Hacking encouraged at Defcon hacker convention
LAS VEGAS: There was a whole lot of hacking going on in Sin City this weekend – and right under the noses of federal agents.
But in a sign of a time when cybersecurity is at the forefront of national security concerns, the feds were not lurking in the shadows to keep a watchful eye. They came as invited guests at the Defcon hacker convention in Las Vegas, which drew more than 10,000 attendees in its 19th year.
At Defcon, computer wizards test their skills against each other for bragging rights and prizes. No name tags are issued and hackers identify themselves only by one-word handles.
High-profile attacks on government and corporate computer systems disclosed this summer have pushed hackers increasingly into the public eye. Meanwhile, government agencies are wooing hackers to join them in fighting such intrusions.
The Defcon crowd made for an interesting mix.
It had its fair share of mohawk haircuts that would make a rainbow proud, along with tattoos and piercings but it mostly looked like a campus of geeks let loose in a Las Vegas hotel to do what they consider fun: decipher mind-bending puzzles, starting with the convention badge.
Made of titanium – organizers say they depleted the country's stock of the raw material – the badge had a cut-out of the Egyptian mathematical symbol the Eye of Ra, and a letter and number. It offered a clue to a puzzle.
Other clues were contained in a large decoder wheel on the floor where a golden pyramid with symbols was encircled by letters coupled with numbers. More clues were salted in the program booklet and strewn throughout the convention center.
A hacker who goes by the moniker “LosT” designed the game and offered some helpful hints: 10 people had badges with a Z and a number. Oh, and find someone to translate Chinese.
“I pulled in so many different disciplines that no single person can really do it by themselves unless they are a weirdo like me,” said LosT, an engaging mathematician/engineer with blue hair and a goatee.
GETTING A BAD RAP?
The game illustrates the intellect of the attendees, who see hacking as a skill for problem-solving and do not welcome the notoriety generated by some bad apples breaking laws.
Hackers are “people who like a challenge. We don't do crime, we're not criminals,” said “mournewind” from West Virginia. “People have this opinion that hackers do illegal things and that's not really a good thing.”
Hacking, for example, can help improve commercial products, he said. “We break an iPhone to make Apple make it better.”
Hackers pointed out that criminals exist in all professions and they should not all be painted by that broad brush.
“I think hackers have always gotten a bad name,” said “pwrcycle,” whose business card labels him an “Ethical Hacker.”
“Those are the people who think outside the box. The epitome of free thinkers.”
He objected to the term “cyber wars,” saying there was danger in calling what was essentially a crime in which no one died a war, with its suggestion that military might could be used on basically thugs, bullies and mobsters.
“What most people are trying to say is we want to stop espionage,” he said. “He's not trying to kill you, he just wants to pick your pocket.”
At the start of a panel of cyber investigators from the Air Force, Navy, Army and NASA, a burly man called “Priest,” who said he entered government service after the September 11 terrorist attacks, advised the audience that if they wanted a government job the key was to stay out of jail, go to college and not do drugs.
The panelists said there was a debate in their world about whether it was better to turn a cop into a cyber specialist or turn an information technology expert into a cop.
“I think you just need to be a geek who knows how to talk to people,” said Ahmed Saleh, special agent in NASA's computer crimes division.
“We have a little bit of both. We have a little bit of the geeks who became cops and the cops who became geeks, or nerds or whatever words you want to use,” he said.
The panel started with a “spot the Fed” contest in which the audience had to guess which of four women on stage was a federal agent.
Most of the audience picked the one who said her favorite president was Ronald Reagan. Wrong. It was the one who said her childhood dream was to be a pilot.
LET THE GAMES BEGIN
One sure way to catch the attention of would-be employers is to win the prestigious “Capture The Flag” contest.
This year 12 teams huddled with laptops in a low-lit room all day, hacking each other.The competition is all about “attack and defense,” explained “Factor,” who was part of the defending champion team ACME Pharm. The attacker's goal is to find vulnerabilitieswhile the defender tries to to prevent the holes from being exploited.
“You are amongst gods,” Factor said. “This is the Olympics.”
He shrugged off as “hype” the negative image of hackers as criminals and said the public should not believe everything it reads.
“There are good hackers, there are bad hackers,” he said. “And some of us have kids.”
Other competitions included “Hacker Jeopardy,” “Crack Me If You Can” and “Hack Fortress.”
But one required absolutely no computer savvy and got a little hairy -- best beard, mustache, partial beard, and fake beard.