Some weeks back Microsoft held its bi-annual technical conference. This time, however, the event was moved from Seattle to Las Vegas and it happened to run right into when hackers were coming to Vegas for DefCon, the famed hacker convention that is notorious for publishing zero day exploits, running the Wall of Sheep, a website that showcases all of the people (and their information) that the attendees hacked during the conference.
To draw awareness to this and keep the rest of us safe in Vegas, a colleague shared some of his learnings to help keep everyone safe. It is good advice, which can be shared with all.
The following is a quick bulleted list of the things you should do when going to any Black Hat/White Hat security event:
- Do not use public WiFi!
- Always use your VPN (the real one, not AutoVPN if that is an option on your box) to ensure end to end encryption of network traffic, when connection to ANY network in Vegas.
- Turn off 3G/4G on your phone (only allow LTE).
- Disable NFC and Bluetooth on all of your devices.
- Turn off Auto-Join WiFi networks for all devices.
- Ideally only carry a clean, non-work device with no personal email, files or other accounts attached. Just use it as a dummy browser tool, and never log into any personal sites.
- Do not go to personal sites such as banks and alike when out in the open.
- NEVER TYPE YOUR PASSWORD in a public forum.
- Make sure you system is fully patched with all of the latest security updates.
- Turn off non-essential services such as:
- File and Printer Sharing and NetBIOS over TCP/IP
- Do not use USB outlets to charge your phones. Always use a real electrical outlet.
- Never use a USB drive that someone gives you or that you find on the ground.
- Have a shielded wallet/purse/carrying case for your credit cards.
- When using an ATM, make sure that there is not any loose devices attached to the card reader, nor any small cameras that are pointed to the keypad.
- Change all of your passwords after you leave Vegas.