X

Defcon: What to leave at home and other do's and don'ts

Security experts say Bluetooth and Wi-Fi are bad and virtual private networks and EVDO modems are good at security shows, but the best thing is just to leave the equipment at home.

headshots_elinor_mills_140x100.jpg
headshots_elinor_mills_140x100.jpg
Elinor Mills Former Staff Writer
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.
See full bio
Elinor Mills
2 min read

Attending Defcon and Black Hat can make you feel a bit like a deer in a forest full of hunters.

The iPhone, love it, but leave it at home when going to Defcon, experts say. CNET

With virus-infected USB drives, Wi-Fi network sniffing, badges with built-in microphones and even security experts getting hacked, it seems like it's only a matter of time until your number comes up if you're not careful.

I asked some security experts for suggestions on what they do to protect themselves at the events and here is what they said.

Do's:
• Have minimal software on your laptop, such as only the operating system and necessary applications.

• Make a backup of your computer before you leave for the conference and then wipe everything and reinstall when you get home.

• Disable Bluetooth and Wi-Fi on all devices.

• Use an EVDO wireless card.

• Only connect to the Internet when you must.

• Use a virtual private network and--if you can--use RSA ID authentication and stop all direct connections to the computer.

• Run Linux off a USB key, back up documents online, and start with a fresh operating system every day.

• In addition to using updated security, application, and system software (antivirus in particular) and installing patches, use an operating system-level firewall.

An EVDO modem, such as the one pictured, should be the only gateway to the Internet used at a hacker conference. Verizon

• Use a disposable camera and a pre-paid cell phone.

• Lock up your equipment in your hotel room when you are going to be gone.

• Take the drives with you when you leave the laptop in the hotel room.

• Ask to be listed as a non-registered guest at the hotel so people can't get your room number or acknowledgement that you are staying at the hotel.

Don'ts:
• Don't plug into any Ethernet jacks.

• Stay off the Wi-Fi networks at the airport and the events.

• Don't use the ATMs in the vicinity of the conferences.

What to leave at home:
• Your laptop and smartphone. You can't be attacked if you don't bring your equipment. If you must bring it, consider leaving it in the hotel room.