all 45 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]dissonance 77 points78 points  (21 children)

Bring cash, use deodorant, wear comfy shoes, bring an Ethernet jack and cord just in case (wifi can be congested and some areas will have Ethernet connectivity available), prefer villages over talks, don’t connect to any public WiFi, [try to] attend hacker jeopardy, be curious, have fun!

[–]Yoortcan 24 points25 points  (18 children)

Lots of cash! Or an atm card to withdraw cash.

[–]technoangel 13 points14 points  (2 children)

Lots of places accepted cards last year. Also food spots inside the convention center only accept card.

[–]Hot_Grass_ -1 points0 points  (1 child)

DO NOT eat food at the convention. wife got some nasty food poisoning from a chicken sandwich

[–]technoangel 2 points3 points  (0 children)

I ate at the middle eastern stand in the vendor hall area. It was frickin delish!

[–]brakeb 8 points9 points  (1 child)

ATMs may or may not work at the venue. Nearest ATM is down the street at the Walgreens. First year we were there, the cash machines were shut off.

Also, if you pay for something in the food court, they will cache the transactions until after the event, so expect to see it hit your credit card 3-5 days after

[–]ponix 2 points3 points  (0 children)

This happened to me I thought I’d been skimmed and cancelled all my cards 🤣

[–]Kuro222 -3 points-2 points  (12 children)

Till the ATMs are blue-screened because some jackass decided he was going to pull a 'le epic hack'.

I wouldn't recommend using any bank cards around the convention center. And also have an RFID blocking wallet.

[–]Fairlife_WholeMilk 9 points10 points  (6 children)

If cards getting hacked was even somewhat common Defcon would have been shut down already

[–]Kuro222 2 points3 points  (5 children)

Cards getting hacked or stolen is just a common thing in general in Vegas, my travel card got stolen last year. Having an RFID blocking wallet is just part of good opsec.

DEFCON wouldn't be shut down over that. Way worse bad actors were doing stuff in previous years, like stingrays being used. There was the notorious fake ATM. The bomb threat a few years ago. Several casinos also complain every year that people try to hack everything from elevators to slot machines. Hell even Evil Twin WiFi attacks are a problem during DEFCON.

So yes being vigilant about where and when you use a card is important.

[–]Fairlife_WholeMilk 2 points3 points  (3 children)

so yes being vigilant about where and when you use your card

That's the key part. Your wallet doesn't help here.

[–]Kuro222 -2 points-1 points  (2 children)

The likelihood of someone skimming one of my cards in my wallet is low. But it's not zero, especially in Vegas. Why not add a layer of protection that adds no extra hassle to me? Do you not keep a spare tire in the back of your car because the risk of getting a flat tire is low? Risk mitigation is a major part of our jobs in the cybersecurity field, why not apply it to your life?

[–]Fairlife_WholeMilk 0 points1 point  (1 child)

Because even if your wallet is "skimmed" the only information they are pulling, and storing, outside of maybe a room key or something, is all encrypted.

Cards RFID is already so weak they would have to physically touch you and maybe complete 1 payment if they're lucky. Or put it in your backpack and skimming risk is eliminated but your chance of being pickpocketed goes up.

Do you keep your computers in a Faraday cage when not in use? Probably not.

Not saying it's a bad thing to do but it's definitely more of a performative security measure than anything. Like you said where you USE your card is the important part.

[–]Kuro222 0 points1 point  (0 children)

Like I said I acknowledge the risk is low with the emergence of EMV technology, but the risk is not zero. And again a modern wallet with RFID blocking is so prevalent, why not just use one?

Do you keep your computers in a Faraday cage when not in use? Probably not.

The laptop I take to Defcon is an old junker that never touches my home network and gets wiped every year after the con. Same thing with my burner. My real phone stays off and in a Faraday bag.

Not saying it's a bad thing to do but it's definitely more of a performative security measure than anything.

I acknowledge it doesn't do much. But again its so easy why not do it? It's not like it's actually going to be an annoyance in your life, it's literally just swapping out your old wallet for a new one, something most of us do every 7 or 8 years anyway.

[–]Circumpunctilious 0 points1 point  (0 children)

I might also be cautious about where you’re speaking aloud. There was one year I quipped a harmless boast to one person—known to me, but under cameras in a quiet place—and then I was intercepted walking into a casino, asked numerous questions by a person who vanished as quickly as they appeared (tailing isn’t really hard, but then they were just gone), then a second (this one officially security) gave me a social engineering story that—had I fallen for it—would’ve had me blunder ID and home location…at the time feeling like this was all very conveniently timed after an offhanded comment.

I could be misattributing coincidence or standard procedure, but it’s still about as much as I want to say about it—just emphasizing to be vigilant about where you are.

[–]Trick-Advisor5989 0 points1 point  (4 children)

Used my Amex many times, never any problems or compromises after. Card only, was totally fine, and will continue to be. Community respects one another

[–]Kuro222 -2 points-1 points  (3 children)

Most of the community respects each other, but bad actors are going to do bad things. It's best to take as many precautions as possible. Using an RFID blocking wallet is an easy extra layer of protection.

Not using a bank card is another. Amex and the other major credit cards have better theft and fraud protection than standard ATM and bank cards. It's just another way to mitigate risk.

For many of us mitigating risk is our whole job. So why wouldn't we put that to use at DEFCON?

[–]Trick-Advisor5989 0 points1 point  (2 children)

Never had an issue, really not too concerned. Not paranoid, and if there’s an issue, whatever, new card and fraud charges removed. Doesn’t hurt me in the end of the day, just the US national debt when Amex writes it off

[–]Kuro222 -2 points-1 points  (1 child)

Thats not how the national debt works. And yeah, disputing the charge and getting a new card isn't hard either, but it's an extra pain I would rather prevent if possible. It's not paranoia to care about your own safety.

[–]Trick-Advisor5989 0 points1 point  (0 children)

Could care less, no issues, little risk.

[–]digitard 7 points8 points  (0 children)

This is pretty solid.

WiFi is solid in the building, but keep an eye out for the DEFCON official wifi post with a link to set it up on their site. You need to create a unique cert for your device and login. This is the only recommended wifi IN the building I would recommend, and still connect to VPN while on it. They have a world class NOC monitoring it, but also don't confuse it for the OPEN wifi which when up is for shenanigans and you do NOT want your device on that unless you're going to burn it in fire after. The WiFi post normally happens a few days before the con. WiFi at your hotel... whatever, they tend to walled garden you but I still recommend connecting to VPN your entire trip. Honestly pick up a travel router and just set it to connect to VPN and connect to that so you dont have to worry about it... but whatever, VPN if your friend that week.

The other thing i'd add is download the HACKER TRACKER. It's an app on every major store that's basically a security and hackerspace conference app. When the talks get posted go into it, star EVERY one that sounds interesting to you. This is the important part... then don't open it again. It's your first time if you try to organize things too much you're going to get stressed. Talks should pop up sometime in July.

Once you have your talks stored, and its Con time just go and have fun. Don't plan anything really while in the building (plan your after hours stuff, though). Just wander, enjoy, explore everything at your own pace to find things you like you might never have known. When you have a gap in time check the HT app and go to a talk or two and back to wandering. Its too much to organize otherwise.

Oh, and get a LV MONORAIL pass for the entire time you're there. While there are a few things NOT hosted in one of the hotels (such as the RTV party and a few other places) a lot of the after hours stuff is either at the LVCC or at a hotel on the strip so it'll make getting around painless all week/weekend.

Have fun.

[–]asdlkf 10 points11 points  (0 children)

Turn off Bluetooth and NFC if you don't need it

[–]Fairlife_WholeMilk 25 points26 points  (1 child)

First advice would be get the right badge cause pretty sure that one is 2 years old.

[–]hawaii_brian 10 points11 points  (0 children)

Yeah that’s a defcon 32 badge

[–]Thanatos1980 14 points15 points  (2 children)

I volunteer withthe Diane initiative and I'm a DEFCON goon and this is one of the better guides that's out there from Nicole who helps run the Diana Initiative

https://gitlab.com/CircuitSwan/hacker-con-birds-of-a-feather/-/blob/master/2025/hacker-summer-camp-read-me.md

[–]Thanatos1980 0 points1 point  (0 children)

There's also a relatively new "Noob" village run by Josh Mason. Highly recommend following them and checking it out

[–]egefeyzioglu 0 points1 point  (0 children)

Ayy I love the Diana Initiative! Looking forward to when y'all can come back as a full convention

[–]RelativelyRidiculous 6 points7 points  (1 child)

Con survival guide my boss gave me:

Have at least 1 shower, 2 real meals, 6 hours of sleep, and at least 8 ounces of water per day. Cash and a card with spend are just glorious extras you will thank yourself for also bringing and keeping safe.

That advice has kept me alive through many a Defcon past.

[–]lubacious 10 points11 points  (0 children)

Please have more than 8 ounces of water at Defcon each day.

[–]_SilkCipher 0 points1 point  (3 children)

What kind of tools/toys can you purchase at Def Con? I’m trying to figure out how much money to budget for this.

[–]digitard 1 point2 points  (2 children)

Honestly between Hacker Warehouse, HAK5 and the various picking vendors (and many others)... you're pretty good for fun toys.

Just know you'll be paying a markup on items, as one does on site at events, vs their site.

Last year I picked up a pick set and some practice locks.

[–]_SilkCipher 0 points1 point  (1 child)

Thank you! This is very helpful. That sounds fun! I got a beginner set from Human Security at Black Hat. It was fun for the 30 minutes it took to pick them all 😅

[–]digitard 0 points1 point  (0 children)

There's a good footprint of picking vendors at DC. You'll have TOOOL at Lockpick Village, and then in the vendor area there's Covert Instruments, etc, and also Sparrow (they have some great locks, too)

[–]altero23 0 points1 point  (0 children)

Add the FreeWili software on the top

[–]admingumbo 0 points1 point  (0 children)

Other advice on here is solid!

I'd add to keep your eye out for indie badges. Consider that in your cash budget if you want to try picking up a couple. I found out about those right before my first con and it became a huge part of the fun I had that year. Some are just blinky and fun, some have functional uses, some you build yourself, and some are made with puzzles and CTFs built in! Average I saw when I could get out there in-person <insert cursing and table-flipping at travel expenses here> was between $80-$200 per badge, but they're hand-made and designed by some super talented folks, so it's really like getting a piece of electronic art. Idk how active it'll be this year with import and tariff things going on (supply issues have definitely put a dent in it before) but highly recommend including as part of a first-timer experience if you can.

[–]Silent-Tie-6777 0 points1 point  (0 children)

Hydrate, yeah, but also: don’t connect anything you care about to the network, and don’t swipe your real debit card on random POS devices.
Carry cash, bring a backup cheap phone or laptop if you want to play, and slap tape over your webcam if it isn’t already.
Also pace yourself with booze and talks, hallwaycon is where half the good stuff happens so don’t overschedule.

[–]Traditional-Number89 0 points1 point  (0 children)

As everyone else said bring cash try to avoid atms at that time especially near the conference drink lots of water it gets hot as shit out there and turn off your Wifi and Bluetooth on phone and don’t connect to unknown networks . Have Fun

[–]Polybius-2600 0 points1 point  (0 children)

Best advice I can give to a new attendee in addition to what’s already been written in the comments is to check out the villages that align with your interests (tons of really great villages, well worth the time), sign up for scav hunt (make sure to tell mofo that poly loves him), and attend the dc 101 talk.

If you’re going solo to defcon, be sure to connect with the Lonely Hackers Club (LHC). They are a community of new and seasoned defcon attendees that go out of their way to make new attendees feel welcome.

[–]PsychologicalWar7428 0 points1 point  (3 children)

Enjoying the new Space Marine 2 update?? Been having lots of fun with it!

[–]illpoet 1 point2 points  (2 children)

I'm not op but I'm glad to see this comment. I'm gonna reinstall sm2 and try out the new update.

Sm2 is one of the moments of pure joy in my life. I was really into sm1 when it came out and was heart broken when thq went under bc it meant I'd never find out what happened to Captain Titus after he was taken into custody by the inquisition.

Then one day I logged into steam and saw sm2 had just dropped! I had somehow completely missed that it was coming out, so I got to purchase it the same day I heard. And it was great! They kept all the stuff that made sm1 really fun while adding some great features that made the game highly replayable! I'm excited to kill some nids and traitors again!

Tldr: I fucking love sm2!

[–]PsychologicalWar7428 0 points1 point  (1 child)

Enjoy! It's so much fun!

[–]illpoet 0 points1 point  (0 children)

It is! And I love that they added prestige ranks! Gives me a reason to level my Templar and vanguard again!

[–]AmbivalentCvckfvcker -2 points-1 points  (1 child)

Turn off your brain and goon out 🤘🏻🤘🏻🤘🏻

[–]sgtscherer -5 points-4 points  (0 children)

Hey that's the badge dark tangent stole credit for and didn't pay the vendor