DEF CON 25 was my first ever DEF CON experience. Thankfully, I had a lot of resources to help me prepare, but I don’t think anything can truly prepare you for the full DEF CON experience. You can’t possibly imagine what it will be like until you have been there. That being said, I had an amazing experience and learned a lot along the way and I’d like to share what I learned for anyone who might be preparing for their first DEF CON.
In all seriousness, I’d first like to sincerely thank Pace University Seidenberg School of Computer Science and Information Systems for sponsoring me and 7 other students to go on this experience. It was truly an amazing experience and there are no words to describe how grateful I am. This was not an experience I could have afforded myself at this time. To read about all 8 students who went on this trip sponsored by Pace University, I wrote this article for the Pace University Seidenberg blog.
Like I said before, it was my very first DEF CON so I am not an expert by any means, but I have a few really amazing mentors who gave me a ton of tips and who answered my questions any time I was unsure while actually at DEF CON. Shout out to TXJennieK and Chaimtime who helped make the experience unforgettable.
What to Pack
Pack light, but don’t forget anything! Firstly, set aside enough clothes for the trip. You’re going to need a change of clothes for each day because it’s Las Vegas in the summer which means it is HOT! Pack plenty of deodorant to make a more pleasant experience for everyone around you. Don’t be afraid to reapply! Here’s what I packed that wasn’t basic living supplies:
- Power strip*
- Extension chord*
- Battery Back-up
- Multi-adaptor to charge any gadget for anyone in need (Your friends will thank you)
- HDMI/VGA adaptors (The one day I needed this is the one day I left it in my hotel room)
- Ethernet cable/adaptor
*These helped me make quite a few friends at one of my workshops as you can see in the picture below.
What I Wish I Had Packed
There was really only one thing: a charger for my own phone. I had one for everyone else, but forgot a USB-C charger which was impossible to acquire in Vegas for some reason. Thanks to everyone who helped me out! (BushidoXWolf thankfully brought a spare he was willing to lend for the weekend!)
Our group attended a TON of workshops. You can read more on that here. Here’s the list of the workshops our group was able to attend:
- Building Application Security Automation with Python
- Windows POST Exploitation
- Penetration Testing in a Hostile Environment
- Applied Physical Attacks on Embedded Systems, Introductory Version
- Subverting Privacy Exploitation Using HTTP
- UAC Bypasses in Win7/8/10
Note: All DEF CON Workshops were COMPLETELY FULL in about 6 minutes from the time they opened.
My Workshop Experience
Even the “introductory” workshops felt over my head, but that’s ok. The people running the workshops were crazy helpful and I learned a LOT along the way. I touched hardware I would never think to try in my lifetime.
Make sure your laptop is ready! During my second workshop, which required us to bring our own laptops, my computer decided to try to install Windows Updates while not connected to the internet to download said updates and just kind of crapped itself. I had to quietly excuse myself from the workshop which was extremely embarrassing. I thankfully was able to get all the lab materials and it was set up well enough that I was able to try the lab by myself at home later, but it was frustrating.
Secondly, as I said before, the workshops fill up fast. If you are traveling with a group, connect with them ahead of time to see what workshops everyone is interested in. My friend Lizzie and I picked 3 that we were interested in and both tried to register for different workshops. We were each able to secure 2 tickets for one workshop which made it so we could attend two each. Another person in our group was able to register for two workshops, but gave one to the person in our group who wasn’t able to register for any. Unfortunately, people wrote bots to buy up tickets before anyone else even had a chance so make sure to pay attention to when the registration opens. (It has been brought to my attention that this was the first year it was done this way so things may be different next year as well.)
I honestly didn’t attend many talks this year for two reasons. One: They are almost all recorded and posted online later. Two: There were too many other things going on to stay in one place and listen to just one talk. For example, LineCon, BadgeCon, villages and MORE! To be entirely honest, my FOMO (Fear of Missing Out) made it impossible to sit still.
Speaking of LineCon, this was a term I had never heard before this trip. Apparently, you can make a ton of friends while waiting around for things. I found this to be completely true! I met some really cool people and made some interesting connections while waiting to get into a room, event, or even just taking a break from all that is DEF CON. This is where the multi-adapter charging cables and candy really come in handy. Also, someone recommended a deck of cards. Though I didn’t see any of those, I did see a ton of blow-up beach balls floating around during the major lines.
I was told shortly before the trip that BadgeCon was the absolute best part of DEF CON. I’d have to say, it was definitely a fun adventure. There are a ton of light-up, blinky, glowy, and sparkly badges to be bought. There was an infamous Mr. Robot badge which was super underground since apparently the creator got in trouble for making. There was an interesting QueerCon badge that “had sex” with other badges. From my understanding, connecting the badges allowed you to unlock new animations. There were hard to find badges where you had to watch twitter to find out where the sellers might be. This had to be the most fun I had acquiring a badge. It was like a scavenger hunt! I was able to attain and Null Badge for $40 which was my first ever badge. My FAVORITE badge was the Crypto Badge. Featured below, this badge was customizable, displaying your choice of various avatars, your username, and a few different light patterns. It was able to track other badges, listen to DEF CON Radio, and I’m sure other features I haven’t yet discovered. I had to spend $120 to get it, but it was genuinely worth it. My absolute favorite souvenir from the entire trip. Be warned, from what I can tell, BadgeCon is the most expensive part of DEF CON. To see all the badges from this year’s DEF CON, visit the official DEF CON website here.
I didn’t attend any of the infamous DEF CON parties, but honestly, I had a great time without it. My only real regret is that I didn’t protect myself from every possible virus I could have received from DEF CON. While I protected my tech as though my life depended on it (didn’t connect to any wifi, didn’t attach my tech to anyone else’s, etc.) I forgot the most easily transmitted viruses of all: the human cold kind. I came home and got very sick from what many friends have referred to as CON FLU. My only real regret was that I didn’t use more hand sanitizer and I didn’t take extra vitamin C.
It was an amazing learning experience. I was so unbelievably excited, motivated, and inspired by my experiences there. If you have the opportunity, I highly recommend attending next year!