I’m nowhere near smart-or-computer-security-knowledgeable enough to attend DEFCON, but I do wonder–when people attend, do they leave their regularly used personal computing devices (whether cellphone, computer, tablet, or otherwise) at home for fear of those devices being hacked (whether maliciously or not)?
Considering the entire place to be a hostile network is considered good practice, so I’m told. As is not using any ATMs in the local vicinity.
I use my laptop with a VPN and a mobile network – tethered off my phone – in my room. But I don’t use the wifi, and I keep my phone in airplane mode on the trade floor.
Given that we’re near to the tech-as-magic realm (epoch/millenia/wormhole), and considering the DEFCON talk that described pulling actionable data from EF signals emanating from a computer monitor, I’d be lax to even have the phone turned on. I just finished Gibson’s “Pattern Recognition”, and during the read I was considering the difficulty of maintaining unhacked access to email without one’s personal phone or computer while also using publicly accessible internet cafes and hotel wifi–hence the question.
Also, OT, but still…Cayce is a cool name. Just sayin.
Depending on the year, the towers are overwhelmed anyway and you can’t get a signal.
Phone goes into airplane mode. Everything else goes over a VPN or not at all.
Now that I think about it, would the wifi signal being broadcast to the DEFCON folks be on the same network/subnet as the hotel guests at any of the hotels where the talks are being held [Paris, Bally’s, Ceasars Palace, Planet Hollywood, Flamingo and Quad]?
Basically, I guess I’m trying to say that being at DEFCON would make me feel a lot like an analog sea lion in a neverending sea of circling digital sharks (regardless of their hat color).
Speaking about hotels, passive recon of the fellow wifi users can be quite fun to kill time before falling asleep. Wireshark is a good friend and network broadcasts can tell quite a lot.
In my college days I’d run etherpeg while studying at the local coffee shop to eavesdrop on my fellow students–that was a lot of fun. I’ve run wireshark a few times on poorly secured networks, but I stopped once it became clear how easy it was to grab personally identifying information. Now I just run a VPN and leave the hacking, however mild, to other people.
I’m a greyhat. If it is in plain sight, in whatever kind of electromagnetic spectrum, it’s free to look at. If it is passive, it is allowed by default.
And it brings experiences; I know what can be seen and what should be hidden. Which often gets handy.
The intercepted data are meaningless; the important part that they carry is the class of information that can be intercepted, and how.
This topic was automatically closed after 5 days. New replies are no longer allowed.