Attending Defcon and Black Hat can make you feel a bit like a deer in a forest full of hunters.
With virus-infected USB drives, Wi-Fi network sniffing, badges with built-in microphones and even security experts getting hacked, it seems like it's only a matter of time until your number comes up if you're not careful.
I asked some security experts for suggestions on what they do to protect themselves at the events and here is what they said.
Do's:
• Have minimal software on your laptop, such as only the operating system and necessary applications.
• Make a backup of your computer before you leave for the conference and then wipe everything and reinstall when you get home.
• Disable Bluetooth and Wi-Fi on all devices.
• Use an EVDO wireless card.
• Only connect to the Internet when you must.
• Use a virtual private network and--if you can--use RSA ID authentication and stop all direct connections to the computer.
• Run Linux off a USB key, back up documents online, and start with a fresh operating system every day.
• In addition to using updated security, application, and system software (antivirus in particular) and installing patches, use an operating system-level firewall.
• Use a disposable camera and a pre-paid cell phone.
• Lock up your equipment in your hotel room when you are going to be gone.
• Take the drives with you when you leave the laptop in the hotel room.
• Ask to be listed as a non-registered guest at the hotel so people can't get your room number or acknowledgement that you are staying at the hotel.
Don'ts:
• Don't plug into any Ethernet jacks.
• Stay off the Wi-Fi networks at the airport and the events.
• Don't use the ATMs in the vicinity of the conferences.
What to leave at home:
• Your laptop and smartphone. You can't be attacked if you don't bring your equipment. If you must bring it, consider leaving it in the hotel room.