DEFCON &mdash; Kevin Neely's Security Notes https://infosec.press/ktneely/tag:DEFCON A place where I can post security-related long-form thoughts, notes, and articles Tue, 14 Apr 2026 14:42:26 +0000 DEFCON 32 in Review https://infosec.press/ktneely/defcon-32-in-review <![CDATA[Critiques The venue was too bright. Chillout rooms and talk tracks could have used a dimmer. Speaking of the Chillout room, it was somewhat disappointing. (I’m talking about Chillout 2, as Chillout 1 felt like a giant hospital waiting room). I like a cavernous, dim, and ambient room for, you know, chilling out. #SomaFM was over in the hallway, the Chillout room had a live stage, and it was overall pretty small. “Best-ofs” These are the best things I personally saw or were close to. There’s so much going on that this just represents the best stuff I saw in my fractional DEFCON experience. Best thing I learned: Gained a good bit of familiarity with InspectAI at the AI Village as a part of their CTF. Best Talk: “Librarian in Broad Daylight: Fighting back against ever encroaching capitalism” by the Cyberpunk Librarian in the War Stories track. Best Rant: Cory Doctorow on #enshittification Best Tool or Technique: “MySQL honeypot that drops shells” Best Research: “Watchers being watched: Exploiting the Surveillance System” in which the researchers exploited 4 different surveillance systems. Best Real-World Impact: “Bastardo Grande: Hunting the Largest Black Market Bike Fence In The World” by Bryan Hance. Talk not up yet, see the related Wired article Best Contest: There’s too many, but I loved the idea of Sn4ck3r, the machine that vends real items for captured flags. Best Party: the 503 Party, of course! Best Entertainment: DJ Jackalope brought an awesome set after Hacker Jeopardy. (and Skittish and Bus did a great job warming up the crowd just before) Biggest Drama: the badge Best Village: The Packet Hacking village due to the supreme DEFCON-y ambience and the well-run workshops they provided to people of all skill levels Observations & Random Points I probably haven’t been to a main track talk in person for over 6 years. I decided to go to a few of them and really enjoyed the atmosphere. I’ll have to remember to put at least 2 on the agenda each year going forward. BlueTeam Village got a much larger space this year. I’m happy to see that, as they were nearly impossible to get into over at the Flamingo in recent years. BTV is doing good work and people should be able to experience it. There were a lot of contests. The Car-hacking village really brings it. They had a semi truck rig, a Rivian, and they gave away a Tesla. Well done, and my only ask is that we make it easier for people & mechanics to jail break their cars when the companies John Deere-ify them. Next #DEFCON will be held Aug 7-10, 2025 at the LVCC. I hope to see you there!]]> Critiques
  • The venue was too bright. Chillout rooms and talk tracks could have used a dimmer.
  • Speaking of the Chillout room, it was somewhat disappointing. (I’m talking about Chillout 2, as Chillout 1 felt like a giant hospital waiting room). I like a cavernous, dim, and ambient room for, you know, chilling out. #SomaFM was over in the hallway, the Chillout room had a live stage, and it was overall pretty small.

“Best-ofs”

These are the best things I personally saw or were close to. There’s so much going on that this just represents the best stuff I saw in my fractional DEFCON experience.

  • Best thing I learned: Gained a good bit of familiarity with InspectAI at the AI Village as a part of their CTF.
  • Best Talk: “Librarian in Broad Daylight: Fighting back against ever encroaching capitalism” by the Cyberpunk Librarian in the War Stories track.
  • Best Rant: Cory Doctorow on #enshittification
  • Best Tool or Technique: “MySQL honeypot that drops shells”
  • Best Research: “Watchers being watched: Exploiting the Surveillance System” in which the researchers exploited 4 different surveillance systems.
  • Best Real-World Impact: “Bastardo Grande: Hunting the Largest Black Market Bike Fence In The World” by Bryan Hance. Talk not up yet, see the related Wired article
  • Best Contest: There’s too many, but I loved the idea of Sn4ck3r, the machine that vends real items for captured flags.
  • Best Party: the 503 Party, of course!
  • Best Entertainment: DJ Jackalope brought an awesome set after Hacker Jeopardy. (and Skittish and Bus did a great job warming up the crowd just before)
  • Biggest Drama: the badge
  • Best Village: The Packet Hacking village due to the supreme DEFCON-y ambience and the well-run workshops they provided to people of all skill levels

Observations & Random Points

  1. I probably haven’t been to a main track talk in person for over 6 years. I decided to go to a few of them and really enjoyed the atmosphere. I’ll have to remember to put at least 2 on the agenda each year going forward.
  2. BlueTeam Village got a much larger space this year. I’m happy to see that, as they were nearly impossible to get into over at the Flamingo in recent years. BTV is doing good work and people should be able to experience it.
  3. There were a lot of contests.
  4. The Car-hacking village really brings it. They had a semi truck rig, a Rivian, and they gave away a Tesla. Well done, and my only ask is that we make it easier for people & mechanics to jail break their cars when the companies John Deere-ify them.

Next #DEFCON will be held Aug 7-10, 2025 at the LVCC. I hope to see you there!

]]> https://infosec.press/ktneely/defcon-32-in-review Tue, 13 Aug 2024 21:38:53 +0000 Creating Tech "Go Bags" for travel and conferences https://infosec.press/ktneely/creating-tech-go-bags-for-travel-and-conferences <![CDATA[I always loved Lesley Carhart's blog post on packing for hacker conferences and referred to it many times while prepping for #DEFCON , #BSides, other cons, and even general travel. As time has gone by, I've developed a three-tier system that kind of builds on itself for longer and more involved travel. The general ideaidea is that Tier 1 Go Bag - The Weekender The most basic level of the tech travel stack I've created is what I call "The Weekender". it's meant for being out and about all day long or for short weekend getaways. As such, the requirements are basically: Take up little room, being able to fit in any backpack or even a sling bag. be able to charge the devices I'm likely to carry, from ear buds to a laptop. Plan for extended periods away from a power source. img src="https://pixel.infosec.exchange/storage/m/v2/540237025755407403/062ac74bd-fb82c6/ae7jd5nwgaQi/WpFmxPWk8IwRW3i16yhHVb5frmToFYP4VisYdkFn.jpg" alt="image" style="width:480px;height:auto;" image 1: Tier 1 go bag - The Weekender with a backup battery, USB-C to USB-C cable, USB-A to micro-USB cable, and USB-C adapter. Small, ready to go, and easy to drop into any bag. Bag Contents In order to address these simple requirements, I realized I needed to be able to provide power to USB-C and micro-USB devices, for a laptop, I need a bit more oomph, so the adapter can deliver enough power to charge a laptop battery. Limited by the space requirements, I went with a 33W charger that can absolutely charge a laptop, but it will not keep up with power consumption under load. This means that if I'm going to be working all day on the laptop, I'm going to need to move up to the next tier. Power sources & adapters 1x multi-adapter (USB-A for devices, USB-C for laptops) like the Anker 323 at 33W it won’t fully power a laptop, however, it will greatly extend the battery life and will change the laptop when it’s off or in standby 1 5000mAh battery pack with dual USB-C ports - thin and light is key here USB Cables Note that all cables can transfer data. For versatility, I don’t mess with power-only cables. 1x USB-A to microUSB cable - 3ft. 1x 5ft. USB-C to USB-C cable - This is the minimum length you want to ensure your phone can reach the bed when charging Converters Converters extend the utility and versatility of the other equipment USB micro female to USB-C male. This gives me a third USB-C cable img src="https://pixel.infosec.exchange/storage/m/v2/540237025755407403/062ac74bd-fb82c6/L8F0wgK3TJpv/icuPwzvpqxg9lxP0lnCqSv2uNRLIlxxA8YbwO2gy.jpg" alt="image" style="width:640px;height:auto;" Image 2: Zipped Weekender Go-bag and its contents in detail]]> I always loved Lesley Carhart's blog post on packing for hacker conferences and referred to it many times while prepping for #DEFCON , #BSides, other cons, and even general travel. As time has gone by, I've developed a three-tier system that kind of builds on itself for longer and more involved travel. The general ideaidea is that

Tier 1 Go Bag – The Weekender

The most basic level of the tech travel stack I've created is what I call “The Weekender”. it's meant for being out and about all day long or for short weekend getaways. As such, the requirements are basically: 1. Take up little room, being able to fit in any backpack or even a sling bag. 2. be able to charge the devices I'm likely to carry, from ear buds to a laptop. 3. Plan for extended periods away from a power source.

image image 1: Tier 1 go bag – The Weekender with a backup battery, USB-C to USB-C cable, USB-A to micro-USB cable, and USB-C adapter. Small, ready to go, and easy to drop into any bag.

Bag Contents

In order to address these simple requirements, I realized I needed to be able to provide power to USB-C and micro-USB devices, for a laptop, I need a bit more oomph, so the adapter can deliver enough power to charge a laptop battery. Limited by the space requirements, I went with a 33W charger that can absolutely charge a laptop, but it will not keep up with power consumption under load. This means that if I'm going to be working all day on the laptop, I'm going to need to move up to the next tier.

Power sources & adapters

  • 1x multi-adapter (USB-A for devices, USB-C for laptops) like the Anker 323 at 33W it won’t fully power a laptop, however, it will greatly extend the battery life and will change the laptop when it’s off or in standby
  • 1 5000mAh battery pack with dual USB-C ports – thin and light is key here

USB

Cables

Note that all cables can transfer data. For versatility, I don’t mess with power-only cables. – 1x USB-A to microUSB cable – 3ft. – 1x 5ft. USB-C to USB-C cable – This is the minimum length you want to ensure your phone can reach the bed when charging

Converters

Converters extend the utility and versatility of the other equipment – USB micro female to USB-C male. This gives me a third USB-C cable

image Image 2: Zipped Weekender Go-bag and its contents in detail

]]> https://infosec.press/ktneely/creating-tech-go-bags-for-travel-and-conferences Wed, 27 Mar 2024 22:37:03 +0000