So people go here to get hacked? WTF? I missing something here. Why have a convention if they know that's what the convention is doing?
Because if people don't beat software to death and bring to light the problems in poorly written or poorly tested code then you are at risk on a larger scale than you will be for the time of the convention. Social engineering is still the primary point of weakness because people still exist who have no idea or even want to know how any of this works behind the scenes.
It's mostly "ethical hackers", i.e. folks that work with companies and vendors to find the holes and vulnerabilities in their stuff and they disclose it to them to fix rather than exploiting it for nefarious purposes. Its common practice these days for enterprise companies and security companies in general to look to former hackers to hire onto their staffs.
They don't "go there to get hacked". They go there to learn about what the current cybersecurity landscape looks like. People will sometimes get hacked when they employ poor computer security practices and invite the temptation of hundreds of hacking-savvy folks at the convention. Think of going to the zoo.....and then reaching over the lion enclosure with a piece of steak in your hand. You COULD do that, or you could just stand behind the wall and observe like a normal person
So its a bunch of nerds walking around with chubs, talking about someones soft program writing skills..
I just wanted to let you know I am impressed that you could use the phrase "soft program writing skills"
Is it still a competition at its core with the good guys you reference teamed as "bad guys" for testing various corps systems?
If you can get a hold of Cannoli I'm pretty sure he has been. I used to pay attention to it when I was mildly interested in that tech stuff. Every year a new exploit hits the news from there and MSM loses their minds.
I was there a few years ago for another event. It was interesting - if I turned on my smartphone, all of the "secure" wireless networks that I usually connect to that could not have been there (home network, work network, hotel networks, etc.) showed up on my phone as available.
You're probably thinking of DEF CON. It actually starts just as Blackhat is wrapping up. Convenient 2 cybersecurity conventions back to back in Vegas ehh? https://en.wikipedia.org/wiki/DEF_CON