DEFCON 15, in their second year at the Riviera, seemed a little more settled than the turbulent vibe from last year. Unfortunately DEFCON already seems to be outgrowing this space as a couple of the talks I wanted to see were standing room only and attendees were spilling out into the halls.

The badge this year was a large rectangular PCB with the DEFCON logo parts down the left side and the letters “DEFCON” down the right side. In the center, oriented vertically, was a mini LED pixel display which was controlled by an on-board chip. In it’s default state, the display scrolled the text “I <heart> DEFCON”, however you could program the display through various sequences of pressing your fingers to the DEFCON logo parts down the left side. The badge this year was interesting, but it definitely had some quality issues. The controls to program the scrolling LED display were too easily triggered accidentally, causing most badges to be usually scrolling one of the menu texts instead of the custom message. Also, toward the end of the conference I was seeing a lot of the badges with stuck displays, only having a couple of random LED pixels lit up on them. The badges may have also been a little over-engineered as the instructional poem in the DEFCON book alluded to being able to solder on more components like an RF transceiver, an accelerometer, and potentially some other stuff. I identified at least three different places where you could add components to the badge. There was also WAY too much information about the badge in the DEFCON book such as what types of components you could add, where to get complete source code, how to debug it, etc. This seemed way more like being led down a path than actually being able to “hack” the badge.

Due to speaking this year and having a bunch of friends from DFW in town partying and gambling I didn’t really do the DEFCON social/party thing. I didn’t even have time to attempt Caezar’s Challenge, which from what I could tell merged this year with the Ninja Networks party since the challenge was on the back of the Ninja party pass. Oh well, the couple hundred bucks I made playing BlackJack and hanging out with my DFW friends was worth it.

Out of the presentations and events I attended, here’s my thoughts:

Functional Fuzzing with Funk

Benjamin Kurtz

After seeing Pedram and Aaron’s talk the day before at BlackHat, this presentation seemed downright remedial. I’ll be surprised if any talk on fuzzing comes anywhere near what Pedram and Aaron have given to the research community. I did miss the very beginning of this talk, but most of what I saw centered more around packet crafting than methods and functionality to actually fuzz the data being contained in the packets.

Tactical Exploitation

H.D. Moore & Valsmith

This was essentially the first half of HD and Valsmith’s talk about tactical exploitation from BlackHat. I had missed it at BlackHat due to (regretfully) seeing the entire VoIP track. Luckily HD had given an overview of the talk at our most recent AHA! meeting back here in Austin so I already had a good idea of what it was about, but it was of course excellent to actually see the presentation given. They finished the second half of the talk in the Q&A room for their track.


The Dark Tangent

I attempted to go see DT’s CiscoGate talk about all the controversy surrounding Mike Lynn’s Cisco talk at BlackHat a few years ago but it was standing room only and the crowd was spilling out into the halls before I even got over to the room. All I saw was two slides about Yoda and Vader giving presentations or something… the contxt was lost on me.

Hacking UFOlogy: Thirty Years in the Wilderness of Mirrors

Richard Thieme

Richard is always an engaging speaker and talks about very interesting subjects. This was probably my favorite talk of DEFCON. It was Richard Thieme, ’nuff said.

Being in the know… Listening to and understanding modern radio systems

Brett Neilson

This talk was interesting, having myself become recently interested in radio, but there wasn’t really much to the talk other than explaining how radio trunking systems work and talking about some specific radio hardware.

(un)Smashing the Stack: Overflows, Counter-measures, and the Real World

Shawn Moyer

This talk was not at all what I thought it would be. Shawn continuously stressed that his content was remedial and not for anyone with any kind of skill at all. I personally found some of his insights interesting, but he was correct when he described his content. A lot of it was history, which I also found interesting, but there really wasn’t anything technical to learn there.

Real-time Steganography with RTP


This was my presentation, so of course I was there… First, let me say that I hate computers. I hate them, hate them, hate them. Upon booting up my laptop in the speaker green room it decided to cause all kinds of problems with my live demo setup. The audio was choppy, the endpoints didn’t want to sync up, basically mass chaos all contained within my laptop. Luckily I had gotten to the green room fairly early so after some quick debugging and a reboot everything was operating fine. It was a close call though, as the very minute I got it all back to normal it was time to walk down to the room I was scheduled to speak in. My talk was entitled Real-time Steganography with RTP and was essentially about a research project I’ve been working on for the past couple months in what little spare time I’ve had at home involving hiding a data communications protocol inside a VoIP call’s audio. My talk went well, I did rush through it a bit hoping to end close to my allotted 50 minutes but I ended up finishing about 10 minutes early so I went ahead and took questions there in addition to the Q&A room for my track. I had some fairly good questions and one stupid question from Cody & Friends at the back of the room (: I then went over to my Q&A room where this one guy proceeded to ask me questions for almost the entire next hour.