Download The Lost Policymaker's Guide to Hacker Summer Camp, 2019 Attending BSides Las Vegas, Black Hat, and/or DEF CON for the first time this year and feeling confused or overwhelmed? The inaugural Lost Policymaker’s Guide to Hacker Summer Camp helps those in the policy field more quickly gain their footing at the events and understand hacker ethos and culture.

The Lost Policymaker is a tongue-in-cheek nod to all the great travel guides that have given aid and comfort to those who seek new experiences in unknown spaces. We hope it will serve you in the same capacity as you travel through hacker conferences in the Las Vegas desert, affectionately known as Hacker Summer Camp.

Getting Started

Even for hackers, our first journey to Hacker Summer Camp is often overwhelming. It takes a year or two to figure out how we want to experience the sensory overload. For those not accustomed to hacker culture, it’s doubly disorienting.

The goal of the Guide is to reduce the barrier to entry for those in government and the public policy community who are attending Hacker Summer Camp, whether at the federal, state, local, and international levels. To give them the best possible chance to have an authentic, tailored experience there. Even if they end up hating Hacker Summer Camp, they should hate it fairly.

The Conferences

The colloquial term “Hacker Summer Camp” refers to three Las Vegas conferences with very different personalities and demographics. DEF CON, the oldest of the three, draws the largest crowd, largely from the hacker (or security researcher) community. Black Hat is the most like a typical convention, with a large vendor hall and high cost. BSides Las Vegas, the most recent, is a non-profit organization put on by the community, for the community. These events typically take place the first full week in August, and the following weekend.

Black Hat

August 3-8, 2019

The Black Hat conference was founded in 1997 by the organizers of DEF CON, for a business audience. This event features talks about security issues and approaches that impact enterprises and corporations. Black Hat is much more expensive than the other two events, and draws from a different crowd. However, many Black Hat attendees also attend DEF CON, as the two always run back-to-back. Black Hat draws nearly 20,000 attendees, for trainings and presentations, as well as a large vendor floor. Of the three events, this one feels the most like a traditional conference or convention. Black Hat has grown from a single annual conference in Las Vegas and are held annually in the United States, Europe and Asia.

More about Black Hat.

BSides Las Vegas

August 6-7, 2019

BSides Las Vegas is the original, and one of the largest Security BSides events in the world. Since its founding in 2009, BSides Las Vegas has grown year-over-year, now hosting 3,000 attendees. The Security BSides series of events has seen hundreds of events in hundreds of cities, each run by a dedicated group of volunteers.

The annual two-day event started as an ‘un-conference’ supporting talks previously rejected by Black Hat, and has since grown to one of the must attend events of the summer. BSides Las Vegas is a source of education, communication, and collaboration. The technical and academic presentations are given in the spirit of peer review and for the dissemination of knowledge among all specialties.

More about BSides Las Vegas.

DEF CON XXVII

August 8-11, 2019

The DEF CON conference began in 1993 as a party to celebrate the closing of a popular online network. The party got out of hand before it even started, as dozens of other groups were invited, and the organizers remodeled it based on other hacker conferences that had come before. The talks at the first event resemble what you might hear today: Talks from lawyers and law enforcement, gender and social issues in technology, technical explainers, and warnings about issues that would manifest in the future. DEF CON remains an open space for intellectual exploration, open to all those who want to participate in good faith. Now in its 27th year, DEF CON draws 25,000-30,000 people and is usually held the first full weekend in August, is unlike typical conventions or trade shows.

  • The DEF CON “Villages” are self-contained spaces dedicated to single issues, such as privacy, social engineering, lockpicking, voting machines, and vehicles - that tend toward highly interactive demonstrations and hands-on hacking.
  • The vendor hall is more akin to a techno-bazaar than a trade show floor, with storefronts selling tools or knowledge, civil society groups engaging directly with their stakeholders, and universities recruiting students.
  • DEF CON is one of the few conferences that drafts its own all-volunteer security staff from among its attendees, called the Goons, who always wear red shirts for easy identification.
  • Conference admission is cash-only, and comes with a custom designed badge, unique each year.
  • The art and effort that have gone into the official badges have spawned a cultural trend called #badgelife, where dozens of unofficial electronic badges and digital ecosystems have sprung up. Badgelife describes the grueling experience of creating a piece of hardware from concept to completion in 8-10 months.

The DEF CON Policy Passport is like a “fast pass” for the conference, allowing members of the public policy community to register with dedicated support and orientation tools to help out.

More about DEF CON.

Side Events and Parties

Attending Hacker Summer Camp doesn’t just mean attending talks, there are tons of “side” events, mini-conferences, and parties that happen throughout the week. Every year there are a wide variety of events outside of the conference that are worth checking out.

More about Hacker Summer Camp Side Events. The always excellent DEF CON Parties is the go-to source for all the parties throughout the week.

Other Resources

Try as we might, we can’t be everything to everyone. Fortunately, we know people. ;) Here are some more research resources for your journey to Hacker Summer Camp.

Follow and Contribute

Follow the action with #lostpolicymaker and #defconpolicy on your favorite social media outlets.

Contribute content on the GitHub repository by opening issues or making pull requests.