's not your own. If you'll notice on quite a few groups when they
08:22
create their logos, they will modify that in a certain way. So, because I'm short, I'll step over here, look at my shirt. It's slightly like skewed a little bit, but we still, just for the sake of law, we still try to abide by those rules. But if you
08:42
are going to use it without any modification, registered trademark sign, please. If you do have a question, if you're not really sure where those thin lines are, you know, if it's fuzzy between legal, not legal, copyright issues, things, just shoot us an email. We'll, you know, clarify that for you, let you know if the design that
09:02
you currently have is cool or, you know, suggestions on modifying that. But just make sure you check with us, please. And as I mentioned already, it's very important to make the distinction between your DEFCON group meetup as opposed to the actual DEFCON conference. All right. Who's up on this one? We've rehearsed several times. Tim Roberts.
09:36
Hello, everybody. Just to touch on something that was already said, everybody raise your
09:42
hand if you currently lead a DEFCON group. One, two, three. So look around, everybody, keep your hands up, look around at each other. So something we want to encourage, too, is to have leaders like some of the people that are leading these groups. When you're ‑‑ be creative, get with each other and network with each other. Because one of the logos you look at with the DEFCON groups, it has a map and it has
10:03
everything, these beacons touching. And that's one of the things we want to encourage, too, is to just help collaborate with some of the creative ideas. Hey, here's what our group's doing. Our groups may just be coming up with retro pies or something as simple as that. And some other things, you may be developing some zero days, who knows. You know, whatever you're doing, just try to reach out to each other, help encourage
10:21
each other, say, hey, here's what our groups are doing. As far as the slide, email and request, handles and process by a team of volunteers. Who handles the ‑‑ emails? Everybody? April primarily does the emails. April is the biggest adult in the group, so she's our adult supervision. The backbone. No auto reply, so you're not going to get
10:45
the auto reply. We do not ‑‑ other than that, don't attach anything. If you attach a logo, say, hey, here's our new logo, don't expect us to open it. We should get some embedded PDF or something. Be clear in your communication when you're sending these
11:00
email requests, too. Some of the requests can be very unclear. And be a little descriptive, too. I know one of the sections in the submission field talks about what you're doing, what's your goals and kind of what you're working on. So be a little descriptive just so people that are looking for DEF CON groups may be a little more interested instead of, you know, just being too vague. That's all I got.
11:28
I think that's the last slide. Everyone, how's it going? Can we start off with everybody that said that they're a leader, raise your hand. Okay. All you guys come up front real quick. I'm not
11:46
going to hug you. Don't worry, okay? Okay. Well, I'll give you a hug then. Here.
12:01
We got a special DCG challenge, but you can't come back up now saying, oh, I'm a leader, but we're going to be giving out coins for ‑‑ oh, I know you're a DEF CON group leader. How's it going? So these are some DCG coins. We're going to give some out more for some other questions, but these are for the DCGPOCs, some challenge coins. And we're going to do a Q&A, but because of the fact
12:22
the way we're doing the closing, we're going to try to do a little bit more Q&A like live. And I want to start off with you've heard a lot of stuff about organization and the minutia and things ‑‑ I'm not part of any of that. So I'm going to ask you about why. Why do you want to be in a DEF CON
12:42
group? What is a DEF CON group about? What does it entail? What is it for? And basically this key thing that we want to talk about is a DEF CON group is a way for you to connect locally with local hackers that share the interest with you. DEF CON is a global community. And I mean like global. It's like I've been
13:05
to conferences and other groups all over the world meeting passionate hackers who are also communicating and not just having this feeling once a year, but 24‑7 because they're able to talk to people in their own city about their interests, about what they're doing. And that's what we want to encourage. We want you to meet with local hackers.
13:25
It's like just like with DEF CON here, you've got the villages. So it's like if you like wireless, you're hanging out in the wireless village and you've got all those people with the same kind of passion, lock pick village, AI village, bio hacking village, social engineering village, all these
13:40
different villages with these interests that you have. And I keep telling people it's like 25,000 people at DEF CON, that's 25,000 opportunities to find someone that shares your interest. With the DEF CON group, that even narrows the odds down even better in your favor so you can actually connect with someone locally. That's why you have a DEF CON group.
14:01
It's like you see all these DEF CON badges, you know, it's like badge life, hashtag badge life. And a lot of those are from DEF CON groups that are like started out and wanted to do their own badge. And like they're learning soldering, they're learning how to make PCB boards and how to program and how to make those blinking lights do the blinking things that they do. And that's
14:20
awesome and amazing. But they're also learning and giving classes. It's like I know of DEF CON groups that are going into schools and teaching children about online safety. I know others that are working with nonprofits in different parts of the world. There's one especially in China that's doing this, that's working with nonprofits and actually going in and helping with equipment
14:40
to local area schools that don't have that much Internet connectivity at all. It's like so I mean there's there's a lot of things that you can do with your DEF CON group. It's not just a pub meetup which there's a lot of DEF CON groups that are like that, which is awesome. So it's like but you're giving presentations. You have you want to give a presentation at DEF CON, which I hope you do because you should. It's like but you don't want to do it right off the bat. Go to a local DEF CON group
15:05
and give that talk. Get constructive criticism. Hear from your peers. Get heckled and learn how that works too because I had to learn that the hard way as well. It's like and find out what it's about. So that's what DEF CON group is for and it's for everybody. So we're going to open up for questions before I keep rambling.
15:21
And we want some questions and answers of what you think you have if you're wanting to start a new DEF CON group, if you're already have one or you want some clarification on what we've talked about. Let's open it up for a question and answer period. Yes. Yes. All right. So the question was once
15:51
for spacing, it's like where do you want to have these the DEF CON group meet up? Where could it be or what's a good space for it? And that's a very varied answer because there's a lot of places you
16:02
I know some like the D.C. 4420 usually meet at a pub or a restaurant where they still have a talk. So there's a lot of DEF CON groups that have an organization where they'll get a restaurant or get some kind of hotel lobby or breakfast area thing where they can use the thing. I believe April D.C. 617 meets an actual
16:23
information security companies. We're in like a co-working space. Oh, yeah. Co-working space. So it's like we've met in like a conference room of a company that somebody worked for. It's just whatever is available. Some people meet in the food court. I've heard of other people that meet in like dance clubs during the day
16:43
when they're not in use. So it's just like an empty space that they're not doing anything with colleges. Yeah. Colleges are awesome. They're usually willing to donate space for free. One of the things you can do, too, is if you are at a university. I know when I was in college, I just started up a group or just a club. And from there, you're allowed to reserve space.
17:03
So you can reserve some of the lab space, even as oftentimes if you're a registered club at university. So you can even merge your DEF CON group in with that or get affiliated with one that creates spaces. Maker spaces are another good spot because they they love stuff like that.
17:21
Yeah. I mean, the possibilities are endless. And when you sell it as as not, you know, a bunch of criminals trying to break things and you say, you know, we were trying to learn and make the world safer. And you you put it out there in a way that is positive. And especially if it's a membership type of organization and you offer free.
17:43
I mean, it's going to be free anyway, but you offer it's open to the public and anybody can show up from any group that already uses that space. There's community centers, libraries. I mean, I know that's kind of lame or whatever, but like, you know, there's the possibilities are endless. There's all kinds of different spaces. Can we get Mike to on?
18:03
OK, so the current leaders over here just asked, like, so where do you guys meet? Had quite a few answers. One really cool one was from like hacker spaces, which is really cool. Yeah, go ahead. Yeah, I'm Peter. I coordinate the DEFCON group in Shenzhen, China.
18:23
And actually, with Jason's help on his kind of ambassador trip to China, we connected with a local maker space, as they called in Shenzhen. And they've hosted us pretty much all our meetings. And so we also use their advertising network, which gets us a lot of people involved in the maker community in Shenzhen. So we have a lot of people. So that network also helps us connect with potential members.
18:44
Very cool. All right, thank you. And then you had said the university. We're good? OK. Sorry, I don't pay attention very well. So who's got another question? Yes, sir.
19:03
Ireland. Very cool. OK, so they're asking for international groups. How do you see if there's actually one in your area? Actually, on the DEFCON groups dot org website, there's all the list of all the groups. It's like so you can go there and see if there's one in your area. And once again, I always in that caveat with and if there's not start one. Yes.
19:32
Come over here and go on the mic. Because after like four words in, I forgot where you started to say I couldn't repeat it. So I run DC 562 at L.A. We've been around for about five years.
19:42
We're lucky enough to have a private space, which helps us a lot when you do use things like a school or a business. They will influence what you can or cannot talk about. You may also be subject to search upon arrival. So keep that in mind when you try to align with these different places that you may be putting yourself at a disservice by using these public locations. But again, we don't all have the ability to get that private space. It does take some time.
20:05
Any other questions? I have a habit that I have a habit. It's no one asked questions. I usually run into the audience and then I make them ask me a question. So if you don't want to be that guy or gal, I have a question.
20:20
Yes, sir. You said is there an effort to merge with 2600 meetings? You know, I've had this a lot, especially within Europe, especially in Germany. There's a CCC group and then there's other other locations and other groups in other regions where it's like, well,
20:44
I don't want to know if I could do a Def Con group because we already have this group. And I'm like, when is one ever enough? So Def Con group is not trying to supersede any other hacking group. It's our local meetup. It's not trying to replace 2600 or a CCC meetup or a AHA group or a HAHA group.
21:04
It's like it's not trying or a nice act. It's like it's not trying to replace those meetings, but it can enhance it. Maybe one is more social like 2600 for me is always my experience with them has always been more socially active. With Def Con groups, you can actually do presentations and you can do projects and you can do building and things more creative moments.
21:23
So and 2600 groups have that as well, but it's more social. So it could be a separate group, another time of the week or the month to actually meet up. But if you want to say, hey, let's meet the first Friday of every month, it's like and just combine the two. There's nothing wrong with that either. There's nothing there's no competition.
21:42
So it's like it's how you want to make it and you make the group that fits in your area. It's like there's no one right way. Just like when you're hacking something, there's no right one way to do something. It's like you find what works for you and then you go with it. Something I kind of want to interject on that, too. So like in Nashville, we have quite a few tech meetups.
22:02
And so when we started the Def Con groups, we were very careful to not step on the toes like Freaknik or 2600 or other things, because that's not the point, as Jason said. So we were really careful in planning with that. So it might be something to consider and something else we're currently working on, too, which if you guys have any questions about that, we'll be around after.
22:22
I know so between Nashville and Knoxville and Chattanooga, we're currently in the talks of doing like a big barbecue together, meeting somewhere and just kind of getting together to keep the whole Def Con spirit kind of going even after Def Con. So I'm from DFW. I started the DC214 in 2002. It's one of the longer running DC groups.
22:50
What we've done in the DFW area, if you don't know anything about DFW, to get from one side to the other is our hour and a half. So there are actually between DC214, there's a Dallas Hackers, there's a Hack Fort Worth, there's North Texas Cybersecurity Group.
23:06
And at the beginning of all the meetings, we promote the other groups. The whole idea is trying to get people to go. And we have them in different locations because a lot of people will live an hour and a half away and they want to be involved. And there are a few people who will make two or three meetings
23:22
and it will cross pollinate and the information gets around. It's like this is the point of this is to get people together of like minds to be able to feed off of each other, to network. I mean, I can't even begin to tell you the number of people that has gotten jobs by attending DC214.
23:40
I know I've gotten two or three myself. It is a great networking opportunity that you can start up and join in on the other groups. You can start off with another one and then split off if you have to. There's actually a calendar, a Google calendar that we maintain to make sure that we're not stepping on each other's toes so we have a complete list of when all the different events happen
24:00
and you can go to one spot and find it. So, I mean, it's a collaborative effort. And as DEFCON Group Global Ambassador, I'm not allowed to take partiality or anything, but DC214 was the first DEFCON Group I called home and I drove three hours to get to it because there's such an open, inviting place. So if you're in the Dallas area, it's like definitely meet up with the DC214 crew. So, good job.
24:25
Also, if it's your jam, one of the things that we do at DC859 is we work with the Kentucky Law Institute and from that, some of the law enforcement agencies have reached out to us as trusted advisors and also ask us questions and had me and a few other people from
24:42
DC859 come out and speak for security awareness talks and things like that. So that's also another good outlet because with that, they'll support and they'll lean on you as trusted advisors. That brings up a good point. Everyone is welcome at a DEFCON Group. It's like law enforcement feds. It's like, let them make sure. They shouldn't be outed there.
25:04
You shouldn't make them feel uncomfortable. It's like you should be working with them and showing them this is what we do. This is what it's about. Communications open. Also, the more feds that you friend at the local DC groups, the easier chances of spotting the Fed at DEFCON and getting a shirt. So keep that in mind.
25:20
So work with him. It's like, I mean, 360 days a month. I mean, make sure you're talking to him, you're working with him, you're collaborating with him. But then at DEFCON, it's like, hey, I know that guy's a fed. I'm looking at you, Tony. So yeah, you work with that. And that's how we'll retire. So yeah, so collaborate
25:40
with local law enforcement. You're not doing anything bad. You shouldn't be doing anything bad. So make sure you have that. Make sure that you have that rapport and they know exactly what's going on because I've seen groups that have gotten in trouble because they wanted to be, you know, mysterious. It's like I put on my robe and wizard hat and I'm doing arcane things over here and it causes problems. So make sure you're open and you're communicating and you're part of the community
26:01
because it's like you're not just in the hacker community. You're in your local community as well. And you should be trying to impact them there, too. I see a question in the back. So this is actually a question. I'm not the POC for DC402, but I'm the only one here in this talk. So here I am. We actually partnered with STRATCOM in Omaha, Nebraska.
26:20
I've had full uniformed colonels come up and send their people to our meetings. Nice. By reaching to other community hacking groups. So just like you're saying, you always want to reach out and talk to the feds, so to speak, and have them trust you. We also have ties to InfraGuard and a lot of other local groups like that that all attend our meetings.
26:42
Very good. Awesome. So it can be a working collaboration. Also, one of the things that we need to know, you need to make sure when you're doing these DEFCON groups, sometimes they're in places where there might be cost occurred. It's like I know DC801, a lot of their groups sometimes will do dues or like they got their own space. It's an amazing
27:01
space at DC801. And that's why you have such awesome parties and then do Kickstarters. And there's some that are charities. But for a DEFCON group, it's like if you're having an open public DEFCON group, you cannot charge money for people to show up. It's like you may be able to get sponsors and have sponsors. It's like
27:20
it's vendor neutral. They're not trying to advertise in their group. They can just say, hey, thanks for giving a shout out. But you cannot charge for a DEFCON group. We've had problems in the past where people wanted to say, we've created a DEFCON group and now we're going to have our DEFCON group meeting and they're charging price to cover cost. You can't do that. It's like this is free and open to everyone,
27:43
should be available and able to come in. Yes. That is a good question. He was asking like the DC414 in Milwaukee actually meets once a month and he wants to know what the meeting
28:03
schedules are for some of the other groups because I know of one that meets once a quarter and another one that meets like twice a month. So there's different different times for meetings. What's your schedule usually? Does anybody actually meet more than once a month with your DEFCON group?
28:20
We got some right over here. So I'm starting to hear some that meet like every other week. Is that what you guys do every other week or just once a week? Once. So once more like so twice a month. One's a presentation. The other one's casual. Okay. So what's
28:49
up? I'm Rando. I run DC610 out of eastern Pennsylvania. We run once a month. But the important thing to really realize about this is your projects that you do in your DEFCON groups. They run all the
29:04
time. So I highly recommend like getting a slack channel together right getting an IRC or whatever your mode of communication is. So right now like we're planning a bar crawl CTF right and it's going to happen like towards the end of the fall or whatever. So make sure that those constant communication channels are open.
29:22
So even if you only meet once a month I know the one in Philly just started up DC215 they only meet once every couple of months. But if you're always talking to each other you're always communicating and you have these projects going and you make your project plans and stuff that's going to make your group a whole hell of a lot stronger. So you're not going and those four weeks if you go
29:41
monthly they go fast. And I realized I haven't done anything and my guys are busy too. So if you have those open channels it's super super critical for to get a really great group going. I remember the DC214 having old silk IRC channels. It's like so yeah constant communication is key. Yeah I'm with DC423 and we normally meet once a month
30:03
for our primary presentation sessions and whatnot. But we also get together two to three times a month for our CTF team to work on either active competitions or just to come up with other CTF ideas that we want to build for any other meetups that we get with.
30:25
I have a quick question. How many people here want the rest of the world to know what's going on in their DEFCON group? Who wants to actually inform everybody else and the other hackers in the community say hey this is what we're doing that's pretty cool. We're looking for that. It's like if you've noticed
30:42
when I travel I always try to find the local DEFCON group POC and interview him or her and talk to them about it. I've got some of their interviews already up on DEFCONgroups.org but I'm only one guy and yes I travel a lot. It's like but not a lot to get to everybody. So start submitting your uploading your own interviews.
31:03
Conduct your own interviews, upload them to YouTube and send us the information so we can actually post you up on the DEFCON groups website as well. So everybody can start understanding what's going on in your DEFCON group and get more exposure to what you're doing in your local community. And if you follow at DEFCON groups on Twitter
31:20
we will retweet DEFCON groups that are tweeting about their upcoming meetups and things like that and things people are working on. So it's a good way to find out what's going on and what's coming up. Something I just want to add to that too. In your interview videos if you can just do a quick one or two sentence blurb about projects that your group does
31:42
because that's a really cool way to share those ideas across other groups for those that are looking for something to do. So just something in mind to keep whenever you actually do those interview videos. Who else has a question? Yes.
32:05
Well, oh my gosh, don't get me started on talking about malicious hackers. No, no, it's like you're not putting your targets in because it's not malicious hackers, it's criminals that go after you. There's a distinct difference. It's like I did a whole talk about that once.
32:20
No, I don't think it puts any more of a mark on you than anything else. It's like there's, I mean, you're trying to help and be better and if someone's going to use that as a, I mean, I've been doxxed. It's like all my information has been doxxed. It's like my home address. I've got 26 cameras inside, outside of my house and stuff because I know what's been going on and it's not pleasant. But it doesn't matter. I wouldn't change a thing.
32:42
I'm proud of what I do and I'm proud of what I'm doing and so if they want to come out, you know, they're going to come at you no matter what you say or what you do. So, just regardless if you're being a member of a DEFCON group or your POC contact information is out there on the web because hopefully you're using a generic Gmail account for your POC because that is out there on the web.
33:00
It's like it doesn't matter. It's like you're there. You're trying to help the community and screw anyone else trying to mess with that. Yeah, as long as you're not associating yourself with things that are illegal, obviously, then it seems like that shouldn't be too big of a concern. But, yeah, I mean, if you're taking the time out of your schedule to step out there
33:20
and contribute to the community, then, you know, good for you. Thank you. Yeah, we got a comment right here from someone that maybe has some experience with it. You stole the mic. All right. Hello, my name is Zach. I'm one of the co-organizers for Knoxville's DEFCON chapter of the DCA65 and just a remark about the potential possibility of criminals
33:42
that would happen to join the group. A lot of our dedicated members are actually dedicated to promoting, like, the profession of information security and to make sure that, you know, your personal information is safe and that, you know, your devices and your systems can actually be trusted. With that said, criminals are antithetical to, you know, what we actually do
34:03
and, you know, if you try to do anything weird, you will get caught, not just possibly by us or other hackers or the authorities. So it's futile to even go down that road. Actually, that reminds me of a really funny story. The only criminal interaction I have ever had at a DEFCON group meeting
34:22
was at DC214 where some guy in a white shirt, I forgot where the book place was, but it was hilarious because it was a guy in a white collared shirt dressed khakis. I mean, literally, I think they were dickies. And he showed up because he heard there was a hacker meetup and he wanted to know how to hack around his proxy at work
34:43
so he could get Facebook and Twitter onto his computer. That is the only criminal activity I've ever encountered and it was some sales guy from a life insurance company. So sorry to out the guy from the life insurance company, but it's like, yeah, but that is the only criminal interaction I've ever had at a DEFCON group meeting anywhere in the world.
35:02
It's like, was that guy? Oops, my bad. He's probably still looking for that proxy workaround. Let me say something real quick too. I teach a lock picking workshop. I did that with DC859 at one of the create spaces. And they had concerns because they were like, well, aren't you just teaching people how to break into places?
35:20
No, we're teaching people how to use correct cores and good locks and how to fix this stuff, remediate against it. And so I think even that is even having a preface as you have your meetings. If you're teaching something where you're like, hey, if there's some criminals here, they might use it or whatever. I mean, you can't be responsible for people, but you should have the preface as saying,
35:42
hey, we're teaching this for security awareness purposes. And so you know and so you have a more comprehensive understanding of how technology or physical security or whatever works. And that's one of the drives for InfoSec, right? So I think having that mindset as a DC group is important as well. And I think Casey should be able to tell some words about like,
36:02
because he works with the hacking groups there in Oklahoma. And he also works with InfraGard as well. And they do stuff together. So why don't you talk a little bit about that? I think one of the biggest things that I want to say is that the guy standing up here at the podium right here, he's one of the biggest advocates for our community that I've ever seen.
36:24
He's probably going to get on to me for saying that, but it's the truth. My first DEFCON was six years ago. And I would never imagine I'd be sitting up here trying to help people. But this guy right here encouraged me to be involved.
36:41
And I think that's the biggest part is be involved. You may not be a super hacker, but you contribute. You contribute to all of us. And when you contribute to all of us, you make all of us better. And so that's the biggest thing that I've learned is to be involved. Get out there, break outside of your shell. I'm socially awkward, I'll admit it.
37:02
And these guys pushed me to go out and talk and to meet people. And it's the best thing I've ever done. I am such a completely different person now after my first DEFCON than I was before I attended. And it's all about being involved. So just encourage everyone. Be involved in your community and care about it.
37:22
Definitely. We got ten minutes. We got a question back here. Does this work? Okay, great. Yeah, so I think a lot of us that are interested in the subject are pretty privacy-minded, concerned about our identity. And one of the things I was wondering was,
37:40
currently on the DEFCON groups, on the website, is there any identification or notification of a user who wanted to be a new member of a DEFCON group? Would they be notified that they had to present ID or be searched or anything? No. There are, and I think April has a good experience
38:00
with some of the registration on the users, but I will start off and say that you do not have to register with your own ID to go to a DEFCON group meeting. That's not required. Certain places you do, but it's like, to be a part of a DEFCON group requires no registration. It's like, I mean, if they do, you can use one of my aliases.
38:22
I've got like 30 I can spare. It's like, but you do not have to actually give your name or do it. And most people, especially with the DC-801 and a lot of other groups, they're all by hacker handles. It's like they're not using their real name. So I don't think that is going to, well, I know that's not a requirement. But some of the locations, and April's got a good history
38:42
on some of the locations that may require you to register at that meeting at that time that she can go into. So one of the things that we've struggled with is being in Boston, we have a lot of tall buildings, and there is building security, and the building security requires you to show ID when you enter the building in order to get in.
39:03
We aren't huge fans of that, but we have to comply because it's where our space is and it's free and it's how things are working. So we have been having an Eventbrite registration where you pre-reg and then we give all that info to the building. We don't get that info, I personally don't get that info,
39:25
the co-working space that's hosting us doesn't get that info, it just goes to the building. So when you come in, you could just show them a Batman ID or something, even if the name doesn't match, I don't know if they'd notice, but there are some places where you're going to have
39:43
to struggle with that and try to figure out if that's something you can handle as a group or if you can handle that as an individual or if you have another way that you could present yourself with some sort of ID that would match what you register as.
40:04
Obviously it's better if you can just have a totally anonymous drop-in kind of thing. There's another side to that too, where if you're trying to have food, pizza and beer for example, and you want to know how many people are showing up, it's totally up to the organizers of the individual group how they want to manage all of that.
40:22
And we talk internally about how we want to handle this particular issue because of the tall buildings and it doesn't matter where we end up for some reason, we always end up in a really tall building where the security requires us to show ID.
40:40
That's what bypass tools are for. Yeah, I don't condone any illegal activity trying to get into tall buildings, but there are certainly ways to handle that as an individual to protect your own privacy. Got it. So, real quick, I want to thank all the DevCon group leaders that came up here and contributed
41:03
and hung out for a while and everything. Thank you guys for coming up here and standing instead of being comfortable in your seats. I really appreciate that. Thank you. Thank you. I'd like to start the closing statement. It's like everybody I think should have their own closing statement on it,
41:21
but I'd like to say it's like this is a group effort. There is not one person behind DevCon groups. It's like this does not function. This does not operate 365 days a year without this team of people working on their off hours, working on their weekends, working on the times that they can to get these things done. And I've seen some of the emails where April was like directly,
41:43
why hasn't this been done? It's like I've got all these other jobs, all these other things. It's a volunteer effort. It's like we're all volunteers trying to put in our time because we care so much about the message and we care so much about the community to give our time to do these things. So, just like it's this team that helps make the DevCon group's organization part run,
42:01
it's all of you that make the community run, that make your individual local DevCon groups, and you're just as vital as this team. So, I think everybody is doing a great job and we just need to do more. We need more hackers out there. We're working in the community together. So, thank you.
42:22
Thank you, Jason. Thank you guys for everything you do. Originally, we had planned to sort of split up the room. If you wanted to join a group, you're going to go to one side, or if you want to start a group, if you're already in a group and you have ideas, you're going to go to another side. The logistics of that aren't going to work. So, what we're going to do is after the closing ceremony.
42:46
So, after closing ceremony, anybody that has questions, if you want to join a group or start a group, then you will see April or Casey. If you have questions about ideas for your group, like projects, things like that, come see Tim or myself,
43:02
and then Jason will do his Jason Street thing and sort of float around everywhere. So, catch him if you can. But that's it for me. Do you guys, and we'll keep the closing comments. This is my Miss America speech, but this is a reminder that community builds each other up.
43:23
They don't tear each other down. So, kind of keep that mentality. Even when you're feeling a little bummed or left out or something, there's a lot of people here, man, and there's a lot of people that love and they want to share information and no question is stupid.
43:41
Be excellent to each other. There you go. All right, yeah. Hey, I really appreciate you guys, your cooperation and everything. Again, after closing ceremonies, if you want to hang out in here, just come find us and really appreciate it and have an awesome rest of the day. Thank you.
Recommendations
Series of 112 media
Series of 122 media
Series of 93 media
Series of 322 media
Series of 109 media
Series of 84 media
Series of 85 media