The session titles are tinged with cloak and dagger, anarchy and freedom of expression: "We don't need no sticking badges: hacking electronic door access controllers", "Your ISP and the Government: best friends for ever", "Practical cell phone spying".
My personal impression of the some-what cult-like DEFCON security conference can be characterized as smart people instinctively driven to share knowledge and unadulterated research for a greater good. Whether its the protection of civil liberties, revealing stupid security vulnerabilities and flaws of products or unabashedly calling out vendors on incompetent engineering.
A smattering of speaker comments offer's a peak into the topics for this year's conference:
- There is no patch for stupidity
- 15 year device life-time == long tail for bad decisions
- Clever does not mean secure
- What appears secure is not
- Privacy is a subtle thing
- The warm, fleece-y Snuggie of Obscurity
- Software moves power on the grid
- Cute smart meter is cute
- The dumbest lock design ever
- Assumed to be trustworthy - 543 million devices shipped in first half of 2010
- Download games at your own risk
- An attack on any one node of an electric grid could take that entire grid down
- My life as a spyware developer and why I'm probably going to Hell
- There is no such thing as privacy. It is dead. Get over it.
- Malware scanner's are mostly stupid
- What can you do with Twitter that is utterly evil? Lots and lots of things
- There are 155, 693 public water systems - serving 286 million American's
- I don't think you need a sophistical exploit, there will always be a certain number of people that will click "yes" no matter what
- Social engineering has a long history and works just fine on the Internet
