>> Hi, my name is Mike and I'm a noob. [ Laughter ] >> So I really didn't know that this was going to be a two-hour panel. I'm going to encourage everybody else to try and participate so that I can fill the gaps, and then explain to my wife why I'm not giving her a call in an hour. You know, Tom brought up some very important stuff. This actually is kind of funny. He talked about how 101 has grown. When I first came here, the first time I came here, was because of Alex Rogan, and he said I'm going to introduce you to this real cool guy, Chris Hurley, who was war driving. This was a decade ago, where we're talking about, you know, cutting-edge wireless stuff with him sitting in his Ford Mustang driving around and then cussing at a reporter later because they didn't report it properly. And then Chris managed to rope me in, and said hey, I'm going to run the vendor area, so can you come and help me out and I did. And I've been here ever since. And the one thing that was always -- has always been cool about this, as Tom leaves to go to the bathroom, is exactly what Tom said. You come here to learn. It's amazing that you can come in here and stand in a room or sit in a room or sit in a hallway with, you know, 5, 10, 20 people, and all of a sudden, this just becomes a collective consciousness. Not everybody has the same level of experience as you, not everybody has the same vision as you or maybe just the same perspective, but it's amazing how that can come about. That aside, DEF CON is also about having a good time. It's about coming out of your shell. It's about doing things. I know that the original description of this talked about the shenanigans. And there have been shenanigans, and DEF CON has grown. DEF CON has grown significantly over the last -- well, over the last decade, moving from the Alexis Park to here. I can remember when 2,000 people was a huge CON, and that still meant you stood in line all the way around into the parking lot of Alexis Park. For some of us remembering the tent on the roof and how hot it was and Hacker Jeopardy and Vinyl Vanna probably very happy to be out of her clothes because it was so hot. So with that, I'm going to kind of turn it over to some of my friends to tell a couple of stories. And we're going to talk about the good times because the coming out of your shell part really is the most important part. A lot of people come here alone. I have a friend who's here right now. He's alone, and he's miserable, but it's because he's not letting himself meet people. He's not letting himself just sit down and be himself and have a conversation with people. And it's a shame because now he's missing out on the rest of the CON because not everybody gets it. DC 101 is important because it lets you learn. It puts you in a position where you're learning about stuff that you may not necessarily know, and it's not hands-on. It's not a workshop. That's where the villages are for. It's actually, you know, where you can sit down and you can start to get interested in something. You attend a talk. If you were in Dave Litchfield's talk about time-based-and this was a while ago-time-based attacks on databases. Unless you're Dave Litchfield or somebody at Dave Litchfield's level, you don't get it, so you're just sitting in the audience nodding your head, going along. But hopefully, it interests people enough that they're going to at least look it up and say, oh, that's what time-based means. So with that, you know, do any of you guys want to start it off, tell stories, talk about, you know, the fun times, talk about grass angels, maybe, or talk about any other experiences? Come on, raise your hand. I will make you. There we go. Thank you. Alex Rogan, people! [Applause] >> Yeah, so my first DEF CON was DEF CON 10. There's a lot of cool stuff that went on at DEF CON 10. I'm going to try to convince some other people to talk about a couple of those. I'll talk about one of my most fun times, which was at DEF CON 12, still at the Alexis Park, and we were walking as a crowd-kind of stumbling as a crowd -- moving back from, I think we were going back from pool two back towards pool three. I'm not sure. We had already had a few alcoholic beverages at the Irvine University or Irvine Underground IVU party, and I was walking with my, at the time girlfriend, now wife, Jennifer, and I turned around for a second and turned back, and she was gone. And so, you know, all of my friends are there with me, and my at the time girlfriend was not, so I was a little nervous. So I started looking around, calling out for her and couldn't find her. So I kind of turned a 360 and said, well, let me just stop here, look around, maybe I'm going to track her like I'm some sort of a man-hunter tracker thing. But I turned around, and I see overlooking one of the upstairs rooms the window was projecting Sealab 2021 from Cartoon Network on there, and so we both really enjoyed it at the time, so I said, I'm just going to bet that she saw Sealab in the window and wanted to go up and talk with people, because she's a very friendly welcoming person, and she likes doing things like that. So I go up to the door as best I could tell from the window and knocked on the door. A person opened the door, and I said, hey, is my girlfriend in here? And he just kind of looked, and he goes oh, Jen, yeah, come on in, she's here in the back! And so they -- she went right in and was laying on the floor with another young lady just watching Sealab, having the best time in the world, and so I'm like totally innocent, totally innocent, nothing debaucherous going on or anything, just two women watching Sealab together. Yeah, and so I was talking to the guy and I said, hey, listen I'm really sorry. I didn't mean to disturb guys. They're having a private party, and I didn't want to disturb. And he's like oh, no, no, it's cool. And I actually met the founders of WiGLE.net, the database mapping conglomerate for wireless access points. I met Bobzilla and Arkasha that night, and it just was the most random thing just walking through DEF CON seeing people and losing my girlfriend to the guys at WiGLE! But yeah, I mean, we had a great time. I'll even do an addendum onto that. So after we leave WiGLE, we're walking back towards pool one, and I'm having a hard time staying vertical at this particular point. And I see -- so Romer isn't here, but Romer was talking with somebody that I had been wanting to get a chance to talk to -- Andrew William. At the time, he was the Vice President of Publishing at Syngress. And I had actually, after my first couple of DEF CONs said, hey, I might actually have an idea for a book. You know, maybe it's something, I don't know, put together a little 30-second elevator pitch so to speak for it, and walked up just almost falling down drunk talking to Andrew Williams by pool one. And it turns out later on he was as drunk as I was, which was probably why he wanted to listen to me, but I got to stand there, and I had his attention for five or six minutes, and, you know, went through my idea and my pitch, and he said, actually, that's a pretty good idea. That's an interesting perspective I haven't seen before, so yeah, you know, here's my card. I'm going to set up an email with you, and we ended up doing a book with Syngress, just all predicated upon getting a chance to meet him by pool one. Just by getting out and walking and seeing people and people--once you meet that one person, you're going to end up meeting that person's friends throughout the CON, too, so it's not just about finding like a buddy to go -- well, I mean it's fun, too, but get to know as many other people because you're never going to know who that person is over here could give you a book deal. A lot of my friends have gotten jobs through DEF CON. I know I wouldn't be where I am in my career without the friends I've made at DEF CON. And it all started with DEF CON 10, three or four of us from a small university in Texas saying, I think we can actually compete and actually hang with these people from California, and from New York, and from D.C. You know, we're not in the middle of the hacker scene, so to speak, but actually, I'm going to invite another medic, Tim McGuffon, up here to talk about our experiences at DEF CON 10. [Applause] >> So at DEF CON 10, we decided that we could compete in the Hacker Jeopardy, having never seen it before. There were no videos or anything back then, and we did. Myself, Aaron, and his loving wife, Jen, the night before she got lost with Bob and Arkasha, [indiscernible]. So we signed up as a team for Hacker Jeopardy. We got chosen, and we walked up on stage, and we had no idea what to expect. We're in this sea in a parking lot in the Alexis Park of about a thousand people. It was hot. It was sweaty, and there were random things happening behind us. There was a scantily clad lady there. We didn't know what to expect. It was very out of my element coming from conservative Texas. So we get up on stage, and we're doing quite well at Hacker Jeopardy, because the questions that they're asking are low-level tech questions that that's what we do. I mean, my background is in electronics and chemistry. Aaron's is in computer science SCATA systems, and Jen is a pop culture junkie. So it fit really well with the questions that were being asked. About halfway through the first round, we have enough points to just stop playing, and we could walk away with the win. I didn't know the rules of Hacker Jeopardy in the crowd at the time, so whenever a daily double came up -- are you all familiar with the daily doubles from the old Hacker Jeopardy? OK, cool. So whenever the daily double came up, I wanted to spend 500 and just make a few more points to solidify our lead and call it done. Aaron having been tipsy and drinking more than he probably should have night overrode my $500 bet and bet it all. Every dollar we had. So he bet it all, and then we decided, the question came up, and the question was, which virus was distributed across the security - focused neophytes mailing list in March 2002 was the question. And it was just blank stares. I had no idea. Nobody in the audience had an idea. It turns out it was My Party, but that lost us all of our points. So from that point forward, we're now in last place. We're broke, and we start drinking to try to make up our points. So you see it just goes downhill from there because I'm not a big drinker, but I had Corona at the time, and I'm not a huge Corona fan either, so I had somebody run to the bar and pick me up a bunch of limes so I could try to mask the taste, and it was just horrible, but never trust your friends at DEF CON. [ Laughter ] >> I was doing my part to really catch the team up, so I was actually two-fisting them. As quickly as I could, I had a real nice screen of brown glass in front of me or white. I forget. We were probably going to Bud light at that point. >> Probably so. No, it was Corona because we were naked at the time. >> Yeah, so that's fine. And so with that and just too kind of bring the story full circle, one of the other guys that we were competing with at DEF CON 10 I just ran into actually onstage at the Hacker Jeopardy trials tonight. Hacker Jeopardy was having the trials from 1:00 to 3:00. They were looking for people to get up onstage. The two guys standing beside me, GMark pointed out and says, hey, y'all come on up here. It turns out we competed against Hacker Jeopardy and had the same questions still in our head where they had got it wrong and we had got it right. It still wasn't enough points, but it was a TCP Port maps, so HTTP plus FTP divided by, and the answer was 31337. They got 31336 because they were off by a port but come full circle. Here we are 12 years -- 13 years later, and still meet the same guys, still reminisce about the same things. It was a much smaller community back then, much closer knit. >> I thought you were going to tell the story about pissing off everybody in DC Forums. One of the admins and two or three of the moderators at DC Forums pretty much hated your guts. >> So the original board driving contest for DEF CON 10 was the first one. >> Just so you know, in case you were thinking about leaving, this is about how to get the most out of DEF CON. Granted we're going to tell you war stories. We're going to tell you about the fun that we've had. We're certainly going to tell you about how much Medic hates beer and still gets drunk, but this is also how to get the most out of the it because the common theme is if you don't allow yourself to open up, if you do not engage, you are not getting the most out of your $220. >> We're just people. I'm nobody special. I'm just a guy. >> What? I thought it was $220. >> That's what I charged you in the back of the line for the badge. >> I was going to say $420, and if you meet me, I'll give you a real badge. >> Did you say $420? All right, go ahead. I heard $420. >> So back to the story that he was alluding to for DEF CON 10 is the rules for war driving contest where you had to turn in your logs in Y scan format. And there were two tools that put out Y scan format at the time. Y scan, which was written for BSD, and Netstumbler written for Windows. I wanted to use Kismet. So I started asking the questions on the forums, hey, what about other alternative formats? And they posted the rules, you must use Y scan format. OK, thanks. That's not very helpful, guy. Come on. I mean what other formats can we turn this in? How is your scoring going to work? And it was a-here are the rules. That was a subtle hint to me at the time that if it's not written down in the rules, it's legit. So if you can find a way to still follow those rules and bypass them, you can win. RenderMan found that out a couple years later whenever he was disqualified from the wireless contest for running fake AP. It was five 500 unique access points, but they didn't say they had to be real, so he launched fake AP on one interface, launched Kismet on the other interface and logged his 500, handed his laptop over and was disqualified. But getting around those rules, so... I ended up -- so I took the argument from that to -- from the forums to IRC with Romer and he basically said, look. >> And Russ. >> And Russ, these are the rules, this the way it's supposed to look. Chris' avatar on the forums is a big middle finger, and it has been since DEF CON 10 whenever I started the argument with him and he told me to fuck off. So I wrote a script to do Kismet to Y scan format. I went ahead, I wrote it one in VBScript to run in a PERL and just made it available, put it out there, and then we showed up the day of the war driving contest, and almost all of the teams were using Kismet and my scripts to beat me at my own game. If I would have kept my mouth shut, used my own scripts for myself, used Kismet, picked up all the hidden SSIDs, we would have owned it, but the top three teams used my scripts to score it and to compete against me using the tool set that I had put out there to make public. So if you've got something secret for winning contests, keep it secret until after the contest is over. >> Or if you're really big into the sharing economy, you can definitely do what Tim did. It was one of those things, I don't think the war driving competition would have been successful if people would have been limited to only those that were BSD enough to run the Y scan app or anybody that's run [indiscernible] before. It's a great program, but you're not going to find anybody trying to hide their stuff. So if there hadn't have been 15 teams there competing in Kismet and there was a lot of media -- that was the first year of the wireless competition -- I think there were three -- two or three media outlets there at DC 10. There were probably at ten there at DC 11 because of the popularity of the contest and I think because people were able to find more. I mean it's way more fun winning with, at the time, 1600 access points than winning with 70 access points. >> That magazine did a write-up on Aaron and I after that contest just because of the history and what we had done and we weren't anybody. We were just Podunk rednecks from Texas. So find whatever is new and upcoming. So right now, the STATA village is new this year. You can bet next year there's probably going to be contests focused around the SCATA village. If you're into SCATA or you have anything associated with it, get in there and get involved with them, get involved at the ground floor because whenever it blows up to be a big thing, you can be part of that big thing. [Applause] >> That's actually a big deal. These guys are not sit up in front of people and chat, so this is a big deal that they wanted to share that information with you. You know, one of the things that they talked about was contests, and Roots is up the hall, right, way up there, and yet they're doing a social engineering contest here in the hallways trying to do their own contest, learning how to pick locks, learning about cryptography, a whole bunch of other stuff. And it seems kind of silly, but the one thing that they do that most of you in this room probably don't do is involve a stranger that can help you out. It's actually kind of interesting. It's kind of fun watching the kids because they just don't know each other, and then all of a sudden, I watched one little girl sit down with a lock pick set and another little girl show her how to use the rake. I mean, fascinating, right? For those of you that already know how to use a rake, it's not really that fascinating, but it's fascinating that just a complete stranger came over and said, hey, do this. So think about that. You know, you want to be able to get involved. You want to be able to participate. You want to be able to do these things, and the more people that you talk to, the more that you're going to get to know people, the more you are going to meet, you know, interesting people. Viking is a friend of mine, and he's a friend of mine because of DEF CON, because I never would have met Viking otherwise, but he's here. And the amazing thing about Viking is that he can eat any amount pepper and it doesn't bother him. Anyway, I'm going to let him come up here and tell you some stories about being here at DEF CON. [Applause] >> I didn't know I was talking >> No, neither did I. >> Let me just say to my employer, please don't fire me. I didn't know that this was happening. None of this is endorsed by my employer, and I'm not going to talk about anything I do at work. That being said, I came here for DEF CON 16 was my first CON. I didn't know anybody, and kind of walked in and had a terrible time. Didn't really go out, didn't really get involved, and then Romer and I happened to meet after work, came back the next year, and he's like, hey, why don't you come hang out? Let's go and do some stuff. And you know, I'll get you into the cool parties and introduce you to some people, and that's how I kind of ended up knowing Wiseacre and all these guys that are up here talking. But the really cool thing for me was I went from being a nobody to having a group of friends. Right? And what Chris did for me, what Romer did for me was he showed me around. He got me introduced to some people and kind of got me to a point where I could get things done a little easier at DEF CON, and you know, I could get into some of the parties and I could know some of the people, and I could hang out. But you know, what I've tried to do in the last couple of years is kind of pay that back, right? So you come to DEF CON, you learn something. I guess my point would be, you need to kind of pay it back to the other people. So now I've got some friends that I drive around. I'm like, hey, I know these guys. Let me come introduce you, right? My advice to you is try and expand that circle. If you've got some friends, introduce them to other people. Get them talking to other people, right? Because now, your circle gets bigger, and I'll tell you that in what I do for work, occasionally, I'm not the smartest guy in the room or on IRC, and I'll have questions, and I was in the middle of the pen test a couple of months ago and I -- well, about a year ago-and I popped a box and I knew that I could get, you know -- I could be inside the domain if only I could figure this one box out. And I spent weeks. I owned the box, but I couldn't -- I basically needed to turn an outside interface into an inside interface so I could continue my exploitation. And I was just stuck. And I got on IRC, and I said, hey, does anybody know how to do this? And one of my friends came, and they said, well, I think you need to do this. And I went and looked at it. It wasn't right. Ended up stuck with some IP tables. I said, hey, anybody really good with IP chains? And one of the guys, Mike, who is somewhere around here, said, yeah, absolutely. I sent him one. I told him what I wanted to do. He sent me back the rules, and I was in, the main admin. What I'm saying is make some friends, but then introduce them to other people. If you meet somebody cool or you meet somebody smart, introduce them to somebody else. Right? Introduce the guy who doesn't know anybody to somebody, because you just expanded that guy's circle, right? And, you know, make those circles bigger for your friends and make them bigger for people who aren't there. The other night we had some kid sit down. A bunch of us were sitting around drinking, and he said, hey, I want to get into the security business. So we sat him down and we said, well, tell us a little bit about yourself. And we spent 10 or 15 minutes trying to get this kid who'd just gotten out of university and flown here from the UK, but, you know, trying to get this kid to understand what he wanted to do because he really didn't know. He was just like, I just got out of college, and I want to do this stuff. And you know, but taking that time, and maybe he will, maybe he won't. But pay it back. I guess that's my primary point. I don't have any great stories about DEF CON. But. >> [Off mic]. >> Honestly, I've usually had a little bit to drink when I'm here, and sometimes I don't remember everything that happens, so there is some video. [ Laughter ] >> There is some video. But that's basically all I've got. But I'm going to put the onus on AJ. Oh, yes, I am. >> I'm a fairly good [Off mic]. >> So how many of you guys went to the DC 101 talk on Thursday at 10:00? A few guys, okay, cool. DC 101 started out basically just as a panel to let people know, you know, this is what you should expect from DEF CON. All you noobs, you should know to come in here and make friends and do this and do that and don't do this other thing, and usually, it's a little bit more peppered with flavorful language. And part of it also is about having people come up on stage and learning about getting a handle, because you're going to find that a lot of people want to remain anonymous when they're here at DEF CON, and if you truly want to remain anonymous, then why would you have a big orange Mohawk. But nevertheless, that's part of it. And AliJohn actually did not get his handle here. He got it through Blackhat. And it was actually kind of fun. AliJohn's handle is Pushpin. And even though I've bailed him for a little bit, he is going to get up here and talk. And he's Pushpin because the first time we saw him, he was following around Joe Grand, AKA Kingpin, as seen on TV Joe Grand, and he just looked like a little mini-me of Joe Grand, and from Kingpin went Pushpin. So one of the things I'd like AliJohn to talk about is, I mean AliJohn gave his first talk this year, and that's a big deal, because Viking said, pay it forward. And it is kind of something that you want to be able to do, because there's a lot of people that come to this conference that really don't know what's going on. Highway said it. They're sock jockey. They're knock jockeys. They're code monkeys. They're whatever, but they're not hackers, at least not in their heads, and they just don't know, how do I make that change? How do I make that distinction? And AliJohn's talk was about becoming a pen tester, how to do a pen test. Actually, aptly titled "Poppin' boxes like a pro." So here's Pushpin. [Applause] >> Thank you. All right. I took notes while we were -- while they were talking. And I'll just start with DEF CON 16. I came out here with the UAT, who is obviously a vendor, and we competed and lost Mystery Challenge. Wee -- it took up the entire conference. And it is so complex and complicated that it involved crypto, it involved differently languages. It involved working with paper and just the most complicated thing you could imagine. And our team of maybe six or seven people, we didn't have that knowledge. Yeah, sure, we knew a little bit of crypto or we knew how to pop a box, but we didn't know Korean or we didn't know how to do this one thing. So that competition forced all of us to go to almost every part of this conference and gain knowledge to finish this competition. And for two years, I think we won every now and again, but it was fun. After that, I graduated. Russ, who is obviously very involved here, was one of our professors, I was sitting in the lab, and I'm like, I can't find a job anywhere. He was like, oh hey, toss me your resume. A month later, I am now, I skipped all of the painful, horrible work that we all have to do -- the IT support help desk, the sys admin, the network admin. I just jumped all of it, and I am now part of this insanely skilled team of people that I am nowhere near in skill set. >> He's selling himself short. >> Sure. But for the past -- from then to today, I cannot believe where I am. I've worked for two government agencies. I have been co-authored a book, again, thanks to Russ and Evil Rob. I now work at PlayStation. It's astonishing. Some days I walk into work, and I just stop and I'm like, whoa. I would not be here today if it wasn't for Russ, it wasn't for Highway, if it wasn't for Chris, who is now my boss who, I mean, I worked with Mike. I worked with a lot of people here, and I don't know what my life would be like if I didn't come to DEF CON. So does that work? >> Yeah, thanks. [Applause] >> We wanted shenanigans. Talk about what? >> Fun story. Before I forget, you're going to see up here on either side of the podium all of these faces. This is part of the faces of DEF CON. The faces of DEF CON kind of started by ArtYeti, and if you have not been in the contest to see his art, you have to go. At the very least, you have to see what he puts into this work. Eddy is a pen tester, and he's a brilliant artist as well, but the faces of DEF CON are kind of the history of DEF CON as well. It starts with Dark Changing and Jeff Moss and it just grew. So you're going to see faces in the crowd that you recognize, or you may not recognize them because we don't have brown on our face or whatever, but you're still going to recognize them because these guys that kind of made this whole thing grow. They are the guys that kind of made everything. So, you know, this whole, long theme is going to be-you've got involved. And actually, part of what AliJohn just said about telling about the shirt, when AliJohn first started coming, we used to have a little tradition on Tuesday before DEF CON going to Gonzalez y Gonzalez over in New York, New York and having dinner. And as we were going down, the year previous, the guys traded a shirt with Joe Grand with one of the guys that flips the little escorts girls direct to you cards, and his shirt was disgusting. But Joe thought it was so funny he actually wore it for his talk the next day. So the next year we decided we're going to do it again. Of course, AliJohn being there the year that he had earned the Pushpin nickname, we were going to get one for him, too. And it was a little bit tougher that year because these guys only get one shirt. And well now they get multiple shirts, and some of them even get these flashing signs, and sometimes they don't even have to have the shirts. They just sit there flipping the cards at you. And so we had to pay. And we put it on AliJohn, and oh, my God, you would have thought we were pouring acid on him because it was yucky. It was sweaty and dirty. I mean it was almost like this guy was sleeping in it. But he may have been sleeping in it. But AliJohn was a good sport and he actually wore the shirt and wore it to dinner and wore it back to his hotel room and then promptly showered for an hour half in scalding water. It's part of the fun that we have. The cool thing about this conference is, first of all, it's over a weekend, so you don't have to worry about, you know, am I going to be having to get up? Am I going to have to have work giving me a call? Most people don't have to worry about that. It's over a weekend, so it gives you an opportunity to actually do a little bit more. It gives you an opportunity to hang loose because there's all the events during the day, and then there's all the events at night. And one of the things that Viking brought up is parties. DEF CON used to be basically eight hours of conference and 16 hours of parties. It's kind of morphed a little bit. It's not quite 16 hours. We've extended the talks a little bit longer so there's a little party in there that overlaps, and you'll see even when the new speakers are giving a talk, the speaker goons will run up, give him a shot help to help them calm down and help them relax. And it is kind of fun. So it's a fun environment, an opportunity for you to come in and relax, and the parties are cool, but you don't always get invited to the parties, especially if you don't know the 303 Mafia. Then you're not going to their cool party, which is happening tonight. Suck it, I'm going! [ Laughter ] >> And I'm, you know, 303 by proxy because of the people that I know, and it's actually kind of cool, and I've talked about the 303 Mafia, but they are a tightknit group of friends who are very proud of their area code, and they're also very proud of the stuff that they do. And they come in and they actually make a significant portion of this DEF CON happen. So, you know, getting to know people, do not try to get in the party by saying you know Pyro because everybody says they know Pyro. And Pyro's favorite story, he told it on Thursday, is about the guy who came up in line and said, hey, I want to go in the party. And they said, well, who invited you? And the guy said Pyro and then started defending Pyro to Pyro. It doesn't really work that way. So again, this is what brings you along because if you ever met Pyro, you would go, huh, he's a cool guy. He's fun to hang out with. You would not know the stuff that he knows, the math that he does in his head. He is a brilliant guy, and you certainly wouldn't know that just by watching him walking down the hall. But because I've gotten to know him, I now know some of the cool stuff that he does, and he actually is a really smart guy. Now, I'd like to open it up to any of you guys because I know a bunch of you are getting a little bit bored, and you might have some questions, especially since apparently we've got an hour and a half more to go. You might have some questions. You might want to know, what's going on? How do I get a handle? You know, or anything. Is there anybody? Come on. We've got microphones. You over there, sir, not even close to a microphone. >> What's going on and how to I get a handle? [Applause] [ Laughter ] >> So there are lots of things that are going on. A lot of them are printed in the schedule. A lot of that stuff -- what's that? >> [Off mic]. >> Oh, yeah, come on up here. We'll actually give you a handle, Mr. Helper. Yeah. >> Oh, nice, hey, I've also got good news. Apparently, there's nothing scheduled after this, so if you guys run out of questions, and I start to lose my voice, it will be okay. So again, a lot of this stuff is printed and then a lot of this stuff you're going to find out just by word of mouth. So here's what we're going to do. I'm going to have you stand over here, and you're going to tell me five things about yourself -- five things that you think are important to yourself. It could be five things that people don't know about you. Does anybody in here know him? >> No. >> Oh, this is even better. This proves my point. Yeah? [ Laughter ] >> All right. I'm from Portland, Portland, Oregon. I'm a software engineer for an open source program. I'm a community manager. I wear this GitHub sweatshirt because I got it at OSCON two weeks ago. It's similar. That one's at home. It's a nighttime sweatshirt. I don't know. That's pretty much it, yeah. I'm a smart ass. I'm a smart ass when I -- when I hear somebody throw something up as open as what he did. I'm going to go ahead and call it out. This is my first DEF CON. I came here with my friend, and I don't know what's going on, because there's like several resources to find out what's going on and none of them agree. So that's a little bit about me. >> All right. Awesome. You stand over here. [Applause] >> All right. Cheshire cat is close. Hello Kitty is too many syllables. Curious Kitty, too many syllables, but I'm liking where this is heading, you know. >> Wait I second, what. >> TMI. >> All righty. You are TMI Kitty! [Applause] >> What that means /NickTMIKitty. >> Yes. #DC-Forums on F net. They're the DEF CON forums, and pretty much anybody can join. You have to participate. On occasion, they will go through the logs to see how much you participate, and if you don't participate, they will kick you. And then you join again and you say, hey, it's TMI Kitty, and I have a question about next year's party schedule. And then you'll get just as much crap in the channel, but you'll have a good time. And it actually is pretty cool because the people that are in the DEF CON forums channel do a lot participation. Be prepared for a lot of drama. But be prepared also for understanding exactly what's going to be going on, and they can point you to things and introduce you to things. There was a DEF CON forums party last night. I did not go. I was at a different party. So... who's next? You, sir! >> I want to give a shout out to a goon from over a decade ago. Priest grabbed my daughter out of the audience at age roughly 15. I don't know if she was 15 or 16 yet and had her place [indiscernible]. First wall she got one, but it got her hooked on communicating, the same thing you just heard. And he asked her, what are you going to go do with your life? What do you want to go do, things like that. He's talked to her a half dozen times since here, basically, and convinced her to go to college. That's what it's about. [Applause] >> Didn't you want to handle? >> I've got student in the audience. I'm going to really pay for this. I'm a college professor -- >> Who doesn't need a microphone. >> Former military. Saw combat in the Middle East. >> Thank you. [Applause] >> Married, and I'm going to pay for this, I like cats. >> Wow. You know what? That one's going to stick. There's no debate--Dr. Kitty! [Applause] >> Now part of this is fun, right? We're talking about getting your handle. And when you get your nickname, everybody wants to start out with a bad ass nickname, right? I want to be Siphon, or I want to be Revolver, and it doesn't work that way, because not everybody can be bad ass. First of all, IRC only takes 8 characters, and second of all, it's a lot more fun when you've got something that you have now earned. Let me tell you about the guy who's my second. By the way, I am in charge of the vendor area. If you like it, awesome, come up and tell me. If you don't like it, awesome, come up and tell me, and I will remind you that I make the decisions. But I am interested in your opinions because the vendor area-- I'm going to get distracted, and then we're going to go back to picking on people. The vendor area is designed to give people something tangible, something that they can take with them from here, whether it's a T-shirt or whether it is an idea, you know, we try and make sure that everybody that's there is involved in the community. So you'll see a mix of, you know, homegrown artists, and you're going to see a mix also of corporate vendors, like Pony Express and Rapid 7. You know Pony Express started here before they were corporate. Kind of cool, right? And they've been a vendor ever since, and they give back to the community. The same thing with Rapid 7. Even though they're a big corporate shell, they still have an awesome tool. It's still community supported, and it still works. So with that in mind, I have a second who is right now running the area, and his nickname is Wad. And he had a couple of other nicknames that he liked. I think one of them might have been Ace. But Danny and I were working together, and he'll kill me for telling this story, but Danny and I were working together at -- we were giving a demo. Chris was also working with us, and Danny's job was to type a password in to a demonstration workstation. It was Windows XP. And we just said, type password. That's all we want is password. It's not connected to anything, and we're going to hack it. Let's make it easy on ourselves. That way the demo works. And so he typed it. And we walked away, and we came back a few minutes later, and we're like, OK, it's time to test it. Go ahead and log into that box. Types password. Doesn't work. Types password again, doesn't work. We're like crap. We're giving this demo in 30 minutes, and we're going to have to hack this box just so we can give this demo. The guy that was our team lead comes in from across the hall, and he says, what's the problem? Danny, you know, something's wrong with the password. The guy walks over, the first try, he types P-A-S-S-W-O-D. It works! Danny is now Passwod. PASSWOD@gmail.com exists. Passwod@Yahoo.com exists. We signed him up for everything because it was so funny, but Passwod is too many syllables, so he became WOD. We were calling him WOD. Then he shows up one time, and Chris, Danny, and I were all in an assessment, and we'd went to a club. Well, it was a bar, and at that bar, they had black lights. Danny walks in with his T-shirt, and it looked like a crime scene. [ Laughter ] >> It was not Luminol, and as it turns out, Tide, when it is not thoroughly rinsed will glow under black light. However, that was his WOD shirt, and now, he is WOD. All right. Who wants to get another handle? I know that I can drag this out for at least another 10 minutes. You, sir. Oh, you have a question instead? >> Oh, okay. [ Laughter ] >> First question. How do you change your handle if you're not satisfied with it? >> Well, I will tell you that Danny has tried to change his handle. I've known Danny since, well, I've known Danny since 2001, and Danny has tried to change his handle for the last 11 years. And it just doesn't happen. So you can end up, you can learn to accept it. And it's kind of cool because if you have a handle like that, it kind of gives you a story. One of Pyro's seconds, a guy who now is running the events is Coleslaw. I'm not going to tell you why he's Coleslaw. It's an awesome story, though. So you may not be pleased with your handle at first. But you may grow to love it. Now, Dr. Kitty, actually might love that handle. It kind of sounds almost like from Venture Bros. [ Laughter ] >> For those of you who didn't hear Viking, the gynecologist, yes. But, you know -- nice! Yeah, Dr. Sandy Vagina. All right. So if you don't like it, then try and work into something else. Pushpin has tried to change his handle, too, but Pushpin is a cool handle. Sometimes you're going to get one. There was a guy the other day that played this game with us. He probably isn't going to like his handle-MeowMix. But you might be able to find a way to change your handle. I can tell you right now if you don't tell us silly things, we're not going to give you a silly handle. [Laughter] >> Second question, how do you get an Uber badge? >> Ah Uber badge, so Uber badge actually this is kind of cool. The other gentleman was talking about contests. Now not every contest gets an Uber badge. A lot of that decision making is made later. Uber badge is a black badge. It is the badge that you get, and if you get an Uber badge you get free entrance into Def Con for life. And you get to walk around with a cool Uber -- Black badge -- This is green, imagine if it was black and said Uber. And you get the distinction of having won a contest and being pretty bad ass at Def Con. Because it is pretty hard. There was a point where you could get an Uber badge for anything. I think that we even had an Uber badge for Guitar Hero at one point. But now it's a lot harder. You know, we've had contests where people will actually drop out because nobody can do it. Danny, Chris and I did a Raiders of the Lost Ark style wireless hacking. Where you had to hack something and it led to hacking something else, and it led to hacking something else -- it was 10 different things. It wasn't that hard, but people dropped out. Anyway, so the way you get it is by participating in a contest and hoping that that's going to be an Uber badge contest. I can tell you there are certain ones that almost always are going to be Uber badge contests and they are going to be the ones that involve a lot of work. So Loss Challenge is an Uber badge contest. Alijohns group got an Uber badge but he's never gotten to wear it. So. >> But basically you have to be massively awesome. >> No not always, clearly if you are good at Guitar Hero you could of had one back in the day. [Laughter] >> But yes, you do have to be awesome and you do have -- and when it's a team, one badge is handed out. But everybody gets the recognition, only one person gets to use it so you know for Alijohn if he can ever convince and of the guys -- there's two badges cause his team won two years -- if he can convince anybody there to let him wear that badge he can get in for free. Of course he decided, I'm not going to do that, I'll go ahead and be a speaker instead. Now, tell us 5 things about yourself. Goatee Kitty. [Laughter] >> Ok so, hi everyone, I'm Frederick, I'm from Germany, from Munich. This is my first Def Con also my first Blackhat. I can tell you I won't be going to Blackhat anymore. [Laughter] >> A few things about me, so I'm in Infosec for roughly two years now. I just finished my apprenticeship in February, I'm not actually working in Infosec for two years now, but I am kind of interested in doing it. I finished my apprenticeship as a Sys Admin in February 2013, so not that long ago. And I was working as a guitar and violin maker before that. So, yeah, that was quite a change. What else? >> Strings! [Laughter] >> Ok, I think that's it. >> Yeah >> I hear Hackavarious, Strings and what was the other one? >> Fiddler! >> Fiddler. >> Strings! >> Strings. >> Strings. Strings it is sir. Please enjoy. [Applause] >> You should definitely not be ashamed of Strings. Now you've got a fun story. A lot of people ask me, how did you get into Infosec? I used to sell beer wine and liquor. Not an easy transition, I can tell you that my ex-wife did not like that job. So I got into computers as a result of that. Has nothing to do with my handle Wise-Acre. It simply is -- I used to sell beer, wine and liquor and that's what led to me getting into computers so. Alright. I believe there was one other audience, yes you sir. Yeah. >> So I had a question and if you guys want to give me a handle you are certainly welcome too. >> Ok, well you know the handle is optional. If you came on Thursday the Handle is not optional. However -- the question is? Oh, so you got to see that. >> So, my question would be -- I am currently a software developer, I squash bugs for a living, however I am more interested in going -- I have an interest in the internet of things and how do you get your -- how do you get started with hardware buzzing and that sort of thing? Because that's completely different in terms of the other things that I do. >> Sure. Hardware Hacking Village. You know, I would like to be able to say something funny about that. >> Internet of things in terms of -- ok so if we got a brand new -- entirely to much lapse in security. What's going on with fixed -- and all that stuff. >> Very valid, were you going to answer his question? >> I was going to say if you're interested in Internet of Things with the respect to automation, power meters, load meters, things like that -- so there is an ICS village this year, Industrial Control Systems that is focused more towards automation of industry, however they have a lot of similar characteristics where you have an underpowered piece of hardware that's essential to operation that is not -- that does not have enough potential to actually run security and it was never designed to be run secure. So from accross the globe they gave it a public IP and they leave it out there, so actually the -- has a lot of different areas where you can test specific hardware and learn how some of the secure coding practices work with those as well. It may not be exactly what you are looking for but I guarantee there is a lot of liked minded folks in there. >> Chances are if you were to do Google search on How do I do this, One of the people that has written about it is here this weekend. So, don't be afraid -- if it's published, ask the author. Send an email. There's a reason that those people publish. It's not just because they want to share with the world how smart they are, they also want to be able to distribute that knowledge. There are still some people that want to help. You know, they want to pay it forward. You might think -- you're at Def Con and people are going to prank you. You know I took a guy to lunch the other day and I got a Diamond card and I say, hey let's go skip the line. I had to leave so he got to eat by himself, actually he was with his friends, but never the less, he was the third person in line that I had to talk to to convince them, why don't you walk to the front of the line with me. Don't be afraid to do that because chances are you are going to find somebody that really does want to help you. >> I was just going to say, remember a couple of years ago, Dan Komensky did the huge DNS talk and everybody was really spun up about it right? I didn't know Komensky but I saw him at the bar. The day before he gave his talk. And everybody knew it was going to be big and it might have been big for the people I was working for at the time. So I grabbe him and pulled him off to the side and said, what are you talking about. And he talked to me for like 30 minutes, so I knew what he was going to drop before he even gave his talk. If you just walk up and talk to people everybody here is approachable or should be. Right? >> If they're not they're douche bags. >> And fuck'em. [Laughter] [Applause] >> And, you know, other people said it, but if you hear people that are talking about cool shit -- if you walk up and buy them a beer and say I like what you're saying, can I hang out a little bit or I have a question. Most people here are -- like to talk about the shit that they are interested in. So walk up and talk to them. Alright? Find them. Ambush them at the bar. >> Ok, in all fairness -- in all fairness to Viking if you ever see Dan Komensky drinking, he will talk to you. [Laughter] >> But my point is he talked to me the day before he gave his talk. Alright? So I had a little insider knowledge only because I walked up and spoke to him. >> All right, come on up here and give us 5 things. >> Wow, those are -- it's like, where do the pants end and the legs start? [Laugher] >> So apparently I'm pasty. [Laugher] [Applause] >> You probably didn't realize that that was an introduction statement. [Laughter] >> You sir with the hat. Yeah go ahead. >> I was going to say, I would like to object because I'm pasty. >> Pasties, but that's different from Pasty. He's just one. >> Nah, too close. Do another one -- >> Show us your pasties. [Laughter] >> Please come on, this is actually fun, he's going to tell the story come up here and sit down. >> Alright, so I was given my Handle at the first year of Def Con that I went to it was Def Con 17 I went here completely on my own, had no contacts, been wanting to go for years, finally saved up, was just freshly out of college. And I had no idea what I was getting into, none whatsoever, and the first thing, Thursday morning, I get into the line for registration and it's a mile long. And I'm just standing there and there are these two guys in front of me drinking beers at 9am. [Laughter] >> I'm like alright cool, they just sort of look back and they're just like, this is your first time isn't it? And I'm like yeah, and they just hand me a six pack. By the time we got to the front I was well intoxicated. [Laughter] >> And they -- No, No >> Don't leave that out. >> So they convinced me to go to Def Con 101 and me being a little inebriated, I was a little bit more extroverted then I normally was. And I got up on stage and High asked me what my Handle was that I had given myself and it was so bad that he just shut me down and told me to get off the stage. He didn't even try to give me a Handle. But I got pushed into doing the scavenger hunt and I started hanging out with Harrison Vandel who ran the scavenger hunt at the time -- they're back this year, I highly recommend you get to know them -- I became close friends with them and they got me into the Ninja Networks party and my team did so well Saturday night, or up until Saturday they -- we got into the Ninja Networks party, we all got way to plastered and we couldn't submit the final thing so are team came in second. And they sort of, uh, as a consolation prize they decided, ok well come out to the -- for some drinks with us and that was the year that Harrison Vandel got married and they gave everyone around us like an hour notice. So we all scrambled to get just something. Someone got them, or got Ariss a candy thong and candy pasties as a wedding gift. I was still belligerently drunk, and she said there's is no way in hell that I am going to wear these. So Tuna puts on the panties I put on the pasties -- [Laughter] >> And we all go to lunch at the Nascar cafe. [Laughter] >> And there was this 5 pound burito challenge. And me, Tuna and one other person was doing it and someone tweeted out that Def Con people were doing this and like 20 minutes into this challenge one of the security staff for the hotel -- the cafe, shows up and is like, who are you guys. And we're like, we're Def Con attendees, you know whatever. He's just like, you don't understand Man vs. Food was here, we streamed this contest online and he had like 86,000 followers on the video stream. We had something like 420,000 followers and it was crashing the network. [Laughter] >> So, he just went down and was like who are you guys? This is Tuna and stuff like that and they're like who are you? And I was like I don't have a Handle, and they're just like, just show him the pasties, they're like what? So I take off my shirt and I keep eating my burito. And they started referring to me as pasties. So. [Applause] >> Alright, before we get to you, does anybody have any other questions? This is fun. Alright, come on over to the mic and that way I don't have to -- you know, the faster you get to the mic the front of the line you're in. You in orange, you had a question, you also had a question, come on up. Alright go ahead. >> So quick question -- >> And all of you guys that are leaving, awe I am so disappointed. >> Sit your ass down. >> Look you're even laughing on the way out! >> You can't leave. >> They're trying to get to that porn talk next door. >> Ah Ok >> So this is my fourth Def Con. Question -- [Laughter] >> If you don't already have it you're not doing it right. Go ahead. >> How do you become a Goon? >> How do you become a Goon! >> If you want to help out, if you want to -- >> You know, it really depends. This year we actually cut down on a few Goons because we found that we had a few extra things, but find somebody who is in charge, ask them how do I get involved. Involve yourself on the Def Con forums. A lot of the people on the forums are Goons. Involve yourself there, and if we've got space, then we'll have you help. That's kind of the thing you know, there aren't really a whole lot of new Goons. Anybody who is a Goon in general knows somebody that is a Goon and has known a bunch of other people. The security Goons, the safety Goons, the other Red Shirts, sometimes they'll bring new people in because you know it depends on how many people they have. But in general, contest Goons, speaker Goons, events Goons, village Goons, production Goons, even vendor Goons, you know if there is a slot and your cool and we know you, then we want you to hang out with us. So, that's pretty much how it works. >> Yeah you got to help out. Volunteer to help out with things and that's how people get to know you. And after some years you'll know how things run around here. >> Basically what he is saying is you got to help out. Now I'm going to give him a lot of slack since he's been here from the beginning. Yeah, you don't want to find yourself -- hey I want to be a safety Goon and then realize what you might have to do is work the 2am to 8am shift. And get thrown up on or get, you know, have belligerent drunks trying to push you out of the way. You want to do something that you want to do. Again, the comment was get involved, volunteer. Ingratiate yourself to people. And demonstrate that you can be a Goon and that we can trust you. And in general, that's how you get invited to be a Goon. >> Thank you. >> So the abstract for this talk mentioned incidents involving SWAT teams and crawling in air ducts and I'm wondering if anybody is willing to share those stories. Cause those sounded awesome. >> Ah yes they are so -- the only way that what happens in Vegas stays in Vegas is if you don't talk about it and this should have been called Fight Club. [Laughter] >> But I can tell you, there are a lot of things -- I have been involved not quite as long as Aaron and certainly not, yeah. Anyway, and there are things, the mentality is it's not really just a Hacker conference, I mean, you challenge the status quo and so we have had people that have done all kinds of stuff. And the SWAT teams yeah I wasn't there for that but I was there when people got thrown out of the hotel for actually throwing things out the hotel window. >> That takes talent. >> Yeah, refrigerator -- [Laughter] >> Parking the golf cart in the Alexis Park pool. >> Yeah, you know or turning the pool, there were three pools at the Alexis Park turning them three different colors. [Laughter] >> We always knew it was time to leave the Alexis when the fountain was purple. >> Yes, when the fountain was purple or when some of that astro turf the Jim would make angels in was peeled up. There are a lot of really fun stories and you know, Highways initially envisioned this as being a lets reminisce about Def Con because what he wanted to do was to tell you all these fun stories and then kind of give you an idea of where it is evolved too. One year at the Riviera we all got kicked out of the pool because there was a swarm of killer bees. Kind of fun stuff, you know, not quite the SWAT thing, but crawling in the -- the guys will do anything. And that was it, you challenge the status quo. Kind of funny -- the Alexis Park was where most of this stuff happened. I remember people hacking the point of sales system behind the bar while the bartender was there. You know, all kinds of fun stuff or the moment that the Alexis Park realized that maybe you shouldn't have an ATM there that can just spit out money do whoever knows the code. You know, those sort of things. You know, we've had a lot of fun and there have been some crazy things and if you really want some fun stories, participate in the scavenger hunt and talk to Civiack. >> What was the Handle? >> What's that? >> What was the Handle? >> Civiak. It's his birthday today. It truly is his birthday, so if you find him, wish him a happy birthday, give him a hug. And ask him to tell you some stories. Civiak is a lot of fun. Civiak has shown up in life vests from airplanes and all kinds of stuff. [Laughter] >> There used to be a problem at the Alexis Park, people like to get up on the roof, it's only a two story facility there and it was two wasn't it. >> Yeah just two. >> So, people liked to get on the roof and you know, usually it was pretty innocuous, they wouldn't -- maybe they would throw ping pong balls or something, I believe somebody did a beer bong off the roof. >> Woah, woah, woah. >> That's a three story beer bong. >> Yeah, cause it was up and then they were at the pool. Which was good for them because they needed it. [Laughter] >> A skimmer, they needed a skimmer after that. >> So, the people on the roof go in through access doors they shouldn't go through just to find out -- the Alexis Park had an extensive -- they're not like tunnels but there's basically ways to get around the convention space that only the employees knew. And then the Goons knew and then anybody the could open the doors that they never kept locked knew. And so it was pretty routine to try to find your quickest way through to get between talk to talk. Or get up on places like the roof or things like that. >> Yeah. It's been, you know as Def Con has grown and people like myself are approaching 50, it does make it you know -- all the sudden the appeal of -- I might actually fall through this, you know, all the sudden the appeals is a little bit lost. It's lost some of it's luster, but we can talk about some stories afterwards. >> Cool >> Did you have another question. >> No >> Ok. Cool. >> But I do not have a Handle either so. >> Ok we'll we're not getting -- you're not bumping the line buddy. >> Huh? >> Hold on. Alright so let's go ahead. This gentleman in the fancy haberdashery hat is going to introduce himself, probably not as I am Pasty. [Laughter] >> And try to get himself a Handle >> So five things about myself? >> Five things. >> Ok, alright, first thing is this is my second Def Con, I guess, that's a really shitty thing. I guess, I am -- I've been trying to get a Handle for awhile. I can never come up with a creative one unfortunately, I've gone by a couple. Let's see here. Speaking of getting on roofs I own a mag stripe read writer because I like drinking beer on the roof. I saw this up in the room and I was like, hey, they are giving out handles and I had enough beer so I thought it was a good idea to immediately sprint down here and try to do this, but I tried to buy a Handle on the way to trade you a Handle for a Handle, but they don't sell them in the store, unfortunately. And I'm probably going to stop rambling and let you -- >> Nah, nah, so far you haven't really told us anything -- >> About myself? [Laughter] >> Rambles! >> The best part about this is that you guys are so much better at this then I am. [Laughter] >> Rambles, go ahead slash Nick Rambles. Really, you are going to come up with a cat shirt. [Laughter] >> Why yes! Yes I am. >> Alright, go ahead. >> My question is, I saw a talk at Blackhat that scared the crap out of me. And while I was sitting and listening to the talk I started thinking of mitigations, for the talk. And I'm wondering if I'm able to come up with mitigations and would like to submit them to share them with other people. What's the best way of keeping my professional life isolated from my presentation life so to speak. >> Yeah, your Handle. >> I'm at the right spot for a solution! >> Yeah. There a lot of a different ways, but the easiest way is to truly distinguish yourself, you know, you can be passwod@gmail.com. It's no longer being used. [Laughter] >> The ah, you can, realistically what you want to do is be able to get -- most companies have some sort of bug submission or you know, a lot of companies, you might even consider this bug bounties, and there are different ways that you can disclose this in a reasonable way. It's certainly helpful. Also you're capable of speaking and being two different people because for a lot of us we might work for companies like Viking does, where you don't necessarily want to be associated with that organization and the organization probably doesn't want him to be associated with them. And so there's lots of different ways you can do it. And the easiest way is to start getting involved with the community and certainly approach the company -- if you have a mitigation something that can do it. Approach them, if it simply is a strategy then you might consider giving a talk about it. Write a white paper or something of that nature. If it is an actual fix then definitely you want to get with that company if it's a patch or something like that. >> Ok >> Alright? >> Thank you. >> Yes. >> I'm getting pulled off for other things. >> Hey, have a good time. Oh yeah I am, look at that. According to my storm trooper it's ten after six. >> Are we going to come up with a solution or no? >> A solution, do you want to come up with a solution? >> It sounds like I need a solution. >> Ok. [Laughter] >> I was under the impression -- >> I need a Handle. >> Oh, you need a Handle >> I need a Handle. >> The man needs a Handle. >> Alright. >> I'm in desperate need. >> Sky Talks? That's a horrible handle. [Laughter] >> As a solution. >> You know, Sky Talks actually is a good example, you know they have the lightning talks they have where you can just basically get up -- you can try a little improve talk. Yeah. Now if what you want to do is sit around and discuss this and come up with a solution, then I'm going to guess that -- >> The solution to my problem being that I needed a Handle. >> Ah, you need a Handle. Ok so. [Laughter] >> Go ahead and let's ah -- >> I guess the first thing is you commented on the shirt, yes there is a cat on my shirt. It's a mad cat and you're encouraged to join the revolution. I wore it because there was the cavalry talk and ah -- it's actually from a pet store in Madison Wisconsin. But the join the revolution struck a chord and I thought it was appropriate to wear it here at my third Def Con. Things about me? I'm a hardware guy. I;m a device physicist, I'm a programmer, play a lot of tennis, from Texas, we've got some other Texans floating around here. But I grew up in the mid-west. I'm not very interesting -- [Laughter] >> What's that? >> Tennis kitty. >> Tennis kitty. Yeah, no. We're not going to do that. >> Green balls. >> Fuzzy green balls no less. >> You know what? >> You are Green Bees. Green balls and you are GB. We are going to call you GB for short. >> GB, very good. >> Green Balls! >> Alright, Mister Orange. You wanted a Handle. And we're going to do one more and then I am going to go ahead and wrap this up. I will be happy to answer questions afterwards though. >> So I grew up hanging out a lot at Lawrence Berkeley Laboratory. And just my dad was an engineer there -- ended up sort of getting into the family -- family profession myself. Do ah -- learn hardware and embed systems and always done sort of software and system admin on the side. I'm a cyclist. Met another one who talked about growing up as kids of people in the national labs as bean brats. And let's see what else about me. >> Ten Speed sounds good. Now Berkeley is where they don't have lawn mowers, they have goats. >> Lab Rat. >> Come on. Lab Rat is good too. I am happy with Ten Speed. And Ten Speed is a good story -- has a good story behind it, so. We're going to go with Ten Speed. >> Thank you. [Applause] >> I do not need a Handle, I already have one. It's more of a story. >> Really? Let's hear your Handle and decide if you actually do have one. >> Well the story comes with the Handle. So, my first Def Con was 9. At the time I was an illegal so it was very difficult to come in here. I had to take the bus and I didn't speak English. So I made it. I didn't know anyone and I was afraid cause everyone looked totally different and I was scared. Prior to that I got the Handle because I was in LA and I ended up going to the LA 2,600 meeting. I didn't know anyone, so they asked me, well what's your Handle. And the first thing that came to my mind -- they had computers out there. And there was a plug and I said, that. So I just pointed to it and I said, plug. And that was it, so that was the only thing I could say. But so I was only in the shadows. So I know a lot of the people through faces, because I never really interacted with them. It was a problem that I had because I felt that I couldn't speak and I limited myself. So then I came to 10, 11 and still was illegal. So finally by Def Con 13 I got papers and I was so happy. So anyways, then I got a ride with a guy that was -- Strom Carlson. He was doing, Hacking the Asterisks and actually that Def Con, which I believe was the last one at Alexis, he did the mailbox, I think right? The switchboard? I think they had something like that. Anyways we were driving in the car and I was always scarred right, cause I was always taking the buses so no one could see me. And so this time he was driving too fast cause we need to get there early to setup everything and then. Woooo. Police. So he was like ahhhhh. He's all mad and pissed cause he needed to get in. Well I was actually trying to hide. Because in my mind I was still thinking like, prior to that. So this police officer comes in as is like, registration and what not. And I'm just sweating and shaking right? And he looks at me like what's going on? And I didn't really say anything right but in after -- for a minute I thought well wait a second I'm not worried anymore, I got papers. You know. So anyways we stopped and we took a break. And finally one day I decided I'm going to interact more with people. So what I decided to do is I went back home and I decided to tackle terminology and try to get it to pronounce it better. So when I talk to people they will not look at my mouth and then we will have a really good conversation. So here I am presenting my story and hopefully it helps people because another thing that I realized is through all the years one of the things that has striked me is, I could never see people from my own country. And I couldn't even see Latinos for a long period of time. And it was until recently when the first people I saw was from Spain then we got the guys from Argentina and then Columbia and so forth. But if it's difficult for someone like me it shouldn't be difficult for anyone that speaks the language. And you should not be afraid to do anything and I had probably a valid reason, didn't have papers or anything, but nothing should stop you from not making friends. And what I decided to do now is hang out at the bar and if someone wants a beer, I'll just buy them a beer and I have a conversation with them cause it's the only thing I can do. And try to break from not being social with people, but I try my best. So, just to end this thing the first person that I met in LA 2,600 was actually Noid. He used to run the Goons. The second person I met at the time, Lost, I think it was in LA cause that was the first person and I thought he spoke Spanish cause -- I started to communicate with him and the third person, that really intimidated me, it was Petty Lasterine. He's a huge tall man. Yeah. So, I was really freaked out cause he looked like a punk rocker and stuff. And I just thought oh my god this is going to be scary. So, but you can meet a lot of great people. Do interact with them. It's always fun and, you know, I'm glad that I became part of this culture. It's been life changing for me. I now work in security. I do things that I really like and I've learned a lot of this stuff from the people that I met through this conferences so. That's it. >> Thank you very much Plug. [Applause]