The hacker attacks have begun.
Thousands of hackers — along with some federal agents and hangers-on — swarmed a hotel in Las Vegas today to collect T-shirts, socialize and trade tips on breaking into computers.
They’re at Defcon, the world’s biggest hacker convention, and, according to its organizers “a computer underground party for hackers.”
“There’s an interesting, very tight network here, a lot of people exchanging information, where the hacking community’s going,” said Neil Danoff, an information security expert with Motorola.
Defcon’s not the most technical conference; rather, it’s where hackers let their (long, multicolored) hair down and party.
“It’s where all the idiosyncrasies come out,” said Tim Lawless, a systems administrator at the University of Southern Mississippi.
The convention is being held at the Alexis Park hotel in Las Vegas through Sunday.
This year has seen several sizeable computer-crime incidents, including denial-of-service attacks that hit prominent Web sites such as Yahoo! and CNN.com in February and the multibillion-dollar “Love Bug” virus attack that struck computers worldwide in May.
Last year at Defcon, the hacker group Cult of the Dead Cow premiered “BackOrifice 2000,” a program that lets network administrators or system crackers gain control of machines running Windows 2000.
This year, with more and more companies reading employees’ e-mail and tracking their Web surfing, issues of privacy and anonymity are on the minds of Defcon speakers; several seminars address those topics. The hackers are also interested in the vulnerabilities of supposedly impregnable corporate firewalls.
Denial-of-service attacks, notably, are missing from the schedule: True hackers consider them an amateurish act of vandalism, not worth their time.
Because of the recent publicity, the hacker community has become skittish of anything involving DOS attacks, attendees said, whether it’s causing or curing them.
“They have a reluctance to talk about the issue,” Danoff said.
But it’s easy to pick up illegal tricks at Defcon; at the book stalls, vendors were selling Fake ID By Mail and Modem and giving short seminars on lock-picking.
Green Hair and Boiler Suits
It’s easy to spot the Defcon attendees checking in at the Alexis Park. Overwhelmingly young and male, they came with computer bags and dyed hair, and wearing T-shirts reading “HackCanada” and “2600: The Hacker Quarterly.” One burly man checking in Thursday wore an orange boiler suit with bullets jammed in the breast pockets.
There were some kids who were just testing out the lifestyle, like Matt, a hacker from San Antonio who came with his parents. Clean cut, soft-spoken, and 17, he said he came to Defcon to begin learning about computer security techniques.
And there were many more women than one might expect: in tight leather pants, fishnet stockings and green pigtails.
Not everybody at Defcon is a hacker, Lawless says. Many are girlfriends, “scene whores,” federal agents doing “intelligence gathering,” young “script kiddies” aiming to become true experts, and computer security professionals.
One buttoned-down, 50-something information systems manager from Montreal, who declined to give his name (Defcon attendees are often sticklers for privacy), said with a smile that guys like him were “ruining the con” for the hard-core audience who have been there since the first Defcon in 1993.
The Wild Party
The most buttoned-down attendees — federal agents — will be getting “I Am The Fed” T-shirts as part of a “spot the fed” contest, where hackers try to flush out undercover police.
“This place is crawling with feds,” said Dean Turner of SecurityFocus.com. One of them, Assistant Secretary of Defense Arthur Money, gave the federal perspective to a packed auditorium this morning.
At the “Defcon Shoot” this morning, trigger-happy hackers went target shooting with guns out in the desert. Defconners will also attend a formal ball this weekend, dancing to electronic, house and trance music.
Defcon has gotten kicked out of several hotels for hacker misbehavior before finding a home at the Alexis Park, said Jennifer Grannick, a “hacker lawyer” who has attended the past five conventions. But the hotel seems to know how to please them: “They ordered all of these cases of Jolt Cola, and started keeping the food area open almost 24 hours,” she said.
Defcon’s founder, who calls himself Dark Tangent, remembers a past convention where the party got out of hand and a hacker and a hanger-on were caught on a security camera having sex in an elevator.
There’s even a hacker version of “Capture the Flag.” Computers will be set up on an internal network, and the winner will be the one who’s able to break into the most machines.
It’s a geek party, after all.