August 19, 2025 • 24 mins
"DEF CON is one of those places where you walk in expecting to learn one thing and walk out realizing the possibilities are far greater than you imagined."
Notable Moments
[02:24] – Trevor explains what DEF CON is and why it’s unique.
[04:36] – The rise of inclusivity and community groups like WISP and Diana Initiative.
[06:55] – Villages and Capture the Flag competitions explained.
[09:22] – A boat inside the Maritime Hacking Village surprises attendees.
[10:32] – The AI Cyber Challenge: DARPA and ARPA-H host a $4M competition.
[15:23] – Kubernetes workshops bring practical, take-home lessons.
[15:48] – Attacking AI image classifiers sparks conversations about healthcare.
[21:36] – Matt shares why exposure to diverse ideas at DEF CON benefits the Redox team.
Trevor Wilson, Staff Security Engineer at Redox, shares his experiences at DEF CON 2025. Trevor highlights the inclusive community, hands-on villages, and thought-provoking workshops. From hacking drones and boats to exploring vulnerabilities in AI models used in healthcare, the discussion reveals how DEF CON inspires curiosity and broadens security perspectives.
Episode Resources
https://aicyberchallenge.com/ - Main Site
https://archive.aicyberchallenge.com/ - Open Source Repos
Resources
https://redoxengine.com/
Have feedback or a topic suggestion? Submit it using this linked form.
Matt Mock mmock@redoxengine.com
Meghan McLeod mmcleod@redoxengine.com
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
Foreign.
Welcome to Shut the Back Door, brought to you by Redox. Shut the
Back Door is a healthcare security podcast dedicated to keeping health
data safe one episode at a time. I'm your host,
Jody Mayberry, and as you would expect, with me is
Megan McLeod. Hello, Megan. Hi, Jody. And
(00:22):
we have a returnee. Not quite a guest,
not quite a host, but you still love him, Matt Mock,
the CSO of Redox.
Hi, Matt. It's great to have you back. Hey, Jody. Great to be back. All
right, here is why it was important for Matt to be with us,
because this is a big episode, a
(00:43):
monumental episode. It's episode number 10, and
we couldn't hit that milestone without Matt. Matt, this
whole podcast was your idea, so congratulations on getting
it to episode 10. Thanks, Jody. Yeah, it's super exciting.
Very excited for the podcast, this
episode, and then what's coming later as well. We have some great
(01:06):
upcoming episodes and some great guests, so it's great to hit episode
10 and get to a milestone. Yeah, that's right. It's all. It just
keeps going up from here. So very exciting. And I've seen the lineup of
guests, and I'm. I'm really looking forward to some of those
conversations. The conversation I'm looking forward to the most, though, is the
one we are about to have with Trevor Wilson,
(01:28):
a staff security engineer at Redox. Hello, Trevor.
Hello, Jordan. Thanks for having me. Well, Trevor, we brought
you on the show because we want to talk about DEF con. Trevor
was just at defcon, and I will say I'm not familiar with DEF CON
yet. Trevor, I've been trying, as I saw, you're
going to be on the show, to figure out, without looking up, what does DEF
(01:51):
CON stand for. And the best I've come up with is
definitely a conference. Well, I think that's the best I think
anyone's come up with. I don't believe it stands for anything, so I won't remember.
Definitely a conference. For now, the meme is that usually DEFCON is
canceled. So it's funny you say definitely a conference, because the
joke always is, is that it tends to be canceled. It never has been, but
(02:12):
that's what people tell each other. So I think that's funny. You came to that.
Well, it's great. I think, for this episode, that I don't know
anything about it because I'm very curious. What is
DEF con? So, yeah, let me start explaining that. So DEF CON is a security
conference that's held annually. It's one of the longest running,
I feel, and definitely probably one of the larger ones, just globally.
(02:35):
It's always been held in Las Vegas, usually the first or like
second week of August. And that whole week there's like a couple of
major security conferences, most notably Black Hat B side. So it tends to be like
a full week of just security. Right. So large corporations going to Black
Hat as well as like DEFCON right after. And if I had to
describe like what makes DEFCON kind of unique or stand out from
(02:57):
some of the larger conferences, I'd say it'd be community and
inclusiveness. You know, there's a large number of communities that,
and villages that kind of get at defcon and it makes this really unique experience
where even if you're not someone that has a lot of experience with security or
maybe no knowledge at all, right. You can actually go and partake and actually
do stuff and learn something. They really try to make it so that if you're
(03:19):
an expert, there's stuff for you to do. If you're a complete novice, you can
come learn and actually take and do stuff. I know many friends that
bring their, like their spouses, significant others who aren't in the security field and
they go there and they have fun, they do stuff and they learn. So it's
a very unique conference, very different from all. A lot of the other ones. I've
kind of been especially considering how large it is. I think on
(03:40):
it usually averages around 30,000 attendees. So it's,
it's a pretty large conference this year there. I don't know the exact number, but
it was well over 20,000 and probably close to that, 30,000 men.
So that's kind of. So Trevor, that's something that,
when you say like the community inclusiveness, I feel like I've been
very intimidated to go to a conference like this just because of
(04:03):
its size and because, you know, even though I've been in security
for a number of years, like I haven't attended something like this. So the
intimidation factor is definitely there. So I think it's kind of cool to hear you
say that. It's, it's actually like very welcoming of all.
Yeah. And they're very aware of that. And that's the thing, because I started, I
think my first DEF con was 2017, so a number of years ago. And this
(04:24):
is just, you know, slight on demographics as there really weren't a lot of women.
There were some, but over the years it's gotten significantly. The presence of
women is huge. Some of the communities that they're. I'm sure you're Familiar with wisp
women in security and privacy. They have pretty much always been there. They're pretty active
into it. The Diana Initiative is another one that's, you know, specifically
targeting that. And I think maybe not this year, but women of cyberjutsu, there's. So
(04:46):
there's always a lot of communities that are really trying to get underrepresented
groups, whatever it is there, and the community's open to it, like
that's what they want to do. And it's. I feel like over the
years I've gone, it's shell. Right. Like even this year I saw like there's a
surprising number of kids, like teenagers. Like obviously it's not something you'd say like,
oh, you know, it's a great place to take your kid. But oftentimes, you know,
(05:07):
people get into, you know, security and stuff at a young age and it really
is an environment where you can kind of go there and there'll be stuff for
them to do and it'll be, you know, an inclusive community. Like they welcome
that, they want to do that, they want, they love seeing that type of stuff.
So yeah, the hesitation you have is very common. But DEF
Con really is a place where it's like, it's okay, you won't have to feel
that way. You can go there, feel safe, you can learn, you know, you don't
(05:29):
have to feel intimidated that you don't know something. Someone will, you know, if you
go to certain villages, there will be people that say, hey, you don't know stuff,
it's okay. There's a lot of villages that kind of have like self guided
CTFs where it's like, hey, you know, you just show up, bring a laptop or
sometimes they have their own. You're not, if you're too scared about bringing your own
laptop, which is understandable and you can just learn stuff, you can take it down.
Self guided. I believe one of the ones that stood out was like the aerospace
(05:51):
village. I didn't have time to do it, but they had a self guided CTF
on how to hack drones. They actually had drones on a table, you know, like
the quadcopter ones. You'd expect from like the military. They just had drones out there
and you could learn how to hack them. They had the whole thing self guided.
Right. And so it's really teaching stuff like that that's really unique. It kind of
adds to the uniqueness of defcon because it's so large. You do get
(06:12):
all these different types of industries that can just show up there and Post
stuff. So yeah, very cool. I feel like you've sold me on it. And we
haven't even gotten very far into the, the podcast episode. But
when talking about like the activities and stuff, do you want to just give kind
of an overview of the activities and like maybe also explain like what a CTF
is just in case there's anyone listening who may not know? Yeah, sure.
(06:33):
So just with overall activity. So it is a security conference. So there's always main
talks, right? And these are the ones that you know, usually it's somebody either
talking about research or talking about something interesting they did. So there's always kind of
main talks. But that's what you kind of expect that you know, most security
conferences, the main thing are. The other thing I think stands out are
villages. And I think this year there was like almost 40 villages. And the
(06:55):
villages are kind of themed about either some type of industry or
some other aspect. So Aerospace 1 was one I mentioned. But there's always like a
red team village was kind of like offensive focus. There's blue team villages
which is obviously defensive focused. But even this year I might have
gone last year, but there was a maritime hacking village. So you can. So which
was pretty interesting as well. But lock picking villages. So these are kind of like
(07:17):
areas in the conference where they have their own kind of like community
hosted events going on. So sometimes it'll just be talks, sometimes it
can be kind of like open workshops where like I said, you bring a laptop
and sometimes they host CTFs. So CTF is an acronym for
Capture the flag. They're pretty common in security. It's usually some type
of game to think of it. That's the idea where you take part in
(07:38):
challenges. So sometimes it might be hacking something, it might be know looking
for something and you look for flags of some sort. DEFCON is known for its
ttf. So not only do the villages have it, but like officially
DEFCON has ctf. So they have like a main one where teams compete
to hack, but they have like a social engineering one. They have a scavenger
hunt which actually surprisingly I know some friends that actually did pretty well. And
(08:00):
so it's like doing random things all over Las Vegas. Sometimes computer related,
sometimes not. And so yeah, CTFs are another large thing about DEF
CON, just due to the wide variety. And there's people who show up there
and that's all they do for three days. It's just ETF for certain things because
they tend to be. Some are okay, but some tend to be pretty mind bending
and Challenging, but people love that stuff. And yeah, so that's kind of the main
(08:21):
overview. And then the last thing is workshops. And those are kind of more like
training. Specifically DEFCON does have paid training, but workshops
are free kind of training that you can register for if you can get one.
And that's kind of more of like a quick four hour class. And it's usually
someone you know, it's usually like a hands on walkthrough. It's like I said, it's
four hours, pretty busy. But that's kind of where I would say the general
(08:42):
activities break down into talks, villages and kind of workshops and
CTFs. It sounds like there were so many great activities
at defcon. How did you spend most of your time? Well,
yeah, so I spent most of my time actually in workshops, believe it
or not, which I tend to always do. I did have some time
beforehand basically on my first, on the first actual live day I was
(09:05):
able to walk around and kind of see a few things. So there's a couple
of the interesting things I saw. But most of my time was spent
in workshops. I'll start on kind of the interesting thing that I saw because this
kind of adds to the unique nature of defcon. I mentioned the maritime hacking
village. The reason why I stood out is they actually brought a boat in. They
have like a, like a min. I don't know if it was like, it's not
like a tugboat, but it was an actual boat. They had brought it into the
(09:25):
conference and it was in the maritime village. They had like a CTF going
on where you go around and you mess around with various naval equipment. And that
was part of their ctf. They brought an unmanned like submersible drone in as
well. So that's the, you know, the shenanigans that people talk about
DEFCON sometimes is people bring in some very interesting things. So it was cool to
just see what that were there because I wasn't aware that the maritime
(09:47):
village was at defcon. It wasn't there prior. So it's interesting to see
kind of the shift of, you know, I mean it wasn't all Coast Guard, but
like it was some people that were retired from the Coast Guard. I know I
spoke in there and then they're hosting it. So it's kind of trying to
take something that you would have considered is not really heavily on technology
and bring it to DEFCON and get people interested in, you know, the community and
(10:08):
learn how to start hacking and what some of the issues are when it comes
to maritime and like its adoption of technology. So that was cool. Just seeing a
boat inside the middle of the conference in Las Vegas in a desert was not
on my checklist of things I was gonna see. The other
interesting thing I saw, which I didn't know about, it was it's called the AI
Cyber Challenge. I was walking around the conference and then there was this huge booth.
(10:30):
It looked almost like a vendor booth, but it wasn't. And what caught my eye
was I saw like they had these huge boards and one of them just said
like transport system, one of them said like electrical system. And the one that
caught my eye was healthcare. And they actually had this board where they talked about
kind of the impact and stats around breaches of health, of
healthcare. Basic it was, didn't say hospitals, but that's kind of like the description it
(10:50):
gave and like how an attack on a hospital directly impact
patients. I was like, oh, what is this? So it caught my eye. So I
started asking some of the folks who were attending, like the stats there. I was
like, oh, what is this? And they kind of explained to me that this is
called AI Cyber Challenge. It was a competition that started,
started two years ago and it was hosted by DARPA and ARPA H,
(11:11):
which I had. You know, I never heard of ARPA H. I
didn't know it existed. But apparently there's a healthcare sector that does the same thing
as darpa. And the whole goal of the competition
was to get teams to kind of build a system.
They called it Cyber Reasoning System, but it was basically to
build some type of system that could find vulnerabilities and fix
(11:33):
them in code, basically for source code. The idea being
that a lot of these sectors, healthcare, transportation, you know,
electrical systems, you know, oftentimes government, not always, but they
don't have the money to always like get the latest technology. So
oftentimes they use open source tools and they don't have a lot. And in the
past years we've noticed the number of attacks that have happened. Acting
(11:55):
is really important, but these organizations, they sometimes don't have that. And
that's kind of what DARPA noticed through this. And so the idea was get
teams build something so they can kind of give it back to the community and
like make it public so that this whole that they can use these tools to
essentially find vulnerabilities and patch them. That's the general
idea behind it. And so it's pretty interesting to learn about. They
(12:17):
announced the winners at that competition. So they've been going for the last two
years. I didn't hear about today until then, I believe the winning team
won 4 million and the second place team won 3 million
and the third, like one and a half. So. And they tested these.
And the whole point of this, I think they said they gave the systems that
these teams built, I want to say it was like 54 million lines of
(12:39):
code. So, like their systems had to evaluate 54 million lines of
code, find vulnerabilities and fix them. And they were all able to
essentially do that to astonishing number of them out. They had the stats
on their site. So it was a pretty interesting competition just because, you know,
like I said, I wasn't looking for it, I just stumbled upon it because I
saw healthcare and I'm like, oh, what is this? But it's interesting that they saw
(12:59):
that and I learned about our page. So that's kind of what I mean about
defcon too is like you can just wander around and find something you're not expecting
and learn something new. Well, and that's kind of cool that they're taking it to,
I mean, just outside of just the conference and making like
actual real world differences with some of this stuff. Because
like you said, this is obviously a challenge in healthcare, like hospitals and
(13:21):
systems that might not have the funding to actually
patch vulnerabilities that are pretty critical and can actually impact
patient care. I'm very curious about this whole thing now, so I want to look
into it a bit more after this at this point because it's just super
relevant to everything that we always chat about. Yeah, and that's what I thought.
And everything the team's made, it's all up now. Like the competition's over. I
(13:43):
think you can. I think it's aicyberchallenge.com obviously you can Google it.
But yeah, that's, you know, that's what I thought was interesting as well. And,
you know, that's kind of. It adds back to the thing is that they announced
this. DARPA used DEFCON to announce this and kind of get interest from the community
and kind of host it. And that's kind of what I. One of the unique
things about Duck Con, because it is so large and it attracts so many different
(14:03):
people, you know, it shows kind of the success that you can have
when you interact with the community like that. So that was probably the two, like,
main interesting things I saw. Kind of harping back to what Jimmy asked earlier. Where
I spent most of my time, it was in workshops. I went to three
workshops this year. I usually try not to, but they were Interesting. So
I ended up doing it. So that's where I spent most of my time on
(14:25):
Saturday. Basically. The first, I went to two workshops that were kind of
on kubernetes, attacking and defending kubernetes. So I thought it was pretty
interesting. I learned a lot of great stuff. The nice thing about workshops is that
you can kind of take home what they show you and, like, you know, it's
not something that's only there and once you leave, you can't do it or practice
anymore. All the workshops are really designed to, you know, have you
(14:47):
do stuff in the four hours, but take it home, practice it, do stuff at
your work, share it out with, like, other teams. That's usually what I do. Like,
in the past with onto EPCON workshops, I usually host something for us. You know,
I. I take it back. I kind of make it so that it makes sense
for us, and then, you know, usually have a meeting or something with our team
and kind of share out the same information. So it's two workshops on
(15:07):
attacking kubernetes that will be good for us just because it's really relevant to our
stuff. We can take some of that stuff, use it ourselves, whether we want to
do it for any internal pen tests we have, or if we just want to
use it to test our tools or any feature projects. So I'll probably spin
up a couple of meetings for us internally to share that out with our team.
We can say that. Anyway. The other workshop I went on, which is pretty interesting,
was attacking AI models. Now, I will be honest, I feel like half of it
(15:30):
went over my head, but I was able to understand some of it. So I'll
do my best to explain. And this kind of feel was kind of the most
interesting just because it was pretty much all new to me. So what we were
essentially doing was we were taking a image classifier.
So we were taking code down, we were giving it an image, and we're having
it classify it. So the example we used was a panda. So we took an
image of a panda. We told the code, hey, analyze this image. What is it?
(15:54):
And it would tell us it's a panda. Great. So how would we attack it?
So we would basically take the same image and we would add some type of
modification to it. I think the correct technical term is a perturbation.
That's what you'll see. But we were adding some type of noise. So like modifying
the pixels or adding, you know, just. Well, by a decent amount, but, you know,
adding some type of noise to it. I could Tell as a human that it's
(16:16):
still a panda. But we'd ask the image classifier, hey, what is this? And it
would say, it's like a ferret, right? Which so clearly it's the odd thing. And
one of the attendees next to me had to say his own stuff, or is
an image of a golden retriever and another image of a golden retriever that
he just slightly modified the colors on the pixels of. So, you know, it barely
modified. And the models he was running it, they're like, one model said, yep, this
(16:36):
is a golden retriever. And when it looked at his modified image, it said it
was a chainsaw. So it's really trying to show, like, how you attack these
image classifiers and now not all AI's image classifiers. Right. But it
was interesting that we did on this one. And what happened was one
of the other attendees brought up about radiology. So he basically
mentioned that radiologists are in high demand and that a lot of hospitals have
(16:58):
no choice but to kind of rely on AI tools. And what the AIs are
doing is modifying the images or they're analyzing the image. I
should say, sorry about that. And that's what they're doing. And we were kind of
talking about kind of the interesting and. Or the scary. You could say things that
can happen because a lot of the AI systems, they might
have biases in them depending on how they were trained and especially the data
(17:19):
that was used, because you don't, you know, as a patient, you don't know what's
going on. But the system that was built, if it's not protected, right, it could
get attacked. And, you know, there's. As scary as it is, there's ways to basically
say, like, hey, if this shows up on an image, yeah, there's no problem with
it. And that was. The whole thing was to get the AI model to
misclassify something. So it's a pretty interesting discussion
that came out of that workshop, aside from just actually doing the attack on
(17:43):
the thing, but another thing where it's just, you know, I wasn't expecting to learn
about healthcare or get some healthcare perspective from that, but there.
There it happened. Yeah. And that's actually, it's funny because that's really
relevant to one of our episodes that we're going to have, you know, coming up
shortly after this, on attacking AI and the
vulnerabilities that can happen in that. So very relevant. And I definitely hadn't thought of
(18:05):
it from when you had set images. Like, I was trying to think, okay, like
what could this mean for image classifiers? And then was
like, you know, is there actually an implication for that? And then you mentioned radiology
and it's like, yeah, there is. There definitely could be
where that could be a big problem. Yeah, and I hadn't either. And that's,
you know, it was very interesting because I was like, I did not expect to
(18:25):
have that conversation. And it also, we also kind of talked about, like, the data
they use to make the model and how a lot of times, because
you can go, there are websites, we did the workshop, there's websites you can go
to to pull down large data sets. So it's like you can pull out data
sets and kind of make your own AI model and train it. The problem being
is people have done studies to show that the data that's out there publicly
(18:46):
has kind of been tampered with, either maliciously or like, there's an
implicit bias that's been put in. And sometimes when people make
these models, you know, build their AI model off of it and ship it as
a tool, that bias gets shipped with it. So, you know, in the
past, if you've ever, like, done, like, use some tools and you get some weird
answer, it might not be because the AI is making something up. It's just because
(19:07):
the data it was trained on had that bias built into it. And that's kind
of where it got scary because obviously with stuff like healthcare, there are some things
where it's like they might have no choice but to use some type of AI
tool to do it. So making sure that they protect the model. And we
talked a little bit about the workshop on ways like how you would protect your
kind of, in this, in this case, an image classifier, but how to do that.
(19:28):
But it's just things to be aware of and keep that perspective in mind when
you either have to interact or you develop these tools. So overall, they're both
great workshops. A lot of good content. Like I said, the AI stuff, a lot
of the other stuff is it wasn't math heavy, but it talked a lot of
concepts that were due to me. So something went over my head, But I still
learned something new. So I always appreciate that. Yeah, I think that's one of the
(19:48):
cool things about DEF CON is there's just so much variety
and folks go in there thinking like they're going to learn one thing
and they just happened on something that's really cool and it might help
them expand their careers or, you know, take them in a different direction.
But I also love to hear These, you know, various ways to
kind of attack or defend things that you wouldn't otherwise think of. Like
(20:11):
the image thing is, is super relevant because it's also something when
you just see like, oh, this AI is going to analyze this image and then
you might just think that's it. Like, oh, there's not really a tack factor here.
But thinking of it from like a radiology
viewpoint, like that's a big deal. If someone, you
maliciously went after images and then kind of use that to
(20:33):
maybe extort the hospital or something like that where you know, now on
you're not going to be able to get the outcome that you're expecting
or you know, patient decisions and outcomes are going to be
delayed. And it's good that these type of things come up like
in DEF con because also not things that normally get talked
about. So it's super interesting. Well, and Matt, I know
(20:56):
Trevor has said that he does talk about and I definitely enjoyed
overviews and summaries from before, but it sounds like we might need a couple for
this one because like kubernetes by itself I feel it could take up an
entire hour and then want to get into the AI stuff as well.
So Matt, you might need to help us coordinate a few of them. Yeah,
definitely. It's great to knowledge share and hopefully get more
(21:18):
folks out there next time too. Matt, I know we've been talking to
Trevor about what happened at DEF CON and what he did,
but from your perspective in your leadership role,
what's the benefit to you and the team in Redox to
have people go to defcon? Yeah, expanding
the knowledge in just different ways to think about how
(21:41):
you tackle problems I think is one of the biggest benefits.
Networking and seeing new techniques and tools.
Yeah. If you go to a, maybe a conference that's put on for
a very specific topic or by a, you know, a specific vendor,
you know that that's going to be very, you know, limited no matter how
much they try. It's being put on for a very specific reason. Yeah.
(22:03):
And in DEF con, like something like that is so broad that you
can really get people to open up their minds about, you know, a
particular topic and find new ways network
with people that, you know, when we hit a problem and we're trying to figure
out how to do this. Now, you might have seen somebody that was
at a workshop or was presenting something there that might not
(22:26):
have anything directly to do with it, but remembered how they were tackling
this problem and that can open up opportunities and it's great
for the team to just hear about other areas,
especially if somebody's very focused on a particular area. You know,
maybe like for Trevor, you know, if it was like ir, for
instance, and then you get to go there thinking that, like, maybe that's what you're
(22:48):
gonna, you know, focus on the whole time. And then other things pull you in
and it helps you broaden your knowledge, which also helps you
just in general to be able to tackle the security problems. Are
we gonna lose you to maritime security, Trevor?
Are you sticking with the. With the healthcare? Still sticking with it. It was interesting
though, but mainly because I had no idea how any of it worked. But.
(23:11):
Well, it's been interesting to hear what
Trevor learned at defcon. And even Megan
and Matt you heard they had not considered the
image classifiers and the impact that can make. So
just from this small conversation, and Megan's right, we could go for an
hour easy. But just from this small conversation, what
(23:33):
Matt's point is. Right on. How learning more of what's
out there and Trevor coming back and talking about it, it does help spread
the ideas and the awareness. Join us next
episode as we discuss more security challenges impacting
healthcare and practical ways to address them.
Trevor, as we wrap up this episode, is there anything else you want
(23:55):
to add? No. Thank you for having me. I enjoy talking about this
stuff. Hopefully everyone found it interesting. It's exciting. Is
considering going next year. DEF CON will be on next year.
I believe it's around the 13th to 16th of
August next year. So if this inspired you or got you interested, consider
checking it out. As one thing I would say as a reminder to everyone
(24:17):
listening, please use the link in the show notes to share any comments, feedbacks or
ideas you may have. We really value the engagement you all provide.
Yeah, and don't forget to lock the back door.
Foreign.
Welcome to Shut the Back Door, brought to you by Redox. Shut the
Back Door is a healthcare security podcast dedicated to keeping health
data safe one episode at a time. I'm your host,
Jody Mayberry, and as you would expect, with me is
Megan McLeod. Hello, Megan. Hi, Jody. And
(00:22):
we have a returnee. Not quite a guest,
not quite a host, but you still love him, Matt Mock,
the CSO of Redox.
Hi, Matt. It's great to have you back. Hey, Jody. Great to be back. All
right, here is why it was important for Matt to be with us,
because this is a big episode, a
(00:43):
monumental episode. It's episode number 10, and
we couldn't hit that milestone without Matt. Matt, this
whole podcast was your idea, so congratulations on getting
it to episode 10. Thanks, Jody. Yeah, it's super exciting.
Very excited for the podcast, this
episode, and then what's coming later as well. We have some great
(01:06):
upcoming episodes and some great guests, so it's great to hit episode
10 and get to a milestone. Yeah, that's right. It's all. It just
keeps going up from here. So very exciting. And I've seen the lineup of
guests, and I'm. I'm really looking forward to some of those
conversations. The conversation I'm looking forward to the most, though, is the
one we are about to have with Trevor Wilson,
(01:28):
a staff security engineer at Redox. Hello, Trevor.
Hello, Jordan. Thanks for having me. Well, Trevor, we brought
you on the show because we want to talk about DEF con. Trevor
was just at defcon, and I will say I'm not familiar with DEF CON
yet. Trevor, I've been trying, as I saw, you're
going to be on the show, to figure out, without looking up, what does DEF
(01:51):
CON stand for. And the best I've come up with is
definitely a conference. Well, I think that's the best I think
anyone's come up with. I don't believe it stands for anything, so I won't remember.
Definitely a conference. For now, the meme is that usually DEFCON is
canceled. So it's funny you say definitely a conference, because the
joke always is, is that it tends to be canceled. It never has been, but
(02:12):
that's what people tell each other. So I think that's funny. You came to that.
Well, it's great. I think, for this episode, that I don't know
anything about it because I'm very curious. What is
DEF con? So, yeah, let me start explaining that. So DEF CON is a security
conference that's held annually. It's one of the longest running,
I feel, and definitely probably one of the larger ones, just globally.
(02:35):
It's always been held in Las Vegas, usually the first or like
second week of August. And that whole week there's like a couple of
major security conferences, most notably Black Hat B side. So it tends to be like
a full week of just security. Right. So large corporations going to Black
Hat as well as like DEFCON right after. And if I had to
describe like what makes DEFCON kind of unique or stand out from
(02:57):
some of the larger conferences, I'd say it'd be community and
inclusiveness. You know, there's a large number of communities that,
and villages that kind of get at defcon and it makes this really unique experience
where even if you're not someone that has a lot of experience with security or
maybe no knowledge at all, right. You can actually go and partake and actually
do stuff and learn something. They really try to make it so that if you're
(03:19):
an expert, there's stuff for you to do. If you're a complete novice, you can
come learn and actually take and do stuff. I know many friends that
bring their, like their spouses, significant others who aren't in the security field and
they go there and they have fun, they do stuff and they learn. So it's
a very unique conference, very different from all. A lot of the other ones. I've
kind of been especially considering how large it is. I think on
(03:40):
it usually averages around 30,000 attendees. So it's,
it's a pretty large conference this year there. I don't know the exact number, but
it was well over 20,000 and probably close to that, 30,000 men.
So that's kind of. So Trevor, that's something that,
when you say like the community inclusiveness, I feel like I've been
very intimidated to go to a conference like this just because of
(04:03):
its size and because, you know, even though I've been in security
for a number of years, like I haven't attended something like this. So the
intimidation factor is definitely there. So I think it's kind of cool to hear you
say that. It's, it's actually like very welcoming of all.
Yeah. And they're very aware of that. And that's the thing, because I started, I
think my first DEF con was 2017, so a number of years ago. And this
(04:24):
is just, you know, slight on demographics as there really weren't a lot of women.
There were some, but over the years it's gotten significantly. The presence of
women is huge. Some of the communities that they're. I'm sure you're Familiar with wisp
women in security and privacy. They have pretty much always been there. They're pretty active
into it. The Diana Initiative is another one that's, you know, specifically
targeting that. And I think maybe not this year, but women of cyberjutsu, there's. So
(04:46):
there's always a lot of communities that are really trying to get underrepresented
groups, whatever it is there, and the community's open to it, like
that's what they want to do. And it's. I feel like over the
years I've gone, it's shell. Right. Like even this year I saw like there's a
surprising number of kids, like teenagers. Like obviously it's not something you'd say like,
oh, you know, it's a great place to take your kid. But oftentimes, you know,
(05:07):
people get into, you know, security and stuff at a young age and it really
is an environment where you can kind of go there and there'll be stuff for
them to do and it'll be, you know, an inclusive community. Like they welcome
that, they want to do that, they want, they love seeing that type of stuff.
So yeah, the hesitation you have is very common. But DEF
Con really is a place where it's like, it's okay, you won't have to feel
that way. You can go there, feel safe, you can learn, you know, you don't
(05:29):
have to feel intimidated that you don't know something. Someone will, you know, if you
go to certain villages, there will be people that say, hey, you don't know stuff,
it's okay. There's a lot of villages that kind of have like self guided
CTFs where it's like, hey, you know, you just show up, bring a laptop or
sometimes they have their own. You're not, if you're too scared about bringing your own
laptop, which is understandable and you can just learn stuff, you can take it down.
Self guided. I believe one of the ones that stood out was like the aerospace
(05:51):
village. I didn't have time to do it, but they had a self guided CTF
on how to hack drones. They actually had drones on a table, you know, like
the quadcopter ones. You'd expect from like the military. They just had drones out there
and you could learn how to hack them. They had the whole thing self guided.
Right. And so it's really teaching stuff like that that's really unique. It kind of
adds to the uniqueness of defcon because it's so large. You do get
(06:12):
all these different types of industries that can just show up there and Post
stuff. So yeah, very cool. I feel like you've sold me on it. And we
haven't even gotten very far into the, the podcast episode. But
when talking about like the activities and stuff, do you want to just give kind
of an overview of the activities and like maybe also explain like what a CTF
is just in case there's anyone listening who may not know? Yeah, sure.
(06:33):
So just with overall activity. So it is a security conference. So there's always main
talks, right? And these are the ones that you know, usually it's somebody either
talking about research or talking about something interesting they did. So there's always kind of
main talks. But that's what you kind of expect that you know, most security
conferences, the main thing are. The other thing I think stands out are
villages. And I think this year there was like almost 40 villages. And the
(06:55):
villages are kind of themed about either some type of industry or
some other aspect. So Aerospace 1 was one I mentioned. But there's always like a
red team village was kind of like offensive focus. There's blue team villages
which is obviously defensive focused. But even this year I might have
gone last year, but there was a maritime hacking village. So you can. So which
was pretty interesting as well. But lock picking villages. So these are kind of like
(07:17):
areas in the conference where they have their own kind of like community
hosted events going on. So sometimes it'll just be talks, sometimes it
can be kind of like open workshops where like I said, you bring a laptop
and sometimes they host CTFs. So CTF is an acronym for
Capture the flag. They're pretty common in security. It's usually some type
of game to think of it. That's the idea where you take part in
(07:38):
challenges. So sometimes it might be hacking something, it might be know looking
for something and you look for flags of some sort. DEFCON is known for its
ttf. So not only do the villages have it, but like officially
DEFCON has ctf. So they have like a main one where teams compete
to hack, but they have like a social engineering one. They have a scavenger
hunt which actually surprisingly I know some friends that actually did pretty well. And
(08:00):
so it's like doing random things all over Las Vegas. Sometimes computer related,
sometimes not. And so yeah, CTFs are another large thing about DEF
CON, just due to the wide variety. And there's people who show up there
and that's all they do for three days. It's just ETF for certain things because
they tend to be. Some are okay, but some tend to be pretty mind bending
and Challenging, but people love that stuff. And yeah, so that's kind of the main
(08:21):
overview. And then the last thing is workshops. And those are kind of more like
training. Specifically DEFCON does have paid training, but workshops
are free kind of training that you can register for if you can get one.
And that's kind of more of like a quick four hour class. And it's usually
someone you know, it's usually like a hands on walkthrough. It's like I said, it's
four hours, pretty busy. But that's kind of where I would say the general
(08:42):
activities break down into talks, villages and kind of workshops and
CTFs. It sounds like there were so many great activities
at defcon. How did you spend most of your time? Well,
yeah, so I spent most of my time actually in workshops, believe it
or not, which I tend to always do. I did have some time
beforehand basically on my first, on the first actual live day I was
(09:05):
able to walk around and kind of see a few things. So there's a couple
of the interesting things I saw. But most of my time was spent
in workshops. I'll start on kind of the interesting thing that I saw because this
kind of adds to the unique nature of defcon. I mentioned the maritime hacking
village. The reason why I stood out is they actually brought a boat in. They
have like a, like a min. I don't know if it was like, it's not
like a tugboat, but it was an actual boat. They had brought it into the
(09:25):
conference and it was in the maritime village. They had like a CTF going
on where you go around and you mess around with various naval equipment. And that
was part of their ctf. They brought an unmanned like submersible drone in as
well. So that's the, you know, the shenanigans that people talk about
DEFCON sometimes is people bring in some very interesting things. So it was cool to
just see what that were there because I wasn't aware that the maritime
(09:47):
village was at defcon. It wasn't there prior. So it's interesting to see
kind of the shift of, you know, I mean it wasn't all Coast Guard, but
like it was some people that were retired from the Coast Guard. I know I
spoke in there and then they're hosting it. So it's kind of trying to
take something that you would have considered is not really heavily on technology
and bring it to DEFCON and get people interested in, you know, the community and
(10:08):
learn how to start hacking and what some of the issues are when it comes
to maritime and like its adoption of technology. So that was cool. Just seeing a
boat inside the middle of the conference in Las Vegas in a desert was not
on my checklist of things I was gonna see. The other
interesting thing I saw, which I didn't know about, it was it's called the AI
Cyber Challenge. I was walking around the conference and then there was this huge booth.
(10:30):
It looked almost like a vendor booth, but it wasn't. And what caught my eye
was I saw like they had these huge boards and one of them just said
like transport system, one of them said like electrical system. And the one that
caught my eye was healthcare. And they actually had this board where they talked about
kind of the impact and stats around breaches of health, of
healthcare. Basic it was, didn't say hospitals, but that's kind of like the description it
(10:50):
gave and like how an attack on a hospital directly impact
patients. I was like, oh, what is this? So it caught my eye. So I
started asking some of the folks who were attending, like the stats there. I was
like, oh, what is this? And they kind of explained to me that this is
called AI Cyber Challenge. It was a competition that started,
started two years ago and it was hosted by DARPA and ARPA H,
(11:11):
which I had. You know, I never heard of ARPA H. I
didn't know it existed. But apparently there's a healthcare sector that does the same thing
as darpa. And the whole goal of the competition
was to get teams to kind of build a system.
They called it Cyber Reasoning System, but it was basically to
build some type of system that could find vulnerabilities and fix
(11:33):
them in code, basically for source code. The idea being
that a lot of these sectors, healthcare, transportation, you know,
electrical systems, you know, oftentimes government, not always, but they
don't have the money to always like get the latest technology. So
oftentimes they use open source tools and they don't have a lot. And in the
past years we've noticed the number of attacks that have happened. Acting
(11:55):
is really important, but these organizations, they sometimes don't have that. And
that's kind of what DARPA noticed through this. And so the idea was get
teams build something so they can kind of give it back to the community and
like make it public so that this whole that they can use these tools to
essentially find vulnerabilities and patch them. That's the general
idea behind it. And so it's pretty interesting to learn about. They
(12:17):
announced the winners at that competition. So they've been going for the last two
years. I didn't hear about today until then, I believe the winning team
won 4 million and the second place team won 3 million
and the third, like one and a half. So. And they tested these.
And the whole point of this, I think they said they gave the systems that
these teams built, I want to say it was like 54 million lines of
(12:39):
code. So, like their systems had to evaluate 54 million lines of
code, find vulnerabilities and fix them. And they were all able to
essentially do that to astonishing number of them out. They had the stats
on their site. So it was a pretty interesting competition just because, you know,
like I said, I wasn't looking for it, I just stumbled upon it because I
saw healthcare and I'm like, oh, what is this? But it's interesting that they saw
(12:59):
that and I learned about our page. So that's kind of what I mean about
defcon too is like you can just wander around and find something you're not expecting
and learn something new. Well, and that's kind of cool that they're taking it to,
I mean, just outside of just the conference and making like
actual real world differences with some of this stuff. Because
like you said, this is obviously a challenge in healthcare, like hospitals and
(13:21):
systems that might not have the funding to actually
patch vulnerabilities that are pretty critical and can actually impact
patient care. I'm very curious about this whole thing now, so I want to look
into it a bit more after this at this point because it's just super
relevant to everything that we always chat about. Yeah, and that's what I thought.
And everything the team's made, it's all up now. Like the competition's over. I
(13:43):
think you can. I think it's aicyberchallenge.com obviously you can Google it.
But yeah, that's, you know, that's what I thought was interesting as well. And,
you know, that's kind of. It adds back to the thing is that they announced
this. DARPA used DEFCON to announce this and kind of get interest from the community
and kind of host it. And that's kind of what I. One of the unique
things about Duck Con, because it is so large and it attracts so many different
(14:03):
people, you know, it shows kind of the success that you can have
when you interact with the community like that. So that was probably the two, like,
main interesting things I saw. Kind of harping back to what Jimmy asked earlier. Where
I spent most of my time, it was in workshops. I went to three
workshops this year. I usually try not to, but they were Interesting. So
I ended up doing it. So that's where I spent most of my time on
(14:25):
Saturday. Basically. The first, I went to two workshops that were kind of
on kubernetes, attacking and defending kubernetes. So I thought it was pretty
interesting. I learned a lot of great stuff. The nice thing about workshops is that
you can kind of take home what they show you and, like, you know, it's
not something that's only there and once you leave, you can't do it or practice
anymore. All the workshops are really designed to, you know, have you
(14:47):
do stuff in the four hours, but take it home, practice it, do stuff at
your work, share it out with, like, other teams. That's usually what I do. Like,
in the past with onto EPCON workshops, I usually host something for us. You know,
I. I take it back. I kind of make it so that it makes sense
for us, and then, you know, usually have a meeting or something with our team
and kind of share out the same information. So it's two workshops on
(15:07):
attacking kubernetes that will be good for us just because it's really relevant to our
stuff. We can take some of that stuff, use it ourselves, whether we want to
do it for any internal pen tests we have, or if we just want to
use it to test our tools or any feature projects. So I'll probably spin
up a couple of meetings for us internally to share that out with our team.
We can say that. Anyway. The other workshop I went on, which is pretty interesting,
was attacking AI models. Now, I will be honest, I feel like half of it
(15:30):
went over my head, but I was able to understand some of it. So I'll
do my best to explain. And this kind of feel was kind of the most
interesting just because it was pretty much all new to me. So what we were
essentially doing was we were taking a image classifier.
So we were taking code down, we were giving it an image, and we're having
it classify it. So the example we used was a panda. So we took an
image of a panda. We told the code, hey, analyze this image. What is it?
(15:54):
And it would tell us it's a panda. Great. So how would we attack it?
So we would basically take the same image and we would add some type of
modification to it. I think the correct technical term is a perturbation.
That's what you'll see. But we were adding some type of noise. So like modifying
the pixels or adding, you know, just. Well, by a decent amount, but, you know,
adding some type of noise to it. I could Tell as a human that it's
(16:16):
still a panda. But we'd ask the image classifier, hey, what is this? And it
would say, it's like a ferret, right? Which so clearly it's the odd thing. And
one of the attendees next to me had to say his own stuff, or is
an image of a golden retriever and another image of a golden retriever that
he just slightly modified the colors on the pixels of. So, you know, it barely
modified. And the models he was running it, they're like, one model said, yep, this
(16:36):
is a golden retriever. And when it looked at his modified image, it said it
was a chainsaw. So it's really trying to show, like, how you attack these
image classifiers and now not all AI's image classifiers. Right. But it
was interesting that we did on this one. And what happened was one
of the other attendees brought up about radiology. So he basically
mentioned that radiologists are in high demand and that a lot of hospitals have
(16:58):
no choice but to kind of rely on AI tools. And what the AIs are
doing is modifying the images or they're analyzing the image. I
should say, sorry about that. And that's what they're doing. And we were kind of
talking about kind of the interesting and. Or the scary. You could say things that
can happen because a lot of the AI systems, they might
have biases in them depending on how they were trained and especially the data
(17:19):
that was used, because you don't, you know, as a patient, you don't know what's
going on. But the system that was built, if it's not protected, right, it could
get attacked. And, you know, there's. As scary as it is, there's ways to basically
say, like, hey, if this shows up on an image, yeah, there's no problem with
it. And that was. The whole thing was to get the AI model to
misclassify something. So it's a pretty interesting discussion
that came out of that workshop, aside from just actually doing the attack on
(17:43):
the thing, but another thing where it's just, you know, I wasn't expecting to learn
about healthcare or get some healthcare perspective from that, but there.
There it happened. Yeah. And that's actually, it's funny because that's really
relevant to one of our episodes that we're going to have, you know, coming up
shortly after this, on attacking AI and the
vulnerabilities that can happen in that. So very relevant. And I definitely hadn't thought of
(18:05):
it from when you had set images. Like, I was trying to think, okay, like
what could this mean for image classifiers? And then was
like, you know, is there actually an implication for that? And then you mentioned radiology
and it's like, yeah, there is. There definitely could be
where that could be a big problem. Yeah, and I hadn't either. And that's,
you know, it was very interesting because I was like, I did not expect to
(18:25):
have that conversation. And it also, we also kind of talked about, like, the data
they use to make the model and how a lot of times, because
you can go, there are websites, we did the workshop, there's websites you can go
to to pull down large data sets. So it's like you can pull out data
sets and kind of make your own AI model and train it. The problem being
is people have done studies to show that the data that's out there publicly
(18:46):
has kind of been tampered with, either maliciously or like, there's an
implicit bias that's been put in. And sometimes when people make
these models, you know, build their AI model off of it and ship it as
a tool, that bias gets shipped with it. So, you know, in the
past, if you've ever, like, done, like, use some tools and you get some weird
answer, it might not be because the AI is making something up. It's just because
(19:07):
the data it was trained on had that bias built into it. And that's kind
of where it got scary because obviously with stuff like healthcare, there are some things
where it's like they might have no choice but to use some type of AI
tool to do it. So making sure that they protect the model. And we
talked a little bit about the workshop on ways like how you would protect your
kind of, in this, in this case, an image classifier, but how to do that.
(19:28):
But it's just things to be aware of and keep that perspective in mind when
you either have to interact or you develop these tools. So overall, they're both
great workshops. A lot of good content. Like I said, the AI stuff, a lot
of the other stuff is it wasn't math heavy, but it talked a lot of
concepts that were due to me. So something went over my head, But I still
learned something new. So I always appreciate that. Yeah, I think that's one of the
(19:48):
cool things about DEF CON is there's just so much variety
and folks go in there thinking like they're going to learn one thing
and they just happened on something that's really cool and it might help
them expand their careers or, you know, take them in a different direction.
But I also love to hear These, you know, various ways to
kind of attack or defend things that you wouldn't otherwise think of. Like
(20:11):
the image thing is, is super relevant because it's also something when
you just see like, oh, this AI is going to analyze this image and then
you might just think that's it. Like, oh, there's not really a tack factor here.
But thinking of it from like a radiology
viewpoint, like that's a big deal. If someone, you
maliciously went after images and then kind of use that to
(20:33):
maybe extort the hospital or something like that where you know, now on
you're not going to be able to get the outcome that you're expecting
or you know, patient decisions and outcomes are going to be
delayed. And it's good that these type of things come up like
in DEF con because also not things that normally get talked
about. So it's super interesting. Well, and Matt, I know
(20:56):
Trevor has said that he does talk about and I definitely enjoyed
overviews and summaries from before, but it sounds like we might need a couple for
this one because like kubernetes by itself I feel it could take up an
entire hour and then want to get into the AI stuff as well.
So Matt, you might need to help us coordinate a few of them. Yeah,
definitely. It's great to knowledge share and hopefully get more
(21:18):
folks out there next time too. Matt, I know we've been talking to
Trevor about what happened at DEF CON and what he did,
but from your perspective in your leadership role,
what's the benefit to you and the team in Redox to
have people go to defcon? Yeah, expanding
the knowledge in just different ways to think about how
(21:41):
you tackle problems I think is one of the biggest benefits.
Networking and seeing new techniques and tools.
Yeah. If you go to a, maybe a conference that's put on for
a very specific topic or by a, you know, a specific vendor,
you know that that's going to be very, you know, limited no matter how
much they try. It's being put on for a very specific reason. Yeah.
(22:03):
And in DEF con, like something like that is so broad that you
can really get people to open up their minds about, you know, a
particular topic and find new ways network
with people that, you know, when we hit a problem and we're trying to figure
out how to do this. Now, you might have seen somebody that was
at a workshop or was presenting something there that might not
(22:26):
have anything directly to do with it, but remembered how they were tackling
this problem and that can open up opportunities and it's great
for the team to just hear about other areas,
especially if somebody's very focused on a particular area. You know,
maybe like for Trevor, you know, if it was like ir, for
instance, and then you get to go there thinking that, like, maybe that's what you're
(22:48):
gonna, you know, focus on the whole time. And then other things pull you in
and it helps you broaden your knowledge, which also helps you
just in general to be able to tackle the security problems. Are
we gonna lose you to maritime security, Trevor?
Are you sticking with the. With the healthcare? Still sticking with it. It was interesting
though, but mainly because I had no idea how any of it worked. But.
(23:11):
Well, it's been interesting to hear what
Trevor learned at defcon. And even Megan
and Matt you heard they had not considered the
image classifiers and the impact that can make. So
just from this small conversation, and Megan's right, we could go for an
hour easy. But just from this small conversation, what
(23:33):
Matt's point is. Right on. How learning more of what's
out there and Trevor coming back and talking about it, it does help spread
the ideas and the awareness. Join us next
episode as we discuss more security challenges impacting
healthcare and practical ways to address them.
Trevor, as we wrap up this episode, is there anything else you want
(23:55):
to add? No. Thank you for having me. I enjoy talking about this
stuff. Hopefully everyone found it interesting. It's exciting. Is
considering going next year. DEF CON will be on next year.
I believe it's around the 13th to 16th of
August next year. So if this inspired you or got you interested, consider
checking it out. As one thing I would say as a reminder to everyone
(24:17):
listening, please use the link in the show notes to share any comments, feedbacks or
ideas you may have. We really value the engagement you all provide.
Yeah, and don't forget to lock the back door.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
The Joe Rogan Experience
The official podcast of comedian Joe Rogan.