Hacker News new | past | comments | ask | show | jobs | submit login

> What else might be options for securely accessing the event?

I generally recommend ensuring that your security posture for DEFCON is the same baseline security posture you should have at all times, and for all websites, and then adjusting your habits accordingly months in advance... and then just chilling out because you've adopted a more secure normal (and DEFCON isn't particularly risky compared to everyday life).

Pantomiming paranoid-level security during hacker summer camp is silly. This is true for both in-person events and this year's virtual event.

If you're worried about getting hacked at DEFCON, don't wait until DEFCON to become secure, and don't become lax after DEFCON is over.




If you were a blackhat, burning a 0-day at DEFCON would be a huge waste. You probably wouldn't get anything interesting, and chances are someone would catch it.


At DEFCON, it'd be a job interview. Assuming you are looking to work for Raytheon or similar.


You don't need to do any kind of performative hacking to get a job at Raytheon.


Nope, you definitely do not. It would definitely get the attention of some vulnerability development types! But there are also more professional - if occasionally less fun - ways to go about that.

If memory serves, the "open" network has seen novel attacks used in years past. But not many.


It would be fun though


And even more importantly, it might prove somebody wrong about something.


A lot of people burn zero days for cred.


Eh I'd argue some measures are reasonable.

For example, I might choose not to bring a laptop and just use my phone + take paper notes.

But that's more about not wanting to have to keep track of my laptop than fear of evil maids. Unplugging for a bit can be rewarding mentally and if it's not with you it's one less thing that can be lost or stolen.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: