11 August 2019
I finally made it to DefCon
I’m writing this as I sit in the airport ready to leave Vegas. I wanted to write things and feelings while they were fresh so let me tell you how this went. Back in April? I decided “I make enough to have savings for Defcon. I’m going to go and talk to people to get myself into security at all cost.” I ended up getting a free ticket to The Diana Initiative and that felt safe for someone who hates crowds. Fast forward to summer, life happened and I was no longer sure I could get a Defcon badge as well.
Fast forward to Weds and I have landed in Vegas ready to meet people. I didn’t know how I’d get this done being so awkward and quiet, but I was able to meet a few twitter friends and make some new friends that were just starting in security, doing what I wanted to get into (blue team), or out here “grinding” to get in just like me. I still had no real intention of doing Defcon itself but I had signed up to a few things on the side so I was still going to get my money worth. On Thursday my friend N blessed my life!! She sent me a message and long story short I had a badge. I think that for me that was the first time I’ve felt & showed real excitement in months. I immediately started going to different events I had been eye-ing from afar.
I didn’t go to any Defcon talks because I know they are recorded but I also know that people do ctfs(capture the flag competitions) for everything so I went and just sat around people doing them. I was lost on some of the team chats but I also learned things I need to brush up on. I talked to some companies in spaces I’d like to be in and asked them question on what they were looking for in a canidate. To give context I want to do application security to start and eventually move into medical device security.
Outside of all this work I had some fun too. I went to a party, had some outback wings, bought some new hacking toys, and got some backpack ideas. I also know that I said I was going to take pictures with people but the reality is that I didn’t. 😔 Regardless I wouldn’t change a thing about the experience I had and connections I made. I’m looking forward to coming back next year and doing even more (I’m looking at you App Sec Village CTF).
All in all I think DefCon itself is really cool and worth sparing funds for if you can. As soemone with pretty bad social anxiety I would like to advise anyone in the same group to do 1 of 2 things: Find a friend and “tag team” the conference or if you have meds, take them and then make sure that you plan downtime. I would also advise that you don’t put yourself in a worse financial situation to attend this event. At the end of the day the talks are recorded. As great as this experience was if I wasn’t 99% sure I’m making a move, soon to security and know that long term this won’t hit me too hard financially then I wouldn’t have attended. The conference isn’t going anywhere, the people are going to be around, the companies you can lookup and reach out to in other ways…it’s just…be smart about the cost and your why.
There are Summer Camps for EVERYTHING. I did The Diana Initiative which is more geared to non-binary/women identifying folks. I loved it because it was smaller and lower anxiety for me. I was able to listen to talks that were still in areas of interest and/or just about navigating the industry. If you know me on twitter than you know my favorite talk was by @thefluffy007. Why? Because I’m biased and she was talking about mobile application security. It’s so interesting to hear non-dev perspectives of app sec because the mindset is completely different.
I was also given the chance to learn how to lockpick while in attendance. I already knew before that I could kinda pick locks but I wasn’t sure of the why/how until I went to the village. There was also a soldering and ctf village. I kinda did the ctf but I just wanted to get the lockpicking challenges. I also tried my hand at solving the cipher on the back of the badge. Eventhough it caused me to lose a lot of sleep I had fun trying. I’m hoping someone does a write up on it or I can figure it out later as I get better with cyptology.
Where the Tips Fam?
So as a n00b to Defcon I think I can reasonably say you should do these things:
- go to villages
- talk to companies in villages and the vender area
- go to hospitality suits or similar
- go to parties (even if you don’t drink and/or are awkward)
If these things still sound like too much or you are alone then I suggest you do one of the many Hacker Summer Camps.By: Keheira
tags: security - goals - networking