“DEF CON”的意思、由来-开放百科全书

DEF CON (also written as DEFCON, Defcon or DC) is one of the world's largest hacker conventions, held annually in Las Vegas, Nevada, with the first DEF CON taking place in June 1993. Many of the attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, phone phreaking, hardware modification, and anything else that can be "hacked". The event consists of several tracks of speakers about computer- and hacking-related subjects, as well as cyber-security challenges and competitions (known as hacking wargames). Contests held during the event are extremely varied, and can range from creating the longest Wi-Fi connection (aircrack-ng) to finding the most effective way to cool a beer in the Nevada heat.{{Citation needed|date=January 2019}}

Other contests, past and present, include lockpicking, robotics-related contests, art, slogan, coffee wars, scavenger hunt and Capture the Flag. Capture the Flag (CTF) is perhaps the best known of these contests. It is a hacking competition where teams of hackers attempt to attack and defend computers and networks using certain software and network structures. CTF has been emulated at other hacking conferences as well as in academic and military contexts.

Federal law enforcement agents from the FBI, DoD, United States Postal Inspection Service, DHS via us-cert.gov and other agencies regularly attend DEF CON.^[2]^[2]

History

DEF CON was founded in 1993 by Jeff Moss as a farewell party for his friend, a fellow hacker and member of "Platinum Net", a Fido protocol based hacking network from Canada.^[3] The party was planned for Las Vegas a few days before his friend was to leave the United States, because his father had accepted employment out of the country. However, his friend's father left early, taking his friend along, so Jeff was left alone with the entire party planned. Jeff decided to invite all his hacker friends to go to Las Vegas with him and have the party with them instead. Hacker friends from far and wide got together and laid the foundation for DEF CON, with roughly 100 people in attendance.

The term DEF CON comes from the movie WarGames, referencing the U.S. Armed Forces defense readiness condition (DEFCON). In the movie, Las Vegas was selected as a nuclear target, and since the event was being hosted in Las Vegas, it occurred to Jeff Moss to name the convention DEF CON. However, to a lesser extent, CON also stands for convention and DEF is taken from the letters on the number 3 on a telephone keypad, a reference to phreakers.{{citation needed|date=August 2014}} Any variation of the spelling, other than "DEF CON", could be considered an infringement of the DEF CON brand. The official name of the conference includes a space in-between DEF and CON.

Though intended to be a one-time event, Moss received overwhelmingly positive feedback from attendees, and decided to host the event for a second year at their urging. The event's attendance nearly doubled the second year, and has enjoyed continued success.^[4] In 2016, 22,000 people attended DEF CON 24.

For DEF CON's 20th Anniversary, a film was commissioned entitled DEFCON: The Documentary.^[5] The film follows the four days of the conference, events and people (attendees and staff), and covers history and philosophy behind DEF CON's success and unique experiences.

In January 2018, the DEF CON China Beta event was announced. The conference was held May 11-13, 2018 in Beijing, and marked DEF CON's first conference outside the United States.

Black Badge

The Black Badge is the highest award DEF CON gives to contest winners of certain events. Capture the flag (CTF) winners sometimes earn these, as well as Hacker Jeopardy winners. The contests that are awarded Black Badges vary from year to year, and a Black Badge allows free entrance to DEF CON for life, potentially a value of thousands of dollars.^[6]

In April 2017, a DEF CON Black Badge was featured in an exhibit^[7] in the Smithsonian Institution's National Museum of American History entitled "Innovations in Defense: Artificial Intelligence and the Challenge of Cybersecurity". The badge belongs to ForAllSecure's Mayhem Cyber Reasoning System,^[8] the winner of the DARPA 2016 Cyber Grand Challenge at DEF CON 24 and the first non-human entity ever to earn a Black Badge.

Fundraising

Since DEF CON 11, fundraisers have been conducted for the Electronic Frontier Foundation (EFF). The first fundraiser was a dunk tank and was an "official" event. The EFF now has an event named "The Summit" hosted by the Vegas 2.0 crew that is an open event and fundraiser. DEF CON 18 (2010) hosted a new fundraiser called MohawkCon.

Trivia

Badges

A notable part of DEF CON is the conference badge, which identifies attendees and ensures attendees can access conference events and activities. The DEF CON badge has historically been notable because of its changing nature, sometimes being an electronic badge (PCB), with LED's, or sometimes being a non-electronic badge such as a CD. Conference badges often contain challenges or callback's to hacker or other technology history, such as the usage of the Konami Code in the DEF CON 24 badge, or the DEF CON 25 badge reverting to the look of the DEF CON 1 badge. DEFCON Badges do not (generally) identify attendees by name, however the badges are used to differentiate attendees from others. One way of doing this has been to have different badges, a general conference attendee (HUMAN) badge, a Staff member (GOON), Vendor, Speaker, Press, and other badges. In addition, individuals and organizations have begun creating their own badges in what has become known as badgelife. These badges may be purchased in many cases, or earned at the conference by completing challenges or events. Some badges may give the holder access to after hours events at the conference. In 2018 the evolution of this came with what was termed "shitty addon's" or SAO's. These were miniature (usually) PCB's that connected to the official and other badges that may extend functionality or were just collected.^[9] ^[10]

Workshops

Workshops are dedicated classes on various topics related to information security and related topics. Historical workshops have been held on topics such as Digital Forensics investigation, hacking IoT devices, playing with RFID, and attacking smart devices.

Villages

Villages are dedicated spaces arranged around a specific topic. Villages may be considered mini conferences within the con, with many holding their own independent talks as well as hands-on activities such as CTF's, or labs. Some villages include the IoT Village, Recon, Biohacking, lockpicking, and the well known Social Engineering and vote hacking villages. In 2018 the vote hacking village gained media attention due to concerns about US election systems security vulnerabilities.^[11]

Use of handles

Attendees at DEF CON and other Hacker conferences often utilize an alias or "handle" at conferences. This is in keeping with the hacker community's desire for anonymity. Some known handles include DEF CON founder Jeff Moss's handle of "Dark Tangent". A notable event at DEF CON is DEF CON 101 which starts off the con and may offer the opportunity for an individual to come up on stage and be assigned a handle by a number of members of the community.

Cons within con

DEF CON has its own cultural underground which results in individuals wanting to create their own meetups or "cons" within DEF CON. These may be actual formal meetups or may be informal. Well known cons are:

DEF CON Groups

DEF CON Groups are worldwide, local chapters of hackers, thinkers, makers and others. DEF CON Groups were started as a splinter off of the 2600 meetup groups because of concerns over politicization. Local DEF CON groups are formed and are posted online. DEF CON Groups are usually identified by the area code of the area where they are located in the US, and by other numbers when outside of the US. Examples include DC801 and DC201. DEF CON Groups may seek permission to make a logo that includes the official DEF CON logo with approval.

Relationship other hacker cons

DEF CON is considered the "world's largest" hacker con. It is also considered one of the core conferences, with organizers and attendees using it as a model for other conferences. The core conferences are considered to be DEF CON, DerbyCon, Shmoocon, HOPE, SummerCon, THOTCON, BlackHat, BSides.

Notable incidents

Entertainment references

Venues, dates, and attendance

Each conference venue and date has been extracted from the DC archives for easy reference.^[33]

See also

References

1. ^{{cite web|url=https://www.defcon.org/html/links/dc-archives/dc-1-archive.html | title= Def Con 1 Archive|accessdate = 2017-04-23}}
2. ^{{cite web | url = https://www.defcon.org/html/defcon-15/dc-15-faq.html | title = DEFCON 15 FAQ's | accessdate = 9 Feb 2011 | quote = Lots of people come to DEFCON and are doing their job; security professionals, federal agents, and the press.}}
3. ^{{Cite web|url=https://www.defcon.org/html/links/dc-about.html|title=DEF CON® Hacking Conference – About|last=Tangent|first=The Dark|website=www.defcon.org|access-date=2016-03-12}}
4. ^{{cite video | people = Jeff Moss | date = July 30, 2007 | title = The Story of DEFCON | url = https://www.youtube.com/watch?v=lg6bQMTjHCE | accessdate = 9 Feb 2011}}
5. ^{{IMDb title|3010462|DEFCON: The Documentary}}
6. ^{{Cite web|url=https://www.defcon.org/html/links/dc-black-badge.html|title=DEF CON® Hacking Conference – Black Badge Hall of Fame|last=Tangent|first=The Dark|website=www.defcon.org|access-date=2016-03-12}}
7. ^{{Cite web|url=http://americanhistory.si.edu/innovations-defense|title=Innovations in Defense: Artificial Intelligence and the Challenge of Cybersecurity|website=americanhistory.si.edu}}
8. ^{{Cite web|url=https://forallsecure.com/blog/2016/08/06/mayhem-wins-darpa-cgc/|title=Mayhem Wins DARPA CGC}}
9. ^{{cite web |url=https://motherboard.vice.com/en_us/article/vbne9a/a-history-of-badgelife-def-cons-unlikely-obsession-with-artistic-circuit-boards |title=A History of Badgelife, Def Con’s Unlikely Obsession with Artistic Circuit Boards |last=Oberhaus |first=Daniel |publisher=Vice Motherboard |date=September 18, 2018 |website=Vice Motherboard |access-date=January 14, 2019}}
10. ^{{cite web |url=https://www.theregister.co.uk/2015/08/12/def_con_23_record_badge/ |title=Is this the most puzzling DEF CON attendee badge yet on record? |last=McAllister |first=Neil |publisher=The Register UK |date=August 12, 2015 |website=The Register UK |access-date=January 14, 2019}}
11. ^{{cite web |url=https://www.usatoday.com/story/tech/nation-now/2018/08/13/11-year-old-hacks-replica-florida-election-site-changes-results/975121002/ |title=11-year-old hacks replica of Florida state website, changes election results |last=Molina |first=Brett |publisher=USA TODAY |date=August 14, 2018 |website=usatoday.com |access-date=January 14, 2019}}
12. ^{{cite web | url = http://www.securityfocus.com/news/11263 | title = Exploit writers team up to target Cisco routers | work = SecurityFocus | date = 31 July 2005 | accessdate = 2004-07-31 | last = Lamos | first = Rob}}
13. ^{{cite web |last=Cassel |first=David |url=http://tech.blorge.com/Structure:%20/2007/08/04/transcript-michelle-madigans-run-from-defcon/ |title=Transcript: Michelle Madigan's run from Defcon |work=Tech.Blorge.com |date=4 August 2007 |accessdate=2007-08-15 |deadurl=yes |archiveurl=https://web.archive.org/web/20070908114514/http://tech.blorge.com/Structure%3A%20/2007/08/04/transcript-michelle-madigans-run-from-defcon/ |archivedate=2007-09-08 |df= }}
14. ^¹{{cite web | url = http://blog.wired.com/27bstroke6/2007/08/media-mole-at-d.html | title = Dateline Mole Allegedly at DefCon with Hidden Camera – Updated: Mole Caught on Tape | work = Wired Blog Network | date = 3 August 2007 | accessdate = 2007-08-15 | last = Zetter | first = Kim | quote = According to DefCon staff, Madigan had told someone she wanted to out an undercover federal agent at DefCon. That person in turn warned DefCon about Madigan's plans. Federal law enforcement agents from FBI, DoD, United States Postal Inspection Service and other agencies regularly attend DefCon to gather intelligence on the latest techniques of hackers.}}
15. ^{{cite web| last=Lundin|first=Leigh |title=Dangerous Ideas |url=http://criminalbrief.com/?p=1892 |work=MBTA v DefCon 16 |publisher=Criminal Brief |accessdate=2010-10-07 |date=2008-08-17 }}
16. ^{{cite web| last=Jeschke|first=Rebecca |title=MIT Students Gagged by Federal Court Judge |url=https://www.eff.org/press/archives/2008/08/09 |work=Press Room |publisher=EFF |date=2008-08-09 }}
17. ^{{cite court|litigants=Massachusetts Bay Transit Authority v. Zack Anderson, RJ Ryan, Alessandro Chiesa, and the Massachusetts Institute of Technology|court=United States District Court District of Massachusetts|url=http://cryptome.org/mbta-v-zack/01-complaint.pdf}}
18. ^{{cite web |url=http://www.racetozero.net/concept.html |title=Race to Zero }} Contest concept.
19. ^{{cite web |url=https://www.pcworld.com/article/145148/security_vendors_slam_defcon_virus_contest.html |title=Security Vendors Slam Defcon Virus Contest |first=Robert |last=McMillan |publisher=IDG News Service |date=April 2008 }}
20. ^[https://www.wired.com/2009/08/malicious-atm-catches-hackers/ Malicious ATM Catches Hackers | Threat Level | WIRED]
21. ^{{cite web |title=Legal Threat Pushes Former HBGary Federal CEO Out Of DEFCON |url=https://threatpost.com/en_us/blogs/legal-threat-pushes-former-hbgary-federal-ceo-out-defcon-072711 |date=August 10, 2011|first=Dennis |last=Fisher|first2=Paul |last2=Roberts|work=Business Security |deadurl=yes |archiveurl=https://web.archive.org/web/20110810110924/http://threatpost.com/en_us/blogs/legal-threat-pushes-former-hbgary-federal-ceo-out-defcon-072711 |archivedate=2011-08-10 |df= }}
22. ^¹²³⁴Greenberg, Andy. "[https://www.forbes.com/sites/andygreenberg/2013/06/06/watch-top-u-s-intelligence-officials-repeatedly-deny-nsa-spying-on-americans-over-the-last-year-videos/ Watch Top U.S. Intelligence Officials Repeatedly Deny NSA Spying On Americans Over The Last Year (Videos)]." Forbes. June 6, 2013. Retrieved on June 11, 2013. "Eight months later, Senator Ron Wyden quoted[...]"
23. ^Wagenseil, Paul. "Hackers Don't Believe NSA Chief's Denial of Domestic Spying." ([https://www.webcitation.org/6HLhdMNTV?url=http://www.nbcnews.com/id/48429672/ns/technology_and_science-security/t/hackers-dont-believe-nsa-chiefs-denial-domestic-spying/ Archive]) NBC News. August 1, 2012. Retrieved on June 13, 2013.
24. ^¹Whitney, Lance. "Defcon to feds: 'We need some time apart'." CNET. July 11, 2013. Retrieved on July 12, 2013.
25. ^Blue, Violet. "Feds 'not welcome' at DEF CON hacker conference." ZDNet. July 11, 2013. Retrieved on July 11, 2013.
26. ^{{cite web|title=Will Smith Makes Unexpected Appearance At Defcon Hacker Conference|url=http://www.cio.com/article/737592/Will_Smith_Makes_Unexpected_Appearance_At_Defcon_Hacker_Conference/|accessdate=2013-08-09}}
27. ^{{cite web|url=https://blog.legitbs.net/2016/09/2016-def-con-ctf-final-scores.html|title=DEF CON Capture the Flag Final Scores|website=blog.legitbs.net}}
28. ^{{cite web |url=https://thehill.com/policy/cybersecurity/344488-hackers-break-into-voting-machines-in-minutes-at-hacking-competition |title=Hackers breach dozens of voting machines brought to conference |author=Joe Uchill |date=July 29, 2017 |website=Thehill.com |publisher= |access-date=2 August 2017}}
29. ^{{Cite web|url=https://www.c-span.org/video/?435437-1|title=DEF CON Hacking Warns Voting Machines Vulnerability, Oct 10 2017 {{!}} C-SPAN.org|website=C-SPAN.org|language=en-US|access-date=2017-12-08}}
30. ^{{Cite web|url=https://conferences.oreilly.com/security/sec-ny/public/sv/q/1315|title=O'Reilly Security Conference in NYC 2017 Defender Awards|website=conferences.oreilly.com|access-date=2017-12-08}}
31. ^{{cite web|url=https://www.theguardian.com/technology/2017/aug/03/researcher-who-stopped-wannacry-ransomware-detained-in-us|title=Briton who stopped WannaCry attack arrested over separate malware claims|first=Alex|last=Hern|first2=Sam|last2=Levin|date=August 4, 2017|work=The Guardian|publisher=Guardian Media Group|issn=0261-3077|access-date=August 11, 2017|language=en-GB}}
32. ^{{cite web|url=http://www.winnschwartau.com/resources/CyberChrist+Meets+Lady+Luck+DC2.pdf |archive-url=https://web.archive.org/web/20110718063846/http://www.winnschwartau.com/resources/CyberChrist+Meets+Lady+Luck+DC2.pdf |dead-url=yes |archive-date=18 July 2011 |format=PDF |author=Winn Schwartau |title=Cyber Christ Meets Lady Luck |accessdate=9 Feb 2011 }}
33. ^{{Cite web|url=https://www.defcon.org/html/links/dc-archives.html|title=DEF CON® Hacking Conference – Show Archives|website=www.defcon.org|access-date=2016-04-09}}
34. ^{{cite web|url=https://www.defcon.org/html/links/dc-transparency.html|title="DEF CON Transparency"|date=August 2018|accessdate=2018-10-28}}
35. ^{{cite web|url=https://www.defcon.org/images/defcon-25/DEF%20CON%2025%20voting%20village%20report.pdf|title="Voting Machine Hacking Village"|date=September 2017|accessdate=2018-05-17|page=4}}
36. ^¹{{cite web|url=https://venturebeat.com/2014/08/12/black-hat-and-defcon-see-record-attendance-and-thats-not-even-counting-the-spies/|author="Richard Byrne Reilly"|title="Black Hat and Defcon see record attendance — even without the government spooks"|date=2014-08-12|access-date=2017-06-07}}
37. ^{{cite web|url=https://www.defcon.org/html/defcon-17/dc-17-faq.html|title=DEF CON 17 FAQ|access-date=2018-07-07}}