Cybersecurity Birthday Attack

Unraveling the Mystery of The Cybersecurity Birthday Attack

In the world of cryptography, a Birthday Attack Hack poses a significant threat to data security.

What Is A Cybersecurity Birthday Attack? The Cybersecurity Birthday Attack uses the mathematics underpinning the birthday paradox to attack flaws in digital security systems.

This article dives into how birthday attacks work, how they affect encryption and digital signatures, and how to mitigate them. Understanding the subtleties of birthday attacks is critical for both cybersecurity pros and hobbyists when it comes to protecting digital assets against sophisticated vulnerabilities.


  1. Explaining the Birthday Attack
  2. How Does the Birthday Problem Apply to Cryptography?
  3. Impact on Digital Signatures and Hash Functions
  4. Strategies for Mitigating Birthday Attacks
  5. The Importance of Cybersecurity Conferences in Staying Informed

Explaining the Birthday Attack

At its foundation, a birthday attack is a sort of cryptographic attack that makes use of the mathematical probabilities inherent in the birthday paradox.

The paradox is a counterintuitive probability theory that asserts that in a group of only 23 people, there is a 50% chance that two people will share the same birthday. In the field of cryptography, attackers use this idea to identify collisions in hash functions—instances when two separate inputs give the same output hash.

This exploit can jeopardize the integrity of cryptographic systems by allowing attackers to trick systems into accepting fake data as legitimate.

How Does the Birthday Problem Apply to Cryptography?

The birthday problem is relevant to cryptography when analyzing the likelihood of discovering two separate inputs that produce the same hash value from a hash function.

Hash functions are intended to accept an input (or ‘ message’) and return a fixed-length string of bytes, usually a hash value unique to the original input. Collisions are theoretically possible since hash outputs are finite in size.

The birthday assault tactic takes advantage of this by employing the same probability theory to effectively locate collisions. This is particularly concerning for cryptographic systems that rely on hash functions to ensure data integrity and authentication.

Impact on Digital Signatures and Hash Functions

Digital signatures and hash functions are essential for protecting online transactions and communications.

They ensure that messages are not altered during transit and confirm the sender’s identity. However, these systems are vulnerable to birthday attacks, which exploit collisions in the hash functions used to generate digital signatures.

An attacker might fake a digital signature by identifying two separate messages with the same hash, thereby misleading a system into recognizing a malicious document as legitimate. This issue emphasizes the importance of robust cryptographic designs that are resistant to such exploitation.

Strategies for Mitigating Birthday Attacks

Several solutions are employed to mitigate the risk of birthday attacks, all of which rely on enhancing the cryptographic hash functions used in security systems.

Using hash functions with longer output lengths can dramatically reduce the likelihood of collisions, making it more difficult for attackers to locate two inputs producing the same hash value. In addition, using collision-resistant hash algorithms and updating cryptographic protocols to include safeguards against known flaws are crucial steps in protecting digital information.

Regular security audits and keeping up with the latest cryptography research are also critical for identifying and mitigating potential attack vectors.

The Importance of Cybersecurity Conferences in Staying Informed

Attending cybersecurity conferences can help experts stay ahead of emerging dangers such as birthday assaults.

These events include updates on the most recent cybersecurity research, trends, and strategies, as well as advances in cryptographic approaches and defenses against complicated assaults.

Networking with peers and professionals at these conferences can also help to spread knowledge and collaborate on successful security solutions. Finally, being informed through ongoing education and professional development is critical for guarding against the changing world of cyber threats.


Birthday attacks use the birthday paradox to detect collisions in cryptographic hash algorithms, compromising digital security. The impact of these attacks on digital signatures and encryption emphasizes the significance of implementing strong cryptographic safeguards.

  • To prevent birthday attacks, utilize longer hash outputs, and collision-resistant algorithms, and be aware of potential weaknesses. Attending cybersecurity conferences helps you stay up to date on the newest discoveries and tactics for preventing cryptographic exploits.

Understanding birthday attacks and adopting appropriate countermeasures is critical for ensuring the integrity and security of cryptographic systems.

As cyber threats evolve, the importance of knowledgeable cybersecurity professionals in deploying cutting-edge defenses against attacks like these becomes increasingly important.

The Best DEF CON Talks Of All Time!

What’s This Post All About?

As the title of this post suggests we’ve sourced what we believe to be the best DEF CON presentations from 1993 to the present day.

For those that don’t know, DEF CON is literally the ‘poster-child’ of ‘Hacker Conferences’.

Quick Overview of DEF CON

Said simply, DEF CON is pretty friggin awesome.

Put it this way, not only has DEF CON become the event of the Cybersecurity calendar, but its also the place where Cybersecurity Speakers, personalities, hackers, and the industry’s most creative minds meet to discuss and present ways to either hack someone’s pacemaker, a car, the DHS, GCHQ, Mars Rover or whatever!

DEF CON is not only about binary code; there’s also lock-picking, CTF events, partying, and a ton more. DEF CON has a reputation for being a lot of fun and it gets messy real quick.

In the spirit of transparency, this list was partly inspired by a post the author read on Imgur titled: “Ten Most Popular DEF CON Talks” which contains some of these amazing presentations.

If you have the opportunity then get yourself to DEF CON.

Get To The Point, What’s This Post Really About?

This post is really a resource for listing awesome (and we mean the ‘best’) Hacker Presentations we can find on the Interwebs.

So, without further ado, in no particular order, here’s our list:

How TOR Users Got Caught  Video Missing…

Adrian Crenshaw | DEF CON 22 | August 2014

Adrian is a Senior Security Consultant at TrustedSec and is also the creator of the Irongeek.com and has been managing that site since 2004. We here at InfoSec-Conferences have quite a bit in common with Irongeek because whilst we list thousands of events around the world, Adrian curates videos and places them on YouTube and on his website and thereby creating an awesome service to the community. Adrian is also a co-founder of DerbyCon.

One of the more fascinating aspects of this talk which was given at DEF CON in 2014 is how Ross Ulbricht (“Dread Pirate Roberts”) was caught. His talk goes through all the ways the evidence was stacked against him, including, placing questions on StackOverflow, a Drugs Website, and of course on TOR.

That Awesome Time I Was Sued For Two Billion Dollars

Jason Scott | DEF CON 17 | August 2009

Jason is a regular at cybersecurity hacker at DEF CON, in fact, the first time he spoke was back in 1999 and he’s spoken at (nearly) every conference since. He’s also spoken at H.O.P.E. and Toorcon. The majority of his talks focus on the capturing of digital history or consist of narratives of stories relevant to his experiences online and this talk directly relates to that.

In this talk, which has become a legendary DEF CON presentation, Jason outlines how he was sued along with a few others for a staggering two billion dollars.

You can download the slides here.

Hack All The Things! 20 Devices in 45 minutes

Amir Etemadieh, CJ Heres, Hans Nielsen, Mike Baker | DEF CON 22 | August 2014

This presentation illustrates exploits for over 20 IoT devices including but not limited to TVs, baby monitors, media streamers, network cameras, home automation devices, and VoIP gateways.

The team at DEF CON 22 shows how “easy” it is to gain root on IoT devices, run unsigned kernels; hack hardware, and a ton more!

Pwned By The owner What happens When You Steal A Hacker’s Computer

Zoz | DEF CON 18 | August 2010

This is definitely one of the more iconic talks of DEF CON owing to its in-depth interesting way that a hacker stole back his computer.

The talk gets really going around the three-minute mark and he dives into how he got his computer back from a thief!

We’d probably recommend this talk the most from our list.

Hacking MMORPGs for fun and mostly profit

Josh Philips and Mike Donnelly | DEF CON 19 | August 2011

For those that don’t know, MMORPG means “Massively Multiplayer Online Role-Playing Game”, and if you’re into gaming and you’re looking to try and hack games then you may as well consider this DEF CON talk as a rite of passage.

Here are two essential facts and skills that, according to the speakers, you’ll have to know and understand to allow you to hack MMORPG’s!

  • Memory searching is an arcane art
  • Script engines are your friend (WoW/LUA, Eve/Python, Java/Darkfall).

How My Botnet Purchased Millions Of Dollars In Cars And Defeated The Russian Hackers

Michael Schrenk | DEF CON 21 | August 2013

Take a deep dive with Michael into cyber criminality with this superbly researched talk.

Stealing Profits from Spammers or: How I Learned to Stop Worrying and Love the Spam

Grant Jordan | DEF CON 17 | August 2009

If you work for clients within the financial space or are interested in FinSec then this may well be an awesome talk to listen to. It’s a bit dated but nonetheless, the foundations of the talk are the same, i.e. that there’s still a heap of spam going around the Internet trying to fraud unsuspecting end users.

Steal Everything, Kill Everyone, Cause Total Financial Ruin!

Jayson E. Street | DEF CON 19 | August 2011

This talk offers an interesting viewpoint on how to look at the entire Cybersecurity subject matter.

Jayson is a well-known InfoSec Speaker having spoken at DEF CON, DerbyCon, and a bunch of other conferences.

The Secret Life of SIM Cards

Karl Koscher and Eric Butler | DEF CON 21 | August 2013

This DEF CON presentation has generated a ton of buzz on the Internet and it has the largest footprint of all the talks listed within this resource.

SIM cards can be used for nefarious purposes by an able hacker because apps can be installed and executed on a user’s phone without their knowledge. Also, owing to the closed nature of the SIM protocol ecosystem makes it difficult for hobbyists to find information and experiment.

If you’re interested in SIM and Mobile Technology then this talk is absolutely for you. For more information on the subject, we’d encourage you to watch the video below and then hit this link for more in-depth information.

PS – Worth noting that Eric Butler was the founder of Firesheep, one of the best-known browser-based hacking tools.

Deviant Ollam Cluebat Quartermaster | DEF CON 19 | August 2011

Yes, gun safety is a big deal in the US, and I absolutely do not want to get into the subject matter. Here’s what we do know though: this talk exposes ways that guns (unfortunately) can be hacked to remove their safety aspect.

The First-Ever Hacker Cons!

What’s This Post About?

This post is for the old school!

Important! If anyone has ever attended any of these events please drop a comment below – we’d love for you to reminisce and share your experience!

HoHoCon (XmasCon) Summary

Just look at the photo! (The photo above is of Jesse Dryden, co-founder of HoHoCon and a founding member of CDC).

If you are interested in Cyberculture and the old-school Hacker Culture then you’ll find HoHoCon (also called XmasCon) fascinating. There’s a very good (and lengthy) write-up here.

In summary, HoHoCon is the original ‘Hacker Conference’, before DEF CON.

An Overview Of The Origin Of HoHoCon

In December 1990, Cult Of The Dead Cow (an ancient hacking collective) Jesse Dryden (Hacker Handle: Drunkfux) started HoHoCon which therefore makes it the original ‘Hacker Con’. A total of five events took place – all in Houston, Texas.

Trivia: Jesse’s father is Jefferson Airplane’s drummer Spencer Dryden and he is also the great-nephew of Charlie Chaplin!

Cult Of The Dead Cow cdc

Cult Of The Dead Cow was behind HoHoCon way back in 1990 when it first took place. The Cult of the Dead Cow (cDc) is the oldest active group in the hacker underground (in fact they’ve been around since the mid 1980s). To have been around in this era with these guys must have been something special.

Aside from cDc the ‘group; has another two ‘divisions’ which are:

Cult Of The Dead Cow Ninja Strike Force

This was a membership-based entity as far as we can understand. Essentially only the l33t were eligible to gain membership into this collective. Here’s their website for more information.

Cult Of The Dead Cow Hacktivismo

In late 1999, the cDc coined the term ‘Hacktivisim’ – which is pretty remarkable when you think about it, in fact, it really enforces just how important these ‘foundation’ movements are.

These guys really are the pioneers. Another fascinating thing about this subdivision of cDc is that this division of ‘Hacktivism’ which they also referred to as ‘Hacktivismo’ was designed to fight censorship and human rights. Remember that this was way back in 1990!

Cult Of The Dead Cow Hacker Tools ‘Hacking Tools’

cDc is responsible for creating a whole bunch of hacker tools, including:

  • The Automated Prayer Project (Some weird religious automated device)
  • Back Orifice (Think of this rather like a RAT)
  • Back Orifice 2000 (Same as above but supports other Windows OS)
  • Camera/Shy (Decrypts information)
  • NBName (Used for DOS Attacks)
  • ScatterChat (An original encrypted messaging tool that used TOR; has since been made redundant)
  • The Six/Four System (Proxy network)
  • SMBRelay and SMBRelay2 (SMB MITM)
  • Torpark (Portable browser)
  • Whisker (Rather like an original SHODAN)

The video below is from another conference (HOPE) that shows the cDc crew on August 8, 1997, at the Puck Building in New York City.

Present in the video are Deth Veggie, Mudge, Nightstalker, Tweety Fish, Oxblood Ruffin, Lady Carolin, Sunspot, Count Zero, and Theo de Raadt.

Pumpcon Summary

PumpCon is one of the oldest continuously held hacker conferences in the US.

This conference is more than just InfoSec – they’ve had speakers discuss lock-picking, neuro-anatomy, law, and a bunch of other weird and wonderful content and research.

One important point to note is that PumpCon has been invitation-only for years and the only way to be a participant in this old-school hacker conference is to either get invited, be a guest of an invitee, or give a talk. This year (2017) PumpCon takes place in Philadelphia and the event is almost always at the end of October.

H.O.P.E. Summary

H.O.P.E. stands for Hackers On Planet Earth, one of the most creative and diverse hacker events in the world. It’s been happening since 1994.

This InfoSec Old-School Hacker meetup is still going on!

This year, according to their own words:

Join us for three full days and nights of activities, including more of the provocative and enlightening speakers that the HOPE conferences are known for. In addition, we have access to a massive amount of space to put together all sorts of hacker projects and assorted fun stuff.

In the past we’ve had huge hackerspace villages, film festivals, Segway rides, lock picking villages, a wide variety of vendors, art installations, live video, vintage computers, robots, an amateur/ham radio station, electronics workshops, book signings, and the country’s biggest supply of Club-Mate.

Now imagine all of that happening right in the middle of New York City, across the street from Penn Station and down the block from the Empire State Building. It seems impossible, but with the hard work and dedication of our huge volunteer staff, we’re able to pull it off.

Summercon Summary

Our last but certainly not least event that we are listing in this Old School Cybersecurity Hacker-Con post is Summercon!

Summercon is, like the others listed above, one of the oldest hacker conventions, and it is certainly the or nearly the longest-running Hacker Conference that has taken place in the USA.

In Summary

We think that we’ve listed the oldest events that we could find – but hey – please suggest any others if we have missed any!

Also! It should be mentioned that the events we have placed in this (evergreen) blog post are all USA-Centric so we’d really appreciate old-school Hacker Conferences that did or still do take place in other parts of the world.

We have a special category for Hacker Conferences – so be sure to check them out!

How To Speak At DEF CON

Getting a speaking gig at DEF CON, or indeed any hacker conference is clearly a massive endorsement of your research within your subject matter.

If you are new to learning about this legendary hacking event then here are some notable DEF CON moments that you read about. We also have a post on what makes this conference so special.

To get accepted to talk and present at a highly reputable conference like DEF CON is tricky of course but they’ll give you a fighting chance if you submit and apply yourself properly.

Just a quick heads up! If you’d prefer – here are some of the most famous DEF CON talks of all time (hint: these might give you some inspiration!).

Anyways – let’s dive into how to create some DEF CON talk ideas and apply them to speak at this conference.

Create Captivating Content

This is obvious but make sure with complete certainty that your content (security-related) subject matter is totally on-point. A good example could be the infamous car hacks that were demonstrated and widely reported back in 2015. The speakers were pretty much guaranteed a spot at any major conference in which they were at Black Hat. Clearly, the subject matter was timely and captivating and generated a ton of press. So think – what is that truly fascinates you and then start to sketch out all the points and examples that you’d be able to make.

DEF CON content is definitely more “cutting edge” than other Cybersecurity Conferences so to apply to get a speaking opportunity we’d recommend that you make yourself as pioneering as possible.

An example of a “cutting edge” presentation that took place at DEF CON 26 would be Marcus Hutchins WannaCry talk which was clearly extremely topical at the time.

The Title Is Key

Any journalist or Internet Marketer will tell you that half of the battle in getting people’s interest is in being able to write a catchy title that creates excitement and sets the stage for what is to come. We have a resource on some TED InfoSec Talks that may give you some inspiration, as well as our “recommended 5 DEF CON, talks since 1994” and in that, an example of a title we like is: “That Awesome Time I Was Sued For Two Billion Dollars”.

Make Sure You Submit Your Well Written CFP Early!

Kinda a no-brainer here but of course make sure that your CFP Proposal is submitted as early as possible thereby making sure it is received and of course, make sure it is well written! Following the guidelines precisely and accurately because any inconsistencies and your CFP will be rejected.

Look At Past Events

One of the awesome things about DEF CON (of which there are many) is that you can see the past talks and presentations that took place all the way back to DEF CON 1! Seek out talks that you can relate to and, of course, use them for inspiration.

5 Steps To Apply

To apply to present at the DEF CON conference, please complete the following steps:

  1. Navigate to the “Speakers” area of the DEF CON website at the DEF CON Website.
  2. Examine the speaker rules and qualifications to ensure you meet the eligibility standards and are aware of the expectations.
  3. Prepare your talk proposal, which should include a title, a summary, and a presentation outline. Make sure your proposal is well-written, informative, and relevant.
  4. When the DEF CON CFP (Call for Papers) system is open, submit your idea through it. Typically, the CFP opens several months before the conference and closes a few weeks before the event. To submit your project, you must first establish an account and then follow the instructions.
  5. Wait for the DEF CON team to respond. They will review your proposal and notify you whether or not you have been chosen. If you are chosen, you will be assigned a time slot during the conference to present your topic.

29 Amazing TED Cybersecurity Talks (2008 – 2022)

What’s This Post About?

If you are a new visitor to our website then here’s what we do: we list a ton of information on Cybersecurity Conferences taking place around the world. With our interest in IT Security events, we thought it to be only logical to share some awesome Cybersecurity TED Talks that we have watched and wanted to share with you, and here it is!

For those also new to TED and the smaller TEDx, they are an organization that promote some really great (inspirational) talks.

Pro Tip!

Download these videos on your phone and enjoy them on your daily commute. Some of them are really very inspirational and thought-provoking.

Your Smartphone Is A Civil Rights Issue

Christopher Soghoian | October 2016

The smartphone you use reflects more than just personal taste … it could determine how closely you can be tracked, too.

Privacy expert and TED Fellow Christopher Soghoian details a glaring difference between the encryption used on Apple and Android devices and urges us to pay attention to a growing digital security divide. “If the only people who can protect themselves from the gaze of the government are the rich and powerful, that’s a problem,” he says. “It’s not just a cybersecurity problem — it’s a civil rights problem.”

The 1s and 0s Behind Cyber Warfare

Chris Domas | June 2014

Hackers: The Internet’s Immune System

Keren Elazari | June 2014

The beauty of hackers, says cybersecurity expert Keren Elazari, is that they force us to evolve and improve.

Yes, some hackers are bad guys, but many are working to fight government corruption and advocate for our rights. By exposing vulnerabilities, they push the Internet to become stronger and healthier, wielding their power to create a better world.

Hire The Hackers!

Misha Glenny | September 2011

Despite multibillion-dollar investments in cybersecurity, one of its root problems has been largely ignored: who are the people who write malicious code? Underworld investigator Misha Glenny profiles several convicted coders from around the world and reaches a startling conclusion.

How (And Why) Russia Hacked The Us Election

Laura Galante | May 2017

Hacking, fake news, information bubbles … all these and more have become part of the vernacular in recent years. But as cyberspace analyst Laura Galante describes in this alarming talk, the real target of anyone looking to influence geopolitics is dastardly simple: it’s you.

Hack A Banana, Make A Keyboard!

Jay Silver | May 2013

Why can’t two slices of pizza be used as a slide clicker? Why shouldn’t you make music with ketchup? In this charming talk, inventor Jay Silver talks about the urge to play with the world around you. He shares some of his messiest inventions, and demos MaKey MaKey, a kit for hacking everyday objects.

Governments Don’t Understand Cyber Warfare. We Need Hackers

Rodrigo Bijou | December 2015

The Internet has transformed the front lines of war, and it’s leaving governments behind. As security analyst Rodrigo Bijou shows, modern conflict is being waged online between non-state groups, activists and private corporations, and the digital landscape is proving to be fertile ground for the recruitment and radicalization of terrorists. Meanwhile, draconian surveillance programs are ripe for exploitation. Bijou urges governments to end mass surveillance programs and shut “backdoors” — and he makes a bold call for individuals to step up.

Why Good Hackers Make Good Citizens

Catherine Bracy | February 2014

Hacking is about more than mischief-making or political subversion. As Catherine Bracy describes in this spirited talk, it can be just as much a force for good as it is for evil. She spins through some inspiring civically-minded projects in Honolulu, Oakland and Mexico City — and makes a compelling case that we all have what it takes to get involved.

All Your Devices Can Be Hacked

Avi Rubin | February 2012

Could someone hack your pacemaker? Avi Rubin shows how hackers are compromising cars, smartphones and medical devices, and warns us about the dangers of an increasingly hack-able world.

This Is What Democracy Looks Like

Anthony D. Romero | May 2017

In a quest to make sense of the political environment in the United States in 2017, lawyer and ACLU executive director Anthony D. Romero turned to a surprising place — a 14th-century fresco by Italian Renaissance master Ambrogio Lorenzetti. What could a 700-year-old painting possibly teach us about life today? Turns out, a lot. Romero explains all in a talk that’s as striking as the painting itself.

How The Blockchain Will Radically Transform The Economy

Bettina Warburg | November 2016

Say hello to the decentralized economy — the blockchain is about to change everything. In this lucid explainer of the complex (and confusing) technology, Bettina Warburg describes how the blockchain will eliminate the need for centralized institutions like banks or governments to facilitate trade, evolving age-old models of commerce and finance into something far more interesting: a distributed, transparent, autonomous system for exchanging value.

We Can Fight Terror Without Sacrificing Our Rights

Rebecca MacKinnon | September 2016

Can we fight terror without destroying democracy? Internet freedom activist Rebecca MacKinnon thinks that we’ll lose the battle against extremism and demagoguery if we censor the internet and press. In this critical talk, she calls for a doubling-down on strong encryption and appeals to governments to better protect, not silence, the journalists and activists fighting against extremists.

How The Blockchain Is Changing Money And Business

Don Tapscott | August 2016

What is the blockchain? If you don’t know, you should; if you do, chances are you still need some clarification on how it actually works. Don Tapscott is here to help, demystifying this world-changing, trust-building technology which, he says, represents nothing less than the second generation of the internet and holds the potential to transform money, business, government and society.

Art That Lets You Talk Back To NSA Spies

Mathias Jud | October 2015

In 2013, the world learned that the NSA and its UK equivalent, GCHQ, routinely spied on the German government. Amid the outrage, artists Mathias Jud and Christoph Wachter thought: Well, if they’re listening … let’s talk to them. With antennas mounted on the roof of the Swiss Embassy in Berlin’s government district, they set up an open network that let the world send messages to US and UK spies listening nearby. It’s one of three bold, often funny, and frankly subversive works detailed in this talk, which highlights the world’s growing discontent with surveillance and closed networks.

How Fear Drives American Politics

David Rothkopf | September 2015

Does it seem like Washington has no new ideas? Instead of looking to build the future, it sometimes feels like the US political establishment happily retreats into fear and willful ignorance. Journalist David Rothkopf lays out a few of the major issues that US leadership is failing to address — from cybercrime to world-shaking new tech to the reality of modern total war — and calls for a new vision that sets fear aside.

How To Avoid Surveillance … With The Phone In Your Pocket

Christopher Soghoian | August 2015

Who is listening in on your phone calls? On a landline, it could be anyone, says privacy activist Christopher Soghoian, because surveillance backdoors are built into the phone system by default, to allow governments to listen in. But then again, so could a foreign intelligence service … or a criminal. Which is why, says Soghoian, some tech companies are resisting governments’ call to build the same backdoors into mobile phones and new messaging systems. From this TED Fellow, learn how some tech companies are working to keep your calls and messages private.

Think Your Email’s Private? Think Again

Andy Yen | March 2015

Sending an email message is like sending a postcard, says scientist Andy Yen in this thought-provoking talk: Anyone can read it. Yet encryption, the technology that protects the privacy of email communication, does exist. It’s just that until now it has been difficult to install and a hassle to use. Showing a demo of an email program he designed with colleagues at CERN, Yen argues that encryption can be made simple to the point of becoming the default option, providing true email privacy to all.

What’s Wrong With Your Pa$$w0rd?

Lorrie Faith Cranor | June 2014

Lorrie Faith Cranor studied thousands of real passwords to figure out the surprising, very common mistakes that users — and secured sites — make to compromise security. And how, you may ask, did she study thousands of real passwords without compromising the security of any users? That’s a story in itself. It’s secret data worth knowing, especially if your password is 123456 …

Protecting Twitter Users (Sometimes From Themselves)

Del Harvey | March 2014

Del Harvey heads up Twitter’s Trust and Safety Team, and she thinks all day about how to prevent worst-case scenarios — abuse, trolling, stalking — while giving voice to people around the globe. With deadpan humor, she offers a window into how she works to keep 240 million users safe.

How The NSA Betrayed The World’s Trust — Time To Act

Mikko Hypponen | November 2013

Recent events have highlighted, underlined and bolded the fact that the United States is performing blanket surveillance on any foreigner whose data passes through an American entity — whether they are suspected of wrongdoing or not. This means that, essentially, every international user of the internet is being watched, says Mikko Hypponen. An important rant, wrapped with a plea: to find alternative solutions to using American companies for the world’s information needs.

Your Online Life, Permanent As A Tattoo

Juan Enriquez | May 2013

What if Andy Warhol had it wrong, and instead of being famous for 15 minutes, we’re only anonymous for that long? In this short talk, Juan Enriquez looks at the surprisingly permanent effects of digital sharing on our personal privacy. He shares insight from the ancient Greeks to help us deal with our new “digital tattoos.”

The Rise Of Human-computer Cooperation

Shyam Sankar | September 2012

Brute computing force alone can’t solve the world’s problems. Data mining innovator Shyam Sankar explains why solving big problems (like catching terrorists or identifying huge hidden trends) is not a question of finding the right algorithm, but rather the right symbiotic relationship between computation and human creativity.

A Navy Admiral’s Thoughts On Global Security

James Stavridis | July 2012

Imagine global security driven by collaboration — among agencies, government, the private sector and the public. That’s not just the distant hope of open-source fans, it’s the vision of James Stavridis, a US Navy Admiral. Stavridis shares vivid moments from recent military history to explain why security of the future should be built with bridges rather than walls

How To Fool A GPS

Todd Humphreys | July 2012

Todd Humphreys forecasts the near-future of geolocation when millimeter-accurate GPS “dots” will enable you to find pin-point locations, index-search your physical possessions … or to track people without their knowledge. And the response to the sinister side of this technology may have unintended consequences of its own.

A Vision Of Crimes In The Future

Marc Goodman | July 2012

The world is becoming increasingly open, and that has implications both bright and dangerous. Marc Goodman paints a portrait of a grave future, in which technology’s rapid development could allow crime to take a turn for the worse.

A New Way To Stop Identity Theft

David Birch | June 2012

Bartenders need to know your age, retailers need your PIN, but almost no one actually needs your name — except for identity thieves. ID expert David Birch proposes a safer approach to personal identification — a “fractured” approach — that would almost never require your real name.

FBI, Here I Am!

Hasan Elahi | October 2011

After he ended up on a watch list by accident, Hasan Elahi was advised by his local FBI agents to let them know when he was traveling. He did that and more … much more.

How Cyberattacks Threaten Real-world Peace

Guy-Philippe Goldstein | October 2011

Nations can now attack other nations with cyber weapons: silent strikes on another country’s computer systems, power grids, dams that leave no trace behind. (Think of the Stuxnet worm.) Guy-Philippe Goldstein shows how cyberattacks can leap between the digital and physical worlds to prompt armed conflict — and how we might avert this global security hazard

The Security Mirage

Bruce Schneier | April 2011

The feeling of security and the reality of security don’t always match, says computer-security expert Bruce Schneier. In his talk, he explains why we spend billions addressing news story risks, like the “security theater” now playing at your local airport, while neglecting more probable risks — and how we can break this pattern.

What Security Means To Me

Eve Ensler | September 2008

Playwright Eve Ensler explores our modern craving for security — and why it makes us less secure. Listen for inspiring, heartbreaking stories of women making change.

DEF CON Hacker Badges

DEF CON is one of the largest and most significant hacker conventions in the world – and certainly, one that you can consider as being an old-school hacker event, bringing together a wide collection of people interested in hacking, cybersecurity, and digital culture.

One of the most sought-after items at this conference is the DEFCON badge.

Unlike most cybersecurity conference badges, DEF CON badges are one-of-a-kind, high-tech, and highly interactive, making them a geek’s collector item par excellence.

Here’s a Cool Video Discussing the Awesoweness of DEFCON Badges

The History of the DEF CON Badge

The DEF CON hacker badge originated at DEF CON 14 in 2006 when electrical engineer and hacker Joe “Kingpin” Grand changed the concept of a conference badge by adding electronic components.

The badges were more than simply a ticket to the event; they were a tiny hacking challenge in their own right, complete with LEDs, switches, and circuits that participants could modify.

This breakthrough paved the way for a culture of ‘badge hacking’ at DEF CON, in which attendees not only hack computers but also the badges that hang around their necks.

These badges have grown in complexity and originality throughout time. They’ve included crypto riddles and wireless communication capabilities in previous years.

Others had built-in screens, small keyboards, or elaborate printed circuit board (PCB) designs that elevated them to the level of art. They are frequently involved in ‘Capture the Flag’ and other convention contests.

They’ve also had Easter eggs: secret features or software that attendees could find on occasion. It’s not uncommon to see individuals crowded around at DEF CON with soldering irons and laptops in hand, attempting to hack into their badges to discover hidden functionality or simply personalize them.

Here’s A Summary of DEF CON Badges We Could Find

  • DEF CON 14 (2006): The first electronic badge (as mentioned above) was designed by Joe “Kingpin” Grand. It featured blinking LEDs.
  • DEF CON 15 (2007): Also designed by Kingpin, the badge had programmable LEDs and more intricate puzzles.
  • DEF CON 16 (2008): This year featured a badge with an onboard microphone and LED display for audio spectrum analysis.
  • DEF CON 17 (2009): Kingpin’s last badge for DEF CON had a more complex set of features and puzzles, including IR (infrared) communication capabilities.
  • DEF CON 18 (2010): This year moved away from electronic badges but featured a highly intricate, artistic design made of aluminum.
  • DEF CON 19 (2011): The badge featured a microcontroller and mini-USB port for programming.
  • DEF CON 20 (2012): This was a special year with a very ornate badge to mark DEF CON’s 20th anniversary.
  • DEF CON 21 (2013): A straightforward design but with an embedded puzzle.
  • DEF CON 22 (2014): Featured an onboard crypto processor and various interactive games.
  • DEF CON 23 (2015): The badge had an embedded LCD screen for a more interactive experience.
  • DEF CON 24 (2016): Featured a badge with DEF CON’s first removable, hackable lanyard.
  • DEF CON 25 (2017): Known for its “Darknet” theme, this badge allowed for multiplayer gaming among attendees.
  • DEF CON 26 (2018): A retro-style badge designed like a vinyl record to celebrate the event’s history.
  • DEF CON 27 (2019): Known for its “Teachable Machine” concept, it allowed attendees to program custom sequences.
  • DEF CON 28 (2020): Due to the COVID-19 pandemic, the conference was virtual, but a badge was still made available for those who wanted to purchase it.

The badges from each year are highly coveted and can become valuable collector’s items.

It’s worth noting that aside from the main badges, there are also “village” badges, “party” badges, and “challenge” badges that are produced by other groups and individuals attending the conference, each with its own unique features and puzzles.

DEF CON Badges Are A Status Symbol

They are a status symbol in the hacker community, representing a participant’s talents and participation in this subculture. Each badge is a piece of history from a given year’s conference, frequently related to the event’s special themes and difficulties.

As a result, antique badges can sometimes be found trading for high prices on auction sites and are highly sought after by collectors. They embody the DIY mentality and resourcefulness that hacking embodies, resulting in a one-of-a-kind marriage of technology, art, and community.

So, Why Are These Badges Desired by Geeks?

It combines technical difficulty, aesthetic appeal, and cultural relevance.

The DEF CON emblem encapsulates the essence of hacking: a riddle waiting to be solved, a system begging to be understood, and a community of like-minded people who value curiosity, freedom, and the simple thrill of discovery.

The 5 Most Controversial DEF CON Talks Of All Time

DEF CON, the (in)famous Cybersecurity Hacking Conference, is well-known for providing a wide selection of intriguing and educational seminars on various cybersecurity themes. Here are some of the most controversial DEF CON talks of all time!

If you’re new to DEF CON here are some reasons why attending DEF CON is a fantastic idea, as well as some memorable moments.

Here are some well-known DEF CON talks that have received attention, recognition, and a fair shake of media coverage:

#1 “How to Hack a Car”

by Charlie Miller and Chris Valasek

A demonstration given by these two researchers in 2013 showed how they could use a laptop computer to take control of the electronic systems in a vehicle, including the steering and the brakes.

The presentation enhanced people’s knowledge of the flaws in today’s vehicles, which in turn led to more people working to protect those vehicles.

#2 “Your Body, the Big Brother”

by Anastasia Dedyukhina

This talk from 2017 examined the ways that technology corporations are utilizing data to control our emotions and affect our behavior.

Dedyukhina said that in order to safeguard our privacy, we need to be more aware of how we use technology and take active measures to do so.

#3 “Fuzzing: Brute Force Vulnerability Discovery”

by Patrice Godefroid

This talk, which was given in 2003 at DEF CON 11, presented the idea of “fuzzing,” which is a method for locating vulnerabilities in software by introducing random data into its input fields.

The process of “fuzzing” has rapidly gained popularity as a result of its efficiency in locating software defects.

#4 “The Future of War”

by P.W. Singer

During his address in 2014, Singer discussed the ways in which technological advancements, such as drones and cyber strikes, are altering the character of conflict.

The presentation emphasized how important it is for government officials and military commanders to think about the ramifications of newly developed technologies.

We actually have a specific category of cyberwar conferences that you might find of interest.

This subject matter has become increasingly topical since the Russian invasion of Ukraine – especially with regard to understanding how effective Russo-Ukraine cyber war was and is.

#5 “The Internet of Things That Lie”

by Joshua Corman

In a talk given in 2016, the authors warned of the dangers posed by Internet of Things (IoT) devices that lacked adequate security, which is increasingly being employed in critical infrastructure as well as other applications.

Corman claimed that we ought to start giving Internet of Things (IoT) security a higher priority before it is too late to do so.

Incidentally, if you’re interested in learning about some of the best IoT conferences, we have a resource on that.

In Summary

These are just a few examples of the many notable and impactful lectures that have been presented at DEF CON throughout the years.

The conference is known for hosting a wide variety of speakers each year. The conference continues to be an invaluable forum for the exchange of ideas and observations regarding cybersecurity and other related themes.

These are only a few controversial DEF CON talks. There certainly are others.

If you find this interesting and are interested in speaking at DEF CON, then we’d encourage you to read the resource that we’ve put together.

6 Notable DEF CON Moments

As one of the most well-known cybersecurity conventions in the world, DEF CON has hosted more than its fair share of notable moments over the course of its history.

(If you’re new to DEF CON, then here are some notable moments that will set the tone of what you can expect).

With over 150 talks each year, there are always bound to be a few controversial and thought-provoking security talks.

Incidentally, if you are interested in how to speak at DEF CON, we have a post on that too!

Here are a few examples of notable events at DEF CON.

#1 The first DEF CON

The first DEF CON conference was held in June 1993, with approximately 100 attendees. Jeff Moss (aka “Dark Tangent”), who would go on to become a major player in the cybersecurity field, arranged the conference.

#2 Hacking the Pentagon:

In 2016, the US Department of Defense invited hackers to try to get into its computer systems as part of a program named “Hack the Pentagon.” The program was a success, and DEF CON hosted the awards ceremony for the event.

#3 Voting machine hacking:

DEF CON has a long history of holding a “Voting Village,” a venue dedicated to revealing flaws in voting machines. A 10-year-old boy successfully hacked a spoof Florida state voting website in less than 15 minutes in 2017.

#4 NSA Director’s keynote:

General Keith Alexander, then-NSA director, presented a divisive keynote speech at DEF CON in 2013. Hecklers stopped Alexander’s lecture multiple times, and he eventually requested that the conference organizers not welcome him back in the future.

#5 The Tesla Model S hack:

A group of researchers demonstrated a vulnerability in the Tesla Model S in 2015, allowing them to take control of the vehicle’s electronic systems. The researchers revealed their findings at DEF CON and collaborated with Tesla to create a remedy for the flaw.

#6 The DEF CON Badge:

DEF CON develops a unique electronic badge for attendees each year, which has become a collectible item. The badges frequently incorporate hidden elements and challenges for attendees to solve, making the conference more interesting and participatory.

These are just a few of the memorable events that have occurred at DEF CON over the years. The conference is still a major gathering place for cybersecurity experts, researchers, and enthusiasts from all around the world.

In Summary

If you’re interested in actual talks, here’s a post you might find interesting relating to the most memorable DEF CON talks!

Attending DEF CON is an awesome experience (here’s why) and one we’d highly recommend.

Hacker Boxes @ DEF CON

Hacker Boxes offers a monthly subscription box curated for hackers with an array of cool hacker gear.

This concept aligns perfectly with the love for DEF CON Badges.

The Hacker Boxes folks had a booth at this year’s DEF CON event – it kinda of reminds us of the gear that Hak5 continues to sell.

We discovered these guys on Youtube from the DEF CON channel (see video below) and it seems pretty interesting so thought we’d publish some content on it.

They’ve created exclusive toolkits, including a war-driving platform for collecting Wi-Fi, Bluetooth, GSM, and GPS data, offering hands-on experience and skills for security professionals.

Hacker Boxes not only provides tools but also empowers users with knowledge, helping them excel in interviews and expand their security mindset.

One of the cool things of course is that by engaging with Hacker Boxes you can benefit in multiple security aspects.

Pentesting is all about using equipment and hacker tools, so learning how to use hardware (as well as the software) would be a massive plus for example in an interview or something similar.