DEF CON 2013: Heroes or villains?
Davey Winder investigates the value of sending IT security pros to hacker conventions
Founded in 1993, DEF CON has gone on to become the world's biggest hacker convention. With some 15,000 hackers descending on Las Vegas to talk about hacking-related stuff, listen to others talk about hacking-related stuff, participate in competitions as varied as fastest lock picking skills and spotting the fed.
This year, the latter may become a tad harder as the convention organisers have made it clear that federal agents and government security officials are no longer welcome to attend.
It is important to note that all hackers are not criminals and do not steal your data.
Last year, the director of the National Security Agency gave the DEF CON keynote speech and in it stated that "those who would want to weave the story that we have millions or hundreds of millions of dossiers on people, is absolutely false"
A year later the PRISM surveillance programs were exposed leading to DEF CON founder Jeff Moss (himself a member of the Homeland Security Advisory Council for ICANN) publishing a declaration entitled: "Feds, We Need Some Time Apart".
The fact that government officials and law enforcement agents would be in attendance at a hacker convention may not be that shocking, perhaps more surprising for many readers is that IT security professionals flock to Vegas in their thousands each year as well. Which begs the question, it is advisable for them to mix with those who would steal your data? IT Pro has been investigating...
In order to properly solve the 'walking on the dark side' conundrum, you first have to understand what actually happens at DEF CON.
The notion that it's a big conference hall full of mohawk-sporting cyber criminals exchanging the latest methods to crack your encryption and make millions is, to be honest, just a tad off the mark.
Sure, enter the DEF CON arena and you will find more 'alternative haircuts' than at your average IT conference, and a refreshing lack of suits and ties. However (says the eye-patch wearing, beaded-beard sporting and heavily tattooed writer of this piece) appearances can be deceptive.
Most of the cyber criminals that I've spoken to, and just about every single one that has ever been arrested and charged, look as normal as the next Eastern European organised crime outfit member.
If the bad guys were really so easy to spot, there wouldn't be any cyber crime to investigate. But forget the visuals for a moment, it's the words that really matter. After all, what exactly is a hacker?
Continues over page...
In This Article
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now