As the head of security for DEF CON, I’ve seen a lot of articles (and a bit of scaremongering) around the threats at the event. While DEF CON is a technically hostile environment, I promise, it is not a dystopian wasteland. A little common sense goes a LONG way.
Here’s your basic guide for how to stay safe:
- Don’t bring your work devices. Use temporary (often wrongly-called “burner”) devices, without access to sensitive data.
- Don’t plug anything into your device—or your device into anything. You wouldn’t put your finger into an electrical socket, think of a USB stick as a similar risk.
- Don’t open strange attachments. In fact, don’t open any attachments.
- Don’t use wireless networks and only use devices you are willing to sacrifice if you must connect. When in doubt, use LTE or 3G. These still have some risk, but it's smaller. Use caution if something forces you to use EDGE—or, even worse, GPRS or GSM—and only engage in low-risk activities (slowly lol).
- While Casino ATMs are usually OK, it’s safest to use an actual bank ATM—inside the bank (not a drive through or gas station).
- Las Vegas has a high crime rate, so don’t carry valuables outside of the hotel. Your best bet is to keep valuables in the in-room safe or drop items off at the front of the hotel.
- DEF CON staff is there to help you. If anyone turns you away, ask for me.
- Talk to people, have fun, and use your smarts!
DEF CON is what you make of it. If you come and contribute with a positive attitude, you will have a great time. If you see someone that looks lost or needs help, engage with them! I was a n00b once, and the kindness of strangers helped make my experience awesome. This year, I hope you find that the same is true for you.