Editing DEF CON

{{short description|Annual hacker gathering in Las Vegas, Nevada}}
{{about|the computer security convention||Defcon (disambiguation)}}
{{Infobox recurring event
| name               = <!--Uses page name if omitted-->
| logo               = 
| logo_alt           = DEF CON Logo
| logo_caption       = 
| logo_size          = 
| image              = 
| image_size         = 
| status             = Active <!-- STOP!!  The cancellation of DEFCON is a long-running gag. See the talk page or look at the HTML source of defcon.ws (use CTRL+U or CMD+ALT+U to see it). Unless you have information from *multiple* reliable sources, please don't change this.   -->
| frequency          = Annual
| country            = United States
| years_active       = {{age|1993|06|01}}
| genre              = Security Conference, Hacker Conference
| begins             = 
| venue              = Varies
| location           = [[Las Vegas]], [[Nevada]]
| prev               = August 8-11, 2024
| next               = August 7-10, 2025
| founder_name       = [[Jeff Moss (hacker)|Jeff Moss]]
| attendance         = Over 30,000
| capacity           = 
| area               = 
| budget             = 
| activity           = 
| website            = {{URL|https://defcon.org}}
| footnotes          = 
| first              = {{start date|1993|6|9}}<ref>{{cite web|url=https://www.defcon.org/html/links/dc-archives/dc-1-archive.html | title= Def Con 1 Archive|access-date = 2017-04-23}}</ref>
}}
{{Computer hacking}}
'''DEF CON''' (also written as '''DEFCON, Defcon,''' or '''DC''') is a [[Computer security conference|hacker convention]] held annually in [[Las Vegas Valley|Las Vegas]], [[Nevada]]. The first DEF CON took place in June 1993 and today many attendees at DEF CON include [[computer security]] professionals, [[journalist]]s, lawyers, federal government employees, security researchers, students, and [[Hacker (computer security)|hackers]] with a general interest in [[source code|software]], [[computer architecture]], hardware modification, conference badges, and anything else that can be "hacked". The event consists of several tracks of speakers about computer and hacking-related subjects, as well as cyber-security challenges and competitions (known as hacking [[Wargame (hacking)|wargames]]). Contests held during the event are extremely varied and can range from creating the longest [[Wi-Fi]] connection to finding the most effective way to cool a beer in the [[Nevada]] heat.<ref>{{Cite web|url=https://deviating.net/bccc/|title=DefCon Beverage Cooling Contraption Contest|website=deviating.net|archive-url=https://web.archive.org/web/20240815221958/https://deviating.net/bccc/|archive-date=2024-08-15|url-status=dead}}</ref>

Other contests, past and present, include [[lockpicking]], [[Defcon Robot Contest|robotics-related contests]], art, slogan, coffee wars, [[scavenger hunt]], and [[Capture the flag (cybersecurity)|Capture the Flag]]. Capture the Flag (CTF) is perhaps the best known of these contests and is a hacking competition where teams of hackers attempt to attack and defend computers and networks using software and network structures. CTF has been emulated at other hacking conferences as well as in academic and military contexts (as [[red team]] exercises).

Federal law enforcement agents from the [[Federal Bureau of Investigation|FBI]], [[United States Department of Defense|DoD]], [[United States Postal Inspection Service]], [[United States Department of Homeland Security|DHS]] (via [[Cybersecurity and Infrastructure Security Agency|CISA]]) and other agencies regularly attend DEF CON.<ref name="Zetter" /><ref>{{cite web
  | url = https://www.defcon.org/html/defcon-15/dc-15-faq.html
  | title = DEFCON 15 FAQ's
  | access-date = 9 Feb 2011
  | quote = Lots of people come to DEFCON and are doing their job; security professionals, federal agents, and the press.
}}</ref> Some have considered DEF CON to be the "world's largest" hacker conference given its attendee size and the number of other conferences modeling themselves after it.

== History ==
DEF CON was founded in 1993, by then 18-year-old [[Jeff Moss (hacker)|Jeff Moss]] as a farewell party for his friend, a fellow hacker and member of "Platinum Net", a [[FidoNet]] protocol based hacking network from [[Canada]].<ref>{{Cite web|url=https://www.defcon.org/html/links/dc-about.html|title=DEF CON® Hacking Conference – About|last=Tangent|first=The Dark|website=www.defcon.org|access-date=2016-03-12}}</ref> The party was planned for Las Vegas a few days before his friend was to leave the United States, because his father had accepted employment out of the country. However, his friend's father left early, taking his friend along, so Jeff was left alone with the entire party planned. Jeff decided to invite all his hacker friends to go to Las Vegas with him and have the party with them instead. Hacker friends from far and wide got together and laid the foundation for DEF CON, with roughly 100 people in attendance.

The term DEF CON comes from the movie ''[[WarGames]]'', referencing the [[DEFCON|U.S. Armed Forces defense readiness condition (DEF CON)]]. In the movie, Las Vegas was selected as a nuclear target, and since the event was being hosted in Las Vegas, it occurred to Jeff Moss to name the convention DEF CON. However, to a lesser extent, CON also stands for convention and DEF is taken from the letters on the number 3 on a [[telephone keypad]], a reference to [[Phreaking|phreakers]].<ref>{{cite web |url=https://www.defcon.org/html/links/dc-about.html|title=DEFCON about}}</ref> The official name of the conference includes a space in-between DEF and CON.

Though intended to be a one-time event, Moss received overwhelmingly positive feedback from attendees, and decided to host the event for a second year at their urging. The event's attendance nearly doubled the second year, and has enjoyed continued success.<ref>{{cite video | people = [[Jeff Moss (hacker)|Jeff Moss]] | date = July 30, 2007 | title  = The Story of DEFCON | url = https://www.youtube.com/watch?v=lg6bQMTjHCE | access-date = 9 Feb 2011}}</ref> In 2019, an estimated 30,000 people attended DEF CON 27.<ref name="forum.defcon.org">{{Cite web|url=https://forum.defcon.org/node/229647|title=Def Con 27 Transparency Report - DEF CON Forums|website=forum.defcon.org|access-date=2019-08-17}}</ref>

{{anchor|DEFCON: The Documentary}} For DEF CON's 20th Anniversary, a film was commissioned entitled   ''DEF CON: The Documentary''.<ref>{{IMDb title|qid=Q123536853|title=DEFCON: The Documentary}}</ref> The film follows the four days of the conference, events and people (attendees and staff), and covers history and philosophy behind DEF CON's success and unique experiences.

{{anchor|DEF CON China}} In January 2018, the DEF CON China Beta event was announced. The conference was held May 11–13, 2018 in Beijing, and marked DEF CON's first conference outside the United States. The second annual DEF CON China was canceled due to concerns related to [[COVID-19]].<ref>{{cite web |url=https://www.theregister.co.uk/2020/01/28/defcon_china_cancelled/|title=Coronavirus claims new victim: 'DEF CON cancelled' joke cancelled after DEF CON China actually cancelled|website=[[The Register]]}}</ref>

{{anchor|DEF CON Safe Mode}} In 2020, due to safety concerns over [[COVID-19]] the DEF CON 28 in-person Las Vegas event was cancelled<ref>{{cite magazine |url=https://www.wired.com/story/defcon-is-canceled/|title=Defcon is Cancelled|magazine=Wired|last1=Newman|first1=Lily Hay}}</ref> and replaced with DEF CON Safe Mode,<ref>{{cite web |url=https://defcon.org/html/defcon-safemode/dc-safemode-faq.html|title=DEF CON 28 Safe Mode FAQ}}</ref> a virtual event planned for the same August 6–9 dates as DC 28.

In 2021, DEF CON 29 was held on August 5–8 in-person in Las Vegas and virtually (via [[Twitch (service)|Twitch]] and [[Discord]]). In-person attendees were required to wear masks in conference areas and to show proof of COVID-19 vaccination. Attendees with verified vaccine records (verified by a 3rd party) were given a wristband which was required for entry into the conference areas.<ref>{{cite web |url= https://defcon.org/html/defcon-29/dc-29-faq.html|title=DEF CON 29 FAQ}}</ref>

== Components ==

===Handles===
Attendees at DEF CON and other Hacker conferences often utilize an alias or "handle" at conferences. This is in keeping with the hacker community's desire for anonymity. Some known handles include DEF CON founder [[Jeff Moss (hacker)|Jeff Moss]]' handle of "[[Dark Tangent]]". A notable event at DEF CON is DEF CON 101 which starts off the conference and may offer the opportunity for an individual to come up on stage and be assigned a handle by a number of members of the community.

===Badges===
[[File:DefCon Badges.jpg|thumb|right|Multiple, electronic and non-electronic, DEF CON human badges along with other conference badges.]]A notable part of DEF CON is the conference badge, which identifies attendees and ensures attendees can access conference events and activities. The DEF CON badge has historically been notable because of its changing nature, sometimes being an electronic badge ([[Printed circuit board|PCB]]), with [[Light-emitting diode|LEDs]], or sometimes being a non-electronic badge such as a [[vinyl record]]. Conference badges often contain challenges or callbacks to hacker or other technology history, such as the usage of the [[Konami Code]] in the DEF CON 24 badge, or the DEF CON 25 badge reverting to the look of the DEF CON 1 badge. DEF CON Badges do not (generally) identify attendees by name; however, the badges are used to differentiate attendees from others. One way of doing this has been to have different badges, a general conference attendee (HUMAN) badge, a Staff member (GOON), Vendor, Speaker, Press, and other badges. In addition, individuals and organizations have begun creating their own badges in what has become known as badgelife. These badges may be purchased in many cases, or earned at the conference by completing challenges or events. Some badges may give the holder access to after hours events at the conference. In 2018, the evolution of this came with what was termed "shitty addon's" or SAOs. These were miniature (usually) PCBs that connected to the official and other badges that may extend functionality or were just collected.<ref>{{cite web |last=Oberhaus |first=Daniel |date=September 18, 2018 |title=A History of Badgelife, Def Con's Unlikely Obsession with Artistic Circuit Boards |url=https://www.vice.com/en/article/a-history-of-badgelife-def-cons-unlikely-obsession-with-artistic-circuit-boards/ |access-date=January 14, 2019 |website=Vice Motherboard}}</ref><ref>{{cite web |last=McAllister |first=Neil |date=August 12, 2015 |title=Is this the most puzzling DEF CON attendee badge yet on record? |url=https://www.theregister.co.uk/2015/08/12/def_con_23_record_badge/ |access-date=January 14, 2019 |website=The Register UK}}</ref>

===Villages===
Villages are dedicated spaces arranged around a specific topic. Villages may be considered mini conferences within the con, with many holding their own independent talks as well as hands-on activities such as CTFs, or labs. Some villages include Aerospace Village, Car Hacking Village, IoT Village, Recon, [[Do-it-yourself biology|Biohacking]], [[Lock picking|lockpicking]], [[ham radio]], and the well known [[Social engineering (security)|Social Engineering]] and vote hacking villages. In 2018 the vote hacking village gained media attention due to concerns about US election systems security vulnerabilities.<ref>{{cite web |last=Molina |first=Brett |date=August 14, 2018 |title=11-year-old hacks replica of Florida state website, changes election results |url=https://www.usatoday.com/story/tech/nation-now/2018/08/13/11-year-old-hacks-replica-florida-election-site-changes-results/975121002/ |access-date=January 14, 2019 |website=USA Today}}</ref><ref>{{Cite web |title=Home |url=https://www.aerospacevillage.org/ |website=Aerospace Village}}</ref>

===Internal Conferences===
DEF CON has its own cultural underground which results in individuals wanting to create their own meetups or "cons" within DEF CON. These may be actual formal meetups or may be informal. Well known cons are:
* Queercon, a meetup of [[LGBT|LGBTQ]] community.
* Linecon, any long line has the potential to turn into a con.
* QuietCon, a meetup to hang out or talk quietly away from the hustle and bustle of the rest of the conference attendees.

===Workshops===
Workshops are dedicated classes on various topics related to [[information security]] and related topics. Historical workshops have been held on topics such as Digital Forensics investigation, hacking [[Internet of things|IoT]] devices, playing with [[RFID]], fuzzing and attacking smart devices.

=== Fundraising ===
Since DEF CON 11, fundraisers have been conducted for the [[Electronic Frontier Foundation]] (EFF). The first fundraiser was a [[dunk tank]] and was an "official" event. The EFF now has an event named "The Summit" hosted by the Vegas 2.0 crew that is an open event and fundraiser. DEF CON 18 (2010) hosted a new fundraiser called MohawkCon.

== Contests ==
Within DEF CON there are many contests and events which range from, Capture the Flag, Hacker Jeopardy,<ref>{{Cite web |title=Hacker Jeopardy for DEF CON 28 |url=https://www.dfiu.tv/ |access-date=2024-01-29 |website=www.dfiu.tv}}</ref> Scavenger Hunt,<ref>{{Cite web |title=DEF CON Scavenger Hunt |url=https://www.defconscavhunt.com/ |access-date=2024-01-29 |website=DEF CON Scavenger Hunt}}</ref> Capture the Packet, Crash and Compile,<ref>{{Cite web |title=DEF CON Crash and Compile Contest |url=https://crashandcompile.org/ |access-date=2024-01-29 |website=crashandcompile.org}}</ref> and Hackfortress<ref>{{Cite web |title=Hackfortress |url=https://hackfortress.net/ |access-date=2024-01-29 |website=hackfortress.net}}</ref> to name a few.

===Black Badge===
The Black Badge is the highest award DEF CON gives to contest winners of certain events. [[Capture the flag (cybersecurity)|Capture the flag]] (CTF) winners sometimes earn these, as well as Hacker Jeopardy winners. The contests that are awarded Black Badges vary from year to year, and a Black Badge allows free entrance to DEF CON for life, potentially a value of thousands of dollars.<ref>{{Cite web |last=Tangent |first=The Dark |title=DEF CON® Hacking Conference – Black Badge Hall of Fame |url=https://www.defcon.org/html/links/dc-black-badge.html |access-date=2016-03-12 |website=www.defcon.org}}</ref>

In April 2017, a DEF CON Black Badge was featured in an exhibit<ref>{{Cite web |date=20 April 2017 |title=Innovations in Defense: Artificial Intelligence and the Challenge of Cybersecurity |url=http://americanhistory.si.edu/innovations-defense |website=americanhistory.si.edu}}</ref> in the [[Smithsonian Institution]]'s [[National Museum of American History]] entitled "Innovations in Defense: Artificial Intelligence and the Challenge of Cybersecurity". The badge belongs to ForAllSecure's Mayhem Cyber Reasoning System,<ref>{{Cite web |title=Mayhem Wins DARPA CGC |url=https://forallsecure.com/blog/2016/08/06/mayhem-wins-darpa-cgc/ |url-status=dead |archive-url=https://web.archive.org/web/20190215222729/https://forallsecure.com/blog/2016/08/06/mayhem-wins-darpa-cgc/ |archive-date=2019-02-15 |access-date=2017-04-24}}</ref> the winner of the [[DARPA]] [[2016 Cyber Grand Challenge]] at DEF CON 24 and the first non-human entity ever to earn a Black Badge.

=== Capture the flag ===
The first instance of the DEF CON CTF was held in 1996, at the 4th DEF CON, and has been held since then every year.<ref>{{Cite web |last=Moss |first=Jeff |title=DEF CON Hacking Conference - Capture the Flag Archive |url=https://defcon.org/html/links/dc-ctf.html}}</ref> It's one of the few CTF in the attack/defense format. The prize of the winning team is a couple of black badges.<ref name=":0">{{Cite web |last=vulc@n of DDTek |date=2023 |title=A history of Capture the Flag at DEF CON |url=https://defcon.org/html/links/dc-ctf-history.html }}</ref>
{| class="wikitable"
|+Capture the Flag Timeline <ref>{{Cite web |title=A Brief History of CTF |url=https://psifertex.github.io/a-brief-history-of-ctf/#/2 |access-date=2023-12-20 |website=psifertex.github.io}}</ref><ref name=":0" />
!Year
!DEF CON
!Competing Teams
!Organizers
!Architecture
!Platform
!Winning Team
|-
|1996
|4
|
|Goons
|
|
|AJ Reznor
|-
|1997
|5
|
|Goons
|
|
|AJ Reznor
|-
|1998
|6
|
|Goons
|
|
|SNI
|-
|1999
|7
|
|Goons
|
|
|Ghetto Hackers
|-
|2000
|8
|
|Goons
|
|
|Ghetto Hackers
|-
|2001
|9
|
|Goons
|
|Multiple
|Ghetto Hackers & digirev
|-
|2002
|10
|
|Ghetto Hackers
|
|[[Red Hat Linux|Redhat]] 6.2
|Digital Revelation
|-
|2003
|11
|8
|Ghetto Hackers
|
|[[OpenBSD]]
|Anomaly
|-
|2004
|12
|8
|Ghetto Hackers
|i386
|Windows
|sk3wl0fr00t
|-
|2005
|13
|8
|Kenshoto
|i386
|[[FreeBSD]] 5.4
|shellphish
|-
|2006
|14
|8
|Kenshoto
|i386
|[[Solaris OS|Solaris]] 10
|1@stplace
|-
|2007
|15
|8
|Kenshoto
|i386
|FreeBSD
|1@stplace
|-
|2008
|16
|8
|Kenshoto
|i386
|FreeBSD
|Sk3wl of Root
|-
|2009
|17
|9
|DDTEK
|i386
|FreeBSD
|VedaGodz<ref>{{Cite web |title=Diutinus Defense Techonologies Corp. / DC17 |url=http://ddtek.biz/dc17.html |access-date=2023-12-27 |website=ddtek.biz}}</ref>
|-
|2010
|18
|12
|DDTEK
|i386
|FreeBSD & Debian
|ACME Pharm<ref>{{Cite web |title=Diutinus Defense Techonologies Corp. / DC18 |url=http://ddtek.biz/dc18.html |access-date=2023-12-27 |website=ddtek.biz}}</ref>
|-
|2011
|19
|12
|DDTEK
|i386
|FreeBSD
|European Nopsleders<ref>{{Cite web |title=Diutinus Defense Techonologies Corp. / Home |url=http://ddtek.biz/dc19.html |access-date=2023-12-27 |website=ddtek.biz}}</ref>
|-
|2012
|20
|20
|DDTEK
|i386
|FreeBSD
|Samurai
|-
|2013
|21
|20
|Legitimate Business Syndicate
|armv7
|Linux
|Plaid Parliament of Pwning
|-
|2014
|22
|20
|Legitimate Business Syndicate
|armv7 & i386
|Linux
|Plaid Parliament of Pwning
|-
|2015
|23
|15
|Legitimate Business Syndicate
|MIPS, x86 & armv7
|Linux
|DEFKOR
|-
|2016
|24
|15
|Legitimate Business Syndicate
|i386
|DECREE
|Plaid Parliament of Pwning
|-
|2017
|25
|15
|Legitimate Business Syndicate
|cLEMENCy
|cLEMENCy
|Plaid Parliament of Pwning
|-
|2018
|26
|24
|Order Of the Overflow
|MIPS, x86 & armv7
|Linux
|DEFKOR00T<ref>{{Cite web |title=DEF CON CTF 2018 |url=https://oooverflow.io/dc-ctf-2018-finals/ |access-date=2023-12-21 |website=OOO — DEF CON CTF |language=en-US}}</ref>
|-
|2019
|27
|16
|Order Of the Overflow
|x86, arm64, esoteric
|Linux, iOS, Xbox
|Plaid Parliament of Pwning<ref>{{Cite web |title=OOO — DEF CON CTF |url=https://oooverflow.io/dc-ctf-2019-finals/ |access-date=2023-12-21 |website=OOO — DEF CON CTF |language=en-US}}</ref>
|-
|2020
|28
|16
|Order Of the Overflow
|x86, esoteric
|Linux
|A*0*E<ref>{{Cite web |title=OOO — DEF CON CTF |url=https://oooverflow.io/dc-ctf-2020-finals/ |access-date=2023-12-21 |website=OOO — DEF CON CTF |language=en-US}}</ref>
|-
|2021
|29
|16
|Order Of the Overflow
|x86, microengine
|Linux
|Katzebin<ref>{{Cite web |title=OOO — DEF CON CTF |url=https://oooverflow.io/dc-ctf-2021-finals/ |access-date=2023-12-21 |website=OOO — DEF CON CTF |language=en-US}}</ref>
|-
|2022
|30
|16
|Nautilus Institute
|mixed
|
|Maple Mallard Magistrates<ref>{{Cite web|title=CTFtime.org / DEF CON CTF 2022 |url=https://ctftime.org/event/1662 |access-date=2024-09-06 |website=CTFtime |language=en-US}}</ref>
|-
|2023
|31
|12
|Nautilus Institute
|mixed
|
|Maple Mallard Magistrates<ref>{{Cite web|title=CTFtime.org / DEF CON CTF 2023 |url=https://ctftime.org/event/2078 |access-date=2024-09-06 |website=CTFtime |language=en-US}}</ref>
|-
|2024
|32
|12
|Nautilus Institute
|mixed
|
|Maple Mallard Magistrates<ref>{{Cite web|title=CTFtime.org / DEF CON CTF 2024 |url=https://ctftime.org/event/2462 |access-date=2024-09-09 |website=CTFtime |language=en-US}}</ref>
|}

==== Capture the Flag History ====
In 1996, the first DEF CON CTF was organized, with a couple of [[Server (computing)|servers]] for participants to hack, and judges to decide if a machine has been hacked, and award points accordingly.<ref>{{Cite web |last=Riley |first=Eller |date=2004 |title=Capture the Flag Games |url=https://www.blackhat.com/presentations/bh-asia-04/bh-jp-04-pdfs/bh-jp-04-eller/bh-jp-04-eller.pdf }}</ref>

In 2002, the company [[Immunix]] took part in the game under the moniker "immunex",<ref>{{Cite web |date=2001-07-09 |title=Defcon 9 - Capture The Flag Contest Network |url=https://defcon.org/html/defcon-9/defcon-9-events.html#Capture%20The%20Flag}}</ref> to benchmark the security of their Linux-based operating system, with modifications including [[Stackguard|StackGuard]], [[Format string attack|FormatGuard]], [[Openwall Project|OpenWall]]'s [[Stack buffer overflow|non-executable stack]], SubDomain (the ancestor of [[AppArmor]]), ...<ref>{{Cite web |title=4/23/ Immunix & Defcon: Defending Vulnerable Code From Intense Attack Crispin Cowan, Ph.D Seth Arnold, Steve Beattie, Chris Wright WireX and John. - ppt download |url=https://slideplayer.com/slide/8044490/ |access-date=2023-12-21 |website=slideplayer.com}}</ref>  Confident in their defense capabilities, they even opened access to their servers to other teams, and even spent some time taunting them. The team got the second place, and all their services deployed on their Immunix stack were never compromised.<ref>{{Cite journal |last=Crispin |first=Cowan |date=May 2003 |title=Defcon Capture the Flag: defending vulnerable code from intense attack |url=https://www.researchgate.net/publication/4012201 |journal=DARPA Information Survivability Conference and Exposition |volume=2 |issue=2003}}</ref> It was also the first year the contest had an organiser-provided services infrastructure connected to a real-time scoreboard.<ref>{{Cite web |last=Ghettohackers |title=Defcon 10 - Capture the Flag (CTF) contest |url=https://defcon.org/html/defcon-10/dc-10-post/defcon-10-ctf-rules.html}}</ref>

In 2003, the game had become so popular that a qualification round was introduced, with the previous winner automatically qualified.<ref>{{Cite web |last=The Ghetto Hackers |date=June 29, 2003 |title=Announcing Capture the Flag - Root Fu - Vegas 2003 @ DefCon 11 |url=https://defcon.org/html/defcon-11/events/dc-11-ctf-teams.html}}</ref>

In 2008, the Sk3wl of Root team took advantage of a [[Bug (computer)|bug]] in the game ([[Privileges-drop|privilege dropping]] and [[Process fork|forking]] were inverted), allowing them to have such a massive lead that they spent most of the CTF playing [[Guitar Hero]].<ref>{{Citation |last=Jordan |title=A Brief History of CTF |date=2021-04-06 |url=https://github.com/psifertex/a-brief-history-of-ctf |access-date=2023-12-20}}</ref><ref>{{Cite youtube |url=https://www.youtube.com/watch?v=ywxCWLFej_M |title=A Brief History of CTF - Jordan Wiens |date=2018-03-28 |time=35:41}}</ref>

In 2009, it was announced<ref>{{Cite web |date=2011-05-14 |title=Diutinus Defense Techonologies Corp. / Home |url=http://ddtek.biz/about.html |access-date=2023-12-21 |archive-url=https://web.archive.org/web/20110514105932/http://ddtek.biz/about.html |archive-date=2011-05-14 }}</ref> that "Diutinus Defense Technology Corp" (DDTEK) would be the new organisers, but nobody knew who they were. It was revealed at the end of the game that the team playing as sk3wl0fr00t was the organizer.<ref name=":0" /> "Hacking the top hacker contest seemed like a fun way to introduce ourselves to CTF organization. The yells of "bullshit" from CTF teams during the DEF CON 17 awards ceremony were very gratifying." said vulc@n, a member of DDTEK, on the topic.<ref name=":0" />

In 2011, the team "lollerskaters dropping from roflcopters" used a [[0day]] in [[FreeBSD]] (namely CVE-2011-4062<ref>{{Cite web |last=The FreeBSD Project |date=2011-09-28 |title=Buffer overflow in handling of UNIX socket addresses |url=https://www.freebsd.org/security/advisories/FreeBSD-SA-11:05.unix.asc }}</ref>) to escape [[FreeBSD jail|jails]], causing havoc in the game's infrastructure.<ref>{{Cite web |last=routardz |title=Defcon 19 CTF - CTF Inside |url=https://www.routards.org/2011/08/defcon-19-ctf-ctf-inside.html |access-date=2023-12-20}}</ref>

In 2016, the 15th edition of the CTF was done in partnership with the [[DARPA]], as part of its [[2016 Cyber Grand Challenge|Cyber Grand Challenge]] program, where teams wrote autonomous systems to play the game without any human interaction.<ref>{{Cite web |title=Cyber Grand Challenge (CGC) (Archived) |url=https://www.darpa.mil/program/cyber-grand-challenge |access-date=2023-12-20 |website=www.darpa.mil}}</ref>

In 2017, the Legitimate Business Syndicate came up with their very own CPU architecture called cLEMENCy: a [[middle-endian]] with 9 bits bytes [[Central processing unit|CPU]]. With its specifications released only 24 hours before the beginning of the CTF, it was designed with the explicit goals of both surprising the teams, and leveling the playing field by breaking all their tools.<ref>{{Cite web |last=Unknown |title=cLEMENCy - Showing Mercy |url=http://blog.legitbs.net/2017/10/clemency-showing-mercy.html |access-date=2023-12-20 |language=en}}</ref>

==Groups==
DEF CON Groups are worldwide, local chapters of hackers, thinkers, makers and others. DEF CON Groups were started as a splinter off of the [[2600: The Hacker Quarterly|2600]] meetup groups because of concerns over politicization. Local DEF CON groups are formed and are posted online.<ref>{{Cite web |title=Official forums social group section for DEF CON groups |url=https://forum.defcon.org/social-groups |access-date=2023-02-25 |website=DEF CON Forums |language=en}}</ref> DEF CON Groups are usually identified by the area code of the area where they are located in the US, and by other numbers when outside of the US e.g., DC801, DC201. DEF CON Groups may seek permission to make a logo that includes the official DEF CON logo with approval.

==Notable incidents==
Following are a list of high-profile issues which have garnered significant media attention.
{| class="wikitable" style="border:1px solid #BBB"
!Year
!Description
|-
!1999
|On July 10, 1999, the [[Cult of the Dead Cow]] hacker collective released [[Back Orifice 2000]] (later discovered to be infected with the CIH virus) at DEF CON 7,<ref>{{cite web |last=Nuttall |first=Chris |date=1999-07-13 |title=Back Orifice is child's play, say virus firms |url=http://news.bbc.co.uk/2/hi/science/nature/392526.stm |access-date=2024-10-21 |website=[[BBC News]]}}</ref> in what was, at the time, the largest presentation in DEF CON history.
|-
!2001
|On July 16, 2001, Russian programmer [[Dmitry Sklyarov]] was arrested the day after DEF CON for writing software to decrypt [[Adobe Systems|Adobe's]] [[e-book]] format.<ref>{{cite web |date=2001-07-19 |title=Russian computer programmer arrested at hacker conference |url=https://www.cbc.ca/news/science/russian-computer-programmer-arrested-at-hacker-conference-1.276671 |access-date=2024-10-21 |website=CBC}}</ref>
|-
!2005
|On July 31, 2005, [[Cisco Systems|Cisco]] used legal threats to suppress Mike Lynn from presenting at DEF CON about flaws he had found in the [[Cisco IOS]] used on routers.<ref name="Lamos">{{cite web
  | url = http://www.securityfocus.com/news/11263
  | title = Exploit writers team up to target Cisco routers
  | work = [[SecurityFocus]]
  | date = 31 July 2005
  | access-date = 2004-07-31
  | last = Lamos
  | first = Rob
  | archive-date = 2012-07-28
  | archive-url = https://web.archive.org/web/20120728132402/http://www.securityfocus.com/news/11263
  | url-status = dead
}}</ref>
|-
!2007
|In August 2007, Michelle Madigan, a reporter for ''[[Dateline NBC]]'', attempted to secretly record hackers admitting to crimes at the convention. After being outed by DEF CON founder Jeff Moss during an assembly, she was heckled and chased out of the convention by attendees for her use of covert audio and video recording equipment. DEF CON staff tried to get Madigan to obtain a press pass before the outing happened.<ref name="Cassel">{{cite web 
 |last=Cassel 
 |first=David 
 |url=http://tech.blorge.com/Structure:%20/2007/08/04/transcript-michelle-madigans-run-from-defcon/ 
 |title=Transcript: Michelle Madigan's run from Defcon 
 |work=Tech.Blorge.com 
 |date=4 August 2007 
 |access-date=2007-08-15 
 |url-status=dead 
 |archive-url=https://web.archive.org/web/20070908114514/http://tech.blorge.com/Structure%3A%20/2007/08/04/transcript-michelle-madigans-run-from-defcon/ 
 |archive-date=2007-09-08 
 }}</ref> A DEF CON source at NBC had tipped off organizers to Madigan's plans.<ref name="Zetter">{{cite web
  | url = http://blog.wired.com/27bstroke6/2007/08/media-mole-at-d.html
  | title = Dateline Mole Allegedly at DefCon with Hidden Camera – Updated: Mole Caught on Tape
  | work = [[Wired News|Wired Blog Network]]
  | date = 3 August 2007
  | access-date = 2007-08-15
  | last = Zetter
  | first = Kim
  | quote = According to DefCon staff, Madigan had told someone she wanted to out an undercover federal agent at DefCon. That person in turn warned DefCon about Madigan's plans. Federal law enforcement agents from FBI, DoD, United States Postal Inspection Service and other agencies regularly attend DefCon to gather intelligence on the latest techniques of hackers.
}}</ref>
|-
!2008
|{{Main article|Massachusetts Bay Transportation Authority v. Anderson}}[[Massachusetts Institute of Technology|MIT]] students Zack Anderson, R.J. Ryan and Alessandro Chiesa were to present a session entitled "The Anatomy of a Subway Hack: Breaking Crypto RFIDS and Magstripes of Ticketing Systems." The presentation description included the phrase "Want free subway rides for life?" and promised to focus on the Boston T subway.<ref name="CB1">{{cite web| last=Lundin|first=Leigh |title=Dangerous Ideas |url=http://criminalbrief.com/?p=1892 |work=[[MBTA]] v DefCon 16 |publisher=Criminal Brief |access-date=2010-10-07 |date=2008-08-17 }}</ref> However, the Massachusetts Bay Transit Authority (MBTA) sued the students and MIT in United States District Court in Massachusetts on August 8, 2008, claiming that the students violated the [[Computer Fraud and Abuse Act]] (CFAA) by delivering information to conference attendees that could be used to defraud the MBTA of transit fares.<ref name="EFF">{{cite web| last=Jeschke|first=Rebecca |title=MIT Students Gagged by Federal Court Judge |url=https://www.eff.org/press/archives/2008/08/09 |work=Press Room |publisher=[[Electronic Frontier Foundation|EFF]] |date=2008-08-09 }}</ref><ref>{{cite court
|litigants=Massachusetts Bay Transit Authority v. Zack Anderson, RJ Ryan, Alessandro Chiesa, and the Massachusetts Institute of Technology
|court=United States District Court District of Massachusetts
|url=http://cryptome.org/mbta-v-zack/01-complaint.pdf
}}</ref> The court issued a temporary restraining order prohibiting the students from disclosing the material for a period of ten days, despite the fact the material had already been disseminated to DEF CON attendees at the start of the show.<br>
In 2008's contest "Race to Zero," contestants submitted a version of given malware which was required to be undetectable by all of the antivirus engines in each round. The contest concept attracted much negative attention.<ref>{{cite web |url=http://www.racetozero.net/concept.html |title=Race to Zero |access-date=2008-06-09 |archive-url=https://web.archive.org/web/20111118024142/http://www.racetozero.net/concept.html/ |archive-date=2011-11-18 |url-status=dead }} Contest concept.</ref><ref>{{cite web |url=https://www.computerworld.com/article/2535498/antivirus-vendors-slam-defcon-virus-contest.html |title=Antivirus Vendors Slam Defcon Virus Contest |first=Robert |last=McMillan |publisher=IDG News Service |date=April 2008  |access-date=2024-03-19 |archive-url=https://web.archive.org/web/20240319232009/https://www.computerworld.com/article/2535498/antivirus-vendors-slam-defcon-virus-contest.html |archive-date=2024-03-19}}</ref>
|-
!2009
|WIRED<ref>{{Cite magazine|url=https://www.wired.com/2009/08/malicious-atm-catches-hackers/|title=Malicious ATM Catches Hackers|first=Kim|last=Zetter|magazine=Wired |via=www.wired.com}}</ref> reported that an [[Automated teller machine|ATM]] kiosk was positioned in the conference center of the [[Riviera (hotel and casino)|Riviera Hotel Casino]] capturing data from an unknown number of hackers attending the DEF CON hacker conference.
|-
!2011
|Security company [[HBGary Federal]] used legal threats to prevent former CEO Aaron Barr from attending a panel discussion at the conference.<ref>{{cite web |title=Legal Threat Pushes Former HBGary Federal CEO Out Of DEFCON |url=https://threatpost.com/en_us/blogs/legal-threat-pushes-former-hbgary-federal-ceo-out-defcon-072711 |date=August 10, 2011|first1=Dennis |last1=Fisher|first2=Paul |last2=Roberts|work=Business Security |url-status=dead |archive-url=https://web.archive.org/web/20110810110924/http://threatpost.com/en_us/blogs/legal-threat-pushes-former-hbgary-federal-ceo-out-defcon-072711 |archive-date=2011-08-10 }}</ref>
|-
!2012
|The director of the [[National Security Agency]], [[Keith B. Alexander]], gave the keynote speech.<ref name="Greenbergdenied">Greenberg, Andy. "[https://www.forbes.com/sites/andygreenberg/2013/06/06/watch-top-u-s-intelligence-officials-repeatedly-deny-nsa-spying-on-americans-over-the-last-year-videos/ Watch Top U.S. Intelligence Officials Repeatedly Deny NSA Spying On Americans Over The Last Year (Videos)]." ''[[Forbes]]''. June 6, 2013. Retrieved on June 11, 2013. "Eight months later, Senator Ron Wyden quoted[...]"</ref> During the question and answers session, the first question for Alexander,<ref name="Greenbergdenied" /> fielded by [[Jeff Moss (hacker)|Jeff Moss]],<ref>Wagenseil, Paul. "[https://web.archive.org/web/20160306025944/http://www.nbcnews.com/id/48429672/ns/technology_and_science-security/t/hackers-dont-believe-nsa-chiefs-denial-domestic-spying/#.UbnytdiaKSo Hackers Don't Believe NSA Chief's Denial of Domestic Spying]." ([https://web.archive.org/web/20160306025944/http://www.nbcnews.com/id/48429672/ns/technology_and_science-security/t/hackers-dont-believe-nsa-chiefs-denial-domestic-spying/ Archive]) [[NBC News]]. August 1, 2012. Retrieved on June 13, 2013.</ref> was "Does the [[National Security Agency|NSA]] really keep a file on everyone, and if so, how can I see mine?" Alexander replied "Our job is foreign intelligence" and that "Those who would want to weave the story that we have millions or hundreds of millions of dossiers on people, is absolutely false…From my perspective, this is absolute nonsense."<ref name="Greenbergdenied" /> 
On March 12, 2013, during a [[United States Senate]] [[United States Senate Select Committee on Intelligence|Select Committee on Intelligence]] hearing, Senator [[Ron Wyden]] quoted the 2012 DEF CON keynote speech and asked [[Director of National Intelligence]] [[James Clapper]] if the U.S. conducted domestic surveillance; Clapper made statements saying that there was no intentional domestic surveillance.<ref name="Greenbergdenied" /> In June 2013, NSA surveillance programs which collected data on US citizens, such as [[PRISM (surveillance program)|PRISM]], had been exposed. [[Andy Greenberg]] of ''[[Forbes]]'' said that NSA officials, including Alexander, in the years 2012 and 2013 "publicly denied–often with carefully hedged words–participating in the kind of snooping on Americans that has since become nearly undeniable."<ref name="Greenbergdenied" />
|-
!2013
|On July 11, 2013, [[Jeff Moss (hacker)|Jeff Moss]] posted a statement,<ref name="WhitneyDEFFeds">Whitney, Lance. "[http://news.cnet.com/8301-1009_3-57593225-83/defcon-to-feds-we-need-some-time-apart/ Defcon to feds: 'We need some time apart']". [[CNET]]. July 11, 2013. Retrieved on July 12, 2013.</ref> located on the DEF CON blog, titled "Feds, We Need Some Time Apart". It stated that "I think it would be best for everyone involved if the feds call a 'time-out' and not attend DEF CON this year."<ref>[[Violet Blue|Blue, Violet]]. "[https://www.zdnet.com/article/feds-not-welcome-at-def-con-hacker-conference/ Feds 'not welcome' at DEF CON hacker conference]". [[ZDNet]]. July 11, 2013. Retrieved on July 11, 2013.</ref> This was the first time in the organization's history that it had asked federal authorities not to attend.<ref name="WhitneyDEFFeds" /> Actor [[Will Smith]] visited the convention to study the DEF CON culture for an upcoming movie role.<ref>{{cite web |last=Constantin |first=Lucian |date=2013-08-05 |title=Will Smith makes unexpected appearance at Defcon hacker conference |url=https://www.pcworld.com/article/453202/will-smith-makes-unexpected-appearance-at-defcon-hacker-conference.html |access-date=2024-10-21 |website=[[PCWorld]]}}</ref>
|-
!2016
| On August 4, 2016, DEF CON and [[DARPA]] co-hosted the [[2016 Cyber Grand Challenge]], a first-of-its-kind all-machine hacking tournament. Competing teams had to create a bot capable of handling all aspects of offense and defense with complete autonomy. Seven finalists competed for a US$2M grand prize.<ref name=":1">{{cite web |last=Pellerin |first=Cheryl |title=Three Teams Earn Prizes in DARPA Cyber Grand Challenge |url=https://www.defense.gov/News/News-Stories/Article/Article/906931/three-teams-earn-prizes-in-darpa-cyber-grand-challenge/ |access-date=2024-10-21 |website=[[U.S. Department of Defense]]}}</ref>

The winner of the Cyber Grand Challenge was "Mayhem", an AI created by ForAllSecure of Pittsburgh, Pennsylvania.<ref name=":1" /><ref>{{Cite web|url=https://forallsecure.com/|title=ForAllSecure &#124; Mayhem Security &#124; Application Security|website=ForAllSecure}}</ref> Mayhem then went on to participate in the previously humans-only DEF CON Capture the Flag Contest,<ref>{{cite web|url=https://blog.legitbs.net/2016/09/2016-def-con-ctf-final-scores.html|title=DEF CON Capture the Flag Final Scores|publisher=blog.legitbs.net}}</ref> where it finished in last place, despite pulling ahead of human teams often in a contest for which it was not specifically designed.
|-
!2017
|At the "Voting Machine Village" event, dozens of [[voting machine]]s brought to the conference were breached.<ref>{{cite web |url=https://thehill.com/policy/cybersecurity/344488-hackers-break-into-voting-machines-in-minutes-at-hacking-competition |title=Hackers breach dozens of voting machines brought to conference |author=Joe Uchill |date=July 29, 2017 |website=The Hill |publisher=[[Thehill.com]] |access-date=2 August 2017}}</ref>

In September 2017, the Voting Machine Village produced "[https://defcon.org/images/defcon-25/DEF%20CON%2025%20voting%20village%20report.pdf DEF CON 25 Voting Machine Hacking Village: Report on Cyber Vulnerabilities in US Election Equipment, Databases and Infrastructure]" summarizing its findings. The findings were publicly released at an event sponsored by the [[Atlantic Council]]<ref>{{Cite web|url=https://www.c-span.org/video/?435437-1|title=DEF CON Hacking Warns Voting Machines Vulnerability, Oct 10 2017 {{!}} C-SPAN.org|website=C-SPAN.org|language=en-US|access-date=2017-12-08}}</ref> and the paper went on to win an [[O'Reilly Media|O'Reilly]] Defender Research Award.<ref>{{Cite web|url=https://conferences.oreilly.com/security/sec-ny/public/sv/q/1315|title=O'Reilly Security Conference in NYC 2017 Defender Awards|publisher=conferences.oreilly.com|access-date=2017-12-08}}</ref>

[[Marcus Hutchins]], better known online by his handle [[MalwareTech]], the 23-year-old British security researcher who was credited with stopping the [[WannaCry ransomware attack|WannaCry outbreak]] was arrested by the FBI at the airport preparing to leave the country after attending DEF CON over his alleged involvement with the [[Kronos (malware)|Kronos banking trojan]].<ref>{{cite web|url=https://www.theguardian.com/technology/2017/aug/03/researcher-who-stopped-wannacry-ransomware-detained-in-us|title=Briton who stopped WannaCry attack arrested over separate malware claims|first1=Alex|last1=Hern|first2=Sam|last2=Levin|date=August 4, 2017|work=[[The Guardian]]|issn=0261-3077|access-date=August 11, 2017|language=en-GB}}</ref>
|-
!2018
|In March 2018, the DEF CON Voting Machine Hacking Village was awarded a Cybersecurity Excellence Award.<ref>{{cite tweet|number=971036175514394624|user=VotingVillageDC|title=WOW! Congrats to the @defcon Team, recently honored for its innovative #VotingVillage concept &amp; the continued debat…<!-- full text of tweet that Twitter returned to the bot (excluding links) added by TweetCiteBot. This may be better truncated or may need expanding (TW limits responses to 140 characters) or case changes. --> |date=6 March 2018}}</ref> The award cites both the spurring of a national dialog around securing the US election system and the release of the nation's first cybersecurity election plan.
|-
!2020
|On May 8, 2020, the DEF CON in-person conference itself was cancelled<ref>{{Cite web|title=DEF CON 28 in-person conference is CANCELLED - DEF CON Forums|url=https://forum.defcon.org/node/232005|website=forum.defcon.org|access-date=2020-05-08}}</ref> and virtualized due to [[COVID-19]]. DEF CON Safe Mode<ref>{{Cite web|title= DEF CON Safe Mode archive site|url=https://defcon.org/html/defcon-safemode/dc-safemode-index.html}}</ref> was held August 6–9 online with a full roster of talks, villages, contests and events.
|-
!2024
|On February 4, 2024, Cesar's Entertainment cancelled the contract with DEF CON without warning<ref>{{cite news |last1=Thompson |first1=Ian |title=DEF CON is canceled! No, really this time – but the show will go on |url=https://www.theregister.com/2024/02/07/def_con_canceled/ |access-date=12 September 2024 |work=The Register}}</ref> with speculation that a [[ransomware]] attack<ref>{{cite web |last1=Khaitan |first1=Ashish |title=Caesars Ransomware Attack, MGM Hit Linked To DEFCON? |url=https://thecyberexpress.com/caesars-ransomware-attack-mgm-resorts-defcon/ |access-date=12 September 2024 |date=14 September 2023}}</ref> and bomb scare and subsequent evacuation<ref>{{cite news |last1=Thompson |first1=Ian |title=Bomb scare causes mass evacuation at DEF CON |url=https://www.theregister.com/2023/08/14/def_con_bomb_scare/ |access-date=12 September 2024 |work=The Register}}</ref> in 2023 were in part to blame. The conference was moved to the [[Las Vegas Convention Center]] as a result.
|}

== Entertainment references ==
* DEF CON was also portrayed in ''[[The X-Files]]'' episode "[[Three of a Kind (The X-Files)|Three of a Kind]]" featuring an appearance by [[The Lone Gunmen]]. DEF CON was portrayed as a United States government–sponsored convention instead of a civilian convention.
* A semi-fictionalized account of DEF CON 2, "Cyber Christ Meets Lady Luck", written by [[Winn Schwartau]], demonstrates some of the early DEF CON culture.<ref>{{cite web|url=http://www.winnschwartau.com/resources/CyberChrist+Meets+Lady+Luck+DC2.pdf |archive-url=https://web.archive.org/web/20110718063846/http://www.winnschwartau.com/resources/CyberChrist+Meets+Lady+Luck+DC2.pdf |url-status=dead |archive-date=18 July 2011 |author=Winn Schwartau |title=Cyber Christ Meets Lady Luck |access-date=9 Feb 2011 }}</ref>
*A trip to DEF CON for a hacker showdown figures into the plot of ''[[The Signal (2014 film)|The Signal]]''. Director [[William Eubank]] came to Las Vegas and screened the film at DEF CON Movie Night.
* A fictionalized version of DEF CON called "EXOCON" is the setting for the climax of ''[[Jason Bourne (film)|Jason Bourne]]'', the fifth film of the [[Bourne (film series)|''Bourne'' film series]]. The primary antagonist of the film, a fictionalized [[Director of the Central Intelligence Agency|CIA director]], played by [[Tommy Lee Jones]], is a [[keynote speaker]] at the event, mimicking DEF CON 20's controversial keynote speaker, [[Director of the National Security Agency|NSA director]] [[Keith B. Alexander]].
* In the ''[[Mr. Robot]]'' Season 3 opener "[[List of Mr. Robot episodes#ep23|eps3.0_power-saver-mode.h]]" Elliot and Darlene visit a qualifying tournament for the DEF CON Capture the Flag (CTF) contest. Sharp-eyed viewers will notice DEF CON's smiley-face-and-crossbones mascot Jack among the set decorations.
* Documentarian [[Werner Herzog]] included DEF CON in his 2016 film ''[[Lo and Behold, Reveries of the Connected World]]'', a film described as a "playful yet chilling examination of our rapidly interconnecting online lives".

==Venues, dates, and attendance==
Each conference venue and date has been extracted from the DEF CON archives for easy reference.<ref>{{Cite web|url=https://www.defcon.org/html/links/dc-archives.html|title=DEF CON® Hacking Conference – Show Archives|website=www.defcon.org|access-date=2016-04-09}}</ref>
{| class="wikitable sortable"
!Conference Name
!Venue
!Duration
!Year
!Attendance
|-
|DEF CON 33
|[[Las Vegas Convention Center]]
|August 7–10
|2025
|N/A
|-
|DEF CON 32
|[[Las Vegas Convention Center]], and [[Sahara Las Vegas|The Sahara]]<ref>{{Cite web|url=https://forum.defcon.org/node/248360|title=DEF CON 32 Was Canceled. We Un-Canceled it.|access-date=2024-02-04}}</ref>
|August 8–11
|2024
|N/A
|-
|DEF CON 31
|[[Caesars Forum]], [[Flamingo Las Vegas|Flamingo]], [[Harrah's Las Vegas|Harrah's Hotel]], and [[The LINQ Hotel & Casino|Linq Hotel]]
|August 10–13
|2023
|~25,000{{Citation needed|date=September 2023}}
|-
|DEF CON 30
|[[Caesars Forum]], [[Flamingo Las Vegas|Flamingo]], [[Harrah's Las Vegas|Harrah's Hotel]], and [[The LINQ Hotel & Casino|Linq Hotel]]
|August 11–14
|2022
|~25,000{{Citation needed|date=September 2023}}
|-
|DEF CON 29
|[[Paris Las Vegas|Paris Hotel]] and [[Bally's Las Vegas|Bally's Hotel]]
|August 5–8
|2021
|~8,700{{Citation needed|date=September 2023}}
|-
|DEF CON Safe Mode
|[[Virtual event]]
|August 6–9
|2020
|N/A
|-
|DEF CON 28
|Planned [[Caesars Forum]], [[Harrah's Las Vegas|Harrah's]], [[The Linq]], and [[Flamingo Las Vegas|Flamingo]]
|August 6–9
|2020
|0<ref>{{Cite magazine |last=Newman |first=Lily Hay |title=Defcon Is Canceled |language=en-US |magazine=Wired |url=https://www.wired.com/story/defcon-is-canceled/ |access-date=2023-02-25 |issn=1059-1028}}</ref>
|-
|DEF CON 27
|[[Paris Las Vegas|Paris Hotel]], [[Bally's Las Vegas|Bally's Hotel]], [[Planet Hollywood Las Vegas|Planet Hollywood]], and [[Flamingo Las Vegas|Flamingo]]
|August 8–11
|2019
|~30,000<ref name="forum.defcon.org"/>
|-
|DEF CON China 1.0
|[[798 Art Zone|751 D-Park]]
|May 31–June 2
|2019
|Unknown
|-
|DEF CON 26
|[[Caesars Palace]] and [[Flamingo Las Vegas|Flamingo]]
|August 9–12
|2018
|28,000<ref name=dc-transparency>{{cite web|url=https://www.defcon.org/html/links/dc-transparency.html|title="DEF CON Transparency"|date=August 2018|access-date=2018-10-28}}</ref>
|-
|DEF CON China [Beta]
|Kuntai Hotel ([[Beijing]])
|May 11–13
|2018
|Unknown
|-
|DEF CON 25
|[[Caesars Palace]]
|July 27–30
|2017
|25,000<ref name=voting_village_dc25>{{cite web|url=https://www.defcon.org/images/defcon-25/DEF%20CON%2025%20voting%20village%20report.pdf|title="Voting Machine Hacking Village"|date=September 2017|access-date=2018-05-17|page=4}}</ref>
|-
|DEF CON 24
|[[Paris Las Vegas|Paris Hotel]] and [[Bally's Las Vegas|Bally's Hotel]]
|August 4–7
|2016
|22,000<ref name=Norton_at_DefCon>{{cite web|url=https://us.norton.com/internetsecurity-emerging-threats-norton-at-defcon.html|title="Norton at DefCon"|date=September 2019|access-date=2019-09-15}}</ref>
|-
|DEF CON 23
|[[Paris Las Vegas|Paris Hotel]] and [[Bally's Las Vegas|Bally's Hotel]]
|August 6–9
|2015
|16,000+<ref name=graytier>{{cite web|url=https://graytier.com/blog/gray-tier-technologies-at-defcon23/|title="Gray Tier Technologies at DEFCON23"|date=August 2015|access-date=2019-09-15}}{{Dead link|date=October 2022 |bot=InternetArchiveBot |fix-attempted=yes }}</ref>
|-
|DEF CON 22
|[[Rio All-Suite Hotel and Casino|Rio Hotel & Casino]]
|August 7–10
|2014
|16,000<ref name=venturebeat_dc22>{{cite web|url=https://venturebeat.com/2014/08/12/black-hat-and-defcon-see-record-attendance-and-thats-not-even-counting-the-spies/|author=Richard Byrne Reilly|title="Black Hat and Defcon see record attendance — even without the government spooks"|date=2014-08-12|access-date=2017-06-07}}</ref>
|-
|DEF CON 21
|[[Rio All-Suite Hotel and Casino|Rio Hotel & Casino]]
|August 1–4
|2013
|12,000<ref name="venturebeat_dc22" />
|-
|DEF CON 20
|[[Rio All-Suite Hotel and Casino|Rio Hotel & Casino]]
|July 26–29
|2012
|Unknown
|-
|DEF CON 19
|[[Rio All-Suite Hotel and Casino|Rio Hotel & Casino]]
|August 4–7
|2011
|Unknown
|-
|DEF CON 18
|[[Riviera (hotel and casino)|Riviera Hotel & Casino]]
|July 30–August 1
|2010
|Unknown
|-
|DEF CON 17
|[[Riviera (hotel and casino)|Riviera Hotel & Casino]]
|July 30–August 2
|2009
|Unknown
|-
|DEF CON 16
|[[Riviera (hotel and casino)|Riviera Hotel & Casino]]
|August 8–10
|2008
|8,000<ref name=defcon_dc17>{{cite web|url=https://www.defcon.org/html/defcon-17/dc-17-faq.html|title=DEF CON 17 FAQ|access-date=2018-07-07}}</ref>
|-
|DEF CON 15
|[[Riviera (hotel and casino)|Riviera Hotel & Casino]]
|August 3–5
|2007
|Unknown
|-
|DEF CON 14
|[[Riviera (hotel and casino)|Riviera Hotel & Casino]]
|August 4–6
|2006
|Unknown
|-
|DEF CON 13
|[[Alexis Park|Alexis Park Resort]]
|July 29–31
|2005
|Unknown
|-
|DEF CON 12
|[[Alexis Park|Alexis Park Resort]]
|July 30–August 1
|2004
|Unknown
|-
|DEF CON 11
|[[Alexis Park|Alexis Park Resort]]
|August 1–3
|2003
|Unknown
|-
|DEF CON 10
|[[Alexis Park|Alexis Park Resort]]
|August 2–4
|2002
|Unknown
|-
|DEF CON 9
|[[Alexis Park|Alexis Park Resort]]
|July 13–15
|2001
|Unknown
|-
|DEF CON 8
|[[Alexis Park|Alexis Park Resort]]
|July 28–30
|2000
|Unknown
|-
|DEF CON 7
|[[Alexis Park|Alexis Park Resort]]
|July 9–11
|1999
|Unknown
|-
|DEF CON 6
|[[Plaza Hotel & Casino]]
|July 31–August 2
|1998
|Unknown
|-
|DEF CON 5
|[[Planet Hollywood Las Vegas|Aladdin Hotel & Casino]]
|July 11–13
|1997
|Unknown
|-
|DEF CON 4
|[[Park MGM|Monte Carlo Resort and Casino]]
|July 26–28
|1996
|Unknown
|-
|DEF CON 3
|[[Tropicana Las Vegas|Tropicana Resort & Casino]]
|August 4–6
|1995
|Unknown
|-
|DEF CON 2
|[[SLS Las Vegas|Sahara Hotel and Casino]]
|July 22–24
|1994
|~200
|-
|DEF CON 1
|[[Sands Hotel and Casino]]
|June 9–11
|1993
|~100
|}

==See also==
* [[Black Hat Briefings]]
* [[Chaos Communication Congress]] (C3)
* [[Electronic voting]]
* [[Hack-Tic]], a quadrennial European convention
* [[Hackers on Planet Earth]] (HOPE)
* [[Security BSides]], a community supported conference with locations across the globe
* [[Summercon]], the first American hacker conference, organized by members of [[Phrack]]
* [[ToorCon]], a yearly hacker conference held in [[San Diego]], [[California]] since 1999

==References==
{{reflist|33em}}

== Further reading ==
* "  [https://www.informationweek.com/defcons-moss-undercover-reporter-damages/201203316 DEF CON's Moss: Undercover Reporter Damages 'Neutral Zone'] {{Webarchive|url=https://web.archive.org/web/20190924223241/https://www.informationweek.com/defcons-moss-undercover-reporter-damages/201203316 |date=2019-09-24 }}." ''[[Information Week]]''. August 6, 2007.
* {{cite magazine |first=Andy |last=Greenberg |date=August 10, 2023 |title=Teens Hacked Boston Subway Cards to Get Infinite Free Rides—and This Time, Nobody Got Sued |magazine=[[Wired (magazine)|Wired]] |url=https://www.wired.com/story/mtba-charliecard-hack-defcon-2023/ |access-date=2023-08-10}}
* Mills, Elinor. "[http://news.cnet.com/8301-1009_3-57481689-83/nsa-director-finally-greets-defcon-hackers/ NSA director finally greets   DEF CON hackers]." ''[[CNET]]''. July 27, 2012.
* Newman, Lily Hay "[https://www.wired.com/story/voting-machine-hacks-defcon/ To Fix Voting Machines, Hackers Tear Them Apart]" [[Wired (magazine)|WIRED]] August 1, 2017.

==External links==
{{Commons category}}
'''DEF CON'''
* {{official website|https://www.defcon.org}}
* [https://www.defcon.org/html/links/dc-faq/dc-faq.html Official FAQ]
* [https://defcongroups.org DEF CON Groups]
* [https://defcon.org/#onionlinks DEF CON v3 Tor .onion addresses]

'''Multimedia'''
* [http://vimeo.com/69695831 DEF CON: The Documentary] 
* [https://www.imdb.com/title/tt3010462/ DEF CON: The Documentary] on [[IMDb]]
* [http://blog.wired.com/27bstroke6/2008/08/a-first-ever-lo.html A first ever look inside the DEF CON NOC (2008)]
* [http://www.net-security.org/article.php?id=1044 The Story of DEF CON – video interview with Jeff Moss, a.k.a. Dark Tangent, the founder of DEF CON]
* [http://americanrhetoric.com/speeches/jeffmossdefconstory.htm Transcript, audio, video of Jess Moss describing DEF CON's inception]

[[Category:Las Vegas Valley conventions and trade shows]]
[[Category:Annual events in Nevada]]
[[Category:Hacker conventions]]
[[Category:Recurring events established in 1993]]
[[Category:1993 establishments in Nevada]]