TactiFail
“Is DC612 Back In-Person?”
TL;DR: No. There are logistical and safety issues which need to be resolved before we can consistently meet in-person again. The logistical issues are the bigger of the two and basically come down to venue (cost, location, amenities) and hybrid in-person and online streaming of presentations. The safety issues basically come down to Covid (it’s still here, but slowly getting better) and people not wanting purely in-person options (hence the need for hybrid presenting).
The First Online Meeting
There’s no doubt that in-person meetings were a cherished part of DC612. Nothing can beat the feeling of 30 hackers in a room, eating together, laughing together, picking locks, showing off blinky lights. Even without a presentation, that sounds like a good time to me.
And then Covid came along and flipped that upside down.
We fumbled for a bit trying to get hybrid meetings to work, as seen here. I recall quite a bit of testing and troubleshooting in that last in-person meeting, but it paid off. We got a free Jitsi server from our friends at Cyberia for our first online meeting, and we’ve been using that ever since.
The Before Times
But even before then, it was hard to find a venue that could check all the boxes. In fact, back in December of 2019 (just before Covid) we realized we were reaching and at times exceeding the capacity of our room at the Wilde Roast (which has since closed). I made a post about that here: Operation Relocation
I recommend you give it a read, because 90% of what is true in this post now was true back then. But the gist is that we have a lot of needs in a space:
- Needs
- No room fee
- Minneapolis area
- Onsite or nearby food
- 30+ seating
- A/V options
- Wants
- Onsite or nearby parking
- Alcohol
A lot of thought went into this list back then. A lot of debate went into it as well. Does alcohol need to be available? Does food need to be onsite or can it be near a food court? Should free parking be a requirement or just nice to have? How close should it be to public transport?
The list we came up with ultimately felt “right” if not “perfect” so we posted and made a spreadsheet for people to submit ideas. I figured with an average 20 people showing up, at least one or two would have some good ideas.
But nobody did. Not one person filled out a row in the spreadsheet. And that was fine, for the time-being. We weren’t always packed in like sardines but we needed a solution within a year or so at the rate we were growing.
Covid Complications
Well, it wasn’t even a year later that the need for a bigger venue was put on the backest of burners.
For the most part, people just seemed happy to still have our meetings. It was slow going at first as the word spread, and as the Jitsi server had to be tuned to handle the load. But we held on and that was good.
That’s not to say we didn’t get some complaints. Within days of the announcement of our first online-only meeting, I would regularly see Slack posts, Twitter DMs, and emails consisting of:
- “Covid isn’t real!”
- “It’s just a cold!”
- “This sucks, I’m leaving!”
- “Don’t let fear control you!”
- “Your [sic] a fucking idiot”
etc. etc. Nothing we haven’t heard countless times since.
But eventually, and understandably, those shouts mellowed out and were generally replaced with:
- “Are we still online only?”
- “When will we be in-person again?”
- “I miss my people”
That last one hurts 100x more than all of the hate combined.
In Search of A New Home in a New World
So I started looking for a solution. By this time, the vaccines had been available long enough that anyone who wanted one could get one. Masks were no longer scarce (you could tell because they were everywhere on the ground). Treatment options had improved greatly. The downward curve had started to form. If it wasn’t fully safe, it might be safe enough.
But the world had changed. Places closed down, meeting rooms were not available, the room fees that would have been bearable before were now out of the question. Places that had no fees before were now requiring a minimum food order, something we did not know whether we could meet. I would send emails or leave voicemails and they would go unanswered.
The group had changed as well. A lot of the long-time members were not showing up online so we had no idea who would even show up in-person. Maybe they didn’t get the memo when we moved online, maybe they (again, understandably) preferred in-person. When splits happen in a group, they are hard to mend.
There was another split as well. The pandemic has sorted people into two broad buckets:
- “I am going to continue living like before”
- “I am going to mask up, avoid crowds”
Our group has been a mixed bag of both, judging by the countless conversations I have had over the years. The former group generally wants in-person meetings, and the latter generally wants online. There is some overlap, of course; you can wear a mask and still go to meetings. But there are definitely people who have stated they will only stick around for one or the other.
What’s The Fix?
So, we need a hybrid approach. Assuming we find a venue, we still need to have the equipment and setup to stream simultaneously online. This could just be as simple as OBS and a decent webcam and microphone, but even that is not without its own problems:
- What if an in-person speaker doesn’t want to be recorded/streamed?
- What if the person with the webcam and mic is gone?
- Whose creds do we use to broadcast?
- Can the broadcasting platform sync with Jitsi?
- What if an organizer can’t make it that month to set things up?
and so on. There are problems that can occur in the opposite direction too, in cases where we have an online speaker we need to display in the room, but those are comparatively easier to handle assuming the room has AV and Internet.
This is not a simple problem to solve.
A Call for Help
I’m just one person. My co-organizer had to step down recently for personal reasons. The founder of DC612 is not really involved with the day-to-day operations. It’s hard enough finding monthly speakers, to say nothing of planning BBQs, wardrives, in-person meetups at DefCon proper, and looking for new venues, all with zero budget. It’s even harder solo.
When I first started running things my life was very different, but now I have a kid, a wife, a job with far more responsibilities, and aging parents (and an aging me). I don’t have the time for DC612 that I used to. I barely have time for myself.
I’ve always said that “DefCon is what you make it” and that’s just as true for the groups. If we as a group want to have in-person meetings and BBQs and cool speakers and stickers and badges… then we as a group need to make that happen.
I’ve had people ask how they can help, and my answer has always been “Find us speakers” but now I need to ask a little more:
If we want in-person meetings again, then I need suggestions for locations. Read the requirements in the Operation Relocation post. Make some phone calls. Fill out the spreadsheet.
If we want a BBQ, then I need suggestions. I don’t have a ton of time to scout out half a dozen locations. We need a large grill or a few smaller ones, a pavilion for shade, electricity and restrooms and running water would be nice. I’ll handle the reservation fees, but try to keep it under $300 please.
If we want exciting speakers, then I need suggestions. Reach out to your network or volunteer to speak yourself. You don’t need to be an expert in your field or an experienced speaker. Just be knowledgeable and passionate.
Closing
I want to meet in-person again. I want to do all the cool things we used to, and more. But I am one person, trying to keep afloat this awesome boat in a rough sea.
Grab an oar.
Thursday, July 13th – 6:12pm @ Virtual
Hello Hackers!
This month, we will be joined by D0zer who will be sharing their journey to create the perfect custom keyboard:
Do you use a wireless keyboard? How much do you trust it? Probably a little less after this talk. Join me on my journey to create the perfect custom keyboard and how it lead down a rabbit hole of hacking proprietary protocols and unexpected vulnerability discoveries.
D0zer is a software engineer turned security professional, perpetual tinkerer, and keyboard enthusiast
As usual, we will be meeting online at https://cafe.cyberia.club/dc612.
Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.
— TactiFail
Thursday, May 11th – 6:12pm @ Virtual
Hello Hackers!
This month, we will be joined by hacker-rapper @int0x80 who will be sharing his talk titled “AWS IAM Privilege Escalation Redux”:
You have gained access to an AWS account but lack permissions to complete your objectives. You attempt every privilege escalation path documented online, and none of them work. The objectives now seem impossibly distant; your battery is low and it’s getting dark.
This talk will present a set of IAM privilege escalation paths that I have not seen documented online* accompanied by anecdotes of adventures in cloud security. Attendees will learn new tricks for IAM privilege escalation in AWS along with a methodology for evaluating potential priv esc paths.
* I am not a subject matter expert on using search engines — best effort given.
int eighty (he/him) is a computer crime enthusiast, and the rapper in Dual Core. Occasional memes and hacking content on Mastodon and Twitter as @int0x80
As usual, we will be meeting online at https://cafe.cyberia.club/dc612.
Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.
— TactiFail
Thursday, April 13th – 6:12pm @ Virtual
Hello Hackers!
This month, we will be joined by @rentanassassin who will share how they created Senior Drinknstein, the bartending robot:
You’re in a bar, you need a drink. What do you do, wait for the bartender? NO! You make your own robot to pour you your drink. In this talk, we’ll be going over how Senior Drinknstein was conceived, created, and deployed in prod without testing. Feel free to fork the project on our Github!
As usual these days of Covid, we will be meeting online at https://cafe.cyberia.club/dc612.
Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.
— TactiFail
Thursday, March 9th – 6:12pm @ Virtual
Hello Hackers!
This month, we will be joined by Chris Weiland who will share how to use Matrix to consolidate the 1,337 chat apps we all use daily:
All your messages in one place: setting up a matrix server to bridge whatsapp, signal, telegram, discord, slack, and more
Chris Weiland is a freelance nerd. He wears his tinfoil hat with pride, and does not like sharing personal information about himself.
As usual these days of Covid, we will be meeting online at https://cafe.cyberia.club/dc612.
Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.
— TactiFail