In this episode of the Redefining CyberSecurity podcast, host Sean Martin along with guests Kirsten Renner and Marco Ciappelli, share their experiences and insights from DEF CON, discussing engaging with the community, the car hacking village, and the culture of badges.
In this episode of the Redefining CyberSecurity podcast, host Sean Martin along with guests Kirsten Renner and Marco Ciappelli, share their experiences and insights from DEF CON, the annual hacking conference taking place in Las Vegas, Nevada.
Kirsten reflects on her nerves and excitement about speaking on the welcome panel at DEF CON, which was interrupted multiple times by alarms. Despite the interruptions, Kirsten highlights the positive reception from the audience and the approachability of well-known figures like Dark Tangent (DT) - (aka Jeff Moss). The conversation emphasizes the importance of engaging with others at conferences like DEF CON and offers tips on how to approach and interact with people.
Kirsten also talks about the car hacking village, including the unique experiences like a Tesla being pummeled and hacked for a capture the flag (CTF) prize. The hosts and guest discuss the culture of badges at DEF CON, with the car hacking badges being functional and allowing participants to plug them into their cars.
They mention the inclusiveness and welcoming nature of the DEF CON community and the impact of the research and content being presented.
Throughout the episode, there is a comical element as Kirsten shares her experiences of speaking on stage during the alarm interruptions and the humorous interactions with the audience. The conversation also touches on Kirsten's son's involvement at DEF CON and the excitement of collecting badges, which are powered and customizable, adding to the overall sense of community and engagement at the conference.
This episode offers a glimpse into the excitement, challenges, and camaraderie of attending and speaking at DEF CON, while emphasizing the importance of inclusiveness and the impact of the research being presented. Listen now to get a sense of this year's event - and be sure to follow Kirsten and the rest of the car hacking village crew to learn more about creating a safe and secure connected car ecosystem.
About The Car Hacking Village
The primary goal of the Car Hacking Village is to build a community around discovering weaknesses and exposing vulnerabilities that could significantly impact the safety and security of all drivers and passengers on the road today. Educating security researchers on the functionality of vehicle systems coupled with providing them with the opportunity to gain hands-on experience working side by side with experts in this field is a plus for the attendees. Leveraging the vast amount of experience the security research community brings to the Village may increase the safety and security of vehicles on the road today and for generations to come.
Breaches of automotive systems have been in the forefront of the global media for more than a year. Wired and wireless exploitation of vehicle systems has become a critical safety concern for the automotive industry, the National Highway Traffic Safety Administration, Congress, the Department of Homeland Security, and consumers.
Car Hacking Village plays an important role for researchers interested in the safety and security of the more than one billion vehicles on the road worldwide. In 2015, over 16.5 million vehicles were sold in the United States. On average, motor vehicles are driven over 15,000 miles annually and consumers spend upwards of 730 hours per year in their cars.
Be sure to catch all of our conversations from Black Hat and DEF CON 2022 at https://www.itspm.ag/bhdc22
Guest: Kirsten Renner, Community Volunteer at DEF CON 101
On Linkedin | https://www.linkedin.com/in/krenner/
On Twitter | https://twitter.com/Krenner
On YouTube | https://www.youtube.com/playlist?list=PLxjvVVSu5Q3-ttIUdxxyCvJiN-TXuJ7j0
This Episode’s Sponsors
Imperva | https://itspm.ag/imperva277117988
Pentera | https://itspm.ag/penteri67a
Resources
DEF CON 101 - Welcome to DEF CON Panel: https://forum.defcon.org/node/246130
More info about the DEFCON31 Car Hacking Village Badge: https://www.youtube.com/watch?v=yvvOl6LfodQ
Live from the Car Hacking Village Interview (hack a Tesla Y): https://www.youtube.com/watch?v=2YyyTkMdWik
ITSP Black Hat 25 & DEF CON 30 Live Streaming Coverage with ITSPmagazine with Car Hacking Village: https://www.youtube.com/watch?v=1jMXUIW9FRE
Sean and Kristen with their Car Hacking Village badge: https://twitter.com/Krenner/status/1028385017037115392?s=20
Kristen on DC101 Panel (photo): https://twitter.com/bigrinnyo/status/1689807935096930304?s=20
Car Hacking Village website: https://www.carhackingvillage.com/
Car Hacking Village Talks | https://www.carhackingvillage.com/talks
At DEF CON: https://forum.defcon.org/node/240928
For more Black Hat and DEF CON Event Coverage podcast and video episodes visit: https://www.itspmagazine.com/black-hat-2022-and-def-con-hacker-summer-camp-las-vegas-usa-cybersecurity-event-and-conference-coverage
Are you interested in telling your story in connection with Black Hat and DEF CON by sponsoring our coverage?
👉 https://itspm.ag/bhdc22sp
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity-podcast
Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
Followup to DC101 Panel with Kirsten
[00:00:00] Sean Martin: Marco.
[00:00:01] Marco Ciappelli: Sean, I hope you don't mind that I just sneaked in this conversation.
[00:00:04] Sean Martin: You're crashing the party, man.
[00:00:06] Marco Ciappelli: Can I stay?
[00:00:08] Sean Martin: You can stay.
[00:00:08] Kirsten Renner: I wouldn't have it any other way.
[00:00:12] Sean Martin: You can stay.
[00:00:12] Marco Ciappelli: Glad to be here.
[00:00:13] Sean Martin: This is a FOMO NOMO conversation.
[00:00:16] Kirsten Renner: Nice.
[00:00:17] Sean Martin: We're gonna get the scoop, as if we were there, of what happened at DEF CON.
[00:00:22] Kirsten Renner: You're always there in spirit, you know?
[00:00:24] Sean Martin: That's right, that's right. We were certainly there in spirit. We did a lot of, uh, A lot of coverage of Blackhat and Defcon and other, other things from, uh, Hacker Summer Camp, as you know. Um, and... You actually had probably the coolest spot in the house. On stage, you, Kirsten Renner, on stage, DC 101 at DEF CON.
Uh, super cool. We're going to talk a bit about that, of course, and other things. Because it seemed like it was an eventful, uh, eventful few days with lots of planned and unplanned activities.
[00:01:02] Kirsten Renner: How to do it, right? That's right. Let's keep those goons on their toes, right?
[00:01:06] Sean Martin: Standard fare, I think. Standard fare.
So, uh, of course, uh, for those listening, this is, uh, Sean Martin, the host of ITSP Magazine's Redefining Cybersecurity podcast. And, uh, I have the pleasure of Marco crashing the party. Uh, to join me for this conversation and, and I'd like to welcome Kirsten Renner on to the show. Um, Kirsten, you've been on before.
Some folks, many folks, I'm sure, know of you, heard of you, heard our conversations in the past. I'll, I'll link to one that we had, uh, a few years back when we were still remote, um, covering DEF CON and the villages. So I'll put a link to that conversation. Cause it's a nice overview of what you do at the village, the car village.
But for those listening, if a new, now, uh, a few words about what you're up to, who you are, what you care about, uh, and, uh, yeah, we'll start with that first. I guess.
[00:02:03] Kirsten Renner: What I care about is that my daughter
[00:02:05] Sean Martin: who you are first and yeah
[00:02:09] Kirsten Renner: Okay, I'm Kirsten Renner My handle is not clever. It's just Krenner. It's I was I was gifted some other names previously, they just didn't stick sadly, but Um, I, I'm, I'm known for in the community for, um, speaking and volunteering at, at a lot of different conferences throughout the year.
Uh, typically I'll be in a hiring village or doing resume reviews, coaching, speaking, things like that, uh, all throughout the year. Um, and it's, it's been increasing more and more. Uh, I, I've moved sort of out of recruiting and into talent engagement, which is just all about doing. You know, the coolest part of, of my job over the years.
And, uh, I was part of the, the founding and standing up of the car hacking village in 2015 and have been doing that for nine years. So, uh, I was invited this year. Uh, it feels still like a dream, but I think it's real, uh, to, to be on the welcome panel with, uh, with DT and Nikita and, and DJO and a few other, Nijo and a few others.
And, uh, so that was very exciting and like a dream and, uh, some funny things happened during the. My part of that, and, uh, I got interrupted by some alarms, and, uh, so as I was going, I kept missing my hooks, right? Like, I would say something like, you know, here's the lead up to the point I'm about to make, and then a bell would occur.
And, uh, and I was massively distracted by that. It was ADHD to begin with, right? So it was like, squirrel, what was I saying? And I, I, I never made a lot of my points. In fact, at one point I mentioned, uh, I mentioned Katie Masaurus's name and it was gonna, the funny thing I was going to do is, uh, I'm going to back up just a little tiny bit.
So, uh, the first thing I was saying was, uh, at my first ever DEF CON, didn't know what I was doing, didn't know what was going on, was like reading hacking books on the plane on the way and did some research and somehow I ended up, I literally read Art of Intrusion and I didn't know what the hell I was doing.
So this was like 15 years ago and somehow I end up in, um, on the 30th floor of the Rio. Uh, you guys know where I am at that point. I don't know, I don't know where I am. I don't know whose room I'm in. I don't know what's going on. And there's like a demo happening. It was cool that I ended up there. And, um, I, I see some people that look familiar.
So I'm just like, Maybe I'm supposed to recruit them or something. They must be important. I'm just gonna walk right up to them and say hi I'm Kirsten you look familiar and And it was dark tangent talking to Dan Kaminsky and and they handled it like champs. They were like cool You know, they weren't mean but then but then my point to the whole audience cuz like I said, hey raise your hand If this is your first DEF CON and there must have been 500 people there were It was amazing.
It was exciting. And then my, my next, you know, that was my hook. And I was going to say, don't do that. If you see someone that you're excited to meet, don't interrupt them when they're talking. Um, here's some, some simple tips for rules of engagement. I'm not speaking on behalf of anybody. They're not the rules, but, uh, in my opinion, when you're excited to meet someone, make eye contact, you know, wave, uh, invite them at that point with your gesture.
to engage as is appropriate for them in that moment. They're busy, they're generous with their time, they're on their way to something. If they can, they will speak to you. And if they cannot, that's okay. You know, give them another shot at another point. Was all the words. I just said I never got a chance to say.
[00:06:02] Sean Martin: Well, I think Another point I'll add to that is don't don't be afraid. I think most of the folks at DEF CON are open to engaging and talking and If one, if one delays, puts it off, doesn't have that interaction, you might not have the chance. Uh, Dan Kaminsky, God rest his soul, um, yeah, you had that opportunity to, to meet him.
It's not always, not always.
[00:06:31] Kirsten Renner: He would never pass up a hug, would he? Exactly. You were getting a hug. Yeah. Jason will hug you. Yeah. Uh, but just, just remember that they're humans, right? Exactly. And, uh, and if they're, and if they're on their way to something, maybe they're tired to, you know, uh, just that they are very generous humans and that they.
They will, they will give so much of themselves. Um, you know, so again, just like you said, don't pass up the opportunity, but give it another shot, especially when it comes to hugs, right? Exactly like this. And, uh, the you just put out an invite and, um, and then they can respond however they respond. And maybe you'll get a little fist bump or maybe look like that or whatever's going to happen is going to happen in that moment.
And, uh, and to not take it personal and, uh, you know. And to meet as many people. I did say, and this is true, that you, uh, you never know in the hallway in, in, um, a village, wherever you are, you might meet the next person you're going to hire. You might meet your next CEO. It's happened to me twice. Uh, so.
Engage with everybody. A lot of really young people.
[00:07:39] Sean Martin: And I might, I might meet you.
[00:07:41] Kirsten Renner: Look at my hair. Oh, that's amazing.
[00:07:44] Marco Ciappelli: Look at Sean's hair.
[00:07:45] Kirsten Renner: My hair is purple. Solid.
[00:07:50] Sean Martin: I'd like to focus rather on the hair than More on the,
[00:07:53] Marco Ciappelli: can I, can I do the description for people listening to the podcast? That'll be my job right now.
Oh boy. Go ahead, go for it. So I'm, I'm gonna go back. What is it like, Sean? 2018? This is 2018?
[00:08:05] Sean Martin: Yeah. Yep. Defcon 26.
[00:08:06] Marco Ciappelli: Yeah. Okay. Yeah. Kristen and Sean with a, with a badge from the car hacking village. There you go. And some funny hair. Yeah, definitely some funny hair. I, I would,
[00:08:16] Sean Martin: she's talking about me, I'm sure.
[00:08:17] Kirsten Renner: No, I think we both look.
Fantastic.
[00:08:20] Marco Ciappelli: I think so. You know, a funny air for you, Kristen, is kind of like mad scientist, may I say that? In a very, very cool way. Very cool way. So for people listening to the podcast, jump on YouTube later and check it out.
[00:08:36] Sean Martin: Or, or don't.
[00:08:37] Kirsten Renner: Or just take our word for it. Yeah, hair was purple.
[00:08:43] Sean Martin: Wow. Speaking of, uh, so while we're in the, in the mood of Of sharing pictures.
Here, here's the panel on the stage that you were, you were on there, Kirsten. So pretty cool with the whole, the whole lineup of, of crew there. And, uh, I mean, it's an honor for anybody who knows it's an honor to have a seat on that stage and have a chance to. Stand at the podium.
[00:09:06] Kirsten Renner: So it, it was, it was not behind that.
[00:09:08] Sean Martin: Can, can, can you describe that? So that's that, I know that the feeling, the experience you had,
[00:09:15] Kirsten Renner: it was, it was definitely a dream come true. I was honored when I was invited. Um, uh, it's incredible. I spent a lot of time. Like, uh, obsessed with don't miss this opportunity, you know, don't screw up this opportunity, like, what, what really important impactful thing are you going to say, how are you going to make a difference, how are you going to be helpful?
Um, and like I said, I was super excited. That when we were in the green room going through it that, you know, Nikita was like, you're a vibe. It's gonna be great. So had I, like, lifted all of the the stress away and when I walked in I was like, are there really a thousand seats in there? Are there really a thousand people?
I've never been, I've spoken a lot, but maybe to, you know, a tenth of that size of, of people, but, um, And when she said those words to me, it, it meant a lot. I actually skipped, I didn't walk, uh, I skipped up the ramp to the stage and was just totally relaxed. And then I look in the front row, I can't see the rest of the people because of the lights on my face.
You know what I mean? Um, so I know they're there. But I can't see them and the entire front row was basically my friends and, and my son, one of my sons. So it was just like I was looking down at them, speaking to them and, you know, like when at the end I was going like this to see the people, but you couldn't, you couldn't really see them.
So I was like, well, now I know I can do this again. Um, and everyone was, uh, genuinely just, just. Everyone was interested. Everybody was, you know, nobody was rude, you know, because you're like, is anybody going to heckle me? What's going to happen? It was amazing. It was amazing. I loved it. I was even, um, God, uh, DT is so, Jeff Moss is so approachable.
He's so, he's so chill. He's so funny and nice and smart. He just would, you know, when we're sitting next to each other, he'd just look over and he'd say something funny. And I was like, Oh, my God, how is this happening? How is this real? So it was amazing. That's, that's how I describe the experience.
[00:11:24] Marco Ciappelli: That's really cool.
But so what happened is that there is this alarm going on and this is something before we start recording it. It almost looked like it was staged that you were getting points. I want you to go there.
It's really funny. It sounds like a video game and I'm like, maybe they should do that.
[00:11:46] Kirsten Renner: I'll tell you what, if they invite me to do this again, I have this funny feeling that they're going to be like, we have to ding the bell while Kirsten's up there. You know, uh, it was, and it was like, it really was like, you know, ding. And I thought this is, I just must have said a secret word, you know, like cyber and everyone's going to take a shot, you know?
Um, and I was trying to think what, roll it back in my head really quickly. Like, what did I say? But I didn't say anything. I just sort of tried to regroup at this point. Um, the ADHD part of me has no idea what I had already said, you know, cause at this point I had rehearsed it a thousand times, failed to take my notes out.
By the way, everyone else was smart and had their notes and had them in front of them. Didn't do that. So I just start saying something else, right? I just start, because I mentioned, I mentioned Katie and Jason as people who you would be examples of people that you've heard of that you, you really want to speak to them when you see them.
But then I never say what to do. I go, So if you see people like that, and then I just don't say anything else. So everybody's like, dot dot dot, you know, what do I do? What do I do when I see them? You'll never know unless you watch this podcast.
[00:13:03] Sean Martin: You know, you know that there's a ding coming at some point.
That's right.
[00:13:06] Marco Ciappelli: So talking about ding. So a couple of days ago, you, you, I think my, my messages in LinkedIn, it was you and say, Hey, this is kind of what happened really quickly. You know, message, like, how's it going? I can't believe I didn't see you at DEF CON. And it's like, I'd like to get the opportunity to To make this point to, to share what I was supposed to share.
I'm like, I'm sure that Sean is going to be very happy to do this. So, you know, now I don't have sound effect here, although I could, I could do something with a bottle, but I'll do the thing. So we want to know what, what is that you. Couldn't tell there, you know.
[00:13:44] Kirsten Renner: Sure, sure, sure. So, so I, so I have to at least tell you this.
So when the first ding happened, I said nothing, but I peeked over at Nikita and Jeff thinking that they know what's happening and they're kind of definitely whispering to each other and looking at their phones. So now I think no one knows what's going on. So I just start talking. I'm good and
This slide was behind me. I could have looked at it to help myself out, but I didn't. So we start talking again, and I then I remember I'm supposed to talk about villages. I'm supposed to like peel back the curtain and help people understand, you know, um, You know, all the things that it takes to put a village together that you may not have been thinking of while you're having your experience.
You can enhance your experience by being understanding. And if something goes wrong because something will, you can be patient. You can offer to help and how that can lead to building relationships is what I intended to say. So I start talking again and guess what guys? There's two more ding incidences.
It dings, and I'm, and I say at this point, and I got a little chuckle out of the audience, I go, I think I'm getting points. And then, you know, and people are like, tee hee, you know, and then I start to say, you know, hey, you know, you have to, you have to have a theme, you have to have a design, a logo, you have to have badges and swag and plan a party and get sponsors and shirts and volunteers and paperwork and, and on and on and on.
You need equipment and you need. All these things. And, and my point in saying all that is if you, if you Realize that the village is merely a 50th of an entire conference. If that, whatever the appropriate fraction is, think about that. When you think of, you know, all the work like that Nikita does to put on this massive thing, but before I can say that.
Now it goes mental. It goes, dang, dang, dang. And a recording comes on and it's going, there's a security incident and we are investigating it, but it's a recording and it keeps playing. And now I really don't know what to do. I'm like, we're about to evacuate. We are about to evacuate the building while I'm on the stage.
My dream come true turns into like, we're gonna have to leave. So I just go, have a great conference! And then I think it's over. And I think you guys saw, or you may have seen, you know, the I mean, the SRT was that they're amazing, by the way, they're, they're patient and they were kind and they were cool. Um, this wasn't when the dog sniffed the bomb.
Uh, we don't know what happened while I was talking, but the bomb thing was the next day. So, um,
[00:16:23] Sean Martin: multiple side events.
[00:16:26] Kirsten Renner: Indeed. Yeah. But, you know, um, and I think we've talked about this before. I, I really do want. Anyone attending a conference, uh, not just to know that they might be meeting someone really important, learning a ton of really valuable information about, you know, things that are impactful and affect all of us, you know, whether it's cars or aerospace or IOT or.
biometrics or voting villages. It's all, all the research being done and all the content being provided on the backs of many volunteers and, and so forth. Um, it's, it's important. You can be a part of it. And, you know, when I started this, somebody might've looked at me and said, you're not even a hacker.
What are you doing here? Right? I feel like a hacker now, you know? Um, I feel like I belong, and you're made to feel like you belong. So I just want anyone to know wherever, whatever place you're coming from, I've never seen a community more, uh, inviting and welcoming. to everyone. You're not going to feel like you don't belong.
So don't, you know, shut down those voices. You may not hack on a keyboard, but you're doing something to change a system, to change a process, to change an outlook, to change a perception, right? So we're all hacking all the things.
[00:17:44] Sean Martin: So we've seen hacking, uh, policy hackers walk through, uh, through DEF CON in the villages.
Indeed. Change in, uh, change in laws and regulations and And again, perceptions there too, right? Exactly. And educating, educating. Exactly. So I, I think it's important, um, to get a few words from you about the, the car hacking village. Um, I don't know, any, any highlights you want to share? I know, I remember from a few years back, there was a Tesla that just got pummeled and bashed and hacked.
[00:18:21] Kirsten Renner: You know what's funny about that, about that Tesla that year is it was the grand prize for, uh, for the CTF and the winners were allowed to choose either to take the car that technically we didn't hurt the engine, right? So we dropped a bowling ball on it and we spray painted it. Didn't somebody, uh, used a hacksaw, get it, and saw it into it.
Uh, you would roll the die and you would do whatever it tells you to do. Um, there's a, I'm surprised you didn't put up the picture of me sitting on what was left of that car. But, I didn't have that handy. You don't have that handy? Okay. Um, but the, they had a choice between the vehicle, um, Which truly was functional completely as a vehicle.
It just had some interesting cosmetic things that occurred. Um, they chose the vehicle rather than the cash. And I would have done the same thing, right? They had fun. They turned it into a journey going home. We did have another Tesla this year, a different Tesla, a Tesla Y. We did not do anything bad to it.
Uh, highlights. Uh, the badge was amazing this year. Um, it's right behind me. Hey, did you guys see it? I did not see it. Our theme was Back to the Future. I shall go get the badge for you.
[00:19:46] Sean Martin: Yes, do that. I wish I had batteries
[00:19:49] Kirsten Renner: in it. Alright,
I got a lot of cool SAOs on here too. By the way, somebody that was new to DEF CON didn't know what SAO stood for.
[00:20:10] Sean Martin: Explain that for folks.
[00:20:12] Kirsten Renner: Oh, can I say bad words? Um, it's just a shitty add on. Um, so, and they came over and, and something had, something went wrong with their, with their SAO and they said, uh, hey, my shitty add on fell off and the person didn't know that.
That's what it's called. And they were like, it's not shitty. It's great. So we were like, no, no, no, it's okay. It's okay But uh, so the theme was back to the future. So we've got a little flux capacitor here We got a little DeLorean here as well There it's amazing. It'd be even cooler if I had batteries in it at the moment, but you wouldn't download a car, would ya?
There's a video that I will, um, I'll link in here for you, um, all about the badge and what it can do and about the makers and everything. So we were excited to, to build our own badge this year.
[00:21:07] Marco Ciappelli: So I don't know if I'm asking you something that you don't know, but this whole badge challenge story, because, you know, I mean, aerospace village, they always have amazing one space shuttle, by the way, Steve, you still owe me one from last year, you promise.
[00:21:23] Kirsten Renner: Uh, , you know, we're coworkers, right? Stupid . Yeah. Spanky owes you something. I can rough them up for you.
[00:21:29] Marco Ciappelli: Okay. Right? Yeah. Yeah, I do that. Roughing is in order. No, but anyway, they're amazing and they've got crazier and crazier. Like, do, do you know any at. The, the, the history of how it started. Uh, if you don't know, you don't know, but I'll do a research and then Okay.
So able to do a podcast about it, but what do you know?
[00:21:50] Kirsten Renner: Call it hashtag badge life. Um, I can't tell you. I would be lying if I told you, I know exactly how it all started, but I know it's a, it's a, it's a part of our culture. Right? Right. It's just like, it's just like the stickers. Um, we had a sticker wall this year.
for the first time. It was fantastic. Uh, but, uh, it's how many badges can you get? You know, you're just, you're walking around like Mr. T with all these things. And it got to the point this year, possibly my heaviest load of badges I've ever had, where I'm trying to hold them and like things are falling off.
And, uh, my, like I said, my son was with me. Um, he went to his, he actually is part of how. It would have started with or without him and me, but he was part of, uh, the transactions and conversations that ended up occurring to make the first ever Car Hacking Village start, which was a story I could have told if I ran out of content, but So it was cool to have him there 11 years later.
And, uh, while he was there, he was learning to solder and he was, you know, putting badges together and stuff. And he was like, mom, it's out of control, man. You got to just take some badges off, put them away. You know, why are you showing off with the badges falling apart? What are you doing? Um, but yeah.
[00:23:09] Sean Martin: And for those that, that, uh, I'm sure most of the, most folks listening know, but, uh, for those that aren't aware that the badges are, So they have a battery and they light up.
And as Kirsten is alluding to, you can plug things into them. You can unsolder things, you can solder things. And it's basically a game, right? You're, you're looking to solve a puzzle, uh, typically referred to as capture the flag of some sort where there's some, some hidden. Easter egg or multiple hidden Easter eggs in there you're trying to find.
Yeah.
[00:23:44] Kirsten Renner: So look I guess over there, of course Oh, that's a lot of badges over there. Um, the car hacking badges in particular are they're always functional in one way shape or form Right, they have an odb You know, port and you can plug it. You can plug the car hacking digit badges typically into your car and and we always have the content on the website where your neighbor's car or your neighbor's car.
No, I'm joking. You can. Oh, man. There's some stuff I can't say. But, um, yeah, well, you know what are at the very first the very first, uh, badge. I don't even, I don't know where it is. I'm not going to try to get it. It's over there somewhere. But the very first badge at the very first, uh, Car Hacking Village, um, our CTF was called Capture the VIN.
So use your imagination what then occurred. So people were using the badge. It it's DEF
CON. All
[00:24:39] Sean Martin: I can think of to tell you the truth is that what can happen if you find a USB drive lying around DEF CON. I'm not putting that anywhere. You're anything I care about. No offense to any badge makers, but I'm not connecting any badge to something else I care about.
[00:24:57] Kirsten Renner: Sure, sure. So ultimately, like with this little UDB, I mean, this is, this is ODB.
This is no different than going to Jiffy Lube or whatever, putting in the diagnostic thing in or whatever, but our people are, don't be afraid, plug it in, see what happens.
[00:25:17] Marco Ciappelli: There's still people that just rent the car,
[00:25:19] Sean Martin: remove the limiter and it drives faster.
[00:25:22] Marco Ciappelli: Yeah, well, you know, it's not a badge, but when you rent, you get a rental car and you, you see how many owners still connected to the damn thing.
And you're like, yeah, that's probably going to do.
[00:25:33] Kirsten Renner: I actually like what you said about, about, you know, like deleting, uh, uh, the, um, a diesel on a, my son calls it rolling coal, you know, like puffing the smoke. Nice. Fun stuff. The badges won't hurt you.
[00:25:50] Sean Martin: They won't hurt you. No. Certainly worth, uh, I mean, I'd love to have a few that I've collected as well.
Um, not hanging behind me sadly, but, uh, I'd love, I have to say one of my favorites is the, uh, the wrench. From that picture that I showed you. Yes. That's pretty good. The shape, what it does.
[00:26:09] Kirsten Renner: What about that year that we had, we had, it was a, it was an actual autonomous vehicle. Like, our, the car hacking badge was a self driving car.
So I think that might be one of them.
[00:26:24] Sean Martin: We missed out on that one, Marco. Didn't, I'm not a big, we didn't know the right, we didn't know the right people at that time.
[00:26:30] Marco Ciappelli: You are the badge collector. . I mean, I, I can say, oh no, I feel terrible. I can say something about Sean is he collects badges as he tried different kind of food in Singapore and that's out and that's outta control.
So if you see a badge, it's must have it. If you see like a funny food on thing in Singapore and the style, he's going to try it.
[00:26:52] Sean Martin: I'll try anything exactly. Collect any badge,
[00:26:55] Kirsten Renner: any sticker. You're out of control in Singapore.
[00:27:00] Sean Martin: Missed out on a foodies dream.
[00:27:04] Marco Ciappelli: All right. So, uh, yes. Any more points?
[00:27:07] Sean Martin: You had me off on the food tangent.
[00:27:09] Marco Ciappelli: I know I distract you so I can ask, uh, all right, go for it. So what do you think? About DEF CON as it is now, you know, we said there's pack of people back to what it was even more and Yet during the old three years that you know A lot of stuff was virtual a lot of people thought, you know, it's never gonna go back to what it was There's always gonna be the virtual side of things which I'm a fan of for people that cannot make it and spend all the money To go to Vegas or anywhere else um But again, I, I was in a couple of other conference.
We didn't make it to Vegas. Um, is it still alive and kicking live and kicking?
[00:27:57] Kirsten Renner: People are excited. It is alive and kicking. Uh, it's going to be, I guess, something to notice. I'm already starting to see, uh, people taking tests and people testing positive. Um, so that's to be expected. I think the last count I saw, somebody put a counter together, but you can only wonder how many people aren't logging their, their positive, right?
So, uh, so we'll see. It was like 75 people. Out of 30, 000 is, you know, I don't even know how many zeros that is after the, after the decimal, but, um, we'll see. We'll see, you know, if it ended up being, you know, a bad idea or not. And people who can't or don't choose, you know, who have different, you know, risk tolerance levels, uh, will be able to see much of the content online.
You know, I mean, I spoke at. Besides, I didn't make it to Diana. I barely was kind of just strolling around Black Hat, but not really there. I was in the hallways and going to some corporate things, but it was packed everywhere. I mean, packed everywhere. Um, but DEF CON was just as busy as I've ever seen it.
[00:29:02] Marco Ciappelli: So, you know, I mean, I wasn't even referring much to the positive testing, but to the excitement of people and maybe, you know, for the future. of the events.
[00:29:13] Kirsten Renner: There certainly is no loss. There certainly does not seem to be any loss of interest in attending, right? And I, and I'll tell you why, because the content is carefully curated, right?
Like they are very selective and I can't imagine how difficult that is. You know, I can only tell you again from, you know, if you're a village and people are responding to your call for paper, how many How many, you know, can you select? Uh, because, uh, so imagine, you know, again, multiply that in your DEF CON and everybody wants to speak and you have all these panels of people reviewing the content, um.
The content is valuable and rich enough that there's no loss of interest in in the attendees, and I don't see that ever happening.
[00:29:58] Sean Martin: And, uh, you mentioned Black Hat. I've, I've spoken to a few folks, and they said there are actually a lot of executive level people at that event this year, which is pretty cool.
[00:30:09] Kirsten Renner: I saw the, um, The interview with Snehal from, um, Horizon. So yeah, I've been trying to, trying to notice what y'all are doing.
[00:30:21] Sean Martin: Yeah, we've had, yeah, recorded a lot of podcasts too, but even, even just, uh, in my interactions with the community, I've heard good things about the executive level participation in these, which starts at the top, right?
Yeah. You can, you can do all the research you want, but if, if no action is taken, usually driven by.
[00:30:45] Kirsten Renner: I think, I think what you just said is important. I think that it is a good sign of a leader to to be present and to, and to, uh, to be with the people on the ground. Right? Yeah. Um, I went to a conference, um, A couple of months ago in New Orleans, and there was a bunch of, uh, executive leaders from big, big corporations.
And they were saying, you know, they were offering different ways that they connect to their people, like go and go see the bathrooms that they're in. Go see their, where are they getting their food? Where, where are they working? Sit with them, sit with them in their meetings. Um, so yeah, I think it's a good sign of this, the CEOs.
Uh, like you, you interviewed Snehal. That's a good sign. Um, it's where I met Tiffany Gates, you know? Be present, be where the people are, uh, be hearing the things that they're hearing and talking to, talking to them. So, uh, I think it's a very good sign of a leader to be present there.
[00:31:47] Sean Martin: Well put, well put. Well, Kirsten, it's a pleasure to see you again.
Uh, Sad that we didn't get to connect in person in Vegas, but, uh, happy to have you on the show here to talk about your experience and, and share the things that the, the things got in the way of,
[00:32:04] Kirsten Renner: yes, yes, it makes the story better. Right. So I gotta have embarrassing stories to, to lead to the next, you know, thing.
But, uh, I, I am going to, I intend, um. So I guess this was like my redemption interview and I, I intend to put some thought into, um, a little bit more thought into how to, when I'm doing all these, you know, career coaching things and career development, you know, content to be, um, more thoughtful about how people can use, uh, con, um, conference attendance to enhance their careers because it has certainly made my career
[00:32:46] Sean Martin: Cheers to that.
Yep. It's the beginning. Black Hat was the birth of ITSP Magazine.
[00:32:53] Kirsten Renner: That's where it started. Oh, that makes me happy. That's awesome. Yeah.
[00:32:56] Sean Martin: Conference, conference driven.
[00:32:59] Kirsten Renner: Wonderful.
[00:33:00] Sean Martin: That was a while back. A while back.
[00:33:02] Kirsten Renner: How long ago was it? Eight years. Nice. Yeah. Nice. I can't even, I've been doing this for, I don't know, 15 years and I, I don't even remember you not doing it.
Being a part of it.
[00:33:15] Marco Ciappelli: Oh, Sean was, Sean was probably there.
[00:33:17] Sean Martin: I've been there as an individual for, for many, many years. .
[00:33:21] Kirsten Renner: Yeah. But I, we won't, I have no memory of in that You're not in. Yeah. That's funny.
[00:33:27] Marco Ciappelli: But, but you know, I have to say, Kristen, that when you were telling the story about your first attendance and feeling completely like, what the hell am I doing here? I mean, my, my background has nothing to do with that. I remember the first time I was working with Sean on some marketing for a tech company, a security company. And we went to RSA that was even before ITSP magazine. And I was like, what the hell am I doing here?
I mean, you go to the expo floor and all of that, and then I started going there as somebody that actually is having this conversation and, you know, talking about the imposter syndrome, you know, but, but people were so cool. Yeah. You know, never felt like somebody that didn't belong. It was more in my head, but it never really happened.
So, uh, that's, that's a good advice for everybody. I mean, it's good to be nervous. It's good to be feeling that energy, but you know, DEF CON. In particular, everybody's super friendly. Yeah. Despite the fear that everybody has,
[00:34:34] Kirsten Renner: the, the, the one common denominator that, uh, unites all attendees at every, at every level, all the volunteers, all the organizers and all the attendees is a, is a passion for teaching and learning.
Yeah. So the very best thing you can do is, is not be afraid to not know. People, uh, people are so attracted to and interested in, uh, your curiosity. If you come over, if you walk over and you say, what is that? You just made a friend. You just made a friend. Yeah, for sure.
[00:35:10] Marco Ciappelli: Great note, great note to highlight this one.
[00:35:14] Sean Martin: I'm still an imposter, but that's the difference.
[00:35:17] Marco Ciappelli: Yes. We all are. That's right. In everything we do.
[00:35:22] Sean Martin: Ah, boy. Well, um... Yeah, I'm thrilled, like I said, I'm thrilled to have you on the show and I'm hopeful, uh... Everybody listening gets a chance to, uh, to meet you in an upcoming DEF CON, uh, next year in Las Vegas and, uh, more specifically in the Carhackin Village.
And uh, who knows, maybe you get another, another spot on the, on the stage and they can see, see you share your, your insights there with them as well. So thanks everybody for, uh, listening and, uh, for those of you watching, uh, just get through the part where they're, everybody's making fun of our hair. Uh, and then you can keep going because the rest of it's pretty cool.
[00:36:00] Marco Ciappelli: Everybody being me.
[00:36:04] Kirsten Renner: Yeah. Yeah. My guess, my, my next speaking spot is... Besides NOVA and then I'm going to Security Congress, um, in Nashville.
[00:36:15] Sean Martin: On the road. Very cool. Very cool. We'll include links. Uh, you mentioned the video and I have a couple other links I'll put in the show notes as well for folks who want to, uh, want to see some things.
So, all right, everybody, keep well, subscribe, stay tuned, share with your friends, see you, see you somewhere soon.
[00:36:34] Kirsten Renner: Thanks guys.
[00:36:35] Marco Ciappelli: Bye.