The OpenVPN team attended DefCon in Las Vegas. See what we learned.
When you’re working with a fully remote team, in-person connections can be hard to come by — so when they do, we at OpenVPN make the most of it. Which is why August 5th - 8th, a portion of the OpenVPN team came together to attend DefCon in Las Vegas, Nevada.
What is DefCon?
The largest and most well-known hacker conference in the world, DefCon is a “hacker’s summer camp,” says David Lam, QA Engineer at OpenVPN. “It has essentially become one of those events where great minds come together and share their experiences and thoughts.”
“DefCon is not a commercial event,” adds Elfredy Cadapan, Director of Product Development at OpenVPN. “It is a conference celebrating ‘Hacker’ culture (using the original MIT definition of ‘hacker’) — to quote: ‘the design and implementation of harmless pranks, tricks, and creative inventions that demonstrate ingenuity and cleverness.’ For attendees like us it is a chance to meet up with like-minded people and participate in activities and traditions that encourage ingenuity and creativity.”
Hacking, after all, is a mindset — one that is maintained alongside both positive and negative purposes. Here at OpenVPN we protect against the more nefarious purposes, and so attendance at this con is essential for team members like Lam and Cadapan.
As Lam explains, “It’s important for the company to keep up with the latest threat landscape. As threats change everyday, knowing how current threats affect your company is paramount to keeping your organization and systems safe.”
Cadapan adds that the education and connection to experts in the field is unparalleled at DefCon. “For technical people it provides access to the latest technology, and the ‘celebrities’ of the security industry,” he explains. “You can participate in talks presented by people like Bruce Schneier and Cory Doctorow, and there are a wide range of topics from high-level international/government/academic/corporate policy, all the way down to low-level protocol vulnerabilities. A lot of the topics discussed are advanced techniques that we actually need to examine and implement in our infrastructure and our products and are very relevant to our business.”
The Badge Puzzle
One of the highlights the team enjoyed most was the badge puzzle. As you can read in-depth in this article, the badges for the convention were anything but standard. Not only did they serve as a puzzle for all attendees to solve, they provided a way for virtual attendees to interact with those physically present.
“As we are still in a pandemic, in-person attendance has definitely dropped,” Lam laments of the smaller crowds than usual. “That said, the organizers of this conference did an excellent job in keeping the conference running and making sure attendees are still networking with each other to keep spreading the knowledge across the community.”
The badge puzzle was the organizers’ clever way of promoting that networking while providing a fun challenge for everyone involved. The puzzles required connection with other attendees, and were “made in such a way as to encourage dialogue between virtual and in-person attendees,” explains Lam. “It was a brilliant idea, and the challenges associated with the badge were simply one of a kind. Not only did I have to work with others to figure out the various challenges, it also put my soldering skills to the test, which is not something that I have been very good at. Having the community help and guide you through things is definitely something that you will not see from other conferences.”
The DefCon Experience
As you can probably tell, DefCon is a unique experience in a world of what can become repetitive conventions. “While most tech conventions focus on educating business executives on security, DefCon takes this to the next level and really goes in depth on ‘hacking everything,’” says Lam. “The best of minds come together to figure out how a device may be vulnerable, and share such knowledge back with the hacker community. It is exactly this type of knowledge that allows security practitioners to keep up with this ever changing threat landscape and keep their systems safe.”
Cadapan, a first time attendee of DefCon, appreciated the history of this almost 30-year-old con. “DefCon has its own intricate set of culture and tradition and has long been one of the cornerstones of hacker culture,” he says. He adds, “Many of my friends have been attending for years and have been trying to get me to go.”
Thankfully, this year they succeeded — and so did the OpenVPN team.