One bourbon, one scotch, and one mav

I went to bed thinking that I had a sore throat from all the yelling at the shows earlier in the week & the cigars and beer from Saturday night. Wroooooooooooong. I got sick at Defcon! Yay!

We went over to In-N-Out Burger for lunch. In-N-Out is the best fast food I’ve ever had – better than Whataburger, and the closest I’ve ever come to a Depot Burger-quality fast food burger.

We went over to Gameworks/M&M store/Coke store. Me standing in the Coke Store is kinda like Jon Stewart standing in the middle of the Republican National Convention – possible, understandable, but still seems wrong. Both of the stores are packed with loads of shit that I couldn’t care less about. One cool part, though, was the mix-and-match M&M color bay. They had 30+ colors of M&M’s. Gameworks was rather anticlimactic, also. Guess I just don’t care about arcades.

Teams split up and Furb & I went to check out the Las Vegas Fry’s. It’s just like the Fry’s I saw in DFW, except cleaner and neater. It was pretty nifty, I picked up the Blue Man Group’s Complex DVD.

We came back to the hotel as I was feeling like shit, and I hit the Sudafed really hard. Chilled here until it was time to go to P&T.

The P&T show was absolutely fucking awesome. Like Blue Man I won’t try to describe it, you need to see it for yourself. Think of it as a magic show without the flash, and with a bit of social commentary thrown in. It was quite nice. Got a picture of myself looking like a complete dufus with Penn Jillette. Came back to the hotel, doped myself back up on antihistamines and went to sleep for about 5 minutes.

It is presently 6:03 AM MST and I will be heading home as soon as I possibly can. I am very much ready to go home and sleep in my own bed.

Observations, closing remarks and to-dos:
Item #1 is still open for improvement. It was nice going around town and doing things this year but I’m not doing it again. With the exception of P&T, I’d rather just spend the money at the con.
Next year I’m going to the parties. Possibly in costume.
Spend more time in the skyboxes/penthouse/outdoor events area and less time watching talks. Be more selective about the talks I go to and interact more during other times.
Look for contests I can enter. CTF is way over my head at present, but isn’t insurmountable. LPCON is probably my best bet, although the wireless contests are also an open possibility.

Got up this morning right on cue, even though this is three mornings in a row I’ve screwed up setting an alarm on my phone. Today’s mistake was forgetting to change profiles so my phone was on silent. I’m smart.

Watched a bunch of varied stuff – Corporate Network Spying was like “Sniffing 101,” which is what it really comes down to anyway. Found it a bit boring but hopefully Furb got something out of it. Went to a couple of other things but the highlight of all the talks was another talk by Vixie et. al. about the need for a common repository for malware. The problem in a nutshell is that it is real easy for malware authors to mess with existing sensors, and as there is little to no communication between antivirus authors, we spend a lot of time spinning our wheels instead of sharing base tech. This has the effect of making AV software less effective and makes user’s lives more difficult. The solution proposed was to create some sort of centralized repository that major authors could have access to, in order to share info about malware, and alsos to provide some sort of automated processing against most executables (interestingly enough, the packing process itself appears to be the only thing different between many variants of the same piece of malware, so if we could effictvely automate the unpacking process properly it would result in substantially higher detection numbers using existing definitions and heuristics.)

Blah blah blah.

But anyway. Then came closing ceremonies. Many interesting things were discussed there.

• Over 7000 badges were sold. All badge stock was sold out, including the emergency “admit one” badges.
• Vegas PD and hotel security were both very happy with Defcon in general.
• The hotel wants us back again for next year and will be giving us nearly the whole center this time. Ideas for new uses for the space are welcomed. “Taking over” a tower and Defcon TV options are still under debate.
• Priest congratulated everyone for making this year’s Defcon the most pleasant con ever.

The vibe this year really was amazing. With the exception of some pretty short tempers on Friday morning, for obvious reasons, everybody was just immensely cool to everyone else. The talks were great, and the thing that totally sold me on this new place is the fact that I was never once kicked out or asked to leave during or after a talk. There were a few I had to stand through, but none I was turned away from – this by itself is such a huge improvement that it may have been the origin of the goodwill that seemed to permeate this year’s event.

Needless to say I will be attending DC15 unless I am dead. My dashboard already has the 360-or-so days until DC15 widget on it.

After all this craaaaaaazy shit we went to Quark’s, got some excellent steak, a few Borg Spheres and rode the rides. Borg Invasion is still lame as fucking ever. Klingon Encounter is aging but isn’t down yet – it’s still a fucking blast to ride.

Headed over to NYNY and caught the Zumanity show. This was OK but not nearly as good as I had in mind. There were some amazing parts but overall it was more hype than anything. Somewhat disappointed. Also, I was very severely underdressed for the crowd in question – I think this one is a bit more “upscale” than I was anticipating. Would probably have been a lot hotter had I been going with my SO.

Oh, wait.

Observations:
This year, as far as the con goes, was fucking phenomenal. The things that can be done better are more procedural than anything. Overall, there were no weak areas. Fan-fucking-tastic.

Finally got to sleep after a bit of effort. Next year I’d like to have two hotel rooms, a quiet room and a non-quiet room. In the AP we sorta had this option, in the Riv I can just pretty much plan on getting no sleep. This would be fine if I was a young party animal but I am an old cranky bastard. I’m gonna get that on a hat.

Got up this morning & hit up a few talks, wanted to go to one particular talk given by a goon but it was back to back with Kaminsky, and frankly, he’s one of the reasons why I am here. He delivered as per usual, a very animated discussion about various things – not quite as solid as last year but his material had less “cool factor.” Still, there was beer, and beer is always good.

Hit up many other things throughout the afteroon. One was a giant clusterfuck when they guy presenting about Linksys access points lost his presentation (!) It wasn’t in early enough to put on the DC14 CD and apparently he didn’t bother to back it up. Normally I’d have pity, but if I was presenting at Defcon, I’d have my presentation in at least three different places and mediums.

One of the highlights of the day was a talk by Dr. Linton (Lin) Wells, who is the Deputy Director of some damn thing or another – suffice it to say that he is a fed, and was on the Ask the Fed panel. His present task is information tech analysis and he spent the hour talking about creating a DoD network in which UNclassified data is properly distributed to government and non-government officials. For example, let’s say that during a disaster a local police agency wants to get federal satellite graphs of a local area. Right now there’s a bunch of bureaucratic bullshit process that one would have to go through to get that data, but he wants to make it so that anybody who needs it can get it, and is looking for lots of suggestions about implementing interaction with individual citizens, which is why he’s here. He was a very good speaker and brought up several interesting subjects.

Killed the night away watching DNS lectures which ended up being not so intresting. I should have gone to the lock picking lectures even if I already knew/know how to do what they were reviewing. Still, the only thing I really got out of the DNS lecutres was one idea for an interesting DDOS-style attack and a lasting understanding that Paul Vixie really, really fucking sounds like Kermit the Frog.

Picked up a couple of lighters from the schwag booth, one for collectin’ and another for usin’. Also met the guy who runs Unamerican, who has a fucking schwag booth set up. Bought several stickers and buttons on it. My bag now has pieces of flair. Rock.

Hacker Jeopardy was ABSOLUTELY FUCKING MINDBLOWINGLY AWESOME. I answered a lot of the questions before the guests did. I keep thinking it would be interesting to have a team even if we get our ass kicked, I just need some comrades that know a lot about proper software.

Observations:
Paul Vixie sounds curiously like Kermit the Frog. He’s very smart though.

Started off the day tripping over drunken comrades to leave the room at 9. But actually ended up leaving about 9:20. Figured I couldn’t get proper breakfast before the con started, so I picked up some junk food and headed for track 3. Got there and hung out for a few minutes, until a goon told us to get the fuck out. Apparently something happened and the fire marshal never cleared the con event rooms. So we waited in the hall for an hour, at which point Priest told us we were gonna have to wait for at least another hour. Wandered about seeking sustenance and hydration until the con finally started, 2 hours late. This would end up being bad later, but for entirely odd reasons.

Started off the day with a dude named Atlas who wanted to talk on and on about how he went from random brainy guy to l33t h4×0r in five days. He talked a lot about binary exploits and had a lot of interesting things to say, even though he got cut short a lot due to the weird scheduling problems.

Caught various talks throughout the day. The highlight of the afternoon was definitely Major Malfunction’s talk, but what can I say, the guy’s James fucking Bond. Top that. He had a lot of crazy awesome shit to talk about with regard to fucking with magstripes, including reading stripes with a cassette head and how to store them as a wav file. (Hint: Credit cards sound pretty fucked up when you play them through speakers.)

Rest of compadres blew me off for Margaritaville. I’d love to go, but there’s this con thing.

Evening was topped off by the EFF QA session, which was really awesome. Makes me feel way better about giving them my hard-earned dough, as they are honestly concerned with what goes on in the community. Or they’re really good fakers. Then I saw two RFID talks in a row, the first one about a device that could emulate or selectively cancel out or duplicate tags, the second about how to read RFID tags and emulate one specific type of tag, the type on the US passport. Lots of really cool shit here, including how to make the reader think the memory area on the tag is effectively infinite (it just reads until it hits a proper EOF marker! Who designs this shit?!?)

But the highlight of the night was definitely the Movie with Dark Tangent. On a whim I decided to blow off Hacker Jeopardy to see this, and it was a good goddamn idea. The movie of the night was a strange all-CG movie called Megadon, a very short (less than an hour) tribute to 60’s Godzilla-type monster movies of Japan. It was done by a small crew, 11, working over a period of three years. The production value is really amazing – it even has realistic artificial film grain and dirt/damage on film. Looks like fucking film. It’s the first movie I’ve ever seen where the CG scenes could legitimately be confused with live action. Granted, it’s only for a few seconds, and only for a few select scenes, but considering that nothing has ever come close so far, that’s really saying something. DT is a fucking nice guy, very down to earth and a big movie buff.

Oh, and that highlight part? Guess who saved the day when the laptop DT was gonna use to play the movie went on the fritz? Me. We subbed in Snow Crash and played the whole goddamn thing on my laptop. I know I’m overplaying this, and I don’t care – loaning a system to the guy who runs the largest hacker con in the world made my fucking night. (Nobody may ever get the reference to the title but hey, that’s their own fault.)

I’ll never wash Snow Crash’s keyboard ever again.

Observations:
Movie Night with DT is definitely on the menu every year, sans exceptions.

Got up this morning, lounged around and finally went and got breakfast. Unless something weird happens this will be the last day I get to sleep in. The con starts at 10 and by fucking God I am gonna be there. We went and ate at the “Coffee Shop” – the Riv’s generic diner. Upside: It’s poolside, which provides for an outstanding view. Downside: The staff was rather dismissive, as opposed to the AP where everybody was amazingly nice. Oh well.

At this point it was noon so we headed over to prereg. The badges this year are fucking wicked awesome, they are color coated PCB’s that have a built-in PIC and a pair of LED’s that flash in various patterns. In addition to that, there is a conveniently provided set of programming pads and a note inside the program that hacking your badge isn’t just suggested, it’s expected. The guy who designed them actually has a talk tomorrow morning at 10, which is unfortunately back to back with another one I want to see. I actually saw my first modded version earlier today, a group of guys who took one of the blue LED’s out and swapped them for red.

Dropped by the schwag booth and picked myself up a cap and a set of pint glasses. No shirts in ultramegamegafatass size. I may want to swing by tomorrow to get a bottle opener too, for kicks. Don’t know why.

We wanted to go to the Gun Store and to Costco, so we all piled in the Mitsubishi Monstrosity and headed for Costco. They sell a lot of booze at Costco here, and it’s really super cheap. Then we went over to the Gun Store. The guys there are really fucking awesome, friendly and very well-educated about their guns. I got to shoot a full-auto AK47 (fucking awesome), a SAW (easier than you’d think) and a P90 (semi-auto only, which after shooting the SAW feels like a fucking capgun.) I spent WAY more money than I should have spent. Way more.

We drove back to the hotel, packed all the booze & shit in, and then after wandering around the Riv looking like fucking retards trying to figure out where the taxi stand is (hint: underground) we caught a cab to Excalibur so that we could do the dinner show.

(Side note: When we were here the first time, we had a pretty good suite of taxi drivers. This year, so far, out of three cab rides we’ve had two crazy drivers; one guy who was flat out reckless and stupid and rude to boot, and the second guy today on the ride home from the Excalibur talked a big line about knowing a lot of crap about Vegas “gentlemen’s clubs” but couldn’t find the Riv from the Excalibur without assistance. Scary.)

The dinner show at Excalibur was pretty cool – not Blue Man cool, but it was half the price. It was done kinda theatre-in-the-round (or half-round, if you will) style. It was all about a challenge to the kings of various countries and an evil wizard trying to take over King Arthur’s kingdom. Very family-friendly.

Grabbed a cab & back to the Riv. (See aforementioned rant about lost taxi driver.) Sleep. Get up tomorrow and go to con.

Observations:
It’s really hard to sleep when the snoring is shaking the walls.
I already let down promise #1 from last year. Working on it.

I am posting several entries in a row with the DC14 journal I’ve been keeping. Should’ve posted earlier but time didn’t present itself.

We got to the Riv and found that the Flight Crew had already checked in. Figured out where we were going, went in and got a key, etc. The Flight Crew came back from their trip to the Stratosphere. We decided to try the monorail as a method of transport. This would come back to haunt us later.

Flight Crew brought back some booze and we spent some time drinking before Blue Man. We walked over to the monorail station (not exactly a trivial exercise), had an uneventful ride (that foreshadowing thing again!) and ended up at the Harrah’s/Imperial Palace station. Venetian should be close to here. We then spent quite a bit of time hiking around on the strip, going the wrong way a bunch, and finally after asking a really hot chick handing out flyers for some casino I don’t recall where we should go.

So we finally get to Blue Man. I hadn’t bothered to look up any info about these guys. I like it that way. Less information == greater than. Mystery is invaluable. As it turns out, I’m very glad I knew nothing about it. Everything was a surprise. The music is amazing – it’s worth it just for that. But it’s also funny, and surprising, and unexpected. I keep wanting to go back and do it again.

Post-Blue Man we went and got some food at one of the food counters at the Venetian. It was very tasty. We decided to grab a cab down to the Bellagio fountain. We had the worst fucking cab driver ever – he wouldn’t talk to anybody, and drove like a fucking crazy person. And not in that good way. When we finally go to the fountain, we stayed through 2 performances and both were really decidedly lame. Hopefully, we can go back sometime when their music selection is less fucking gay.

We decided to head back to the hotel as it was quite a long walk to the monorail station. The Bally’s station is fucking irritating as hell, as it is in the back of the casino, and takes about a ten minute walk to get from the sidewalk to the station. We finally arrived there, and waited quite some time for the monorail to arrive. Then we boarded, and waited another 10 minutes or so for the car to depart! Then we waited again at the next station. Basically, the monorail was massively undrwhelming – for all of us to round-trip anywhere, it would cost us all ten bucks – 50 bucks in total. Compare this with an “average” cab drive on a strip-to-strip location of about $12-$16, and cabs are cheaper. Add to this the fact that [i]cabs fucking come to you[/i] and there simply isn’t any reason for us to take the monorail anywhere.

Observations:
The monorail is really good or really super bad.

Here we go again: I can’t wait. I’m wired as fuck.

I had to rent a car this year, as my car is seriously wounded. Last year’s trip to Texas took a lot out of it. I had arranged to rent one from Hertz. When I get out there today to pick it up, they say “Oh hey, we had to upgrade you. Hope you don’t mind.” “To what?” I ask. “To a Mitsubishi Monstrosity,” says the nice lady behind the counter. “Sold,” says I. It’s quite comfy but leaves a lot to be desired, engine-wise. It’s very powerful, but doesn’t manage it well – it’s slow to respond, like severe turbo lag, but there’s no visible turbo. Oh well, that’s why I didn’t buy it.

I’m pretty fucking nervous. I’m always fucking nervous. I don’t know where to go once I get there. I don’t know if I’ll have enough money. Or credit. Or if I’ll feel like a tool if I don’t go do everything everyone else wants to do. What if we can’t get there by 7 and we miss Blue Man? What if my m0n0 folds and I have no net access? What if my Powerbook blows up? What if monkeys fly out of my butt? God dammit. This shit sucks. Why can’t I just leave my brain alone?

Also, there’s the usual suite of anxiety about me. I’m a big ugly fat guy, why am I going anywhere, let alone Vegas. I’m worthless. I achieve nothing in public besides making people feel disgusted. Fuck.

All I need to do is sleep.

I was cleaning up my iPod, preparing to pack up all my shit when I ran into my notes from Defcon 13. I don’t recall ever posting them before and am too lazy to search my own blog, as such I am posting them now.

I’ve been stressing pretty fucking hard for the last 2 days, as it is becoming rapidly apparent that my goals for this trip do not closely mirror the goals of anyone I am going with. In a certain sense, it feels kinda like going to a football game with people who hate sports. But there’s lots to do in Vegas, so hopefully they’ll have fun. One of the things that I noted in my journal from the last go-round was this:

Next year, I will be:
- treating the town around me as being secondary to the con. We left several times when there were things I would have liked to have seen.

In my book, this absolutely stands. If I wanted to go to Vegas, I would go. I’m there for the con. I’m there for the people. I’m there because it provides me a slice of that which I will never have. For others, they seek out entertainment, but for me, the con is entertainment.

Here’s the rest of the journal, sans blockquote to make it easier to read.
Continue reading “Defcon 14: Blast from the Past”