My week in Vegas

After receiving an invitation I couldn't refuse I recently spent a week in Las Vegas with the BBC covering the most notorious week in the InfoSec calendar. 7 days packed with BlackHat, BSides Las Vegas and the notorious DEF CON.


The Trip

Things got off to a rocky start the evening before I was due to fly when British Airways sent me a message to say they'd cancelled my flight to Las Vegas! I got immediately on the phone to re-arrange travel it was looking like things were going to be a pain, and they were. To get me out to Vegas on time I had to fly MAN -> LHR -> JFK -> LAS whilst leaving earlier than originally planned and arriving much later. BA is a great airline though, which is why I'm still fighting them for my compensation claim, that I'm entitled to under European law. </sarcasm>

I was determined they weren't going to put a dampener on this trip but strange things did happen on the flight out!



The Hotel

We stayed at the Excalibur Hotel and Casino which is well connected to Mandalay Bay, the venue for BlackHat where we were spending a lot of time, and only a short distance from Caesars Palace, which is where DEF CON would be held. BSides LV was Uber distance (nobody has time to walk in 44c heat with equipment!) but we were only going to spend one day there so that didn't matter too much. The hotel did remind me a little of Disney Land from the outside!


excalibur hotel from outside


There were some stunning views outside!

The Conferences

If you've never attended any of the 3 conferences then having them all packed so closely together is a great opportunity to get the most bang for your buck, especially given that almost everyone has to travel to get to them.


BlackHat

Definitely on the more corporate end of the scale, BlackHat is still well worth attending. They have talks, trainings, a huge vendor hall and lots of sponsored after parties!


BSides Las Vegas

I've been to many BSides events and if you have you will know they're run by the community for the community. They're probably at the opposite end of the spectrum to BlackHat but certainly worth attending. BSides LV was packed with talks and whilst there were some vendor stands in the chill out room, it's not really what the event is about.


DEF CON

Finally, the notorious DEF CON. This conference probably sits between BlackHat and BSides LV in terms of corporate nature, and the scale of event is amazing. The talks at DEF CON are always worth checking out but most of the fun is had in the villages and other events.


The People

I got to spend the week with some truly awesome people and meet many others along the way. Most of my time was spent shooting with my producer Catharina 'Boss Lady' Moh.



One of the things I love about introducing new people to the security community is that they're always pleasantly surprised at just how nice everyone is, and Cat's introduction was no different. She even looked the part after we acquired some swag at BlackHat!



After BlackHat we were at BSides LV where we got to do even more awesome things like hang out with Jack Daniel, pick locks and take a tour of the SOC!




Finally over to DEF CON and one of the first shoots we had was with AND!XOR who were making some epic badges!



After that it was time to hit the conference floor and I was really interested to see how the experience would be different now I was walking around with a press badge instead of a human badge.



I'm happy to report that 99.99% of people were totally cool with it. As a member of the community I totally understood and respected everyone's privacy and everyone was happy with polite requests to have them in shot. For wider shots where there were simply too many people to ask for permission, we'd use an incredibly shallow depth of field so that nobody in the background could be made out.

Next up was Dan 'Two Shoot' Simmons, because no matter how much you nail it the first time around, you're shooting it again! I've worked with Dan before on the nomx research that Alan Woodward invited me to take part in. This resulted in a fairly epic episode of Click, and a nomination for nomx in the 'Lamest Vendor Response' category for Blackhat's Pwnie Awards!



Working alongside a pro does come with some drawbacks though...



Next up was the awesome Kate Russell who amongst other things was covering Quantum Key Distribution! You can see the segment about QKD in the Click episode 'What happens in Vegas...'.



Amongst Kate's responsibilities was making sure that everyone behaved and acted in a responsible manner.




I also decided to give Kate the 'gif of the trip' award for this beauty that she shot on her phone while we were doing a shoot at Mandalay Bay!



One of my other partners in crime was Mehrnaz Farahmand who sadly ended up leaving Vegas in a wheelchair after a rather mundane injury.

A post shared by BBC CLICK (@bbcclick) on



Mehrnaz was shooting in Farsi and I've always found it fascinating to watch someone switch between two languages so casually, especially being English as we suck at foreign languages. Great fun was had and I look forward to seeing myself dubbed in Farsi!



Behind the scenes we also had two other legends making the magic happen; Ben 'High Roller' Lister and Omar 'Shotgun' Mehtab who proved difficult to get a picture of!




Ben was behind the other camera for most of the trip and had a great eye for a good shot. Having no artistic capabilities whatsoever I'm always in awe at people who can take a scene and make it look great in the blink of an eye. Just look at a couple of his pictures!


Dan in the desert


Kate in the desert


On top of this there was also a truck load of kit to manage, I never realised just how much 'stuff' there was...



Bio-hacking

The last time I was at DEF CON a couple of years ago I took a look around the Bio-hacking village and was fascinated by some of the things taking place. One of them I really liked was the idea of an NFC implant you could get in your hand. In the interim I've done some reading up on these but the best way to get a proper understanding of something is to dive right in, so I did!



I really want to give this a lot more coverage so I will probably write at least one blog about the process and technology. I've already discovered a few uses for my chip and am making plans for what to do with it in the future.


The Awesome

There were so many awesome things on the trip but there were definitely a couple of highlights; a helicopter ride and a limo ride! Both of these were filmed and appear in the show.


In the helicopter with Kate


kate being filmed in the limo


My photography skills aren't great so please excuse the bad photos and bear in mind I was squashed in the back of the limo to give Ben room to film!

The Ending

Being in Las Vegas I really wanted to get a little hat tip to Ocean's 11 in there and my idea of doing a special ending to the show was really good fun to do!



For those of you that have seen the movie you will recognise this scene, if not you can view the ending of the movie here. I think we did it justice.


Behind The Scenes

One of the other really cool aspects of the trip was getting to see just what goes on behind the scenes during filming. That 10 second segment that appears on TV is often the product of hours of work from several people!


Cat shooting the BlackHat sign


the desert shoot


Cat at BSides LV


Kate having her cover photo taken by Ben


Shooting the Skype and type hack


Getting some shots with Elvis


VPN shoot with Silent Circle CEO


Kate doing voice over


Thanks

One of the great parts of the trip was catching up with my old work colleagues who were competing as a team in the IoT CTF and gave us permission to film them too. They were first place whilst we were there and finished in joint first at the end of the event!




I also owe another thanks to Darren Kitchen from Hak5 who hooked me up with one of their Field Kits! I used various pieces of the kit in various demos and whilst there were a couple of segments that we shot with the devices in use, we ended up filming so much great stuff that we just couldn't fit it all in. Still, the WiFi Pineapple does get a brief appearance during one of the voice-over segments.



Winner winner!

We did have a gamble on a few nights during the week (this is Vegas after all baby!). I was down by a couple hundred dollars overall, but given that you drink free whilst sitting at the tables, I hadn't really lost anything more than I would have spent on drink. So I was pretty happy. On the way out of the hotel though, after checking out, I scraped my last dollars together, walked over to a roulette table and threw $20 on green. I guess it was my lucky day!



That was a nice way to end the week, $360 in winnings!

Author image
About Scott Helme
United Kingdom Website
Security researcher, entrepreneur and international speaker who specialises in web technologies.