HACKER DOUBLE SUMMER 2022 GUIDES — Part One: Surviving Las Vegas, New York City & Virtually Anywhere

DCG 201
34 min readJul 5, 2022

--

Welcome to the DCG 201 guide to Hacker Double Summer! This is part of a series where we are going to cover all the various hacker conventions and shenanigans at the start of July to the end of August both In Person & Digital! 2022 is a GIGANTIC year for hacker hysteria with so many events this will break the most guides we have ever written with the lucky number 13 as the goal. As more blog posts are uploaded, you will be able to jump through the guide via these links:

HACKER DOUBLE SUMMER — Part One: Surviving Las Vegas, New York & Virtually Anywhere

HACKER DOUBLE SUMMER — Part Two: Capture The Flags & MLH INIT Hackathon

HACKER DOUBLE SUMMER — Part Three: SummerC0n

HACKER DOUBLE SUMMER — Part Four: ToorCamp

HACKER DOUBLE SUMMER — Part Five: A New HOPE (HACKERS ON PLANET EARTH)

HACKER DOUBLE SUMMER — Part Six: SCaLE 19X

HACKER DOUBLE SUMMER — Part Seven: Back2Vegas by RingZero

HACKER DOUBLE SUMMER — Part Eight: BSides Las Vegas

HACKER DOUBLE SUMMER — Part Nine: Black Hat USA

HACKER DOUBLE SUMMER — Part Ten: The Diana Initiative

HACKER DOUBLE SUMMER — Part Eleven: USENIX + SOUPS

HACKER DOUBLE SUMMER — Part Twelve: DEFCON 30

HACKER DOUBLE SUMMER — Part Thirteen: Wiki World’s Fair

HACKER DOUBLE SUMMER — Part Fourteen: Blue Team Con

HACKER DOUBLE SUMMER — Part Fifteen: SIGS, EVENTS & PARTIES IN LAS VEGAS

So first off lets answer the question…what the f%@k is “Hacker Summer Camp”…and why is it Double Hacker Summer this year?

The term “Hacker Summer Camp” is a nickname for the crazy time in the summer where three computer security conventions: BSides Las Vegas, Black Hat USA and DEF CON take place during the entire week. Due to the literal overlap of activities, locations, speakers and organizations the term was coined to summarize the entire week.

We don’t know what was in hacker’s Jolt Cola in 2022 but July and August are chock full of the most hacker conventions & gatherings we have seen since Hackers On A Plane. Because of this, we are going full ham on making guides to some of the biggest & most interesting conventions with tons of variety where anyone can find what they enjoy and feel comfortable attending.

A NOTE ABOUT TOORCAMP & EXPLOITCON: ToorCamp takes place in Washington State and ExploitCon takes place in Reno. Therefore, exclusive details about each respective location will be noted in their guide sections.

We also have to deal with the rise of new diseases and despite transitioning to an epidemic, COVID-19 is still causing issues. Because of this, some conventions will be online only, some will take place in person and many will be a hybridization of both. Many will have sanitary protections in places such as mask wearing and social distancing to counter such threats.

And if you have been living under a rock here is the “new” kid on the block…

Monkeypox (MPX) is a virus related to smallpox. Since May 2022, hundreds of cases have been identified outside of the endemic regions for the first time. In the United States, we currently have confirmed 21 cases and rising. So far, all cases outside the endemic region have been mild (a rash) and self-resolving. There have been no deaths. If you diagnose your MPX early, there are treatments available and you can access vaccination for your close contacts to help keep them safe.

Monkeypox is spread by extended, close physical contact, including but not limited to sex. Skin touching and kissing in addition to sex can be higher risk behaviors. Shared sex toys, sheets and clothes can also spread the virus too. Symptoms of MPX are variable and can be similar to STIs like herpes or syphilis. Sometimes, but not always, the skin rash is preceded by a flu-like illness with fever and swollen lymph nodes. In this current outbreak, skin lesions are commonly found in only one location, not the more typical general rash. Lesions can be found on the mouth, genitals, or anus (including internal), including a single site or lesion. People are infectious for the duration of time they have skin lesions (at least). Images of the MPX rash can be found here and attached.

If you exhibit any monkeypox symptoms, you should avoid large gatherings and see your healthcare provider or an Vegas/NYC STI clinic. You may have to advocate for a monkeypox test as some providers are not aware of the situation. You may need to provide your clinician with the contact information for their state public health department and/or the CDC (CDC Emergency Operations Center (770–488–7100)), which is currently coordinating all MPX testing (we’re working on it).

Molecular research indicates that these 21 MPX cases actually represent three different MPX variants. It’s likely that this virus has been spreading, undetected, for months or even years in the US. We are currently completely unaware of the scale of this outbreak, but it is certainly larger than the current 21 cases. Risk awareness and symptom monitoring are essential to keep our community of hackers safe and thus we have provided information below to better evaluate your risk assessment and threat model for your travels:

UPDATE ON THE MONKEYPOX/COVID-19 SITUATION IN LAS VEGAS & NEW YORK

Since some of the events are hybrid meaning physical in-person meet ups, it is up to you based on your knowledge and evaluation skills on if you want to attend in person or not. Most in-person meets up still require masks to be worn and to practice social distancing.

This may make you want to attend many if not all these conventions virtually. In that case…

VIRTUAL VEGAS/NYC AND NOT GOING INSANE STARING INTO THE SCREEN ABYSS

VIRTUAL COMMUNITY CONNECTIONS

During these uncertain times, DCG 201 is providing some tools for the Community to connect and stay healthy. Keep checking back, as we will be regularly updating the information below and providing opportunities to engage with your fellow InfoSec professionals.

WAYS TO PROMOTE WELL BEING

  • Connect — have frequent meetings, arrange one to ones, talk to someone instead of sending an email, connect with Community Groups (SEE BELOW)
  • Be active — sports teams, go for lunchtime walks, organize fitness competitions
  • Help others — awareness days, education, good deed feed
  • Take notice — look out for how your colleagues are feeling or acting, visit a new place for lunch
  • Keep learning — share product knowledge, tune into previous Hacker Summer Camp presentations, play online games in our guides & check out the latest #VirtualVegas info on the DCG 201 Twitter

TIPS TO MANAGING STRESS

  • Walk away from your desk and have a stretch
  • Have a quick burst of exercise
  • Do some breathing exercises (slow deep breaths)
  • Listen to relaxing music on your headphones at your desk
  • Have some ‘me’ time to recuperate your thoughts
  • Make an effort to attend social events after work
  • Call a friend when you have a few spare minutes
  • Have your lunch break with other colleagues
  • Monitor your well being with an app

Feeling lonely or overwhelmed and not sure what resources are available — check out this list of resources from Mental Health Hackers.

NETWORK WITH FELLOW INFOSEC PROFESSIONALS

CSA — Join CSA’s global community Circle that facilitates resources and security discussions.

ISC2 — A platform from ISC2 to share your cybersecurity knowledge and experience with other pros.

WSC — Gain access to educational tools, study groups, workshops and networking opportunities, as well as special discounts on respected training, certifications and education programs.

WISP — Their mission is to advance, advocate for, and increase the participation of women in the Privacy and Information Security fields.

COVID-19 RESOURCES FROM THEIR PARTNERS

JOIN A VIRTUAL MEET-UP OR PARTICIPATE IN COMPETITION

Recommended Apps

Headspace

Guides you through mindfulness mediation, which can help reduce stress and worry.

Andrew Johnson

Teaches relaxation and coping skills in various situations, including an app to guide you through relaxation exercises that you can do in a coffee break.

WRAP

The Wellness Recovery Action Plan is a self-designed prevention and wellness process that anyone can use to make their life the way they want it to be.

https://itunes.apple.com/gb/app/wellness-recovery-action-plan/id657937563?mt=8

Relax Melodies

A popular free relaxation sound and music app to help you fall asleep or just to switch off. Mix and match nature sounds with music, lay back and listen.

BellyBio

Teaches a deep breathing technique useful in fighting anxiety and stress. A simple interface uses biofeedback to monitor your breathing.

WhatsMyM3

M3 is a confidential screen that reveals an overview of your potential risk of anxiety, depression, bipolar disorder or PTSD and prevention strategies.

https://itunes.apple.com/app/whatsmym3/id515945611?mt=8

MOVE YER BUM

BODY

MIND

HEALTH

Oh and uh…

GO OUTSIDE FOR A MINIMUM 10 MINUTES PER DAY DAY EVERY TWO HOURS!

A reminder what outside looks like…we think…

If you do attend in person here are some other non-Plague related things you might want to know:

WHAT TO PACK FOR YOUR TRIP?

Here are a few items that you should pack for your trip:

— Hygiene Products: Travel Toothbrush, Toothpaste, Deodorant, Lotion, Hair Products, ect.

— Appropriate Nevada Summer Clothing: We will deal with this in the next section.

— Hacker Tools: Burner Laptop, Burner Phone, Multi-Tool, Hacking Wears and Tools, Lock-picks, Micro-controllers, Portable Sewing Kit (serious), ect.

— Business Cards: You will be doing a ton of networking at any of these events so make sure you have something to give to people to remember you by (and note, diseases don’t count!)

— Reusable Water Bottles: Vegas gets super hot, in August it can peak at 107 Degrees F so you should make sure you have water on you AT ALL TIMES!

— Cash: Leave your credit cards in your RFID Wallet, make sure you set a budget for yourself and before the trip take that amount out of cash for you. Not only is cash easier to use in a pinch but you can make sure you bank account is safe too! We also recommend to not use Cryptocurrency at the convention but if you must make new accounts, transfer your coins there and make a Crypto-Paper Wallet to bring with you (and guard it with your life) instead of using an app on a device.

— Medication: Bring a First Aid Kit or something containing Band Aid, Headache Medicine, Earplugs, Swabs, ect. Also, any medication you need to survive normally would be a good idea to take with you. Also, condoms. Because Vegas…

— Entertainment: Break out that Nintendo Switch, Smartphone game, Downloaded Movies and even more useful, a book.

— Con Guide: Before your trip, you should look at the con schedule online, copy and paste all the things you want to see plus the date and time of each activity into a document/spreadsheet. Then, print out two copies and carry them with you. Most conventions can give you a guide but in case they run out, you loose it or don’t have it on you having a personalized planner will help in this.

— Notebook: Again, you will be doing a lot of networking and you also might get inspiration while interacting at the convention. Bring a small notebook and pen (graph paper FTW) to jot down ideas, phone numbers, IP Addresses, still art sketches or whatever floats your fancy to document.

DO NOT BRING:

— A Bad State Of Mind: You are here to learn new things, network, relax and have fun!

USEFUL RESOURCES FOR GEAR, WEARS & ADVICE:

HOW TO DRESS TO NOT MELT IN NEW YORK OR NEVADA’S CLIMATE:

Ever seen the film Fear & Loathing in Las Vegas?

Ironically the main character of Raoul Duke’s (based off of Hunter S. Thompson) odd fashion choices is a good overall idea for how to dress in Vegas:

This might look strange but remember, Nevada is VERY HOT even in August. Again, temperatures can peak at 107 Degrees F so you will want to dress for such brutal desert weather, especially in contrast to the super air-conditioned interiors of Vegas buildings.

TIPS FOR OUTFITS IN NEW YORK:

While not as hot, New York also can get very hot during the daytime with the temperature in the 80’s or 90’s. At night things can cool down between 50 to 70 degrees and unlike Nevada we also can have light to heavy rainstorms. Make sure you have a hot light outfit and a more robust outfit when it gets cold. And bring an umbrella/rain poncho just in case of falling water from the clouds or air conditioners!

Holographic Umbrella: https://www.amazon.com/Hipsterkid-Holographic-Umbrella-White/dp/B079ZB85BS/

Umbrella With Built In Fan: https://www.amazon.com/exec/obidos/ASIN/B092HGJJ3Q/20140003-20

UV Reflective Umbrella: https://www.amazon.com/Suck-UK-SK-UMBRELLAREF1-Reflective/dp/B00EOTBCEG/

Here are some for both environments:

— Loose and Airy Clothing: Don’t bring anything tight fitting. The optimal ideal are loose T-Shirts/Blouses with Shorts/Skirts/Kilts. Something that hangs and that air will flow through. Try to put two or three finger through the sleeves or hug points while wearing it, if you can’t fit them or it’s snug, then it’s not loose enough!

— Storage: Make sure your pants ideally have cargo pockets or bring a Purse of Backpack that has Zippers or Secure Snaps, NOT MAGNETS (how do they work?) Reason being that although uncommon, pick-pocketing does exist in Vegas and this will be the most resilient to their attempts.

— Cover Your Head: Even if you don’t normally wear a hat, please go out an get one. It can be any kind as long as it can loosely and comfortably cover your entire scalp. Remember, your scalp is the most sensitive 0day on your body where heat can escape easily and most of your blood vessels are exposed the pounding sun near your brain. You can also optionally wear a visor to block out the sun.

— Shades: They are not just there to make you a 1337 H@X0R like Neo or Trinity, Vegas is not only hot but BRIGHT and you will want to protect your eyes from the harsh sunlight at all times. Plus the harder it is for the camera’s with AI’s to figure out who you are on Facebook the better.

— High FPS Sunscreen and Lip Balm: Again, Vegas is HOT and BRIGHT so those harmful UV rays will damage your skin. Get yourself a good sun screen, we recommend something at 50 SPF and NOTHING OVER IT (the value over 50 SPF is negligible and Sunscreen from the USA protects less from UVA rays than UVB rays). In addition, wear a comparable lip balm to lock in moisture and protect your lips from the elements, moisturize and lotion every night and try to stay in cool areas or shade and NOT outside for long periods of time. If you don’t have a clue on what to shop for, here is a great list of sunscreen options:

— Anti-Swamp Ass Undies: It’s going to be hot out which means you will form Niagara Falls with the sweat running into your but crack and your genitals will feel like they came from a horror movie. DO NOT WEAR COTTON UNDERWEAR! Not only will it chafe and cause skin reactions but it’s absorption will make it feel like you are wearing a diaper that’s also a waterbed. Instead look for nylon boxers/panties and look for specifically designed ones for heat flow and antiperspirant. A good brand is Ex Officio which you can find BOXERS HERE and PANTIES HERE

— Comfortable Shoes: You will be doing a lot of walking. Repeat: A LOT OF WALKING! And we know how awesome those Armani Suides or Vajazzled Stilettos are with your executive playboy look (you can reuse them later, see below) but they will kill your feet after 30 minutes never mind 16+ hours of going up and down elevators, across vendor halls, between workshops or talks and never mind the dance floor! Make sure to wear the most comfortable worn in shoes you can, ideally sneakers. You can always change into something else later in the day, in fact, having a pair of slippers for your hotel room would be a great idea.

BONUS: Wear a pedometer or set one up on your smart device, check it every night or on the flight back from the con and you will be SHOCKED how much you walk. Here is data on how much our Co-Founder Sidepocket walked during the Circle of HOPE hacker convention in New York City for comparison:

…and remember, Hacker Double Summer Months is 30x the size of The Circle of HOPE!

Finally, we have three specialty outfits we recommend to bring in addition to your normal con look.

BUSINESS OUTFIT — This does not have to be a full suit, just a loose polo or button down shirt and some business slacks with nice comfy business shoes for masc looks and a light designer dress with open toed shoes for examples of a fem look. There are a lot of jobs and professional information security events around, so make sure you do research into what type of event you are attending and if it’s more corporate you have a look that matches.

SWIMWEAR OUTFIT — Either a swimsuit or water resistant clothing with NO electronics so you can hang out near the pool at your hotel and at parties.

PARTY OUTFIT — This is where your creativity can go wild and wear that crazy LED light up bondage gear with wings or that fur-suit you have buried in your closet. Since you only be dragging this out at night time during parties and gatherings, you can comfortably be in this get up while not killing your body out there, just make sure to take breaks to rest and stay hydrated even at night!

RESOURCES FOR AWESOME HACKER CLOTHES:

https://mfdiydesigns.com/

HOW TO FORTIFY YOUR DEVICES TO NOT GET HACKED

So here is a conundrum.

You are here to attend a hacker and information security convention. This involves tech. You are a tech person. You want to bring your tech.

BUT.

Again, it’s a hacker and information security convention. There will be so much shenanigans, traps, pitfalls and malicious activity that you don’t want to end up as part of someones security research paper.

So obviously, we are not going to tell you to leave your tech at home. How boring would a hacker convention be without technology? (Answer: It would be the RSA Conference.)

Instead, here are a few tips that will help your tech survive the experience. Remember, these are not uber 1337 hacker proof ninja skills, everything and anything can be exploited and hacked. However, these tips will help out during the journey to make sure your head is more focused on the connections and learning and not in the debugger or data recovery process:

DO NOT BRING YOUR PERSONAL AND/OR WORK MACHINES TO THE CONVENTION!!! We can’t stress this enough, if you bring the machines you use (laptop, tablet, smartphone, servers, micro-controllers) to any of the conventions you are putting all your work and personal data at risk, even if you do back ups. Furthermore, you risk taking an compromised machine of unknown origin back to your work network or personal network which can be further damaged and 0wned.

Instead, use Burner Equipment.

When purchasing a burner device, we recommend getting one as new as possible. The software and firmware of mobile devices are only supported for a limited time, so buying new extends that lifespan as much as possible.

Avoid buying phones from mobile network operators. These often have a locked bootloader and do not support OEM unlocking. These phone variants will prevent you from installing any kind of alternative Android distribution.

Be very careful about buying second hand phones from online marketplaces. Always check the reputation of the seller. If the device is stolen, there’s a possibility of IMEI blacklisting. There is also a risk involved with you being associated with the activity of the previous owner.

A few more tips regarding Android devices and operating system compatibility:

  • Do not buy devices that have reached or are near their end-of-life, additional firmware updates must be provided by the manufacturer.
  • Do not buy preloaded LineageOS or /e/ OS phones or any Android phones without proper Verified Boot support and firmware updates. These devices also have no way for you to check whether they’ve been tampered with.
  • In short, if a device or Android distribution is not listed here, there is probably a good reason, so check our discussions page.

BURNER PHONES

BURNER COMPUTER EQUIPMENT

SECURE PHONE OPERATING SYSTEMS:

PHONE OPERATING SYSTEMS FOR ADVANCE HACKERS:

ANDROID OPERATING SYSTEM HARDENING

ANDROID PRIVACY, SECURITY & HACKING APPS

LAPTOP & DESKTOP DEFENSIVE OPERATING SYSTEMS

LAPTOP & DESKTOP OFFENSIVE OPERATING SYSTEMS

OPEN SOURCE PRIVACY & SECURITY SOFTWARE

…and THAT’S NOT ALL!

— Regardless of what desktop operating system or programs you use make sure that before you go to the con you update them to their latest versions. Most exploits are found in earlier versions of code, thus the older your digital devices and their software are, the more of the attack surface will be available to malicious hackers.

— Charge your equipment with either Power Only USB Wires (how to covert an existing USB Cable into Power Only) or use USB Condoms. This is to ensure when you plug into something to charge you are only using power and not transmitting any data. Use backup battery chargers and replacement batteries for equipment whenever possible in leu of charging via outlets. DO NOT use one of those Device Charging Kiosks where you leave your device in a glass cabinet as you charge, they have been known to be spoofed to steal your data.

— Try to obtain and use pre-paid hotspots if possible on a 4G line to make calls and use cell data. In addition to encrypting your phone, make sure you configure your phone to connect to your pre-paid hotspot and not cell towers. During Hacker Summer Camp, cyber criminals are known to set up fake cell phone towers (HACKADAY guide to how to spot fake cell towers) for your devices to connect to and make it spit information you do not want them to know…

These screenshots show a scan for Cell Phone Towers before Defcon (left) and during (right). Notice the fakes? Images: Geoffrey Vaughan

— Use Tor (or i2p or a VPN) configured to FULL TUNNEL, including DNS look up. We also recommend in using the AES Algorithm to traffic data you want to send and networks you want to connect to. Beware when connecting to the con’s WIFI, while the NOCs (Network Operation Centers) of each con do a fantastic job to try to create things safe, their will be open warfare by bad hombres all over these networks and the wifi provided by the hotel will be worse. If you have to connect, try to get a wired connection if possible so you don’t also open yourself up to general wifi and bluetooth attacks. Also, if you go on the web make sure you have your VPN on in Privacy Browser Mode.

WEB BROWSERS:

MESSAGING PLATFORMS:

Beginner:

Advance:

VPN:

WARNING: Using a VPN will not keep your browsing habits anonymous, nor will it add additional security to non-secure (HTTP) traffic.

If you are looking for anonymity, you should use the Tor Browser instead of a VPN. (SEE BELOW)

If you’re looking for added security, you should always ensure you’re connecting to websites using encrypted DNS and HTTPS. A VPN is not a replacement for good security practices.

If you’re looking for additional privacy from your ISP, on a public Wi-Fi network, or while torrenting files, a VPN may be the solution for you as long as you understand the risks involved.

Beginner:

Intermediate:

Advance:

— A cool idea that is not required for your desktop OS, you can also run a firewall on your laptop via a VM (Virtual Machine) that will isolate your trusted host. Do note that while this in a more advance technique and is difficult to set up and for red team to hack, there are hackers that know how to manipulate hypervisors to break this method. Remember, when you are at a popular open convention, trying to connect to anything is a risk!

HOW TO FLY AND NOT GET MOLESTED BY THE TSA

This should hopefully be the worst part of your trip, getting there. Some will try to drive there (like our Co-Founder GI Jack because he is not right in the head and from New Jersey to boot) and others will take more unorthodox means of getting there. Most of you, are most likely to fly there via an airline. Besides some general knowledge of airline tips, here are some additional tips that are unique to going to Hacker Summer Camp.

— Make sure to pre-charge all your devices you are going to use and bring before the flight. This sounds like a no-brainer but while many airlines do have power plugs many still don’t (especially on the plane) and they also might be fully occupied by your other travelers. Make sure all your devices are powered and ready to go so once you get off the plane you can hack right when your feet touch the ground!

GET TO YOUR FLIGHT ON TIME! Again, a no-brainer but an important one. Airlines are very fickle about times, and you should show up at least a half an hour before your flight if not earlier. It can be difficult to reschedule your flight and often later times are many hour later delaying everything. Now if your flight is delayed, raise hell-erm-don’t hack the airport (we don’t support that idea) just complain to customer service and the airline until you get what you need.

DO NOT BRING WEAPONS, DRUGS, EXPLOSIVES OR ANY OTHER SCARY LOOKING THING ON A PLANE!!! In addition, try not to code or do network ops while in flight. We have heard too many stories of friends trying to remote tunnel into their network while flying only to be thrown in a room with blue gloves groping them because the airline staff thought they were ISIS hacking into the Pentagon.

— Here is are two tips to secure your luggage. First, DO NOT USE TSA APPROVED KEYS AND LOCKS. Get your own locks, you can reach out to your local TOOOL Chapter or contact them online and they will give you advice on what to do. Here is a talk by Nite0wl, JohnnyXmas and DarkSim on why TSA locks are a bad idea (HINT: Nite0wl dropped a 0day on the “safe” skies travel locks). Second, if you are an American who legally owns a FIREARM, you can use that firearm to store other valuables you don’t want to get lost. You can find more info on that via clicking this link for an amazing talk by Deviant Ollam on the subject of flying with firearms.

NOTE: Unlock your luggage before you check it on a plane. The TSA will simply cut the lock off your bag. Pack your lock in your bag, and then relock it when you get out of the airport.

— Make sure you have all your essential items that are valuable to you and/or you are going to frequently use on your carry on (and make sure they meet carry on standards). Sadly, luggage loss by airlines is a thing and we have known people who have lost thousands of dollars in equipment and clothes via their onboard stored luggage disappearing.

— This is also where those portable entertainment items will come in handy. Suggestions include your latest and favorite 2600 Magazine, the book Turing’s Cathedral by George Dyson, Mr. Robot Season 3 (look out for our Co-Founder Sidepocket’s cameo in the Hacker Space scene of Episode One) any Nintendo Switch video game or the DEF CON 29 Main Stage Talks and HOPE 2020 Talks (and please wear headphones!)

CHECKING INTO YOUR HOTEL ROOM AND LEARNING LAS VEGAS & NEW YORK CITY

So, you have finally arrived in Vegas or NYC at the hotel you have booked. You are not done yet! Here are some more tips once you got your room key card and have opened the door:

  • Secure all the stuff in your room. Pre-pack and organised what you are going to take with you to the con on different days, put the things away that will never leave the room and lock down physically or digitally anything you want others to have no or limited access to.
  • Load up your bluetooth war-driving, RF arrays, NFC sensors and other detectors to scan for bugs and spying devices in your room. Put all your devices not in use in Faraday cages and put stickers over any cameras and microphones on your devices. You can also bring with you (or buy there) from Bed Bath and Beyond a white noise generator installing it in a separate room on the far side of your abode to harbor electronics to prevent further spying. This can be a fun (and potentially dangerous) activity for you and your trusted contacts. Please do not destroy the fixtures and room you are in as a courtesy to the hotel. Who knows, you might even win Spot The Fed at DEF CON 30!
  • Also to make your room more secure, put towels and filler material in between the cracks of the door and windows to prevent outside in eavesdropping.
  • Reach out to your communication contacts with your burners. Develop before the con a system of trust among friends and colleagues that will be going with you to the con(s) or you will be running into so you have emergency contacts and safety nets for you and others in case of emergency.
  • Purchase Pre-Made Food or Create Your Own Food (Lunch and Snacks) before hand and pack them with you for each day of the convention. There is a reason it’s called Hacker Summer Camp, treat it like one! You will thank us when you are stranded in an area with no food and you need to eat or all the places around you are where a hamburger costs a new mortgage on your house! Again, make sure to bring multiple water bottles with you and reuse the bottles!
  • Put your room key card in it’s own Faraday Cage sleeve and keep it on your closest of persons AT ALL TIMES!
  • Caesars Honeywell Thermostat Hack by Snubs

This disables the room occupancy sensor and lets you lower the min temp.

> Hold down “display” button

>Press “off”

>Then hit the “Up” arrow

>Then release “display” button

  • Here is a cool trick that Edward Snowden used to alert him if someone broke into his room:

You Will Need:

>Pack of Soy Sauce

>Napkin

>Rubber Band

>Plastic Tumbler (or a drinking glass)

  1. Fill the tumbler 1/2 way with water.
  2. Draw a symbol or letter on the napkin with the soy sauce and put it over the top of the tumbler.
  3. Secure the soy sauce packet with the rubber band.
  4. Place the tumbler behind the door when you leave (but don’t forget that it’s there!)

If someone enters your room, the glass will get knocked over and the symbol or letter on the napkin will become unreadable, tipping you off that someone entered into you room with out consent!

This presentation will show you how to set up customized travel “trip wires” that operate over 433 MHz and fit in a small toiletries case. With a Raspberry Pi, less than $20 worth of supplies, and an hour of spare time, you can configure 4 or 5 sensors that will alert you if your favorite things are moved, opened, or disturbed while you’re away from the room.

— Explore the hotel and spend a night walking around the immediate hotel area and the overall Las Vegas strip and/or NYC Campus if you can. Important things to map are shops, fast food places, bars, banks, security surveillance and other important points of interests. In fact, you can the day before print out a Google Map/Open Street Maps of the strip to keep on your persons (as well as a close up of the hotel and it’s surrounding area) and psychically map things out with marker and pen as you go. As a heads up, here is a list of resurant locations in Las Vegas and below is a picture map of every Walgreens on the strip:

And here are some quick resources for St. John’s Campus University that we will detail in A New HOPE guide:

A quick guide for supplies, make sure to make your own map of the Las Vegas Strip and/or NYC Campus!

— Plan out sights to see. Remember, you are in VEGAS & NYC BABY! You are here to have fun and for most of you this will be your only time of year to go. Stop and see the sights, go see a show like Pen & Teller, a Drag Show, the Bunny Ranch or explore the little know area of Vegas known as Freemont Street.

ACTIVITY GUIDES FOR LAS VEGAS:

ABOUT MTA NYC SUBWAY SYSTEM

Offline NYC MTA Subway Map for Android: https://play.google.com/store/apps/details?id=com.thryvinc.nycmap&gl=US

ACTIVITY GUIDES FOR NEW YORK CITY:

EMERGENCY NUMBERS IN LAS VEGAS:

Fire / Police / Ambulance : 911

Poison Control : (702) 732–4989

Rape Crisis Center Hot Line : (702) 366–1640

Mental Health Crisis Unit : (702) 486–8020

HelpLine Numbers:

Gamblers Anonymous : (702) 385–7732

Alcoholics Anonymous : (702) 598–1888

Domestic Crisis Shelter : (702) 646–4981

Juvenile Court Services Abuse and Neglect Hot Line : (702) 399–0081

Youth Runaway Shelter : (702) 385–3330

Government Numbers:

Internal Revenue Service : (800) 829–1040

Department of Motor Vehicles : (702) 486–4368

Clark County District Attorney : (702) 455–4204

Federal Bureau of Investigation (FBI) : (702) 385–1281

Bureau of Alcohol, Tobacco and Firearms : (702) 388–6584

Health & Social Numbers:

American Red Cross : (702) 248–2770

Alzheimer’s Association Southern Nevada Chapter : (702) 248–2770

American Heart Association : (702) 367–1366

American Cancer Society : (702) 798–6877

American Lung Association : (702) 431–6333

United Way : (702) 455–4291

Senior Protective Services : (702) 455–4291

Clark County Social Services : (702) 455–4270

Salvation Army : (702) 649–8240

Transportation Numbers:

Traffic Hotline : 511

Amtrak Railroad : (702) 386–6896

McCarran International Airport : (702) 261–5211

Las Vegas Public Bus Transportation : (702) CAT-RIDE

Miscellaneous Numbers:

Information Assistance : 411

Information and Referral HELP of Southern Nevada : (702) 369–4357

Time / Weather : (702) 248–4800

EMERGENCY NUMBERS IN NEW YORK CITY

Department of Health and Mental Hygiene (DOHMH) Bureau of Communicable Disease: 866–692–3641

Emergency Preparedness Mental and Behavioral Health & NYC Well: 888-NYC-WELL or 888–692–9355

Poison Control Center (24/7): 212-POISONS or 212–764–7667

Department of Homeless Services: 212–361–8000

Emergency Management: 718–422–8700

Emergency Medical Services: 718–999–2770

Fire Department (FDNY): 718–999–2000

Bronx: 718–999–3333

Brooklyn: 718–999–4444

Manhattan: 212–999–2222

Queens: 718–999–5555

Staten Island: 718–999–6666

Hospital Preparedness Program Office of the Chief Medical Examiner: 212–447–2030

Terrorism Hotline: 888-NYC-SAFE or 888–692–7233

— Lastly but certainty not least, we must remind you that while you are any of the three conventions to PLEASE work with con security and staff and not AGAINST them, obey their Code of Conducts (DEFCON CoC, Black Hat CoC, BSidesLV CoC) and OBEY the 5–2–1 rule.

That’s:

>FIVE HOUR OF SLEEP (MINIMUM)

>TWO FULL MEALS WITH ACTUAL NUTRITION (MINIMUM)

>And please…for the love of everyone’s nasal glands…SHOWER EVERY DAY!!!!!

If you have your own tips, tricks and advice for surviving Las Vegas, Nevada or New York City that we forgot to miss here, you can reach out to us on our social media or email us at INFO {at} DEFCON201 <dot> ORG

Enjoy your time in LAS VEGAS and remember,

What happens in Vegas

Appears on YouTube!

And if you are in New York City, don’t be this lady

P.S. Cannabis is LEGAL in the State of Nevada and NYC! Click here to read up on the laws in both states!

CONTINUE TO :: HACKER DOUBLE SUMMER — Part Two: Capture The Flags

--

--

DCG 201

North East New Jersey DEFCON Group Chapter. Dirty Jersey Represent! We meet at Sub Culture once a month to hack on technology projects! www.defcon201.org