In response to the article that was posted by the Register
http://www.theregister.co.uk/2016/08/01/prn_and_pwning_inside_the_blackhat_vegas_noc_where_even_zeus_is_cool/,
the DEF CON Network Operations Center Team (NOC) pride ourselves on making a
network that allows the community to get Internet access, and have access to
internal resources (Servers, etc.). The DEF CON NOC believes in privacy and
anonymity for our attendees.

When users attach to the DefCon Secure (802.1x/PEAP) network, we have made the
decision to do our best to make that data/traffic inaccessible, and the team
does not allow for data monitoring, nor recording of the traffic. We do have
overall bandwidth monitoring- but will never run driftnet, ntop or other tools
that invade the privacy of the users on the secure network.

The DEF CON network resources, and staff who volunteer in the NOC at DEF CON
currently do not have any part in the operations of the Black Hat network(s).
The DEF CON NOC also doesn’t allow vendors to use the network as a place to demo
or experiment with our user’s traffic.

Now… If you happen to attach to any network that does not have the more secure
certificate authentication method enabled – all bets are off. Your traffic will
be monitored – not by us, but by the people around you. We also ship the open
WiFi network traffic off to the Wall of Sheep as well, and anyone on the
unsecure network can and will easily Man-In-The-Middle your traffic.

If you want to get on the “DefCon” Secure network- follow the instructions that
are posted on https://wifireg.defcon.org/. Each PEAP session that is created
from the client to the controller is a unique session, and is not allowed to
talk to any of the other users on the network once connected to the official
network.

If you are concerned about someone capturing your credentials, you don’t want to
register ad userid, or want to maintain anonymity we have also setup a common
username and password of defcon/defcon. So if someone says that they captured
your credentials, it’s really not that big of a deal, especially when everyone
has a unique session.

You should still install and only trust the certificates that we have posted on
https://wifireg.defcon.org/.

-The NOC Team
Sine Qua Non