Hacker Summer Camp is coming up soon, and there have been some great conversations (ty @zombiehacker) and questions both in IRC and in the Bugcrowd offices about the current state of personal infosec in Vegas this year (and indeed, at any other security conference or otherwise hostile network environment).
What are your tricks and tips for running a gauntlet without getting pwned? (and keep in mind, the more difficult you make something for yourself, the more likely you are to say “oh, screw it” at some point and workaround your controls in a way that might actually be less secure. Usability counts.
My approach is basic infosec 101, with a dash of healthy paranoia plus a bit of compartmentalization for if anything fails.
Hey,
Defcon is around the corner and I am unsure how secure most people are. Do most use burner phones and laptops they only use at conferences? I know of a couple who do. Would using a virtual machine be good enough? I have an old laptop, but it only keeps a half hour charge when not connected and weighs 8 lbs or so.
I have a computer, I won’t call it disposable but let’s say it’s better for travel. i don’t take my personal computer out at all. I don’t even take my business laptop. Too much at risk, but I am super cautious.
I have one as well, but it only has a 30 minute charge when not plugged in and isn’t lightweight. I’ll be using a vpn on phone and pc for sure. A VM might be useful.
These are some good tips that I have thought about:
Always have a trusted VPN in your hand for all your internet usage.
Try your best to minimize your personal internet usage, (Just use internet when it’s necessary).
3)Physical security is important: Do not bring many devices to conferences, it would be stolen if you lose your focus on it.
in case you brought devices, try your best to not have important or personal data.
Keep wifi, Bluetooth, NFC, etc… off when possible.