From Wikipedia, the free encyclopedia
Jump to: navigation, search
This article is about the computer security convention. For other uses, see Defcon (disambiguation).
A team participating in a CTF competition at DEFCON 17
A DEFCON 13 "human" badge

DEF CON (also written as DEFCON or Defcon) is one of the world's largest annual hacker conventions, held every year in Las Vegas, Nevada. The first DEF CON took place in June 1993.

Many of the attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, and hackers with a general interest in software, computer architecture, phone phreaking, hardware modification, and anything else that can be "cracked." The event consists of several tracks of speakers about computer- and cracking-related subjects, as well as social events Wargames and contests in everything from creating the longest Wi-Fi connection and cracking computer systems to who can most effectively cool a beer in the Nevada heat. Other contests, past and present, include lockpicking, robotics-related contests, art, slogan, coffee wars, scavenger hunt and Capture the Flag. Capture the Flag (CTF) is perhaps the best known of these contests. It is a hacking competition where teams of crackers attempt to attack and defend computers and networks using certain software and network structures. CTF has been emulated at other cracking conferences as well as in academic and military contexts.

Conference founder Jeff Moss contends that the quality of submitted talks has diminished since DEF CON's inception because security researchers have found companies and government agencies to pay for the research, leaving the researchers less willing to unveil their zero-day vulnerability research "for free" at DEF CON.[1] Additionally, the conference has gone from one track to five and accepting speaker proposals for five times the research lowers the density of "elite" speeches.

Since DEF CON 11, fundraisers have been conducted for the Electronic Frontier Foundation. The first fundraiser was a dunk tank and was an "official" event. The EFF now has an event named "The Summit" hosted by the Vegas 2.0 crew that is an open event and fundraiser. DefCon 18 (2010) hosted a new fundraiser called MohawkCon. In 2010, over 10,000 people attended DEF CON 18.

Federal law enforcement agents from the FBI, DoD, United States Postal Inspection Service, and other agencies regularly attend DEF CON.[2][3]

DEF CON was also portrayed in the The X-Files episode "Three of a Kind" featuring an appearance by The Lone Gunmen. DEF CON was portrayed as a United States government-sponsored convention instead of a civilian convention.


DEF CON was founded in 1992 by Jeff Moss as a farewell party for his friend and fellow hacker[who?]. The party was planned for Las Vegas a few days before his friend was to leave the United States, because his father had accepted employment out of the country. However, his friend's father left early, taking his friend along, so Jeff was left alone with the entire party planned. Jeff decided to invite all his cracker friends to go to Las Vegas with him and have the party with them instead. Cracker friends from far and wide got together and laid the foundation for DEF CON, with roughly 100 people in attendance. The term DEF CON comes from the movie WarGames, referencing the U.S. Armed Forces defense readiness condition (DEFCON). In the movie, Las Vegas was selected as a nuclear target, and since the event was being hosted in Las Vegas, it occurred to Jeff Moss to name the convention DEFCON. However, to a lesser extent, CON also stands for convention and DEF is taken from the letters on the number 3 on a telephone keypad, a reference to phone phreakers.[citation needed] DEF CON was planned to be a one-time event, a party for his friend, but he kept getting e-mail from people encouraging him to host again the next year. After a while, he was convinced to host the event again, and the attendance nearly doubled the second year.[4]

A semi-fictionalized account of DefCon II, "Cyber Christ Meets Lady Luck" written by Winn Schwartau demonstrates some of the early DefCon culture.[5]

Noteworthy incidents[edit]


On July 10, 1999, the Cult of the Dead Cow hacker collective released Back Orifice 2000 at DEF CON 7, in what was, at the time, the largest presentation in DEF CON history.


On July 16, 2001, Russian programmer Dmitry Sklyarov was arrested the day after DEF CON for writing software to decrypt Adobe's e-book format.


On July 31, 2005, Cisco used legal threats to suppress Mike Lynn from presenting at DEF CON about flaws he had found in the Cisco IOS used on routers.[6]


In August 2007, Michelle Madigan, a reporter for Dateline NBC, attempted to secretly record hackers admitting to crimes at the convention. After being outed by DEF CON founder Jeff Moss during an assembly, she was heckled and chased out of the convention by attendees for her use of covert audio and video recording equipment. DEF CON staff tried to get Madigan to obtain a press pass before the outing happened.[7] A DEF CON source at NBC had tipped off organizers to Madigan's plans.[2]


MIT students Zack Anderson, R.J. Ryan and Alessandro Chiesa were to present a session entitled "The Anatomy of a Subway Hack: Breaking Crypto RFIDS and Magstripes of Ticketing Systems." The presentation description included the phrase "Want free subway rides for life?" and promised to focus on the Boston T subway.[8] However, the Massachusetts Bay Transit Authority (MBTA) sued the students and MIT in United States District Court in Massachusetts on August 8, claiming that the students violated the Computer Fraud and Abuse Act (CFAA) by delivering information to conference attendees that could be used to defraud the MBTA of transit fares.[9][10]

The court issued a temporary restraining order prohibiting the students from disclosing the material for a period of ten days, despite the fact the material had already been disseminated to DefCon attendees at the start of the show.

In 2008's contest "Race to Zero," contestants submitted a version of given malware which was required to be undetectable by all of the antivirus engines in each round. The contest concept attracted much negative attention.[11][12]


WIRED[13] reported that an ATM kiosk was positioned in the conference center of the Riviera Hotel Casino capturing data from an unknown number of hackers attending the DefCon hacker conference .


Security company HBGary Federal used legal threats to prevent former CEO Aaron Barr from attending a panel discussion at the conference.[14]


The director of the National Security Agency, Keith B. Alexander, gave the keynote speech.[15] During the question and answers session, the first question for Alexander,[15] fielded by Jeff Moss,[16] was "Does the NSA really keep a file on everyone, and if so, how can I see mine?" Alexander replied "Our job is foreign intelligence" and that "Those who would want to weave the story that we have millions or hundreds of millions of dossiers on people, is absolutely false…From my perspective, this is absolute nonsense."[15]

On March 12, 2013, during a United States Senate Select Committee on Intelligence hearing, Senator Ron Wyden quoted the 2012 DEF CON keynote speech and asked Director of National Intelligence James Clapper if the U.S. conducted domestic surveillance; Clapper made statements saying that there was no intentional domestic surveillance.[15] In June 2013 NSA surveillance programs which collected data on US citizens, such as PRISM, had been exposed. Andy Greenberg of Forbes said that NSA officials, including Alexander, in the years 2012 and 2013 "publicly denied–often with carefully hedged words–participating in the kind of snooping on Americans that has since become nearly undeniable."[15]


On July 11, 2013, Jeff Moss posted a statement,[17] located on the DEF CON blog, titled "Feds, We Need Some Time Apart." It stated that "I think it would be best for everyone involved if the feds call a ‘time-out’ and not attend DEF CON this year."[18] This was the first time in the organization's history that it had asked federal authorities not to attend.[17]

Actor Will Smith visited the convention to study the DEF CON culture for an upcoming movie role.[19]

List of venues and dates[edit]

  • 1990's:
  • 2000's:
    • DEF CON 8 was held at the Alexis Park Resort July 28–30, 2000.
    • DEF CON 9 was held at the Alexis Park Resort July 13–15, 2001.
    • DEF CON 10 was held at the Alexis Park Resort August 2–4, 2002.
    • DEF CON 11 was held at the Alexis Park Resort August 1–3, 2003.
    • DEF CON 12 was held at the Alexis Park Resort July 30 - August 1, 2004.
    • DEF CON 13 was held at the Alexis Park Resort July 29–31, 2005.
    • DEF CON 14 was held at the Riviera Hotel & Casino August 4–6, 2006.
    • DEF CON 15 was held at the Riviera Hotel & Casino August 3–5, 2007.
    • DEF CON 16 was held at the Riviera Hotel & Casino August 8–10, 2008.
    • DEF CON 17 was held at the Riviera Hotel & Casino July 30 - August 2, 2009.
  • 2010's:
    • DEF CON 18 was held at the Riviera Hotel & Casino July 30 - August 1, 2010.
    • DEF CON 19 was held at the Rio Hotel & Casino August 4–7, 2011.
    • DEF CON 20 was held at the Rio Hotel & Casino July 26–29, 2012.
    • DEF CON 21 was held at the Rio Hotel & Casino August 1–4, 2013.
    • DEF CON 22 was held at the Rio Hotel & Casino August 7-10, 2014.
    • DEF CON 23 was simultaneously held at Paris Hotel and Bally's Hotel from August 6-9, 2015.
    • DEF CON 24 will be held simultaneously at Paris Hotel and Bally's Hotel from August 4-7, 2016.
    • DEF CON 25 will be held simultaneously at Paris Hotel and Bally's Hotel from July 27-30, 2017.

See also[edit]


  1. ^ HNS. "The Vulnerability Economy". Help Net Security. Retrieved 2008-08-27. 
  2. ^ a b Zetter, Kim (3 August 2007). "Dateline Mole Allegedly at DefCon with Hidden Camera -- Updated: Mole Caught on Tape". Wired Blog Network. Retrieved 2007-08-15. According to DefCon staff, Madigan had told someone she wanted to out an undercover federal agent at DefCon. That person in turn warned DefCon about Madigan’s plans. Federal law enforcement agents from FBI, DoD, United States Postal Inspection Service and other agencies regularly attend DefCon to gather intelligence on the latest techniques of hackers. 
  3. ^ "DEFCON 15 FAQ's". Retrieved 9 Feb 2011. Lots of people come to DEFCON and are doing their job; security professionals, federal agents, and the press. 
  4. ^ Jeff Moss (July 30, 2007). The Story of DEFCON. Retrieved 9 Feb 2011. 
  5. ^ Winn Schwartau. "Cyber Christ Meets Lady Luck" (PDF). Retrieved 9 Feb 2011. 
  6. ^ Lamos, Rob (31 July 2005). "Exploit writers team up to target Cisco routers". Security Focus. Retrieved 2004-07-31. 
  7. ^ Cassel, David (4 August 2007). "Transcript: Michelle Madigan's run from Defcon". Retrieved 2007-08-15. 
  8. ^ Lundin, Leigh (2008-08-17). "Dangerous Ideas". MBTA v DefCon 16. Criminal Brief. Retrieved 2010-10-07. 
  9. ^ Jeschke, Rebecca (2008-08-09). "MIT Students Gagged by Federal Court Judge". Press Room. Las Vegas: EFF. 
  10. ^ Massachusetts Bay Transit Authority v. Zack Anderson, RJ Ryan, Alessandro Chiesa, and the Massachusetts Institute of Technology (United States District Court District of Massachusetts). Text
  11. ^ "Race to Zero".  Contest concept.
  12. ^ McMillan, Robert (April 2008). "Security Vendors Slam Defcon Virus Contest". IDG News Service. 
  13. ^ Malicious ATM Catches Hackers | Threat Level | WIRED
  14. ^ "Legal Threat Pushes Former HBGary Federal CEO Out Of DEFCON". Business Security. Retrieved 8/10/2011.  Check date values in: |access-date= (help)
  15. ^ a b c d e Greenberg, Andy. "Watch Top U.S. Intelligence Officials Repeatedly Deny NSA Spying On Americans Over The Last Year (Videos)." Forbes. June 6, 2013. Retrieved on June 11, 2013. "Eight months later, Senator Ron Wyden quoted[...]"
  16. ^ Wagenseil, Paul. "Hackers Don't Believe NSA Chief's Denial of Domestic Spying." (Archive) NBC News. August 1, 2012. Retrieved on June 13, 2013.
  17. ^ a b Whitney, Lance. "Defcon to feds: 'We need some time apart'." CNET. July 11, 2013. Retrieved on July 12, 2013.
  18. ^ Blue, Violet. "Feds 'not welcome' at DEF CON hacker conference." ZDNet. July 11, 2013. Retrieved on July 11, 2013.
  19. ^ "Will Smith Makes Unexpected Appearance At Defcon Hacker Conference". Retrieved 2013-08-09. 

Further reading[edit]

External links[edit]