[anonymousjunior]

"random people" who with high probability may have undisclosed 0day exploits stockpiled on other devices.... yeah if I'm an APT author DEFCON attendees are (the hardest to exploit and most paranoid [read: likely to get caught by]) the ideal target for any nation-state. not to mention that the conference is often attended by multiple state agencies which makes the target even juicer. yes it's an extremely hard and dangerous group of people to attempt to exploit, but that doesn't detract from the potential value and payoff of a successful APT exploit on said group of people

[Godel_unicode]

That's not how Nation State actors work. One of the things that makes Nation State actors dangerous is they have the patience and resources to attack a high value target at the most likely to succeed point. Backing that up, they generally have the intelligence to know when that best time is. And they for sure know that it's not at defcon when everyone is, as you say, paranoid and on the alert. They're going to get you at home, at happy hour with your non-security friends, in that bar with the great but insecure wifi and no 4g.

[TallGuyShort]

Or they'll get you while you're in the security line at the airport on your way home.

[Godel_unicode]

I guess it depends which State we're talking about, but yes.