Forgot your password?
typodupeerror
Networking IT

Hacker Conventions Ranked By Bandwidth-Per-Visitor 55

Posted by timothy
from the elbowroom-is-too-hard-to-quantify dept.
An Anonymous Coward writes "Ever wondered how much bandwidth you will get at a hacker con? This web page tells you how much. It shows the total bandwidth and bandwidth for each visitor for all the recent hacker cons." It looks like Defcon attendees get the short end of the stick, while those at metarheinmain chaosdays are practically swimming in bandwidth. There are a lot of other cons (a few examples listed here) which I'd like to see added to this list.
This discussion has been archived. No new comments can be posted.

Hacker Conventions Ranked By Bandwidth-Per-Visitor

Comments Filter:
  • by Arainach (906420) on Saturday September 06, 2008 @07:00PM (#24905415)
    You'd have to be pretty crazy and/or desperate to risk using the provided bandwidth at DefCon (or any hacker con) for that matter. Regardless of how much faith you may have in the people running the network, you're surrounded on all sides by people who would like nothing more than to steal your information. While at DefCon, stay away from the ATMs and if at all possible stay away from the network entirely.
    • by maxume (22995)

      Are you one of these bad-ass uber hackers?

      • Re: (Score:2, Insightful)

        by leuk_he (194174)

        He is one of the spooks who want to keep their data safe instead of hacking...

    • Re: (Score:1, Funny)

      by Anonymous Coward

      While at DefCon, stay away from the ATMs and if at all possible stay away from the network entirely.

      I've heard the can hack those ATMs to steal your information if you even look at them!

    • Re: (Score:3, Insightful)

      by lysergic.acid (845423)

      yes, because we all know that 99% of all internet traffic is used for the transmission of e-mail passwords, credit card info, social security numbers, and other sensitive personal info. after all, no one would possibly want to read the news, or check their favorite blog or web comic, or play some online games while at DefCon.

      and i'm sure no one at DefCon has ever heard of SSL.

      • I guess you didn't read the Kaminsky presentation.

      • How many passwords that flow over the intertubes do you think are encrypted? Very few actually are.

        Plus, there's all sorts of fun attacks that require you to just be connected to a network to perform (TCP injection being my personal favorite. Instead of google, they get blaster.).
    • by Eil (82413) on Saturday September 06, 2008 @09:35PM (#24906669) Homepage Journal

      I can't tell if this is a troll or not, but I'll bite either way...

      You'd have to be pretty crazy and/or desperate to risk using the provided bandwidth at DefCon (or any hacker con) for that matter.

      I don't think you understand much about hackers or hacker conventions. The conventions tend to have the best network management and security possible, period. That's what these people do all day long. For most of them, it's their job to make things secure so of course they're going to put more effort into it, especially with their friends hanging around.

      Regardless of how much faith you may have in the people running the network, you're surrounded on all sides by people who would like nothing more than to steal your information.

      Sheesh, let me guess, you check under your bed for hackers at night before you go to sleep?

      First off, it's universally accepted at all hacker cons that you don't attack the infrastructure put in place by either the con or the hotel. Doing so will just ruin it everyone. It's the kind of thing that will get a person banned from both permanently.

      Second, hackers do not want your information. They mainly care about exploring and exposing weaknesses that will allow less scrupulous elements of society to steal your data. (Namely, fraudsters and most federal governments.)

      While at DefCon, stay away from the ATMs and if at all possible stay away from the network entirely.

      The advice to stay away from free-standing ATMs is always applicable, but I have no sympathy for someone who sends sensitive information over an insecure channel no matter which network they're on.

    • The worst that happens is stability problems, assuming you use a VPN with strong crypto and authentication. You *do* do that, when on a hostile network, don't you? If not, welcome to the wall of sheep, or injection of goatse into all of your web pages, etc.

      The stability problems have gone away in recent years with Aruba and others using the con as a proving ground for their wireless security tools on the live network.

    • by flosofl (626809) on Saturday September 06, 2008 @11:23PM (#24907321) Homepage

      You'd have to be pretty crazy and/or desperate to risk using the provided bandwidth at DefCon (or any hacker con) for that matter. Regardless of how much faith you may have in the people running the network, you're surrounded on all sides by people who would like nothing more than to steal your information. While at DefCon, stay away from the ATMs and if at all possible stay away from the network entirely.

      Dude, what? I was there and as long as you use OpenVPN back to your home box and proxy everything through your cable modem you're going to be OK. Or create a SOCKS proxy using a ssh tunnel back to your home connection.

      Yeah, stay away from the ATMs because you will get raped by the fees. Or are you trying to say that someone will put a magstripe and PIN harvester on the machines. As if. Not only was security seriously stepped up compared to the last two years, the casinos have cameras that do nothing but monitor the ATMs precisely to stop this (I chatted up one of the security suits this year).

      Breath easy and just be aware of what kind of traffic is leaving and entering your system.

      Did you even go this year? If you did, I bet you were the one cowering in the corner removing the batteries from all your devices "just in case".

      • by jrockway (229604)

        Modifying existing ATMs is only one way to get magstripes/PINs. You could also build a box that looks like an ATM, add a card reader + keypad + clever software, and deploy it on a nearby street corner. You could even make it dispense money, if you were so inclined.

      • I was there and as long as you use OpenVPN back to your home box and proxy everything through your cable modem you're going to be OK.

        Yeah, I know. I was the one pretending to be your home box.

        Yes, the danger of Defcon's network is probably exaggerated, but the fact is, of all the people in the world, the ones that know how to break SSL, MITM your VPN, etc. are concentrated in one hotel on one weekend. It's not smart to overexpose yourself in any case, but extra caution isn't stupid.

  • I don't get it. (Score:5, Interesting)

    by SoapBox17 (1020345) on Saturday September 06, 2008 @07:00PM (#24905427) Homepage
    Color me stupid, but I don't understand why anyone would care how much bandwidth per atendee is available at a hacker convention. You don't got to *do* hacking, you go to learn about hacking from people in the same building (thus requiring little to no B/W). And from what I have heard about Defcon you are best to not bring any of your own devices at all, lest you end up hacked yourself and on the wall of shame.
    • Re:I don't get it. (Score:5, Interesting)

      by wik (10258) on Saturday September 06, 2008 @07:05PM (#24905469) Homepage Journal

      Put another way, the bisection bandwidth between participants at a decent conference should be high. The bandwidth external to the conference really shouldn't matter.

      There are much better ways to get an internet connection which don't involve spending hundreds of dollars to get into a hotel.

      • Pah! It's still cheaper than AT&T [slashdot.org]! *And* you get a hotel thrown in!

      • Well the high bandwidth conferences usually stream all their talks as high-quality video into the net.

        I have no idea why bandwidth is seen as such a scarse resource in your country. The congresses usually get their bandwidth for free. I mean it's just a few gigabits for a few days, ISPs donate that to balance their peering agreements.

      • by foalkn (1359111)
        nope, it's talking about the bandwidth to the internet aka uplink, not the internal connectivity.
    • Re: (Score:1, Interesting)

      by Anonymous Coward

      You don't got to *do* hacking, you go to learn about hacking from people in the same building (thus requiring little to no B/W).

      I don't really know about American hacker conferences, as I've never been to one, but from what I've heard about American hacker culture, it seems that you're projecting its integration into commerce onto the rest of the world.

      Visit a European hacker conference, you'll see that there's a lot of hacking going on at the conference. Also, the ideology of free flow of information is considered very important, which includes lots of Internet for everyone. This probably is why conferences are planned in a way tha

    • Re:I don't get it. (Score:5, Informative)

      by flirzan (133046) <flirzanNO@SPAMpsychoholics.org> on Saturday September 06, 2008 @08:07PM (#24905999) Homepage Journal

      You don't got to *do* hacking, you go to learn about hacking from people in the same building (thus requiring little to no B/W).

      You have clearly never been to defcon, and/or miss the point of the con altogether. Sure, there are great speakers giving talks about important and relevant topics. Some of them are even useful...

      But the larger part of con the for a lot of the attendees is to get together with like-minded individuals and...wait for it...hack.

      Here [defcon.org] are some examples of the hacking that went on at this year's defcon. The Lost@con Mystersy Challenge results aren't there, and as a participant I can tell you that it required breaking crypto, circumventing physical security measures, debugging code, hardware hacking skills, and trick-or-treating, among other things. I don't know what your definition of "hacking" is, but it should probably include a few of those.

      This also doesn't mention some of the cool things going on in the lock-picking village, the hardware hacking village, the wi-fi village, etc...

      And from what I have heard about Defcon you are best to not bring any of your own devices at all, lest you end up hacked yourself and on the wall of shame.

      Most people I know wipe and reimage their machines after spending any time at all on the defcon network. They call it the most hostile network environment on the planet for good reasons. That being said, the Wall of Sheep has absolutely nothing to do with being "hacked", it simply displays usernames and (partial) passwords for people who are too stupid or lazy to use encrypted protocols. If you show up at a hacker convention and can't be bothered to use TLS or SSL for your email, you deserve to be shamed.

      • . If you show up at a hacker convention and can't be bothered to use TLS or SSL for your email, you deserve to be shamed.

        Either that, or use ssh to log into your home box and read your email that way.

    • Re: (Score:3, Insightful)

      by lysergic.acid (845423)

      if you really are there to learn, then being on the wall of sheep shouldn't be a deterrent from bringing your own device. being hacked is a learning experience in itself.

      and wouldn't you rather be hacked at a convention which promotes education and security awareness rather than in the real world where you're likely to be hacked by a script kiddie who's motivated by malice and won't be so kind as to let you know that your security has been compromised?

      if you do find your system hacked into and can't figure

  • Location (Score:4, Insightful)

    by Vertana (1094987) on Saturday September 06, 2008 @07:03PM (#24905447) Homepage

    Location plays a major part in how much bandwidth is going to be available. Beyond being just dependent on the ISP based on location and what companies are available there, you also have to look at which building it is being held in. DEFCON may have gotten the short end of the stick because the owners of the building they used would only allow so much. Not that a lot is needed (at least in comparison to how many participants are there)... nobody exactly goes to DEFCON to torrent an HD movie.

    • the "metarheinmain chaosdays" takes place at a major technical university.
      I guess they will be able to use the existing network/wifi and outbound connectivity
      that the university has already (via DFN [wikipedia.org]).
      and they probably do not need to pay for the bandwidth used.

  • ...BiMonSciFiCon?!? of all the cons, that is obviously the most important
    • Re: (Score:1, Funny)

      by Anonymous Coward

      ...BiMonSciFiCon?!? of all the cons, that is obviously the most important

      Be there and be square!

  • SIGGRAPH (Score:3, Interesting)

    by morrison (40043) on Saturday September 06, 2008 @07:39PM (#24905775) Homepage

    It'd be interesting to see the bandwidth statistics for the annual ACM SIGGRAPH computer graphics conference. With tens of thousands of visitors and thousands of full-conference attendees (a huge portion of which are on their laptops all week), I've yet to see a SIGGRAPH conference that didn't bring a convention center's networking to its knees (as well as most surrounding hotel networks). Of course, the per-person bandwidth is relatively low with so many users, but it would be interesting to see the statistics throughout the week regardless.

    Especially for such a massive conference that is accustomed to the sustained high-tech audio/video load and with organizers that try to anticipate the high-usage (and have a corresponding budget to prepare), I suspect that there are considerably more bits transferred during SIGGRAPH than most any other conference through sheer size alone.

  • Anybody know what software they used to produce that chart?

    The combination of spreadsheet data right alongside the bar graph looks really handy. I wouldn't mind having that ability for some upcoming reports and presentations.

    • by slyborg (524607)

      Um, kind of looks like Excel. You could definitely do it in Excel.

    • I'm slightly impressed by the automatically-scaled logarithmic plot. Any and every dumb chart-producing app can auto-scale a linear scale correctly, but, check it yourself, int(e(n*(l(9000)/10))) [n=0..10] is correct (at least at first glance to someone who's more interested in his tomato soup at the moment).

      And, as people above have stated, it's not the bandwidth to the 'net that I'd want at an *{info,secur,...}*con, it's the inter-attendee (and attendee-presenter) bandwidth.

  • Duh! (Score:3, Funny)

    by itwasgreektome (785639) on Saturday September 06, 2008 @09:30PM (#24906625)
    Ummm, it's a hacker convention- Why would they purchase their own bandwidth when there's wireless in the office above?
    • So you are suggesting that a crowd of several hundred people (the kind that propably make Comcast's list of excessive downloaders) share a measly ~1.5Mbps?

      • Lol- I'm not saying they are happy with that 1.5Mbps, nor am I saying it's enough- I'm just saying, they're hackers- and it's free.
  • Sounds like they forgot about the oldest running hacker conference, Pumpcon [pumpcon.org], held every year in Philly since about 1987... I guess it's too underground (less than 200 people show up every year) -- although the who's who of the hacker world has probably been there at some point, no doubt.
  • We dont pay for our bandwidth... We get it for free and even the largest german internet provider asks us if they could peer with us.
  • Here I thought "bandwidth" was an euphemism for something worth ranking, and it's just a list of how many bits went in and out....

  • Well the problem probably lies in the image of hackers. I mean in germany, the CCC made a good name by talking publicaly about sensitive political issues and showing the dangers. Also by showing that certain "ohh we are so secure"-systems are completely insecure after all, etc. And of course the occational "fun, but everybody likes it" project like Blinkenlights.

    What you guys in the US need is some kind of hacker association like the CCC. I mean 2600 is already quite nice, but it's commercial and therefore

  • I've been running the network at ToorCon for the past several years (configs here [darkuncle.net]), and the first year (before I was really helping out at all) we hung the entire con off a Ricochet 56Kbps wireless modem. :) We've had point-to-point wifi links and gigabit drops from hotels, but the last several years at the San Diego Convention Center, we've been using primarily donated EVDO cards as uplinks - mainly because SDCC wants $10,000 per diem for wired network access, with a stipulation of no NAT (making it useles

  • https://events.ccc.de/camp/2007/Fahrplan/attachments/1348-Camp07-NetworkStats.pdf [events.ccc.de] (the line had at least 300MBit for 1800 attendees ) Hope Number Six had a 45mb uplink, but only 10mb was used due to a bad cable connection and roughly 3000 attendees straight from network operator from the convention) someone can contact dragorn on nycwireless.net or watch the closing ceremonies of the last hope for the specs this year
  • The amount of available bandwidth per visitor at any given hacker convention should be calculable as follows: ABPVAAGHC= [The amount of available free wireless networks in the area]* [The average bandwidth of those networks]/[The number of attendees at that convention] They're hackers...why would they have their own service?

The person who's taking you to lunch has no intention of paying.

Working...