Timeline for How to push back against request to use personal laptop at conference due to risk of machine compromise
Current License: CC BY-SA 4.0
16 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jun 7, 2024 at 19:24 | comment | added | Paul Richter | “My laptop is broken.” | |
| Jun 7, 2024 at 13:53 | comment | added | Idran | @FreeMan I wouldn't rely on that; as pointed out in comments on TheDemonLord's answer by Nzall, there are viruses nowadays that can hide themselves in the firmware of other hardware on a device, and this is a conference specifically about the newest varieties of malicious software. Any device someone takes to this conference for the purposes of exposure should be considered unusable afterwards. | |
| Jun 7, 2024 at 11:39 | comment | added | FreeMan | A 245GB SSD is < $50 on Amazon (cheapest I could find was $19!). Buy a new one for a surplus laptop, install it & appropriate software before the conference. At the end of the conference, remove it from the laptop & physically destroy it. Reinstall original drive, put laptop back into "ready to deploy" pool. | |
| Jun 7, 2024 at 8:01 | comment | added | TooTea | @DJClayworth Anyone who wants to participate in any meaningful way? Or can you get much hacking done with just pen and paper? (I guess you would also need a few suitcases full of printouts of the source code of popular programs and disassembly of common OS kernels.) | |
| Jun 6, 2024 at 21:48 | comment | added | DJClayworth | Who actually takes a computer to these events? | |
| Jun 6, 2024 at 17:37 | comment | added | bob | This. I’ve heard from an attendee that attendees actively hack one another’s devices as an informal competition, including phones, so do expect any device you take to be compromised. | |
| Jun 6, 2024 at 16:35 | comment | added | MikeyC | My work is very particular about cyber security, and they have special laptops for business and conference travel outside the country that basically have to be handed over to IT to get wiped as soon as you return. Seems like that would be appropriate. They would also never allow work related activities to be done on a personal laptop. | |
| Jun 6, 2024 at 15:19 | comment | added | bta | I've even heard about attendees of these sorts of conferences who remove the hard drive from their laptop and throw it in the trash can before they even walk out of the venue. | |
| Jun 6, 2024 at 14:07 | vote | accept | Anthony | ||
| Jun 6, 2024 at 7:39 | comment | added | sleske | @WesleyLong: Exactly. Grab old laptop, wipe & install plain OS image (not even with company-specific software). Use that at the conference, then wipe again as soon as the conference is over. | |
| Jun 5, 2024 at 19:49 | comment | added | DavidT | You might want to take an old camera too or since its def-con a disposable film camera - that way you have a way to take pictures should you want to. | |
| Jun 5, 2024 at 18:19 | comment | added | John Dallman | I'd also avoid taking a company smartphone, or your personal one, into the conference. | |
| Jun 5, 2024 at 16:34 | comment | added | Matt | THIS. It's not rocket science - just keep repeating "I will not be using my own laptop at the conference". Too many people overthink things like this. | |
| Jun 4, 2024 at 20:25 | history | edited | DJClayworth | CC BY-SA 4.0 |
added 34 characters in body
|
| Jun 4, 2024 at 20:13 | comment | added | Wesley Long | THIS is the correct answer! The laptops should be recently decommissioned and reimaged machines, used at the conference, and then handed directly to the IT team as "toxic" when returning. Don't even power them back on when you get back to the office. | |
| Jun 4, 2024 at 18:48 | history | answered | DJClayworth | CC BY-SA 4.0 |