Defcon: What to leave at home and other do's and don'ts

Attending Defcon and Black Hat can make you feel a bit like a deer in a forest full of hunters.

The iPhone, love it, but leave it at home when going to Defcon, experts say.

(Credit: CNET )

With virus-infected USB drives, Wifi network sniffing, badges with built-in microphones and even security experts getting hacked, it seems like it's only a matter of time until your number comes up if you're not careful.

I asked some security experts for suggestions on what they do to protect themselves at the events and here is what they said.

Do's:
• Have minimal software on your laptop, such as only the operating system and necessary applications.

• Make a backup of your computer before you leave for the conference and then wipe everything and reinstall when you get home.

• Disable Bluetooth and Wi-Fi on all devices.

• Use an EVDO wireless card.

• Only connect to the Internet when you must.

• Use a virtual private network and--if you can--use RSA ID authentication and stop all direct connections to the computer.

• Run Linux off a USB key, back up documents online, and start with a fresh operating system every day.

• In addition to using updated security, application, and system software (antivirus in particular) and installing patches, use an operating system-level firewall.

An EVDO modem, such as the one pictured, should be the only gateway to the Internet used at a hacker conference.

(Credit: Verizon)

• Use a disposable camera and a pre-paid cell phone.

• Lock up your equipment in your hotel room when you are going to be gone.

• Take the drives with you when you leave the laptop in the hotel room.

• Ask to be listed as a non-registered guest at the hotel so people can't get your room number or acknowledgement that you are staying at the hotel.

Don'ts:
• Don't plug into any Ethernet jacks.

• Stay off the Wi-Fi networks at the airport and the events.

• Don't use the ATMs in the vicinity of the conferences.

What to leave at home:
• Your laptop and smart phone. You can't be attacked if you don't bring your equipment. If you must bring it, consider leaving it in the hotel room.

[tektaktyks]

sounds like fun,a bit dangerous and exciting,like climbing mount everest or something,i enjoyed your articles.

[yacahuma]

So , you are saying that we are completely is the open during a normal business day? What .MS and Apple have to say?

[jarturof]

What about casual people walking by the event, not even realising that is happening, they should be warn not to use the ATM's or phones nearby.

That's scary, jet interesting.

I need to look for my 1999 super dumb phone?

[ajkimmins]

Analog cell networks were turned off earlier this year, that phone would just be a paperweight anyway.

[geshp]

Personal experience about the wireless one. At one of our hotels in New Orleans, someone set up a rogue access point in the parking lot and used it to get room number/last name combos and credit card numbers by impersonating our sign up page. The techs knew about this for 2 weeks before management finally called the FBI. And no, I'm not telling you what hotel I work for.

[CAStrunk]

Here's one...leave yourself at home! With attacks like this, a lot of companies will think the risks far outweigh the benefits.

[ajkimmins]

There probably is a lot to learn though. Why do you have to have your laptop with you to learn? Did you have one in school?

[TheLockheed]

I'm always a bit disappointed when media propagate the "don't use the network at the events" item. It's scare-mongering for headlines (IMHO). DefCon is a security event. Expect shenanigans, but don't scare people away.

Good practices can keep you secure, just as they will on the Internet. Turn on your firewall, patch your system and apps, don't keep confidential information on your laptop.

There's nothing that happens on the DefCon Network that doesn't happen on the Internet.

As the head of the DefCon Networking Team, I was approached by several first-timers at DefCon this year who said they were "warned" about how hard-core and bad/hostile/etc the network was - and after experiencing it themselves, found it just wasn't true.

Any difference-of-opinion I have regarding "don't use the wifi at DefCon" is due to the efforts me and my team of people make in order to setup the network at DefCon. We put in months of planning and a lot of time and effort to make it happen, and it's a big let-down when outlets like CNET make sweeping statements like "don't use it."

To that end I welcome any journalists or media to contact me to discuss the DefCon network in more detail.

[Everdusk]

Actually, it'd be worth having someone go to the event with a patched laptop and use the ethernet jacks to access the internet and log into some preset accounts and see if anything gets hacked.

I'd be kind of surprised if the network team doesn't already do this if they're worried about their image with the media. At least then they could say more concretely that it's being tested and came up clean during the last X events. Not just "my team works hard" which comes across as a sweeping statement with as little factual basis as the story provides.

[ajkimmins]

You have a good point, but, remember, when you put this many people together the chances of being hacked and sniffed goes up proportionately. Plus being in the vicinity, ie, on the same network, it's a lot easier to hack a computer. Or sniff the blue tooth on a cellphone and get in. Don't just say your network is safe. That always spells disaster, the government says the RFID passports are safe, and we know how easy those are to hack.

[d1428]

A simple way to protect yourself or at least your computer besides not logging into personal accounts is to use an XP emulation of XP or any program in emulation mode. The XP emulation program siting on top of XP, can be cloned through simple copying and can be deleted leaving no trace. So when you go home, you can delete it without worrying about taking home anything with you.

[jvin248]

Wiping drives and reinstalling before and after the event? finding all those arcane drivers again? Too much work.

Just leave your hard drive at home, take the laptop with the CD/DVD drive and some linux liveCDs. Boot them up when you need to do some work and save data to a USB flash drive. While running, Linux is also a bit more secure than Windows, of course.

visit: distrowatch.com, popularity table on right side middle pane.

Pick a liveCD with Open Office on it (such as Ubuntu) and you'll have the ability to transfer your work back to Windows and MS Office. Or .. after you get home you can always keep using Linux....