Opening Pandora’s Box: A Black Hat 2011 Survival Guide

July 29, 2011

Going to conferences like Black Hat in Vegas reminds me of going to college and the advice my dad gave me.

See you at Caesars!

“Mike, have fun. Enjoy yourself. This will be the time of your life. Don’t do anything stupid!”

Sound familiar?

Black Hat isn’t your everyday conference. Every eccentric, sci-fi loving guy and gal with a 130+ IQ (shocking I fit in rather well...except for the IQ part) who can do amazing things with a computer (ok, I can’t do this either) will be in Sin City.

Luke Skywalker: “I’m not afraid.”

Yoda: “You will be.”

So if you haven’t heard of Black Hat, it’s a show originally put on by hackers for hackers (now, “serving the information security community by delivering timely, actionable security information in a friendly, vendor-neutral environment.”)

Black Hat 2011 is immediately followed by DEFCON 19, also in Vegas. (self-described as “the world's longest running and largest underground hacking conference”).

You should be fine if you approach either Black Hat 2011 or DEFCON 19 with a healthy dose of concern/worry/neurosis.  That being said, in 2007 a NBC Dateline reporter tried to go undercover at these events was summarily chased out (of DEFCON).

So here are my suggestions on what to do at Black Hat 2011 – and how to do it so you live (personally and professionally) to tell the story.

The show is great – lots of great content. Some people think it isn’t what it used to be (they say the same about RSA Conference folks) and some of the industry elite fled to DEFCON, and even CANSEC. Also a good friend of mine, Chris Nickerson, runs the Security BSides Community. (BSidesLasVegas 2011 runs at the same time Black Hat is going on). BSides is for those who maybe couldn't afford Black Hat or DEFCON or for those who wanted to speak at those events but were rejected (talks were too edgy) for one reason or another.

But back to Black Hat for second – something else to know: They have something called the Wall of Sheep. For any newbies, especially those non-hackers among you, there are a lot of people at Black Hat who are looking to find other people who do dumb things. So, to fully enjoy the show and not end up as an unwilling participant in someone else’s demonstration.

So it’s important to follow The Seven Unwritten Rules at Black Hat (as my friend Matt Hines put them so well):

  • Wireless: Stay away from all Wi-Fi and turn off your Bluetooth; hacks are happening
  • Encryption: Try to encrypt any information you must send. Use a VPN; people are watching.
  • Don’t put it down: Any device left alone is an invitation not just for theft but infection, etc.
  • Don’t accept gifts: Someone friendly handing you a USB drive may be hoping to own your info.
  • Anything can be hacked: ATMs, room keys, RFID cards, anything, so, be vigilant at all times.
  • Try to fit in: If you’re just another person wearing jeans and a T-shirt, well, that helps w/above.
  • Don’t be a sheep: The Black Hat “Wall of Sheep” lists all those who get hacked; yes, publically!

Finally...the parties...If you're hitting the parties the booze will be free and there will be copious amounts of it. Remember that we all have that line to cross, and know where yours is.  I’ve seen a whole host of well-regarded security folks obliterate the line and that kind of stuff lives on ... Again, as my dad said, “Don’t do anything stupid”.

And, oh, I forgot to mention that he then said, “If you do something stupid, don’t get caught.”

- Mike Yaffe, Director of Enterprise Marketing

P.S. You can stay up-to-date on the latest from Black Hat on our Facebook event page. Just click "I'm attending" to stay in the loop!

 

  • News & Events

Ready for a Demo?

Eliminate identity-related breaches with SecureAuth!