Skip to main content

In the seedy airwaves of DefCon, only your brain is unhackable

DEF CON 20 Hacking Conference Pictures from Viss Closing Ceremonies
Closing ceremonies from DefCon 20 Image used with permission by copyright holder

Mr. Worst Case Scenario is Digital Trends’ paranoid, squinty-gazed, perpetually on-edge security correspondent. And he’s prepared for anything to go wrong, dammit. This week, he’ll slither out of his underground bunker in Montana, don his tinfoil hat and attend DefCon 2013 in Las Vegas.

Kick the tires and light the fires – we’re heading on a trip to hell. That’s right, your fearless author is on a bullet train to Las Vegas for the 21st annual hacker conference known as DefCon, and while there I plan to unmask the horsemen of the apocalypse. I’d ask you to wish me luck, but luck is just another unsecured network to these people.

This isn’t some wuss conference where industry hacks schmooze it up over plates of chicken alfredo – it’s a force of damn nature.

For those of you not paying attention for the last two decades, DefCon is the event of the year for security researchers, cyber safecrackers, lock picks, identity thieves, and other nefarious travelers on the digital highway. This isn’t some wuss conference where industry hacks schmooze it up over plates of chicken alfredo – it’s a force of damn nature. These screwjobs would hack the God of the Old Testament’s SIM card if he was brave enough to show up.

As you might imagine, this is not a safe place. Even down time between the exchange of potentially catastrophic ideas is filled with pranks on unsuspecting tourists, like at the very first DefCon, when the Sands casino computer system was nearly “nuked” by attending hackers. Or there was the time another casino had its entire elevator bank taken over, wreaking havoc on defenseless senior citizens who were just trying to get to the slots. At DefCon 19, a group of Anonymous pranksters claim to have manhandled the CDMA and 4G networks to carry out some good ol’ mass exploitation. This year, the stakes are even higher.

Since its inception, DefCon served as an unholy “neutral ground,” where black hat hackers and U.S. government employees from certain three-letter agencies could learn from (and recruit) each other without anyone drawing guns or SQL injections. But this year, the game has changed, thanks to whistleblower Edward Snowden, whose “revelations” about NSA domestic spying have caused a riff between the feds and the hackers. That is to say, the feds have been uninvited, for their own safety.

“When it comes to sharing and socializing with feds, recent revelations have made many in the community uncomfortable about this relationship,” wrote DefCon founder Jeff “Dark Tangent” Moss. “Therefore, I think it would be best for everyone involved if the feds call a ‘time-out’ and not attend DefCon this year.”

The way I see it, this plays out in two ways: 1. The feds do sit this year out, and fail to discover what these cyber-hooligans are up to, which results in the monumental ass kicking of some critical infrastructure networks; or 2. They don’t sit it out, and instead round up all the DefCon attendees into cages and haul us all off to the Utah desert for in-depth interrogations. Either way, my month at Captain Rick’s Survival Camp is going to pay for itself.

Even without mass incarcerations, this year’s DefCon promises a range of revelations that could turn even a hardened badass like myself into an agoraphobic wreck. Here’s a quick rundown of just a few keynotes scheduled this week:

  • I Can Hear You Now: Traffic Interception and Remote Mobile Phone Cloning with a Compromised CDMA Femtocell: Do you know what a femtocell is? Too bad, because these guys do, and after this talk, they’ll basically be a mini version of the NSA.
  • Phantom Network Surveillance UAV / Drone: Security consultant Ricky Hill has come up with the bright idea of teaching an auditorium full of hackers how to fly military-grade mini-drones to snoop on your Wi-Fi and snag pictures of your daughter sunbathing in the back yard.
  • The Secret Life of SIM Cards: We hear nobody should worry about SIM card hacks. Riiiiiiiiiiiight.
  • Home Invasion 2.0 – Attacking Network-Controlled Consumer Devices: Proof that “the Internet of things” is actually “the Internet of holy shit we are all screwed.”
  • Adventures in Automotive Networks and Control Units: “Adventures” sound nice. Too bad it involves a hacker hijacking your car’s computer system and driving top speed into a tree.
  • Hacking Driverless Vehicles: Much more straightforward than that “adventures” nonsense – I like that. Too bad this one also involves hurtling to your death in a 3,000-pound gasoline-filled contraption.
  • The Ninjaneers: Getting started in Building Your Own Robots for World Domination: I shit you not, that is the title of this speech.

To be clear, this is just a tiny sample of the cybersecurity horrors on offer at DefCon. There will no doubt be even worse ones, and I will find them.

This year marks my foray into the pits of DefCon. Not wanting to go in unarmed, I sought out a long-time veteran for some advice. According to my source on the inside – who will remain nameless to protect his/her safety – nobody is safe from the wicked hijinks that take place at DefCon, unless you take precautions. “You should be careful with any network-enabled electronics you bring,” he/she told me. “Assume anything on the network down there could get hacked.”

This year’s DefCon promises a range of revelations that could turn even a hardened badass like myself into an agoraphobic wreck.

And that’s just what I’m going to do. My personal electronics – laptop, tablet, smartphone – will remain locked in my hotel safe, far from the DefCon show floor. I will scan each and every stitch of clothing I wear in the men’s bathroom of a random casino for any rogue RFID chips slipped into an unguarded pocket. And the only records I plan to keep will be on paper, all of which will be memorized, then eaten. Remember, the only thing they can’t hack yet is your brain – unless you count waterboarding, which you should with this crowd.

Mr. Worst Case Scenario going to DefCon is like a suburban dad going to Costco. This is the one place in the world where all the worst-case scenarios in the world go to kick back. I’m heading there, dear reader, so that you don’t have to. I will find the horsemen of the apocalypse, learn their secrets, and report back. That is my mission.

Over and out.

Mr. Worst Case Scenario
Former Digital Trends Contributor
Maverick of men. Enemy of deception. Proud homeowner. Mr. Worst Case Scenario found his calling after a near-death experience…
How to delete your Gmail account (and what you need to know)
The top corner of Gmail on a laptop screen.

Is it time to part ways with your Gmail account? Whether you’re moving onto greener email pastures, or you want to start fresh with a new Gmail address, deleting your old Gmail account is something anyone can do. Of course, we’re not just going to bid you farewell without a guide all our own. If you need to delete your Gmail account, we hope these step-by-step instructions will make the process even easier.

Read more
How to change margins in Google Docs
Laptop Working from Home

You may find that Google Docs has a UI that is almost too clean. It can be difficult to find basic things you're used to, such as margin settings. Don't worry, though, you can change margins in Google Docs just like with any other word processor through a couple of different means.

Read more
How to change your Yahoo password on desktop and mobile
A Yahoo mail inbox.

One of the best ways to keep your many email inboxes safe and secure is by frequently changing your password. While this may sound inconsequential, periodic login updates end up being one of the biggest deterrents against hackers and other malcontents. If Yahoo is your email platform of choice, we’ve put together this guide to teach you how to update your account password in just a few simple steps.

Read more