Just because you’re paranoid doesn’t mean they aren’t out to get you.
Before going out to DEFCON, I saw a couple of posts/articles on staying safe at DEFCON. Since DEFCON, I’ve seen several people say they wouldn’t bring a computer to DEFCON or they used a bootable disk with a SSH tunnel back to their network. I wonder how many people format the computer they bring to DEFCON after the event and then change all their passwords.
You see all sorts of stories about “my friend who is really good, got owned by a zero day” or “someone is breaking into the hotel room and messing with your computer when you aren’t there”. It just never ends.
Wall of Sheep of course is one of my favorite things. People may get the theory of cleartext passwords. They may even think they’ve either secured or disabled all their log ons. But when the wall demonstrates the harvested accounts its a thing of beauty. Even if it is as old as dsniff. There wasn’t a lot on the Wall. There have been big pushes for SSL in Facebook, Twitter and webmail accounts.
Next to the wall of sheep was a cell phone charging station. A couple of us were staring at it commenting “you’ve got to be kidding me” when another guy walked up and plugged his phone in. Someone commented “I wouldn’t do that’, and he sheepishly unhooked the phone. Check out Brian Krebs blog post on this “juice jacking”.
Does situational awareness warrant a complete internet shutdown for the duration of DEFCON? If you aren’t ready to play on those waters, sure. Is it enough to not install any updates, watch for certificate errors, make sure the firewall is good, and use a VPN?
Should we show more situation awareness in our everyday lives? Most people go through their lives in condition white; relaxed, unaware and unprepared. I wonder how many people left DEFCON and used coffeehouse wifi on the way home.