[tuvan]

Is people trying to hack the attendees a common occurrence at Defcon?

[om42]

Can be, the Wall of Sheep mentioned here is from the traffic on the DefCon network. General practice is to make sure at least your bluetooth and wifi are turned off. Realistically, no one is going to use a 0-day to hack into your personal phone.

[NikolaeVarius]

It's Defcon, so yes.

[snarfy]

So much so there is a 'wall of shame' projector posting attendees credentials for all to see.

[throwamay1241]

That's for unencrypted credentials captured going across the wire by the ops team. That's to highlight insecure comms not hack people.

There was an instance where someone used a wifi pineapple 0day to brick pineapples, which are considered script kiddie tools in many circles.

Generally nobody will waste a valuable 0day at defcon to attack a personal device. If you get popped it's probably because you're running known vulnerable software.

[robocat]

I think that should be "wall of sheep".

[jason0597]

Always treat Defcon as a dangerous place

[zaeirrka]

No its more of an urban legend. I'm sure there's some hijinks going on but I doubt the hotels would tolerate any kind of large scale malicious activity especially with all the unrelated people staying at the hotel

[ckwalsh]

DefCon sets up its own wifi networks, it doesn't use the hotel's wifi

[acdha]

Do you have sources for that? It’s unlike what many people who attend claim so I’d like to know what it’s based on.

[fortran77]

I concur. While I bring a "burner" phone and laptop, it's more so I have a scratch system I can play / experiement on than any real fear that a sensibly configured device is going to get pwned. I used my real phone and laptop during Defcon 27 last week, too. I do have bluetooth off, and I made sure I had no filesharing enabled, and the latest patches, etc.)

I've been to about 10 defcons, and I've never had a device pwned that wasn't a spare device I was playing with.