According to DefCon staff reports, NBC DATELINE producer Michelle Madigan attended this year’s underground hacking conference in Las Vegas without identifying herself as press, and with a hidden camera tucked away in her purse — hoping to catch conference attendees confessing to crimes in the presence of federal agents, a la “To Catch a Predator.”
But the first rule of exploits, as anyone in the room worth their SSH could have told her, is — don’t get caught. Ms. Madigan was.
In this video, she departs Defcon 15, escorted by a phalanx of unfriendly jeering persons, having just being outed. Video Link.
One YouTube commentser jokes, “She was probably really easy to spot, since she was probably the only girl there.” A bit of an overstatement, as the video was shot by a decidedly female DefCon attendee named Elizabeth Safran — but the point’s not entirely off. I mean, at least wear a hoodie or avoid shaving for a few days. (I kid, I kid! I kid because I love!)
Previously on BB:
Dateline NBC’s DefCon mole has been outed
Update: Wired Threat Level blog has more.
According to DefCon staff, Madigan had told someone she wanted to out an undercover federal agent at DefCon. That person in turn warned DefCon about Madigan’s plans. Federal law enforcement agents from FBI, DoD, United States Postal Inspection Service and other agencies regularly attend DefCon to gather intelligence on the latest techniques of hackers. DefCon holds an annual contest called Spot the Fed, in which attendees out people in the audience they think are undercover federal agents. The contest is good-natured, but the feds who get caught are generally ones who don’t mind getting caught.
DefCon staff say that Madigan was asked four times — two times on the phone and two times at the conference — if she wanted to obtain press credentials, but she declined.
Andrew Iverson says,
I have to question if there is much difference had they been at a NAMBLA meeting or somesuch? Sure, she should have gotten press credentials, but in my view the reaction of the attendees reflects worse on them than on her. Kind of funny how a group of people that generally don’t follow rules got so upset that someone didn’t follow their rules. She kind of “hacked them in real life” and they got mad that they got pwned by a girl. ;)
Benton Lam says,
Andrew Iverson clearly doesn’t understand that there are laws in the US that prohibits many tools and techniques used by hackers. IIRC the DCMA makes techniques like reverse engineering illegal. She didn’t “hack them in real life”, she put these people, who often actually contribute good work to computer security. She is trying to record these hackers admitting to using certain techniques that may get them prosecution and jail time, and this isn’t about rules or breaking them. It’s more about self-preservation. I could ramble on about that. I just want to point out Mr. Iverson’s naÃ¯vetÃ© to the gravity of the situation.
Generally pwnage requires actually succeeding at the pwning efforts. Clearly, the DefCon folks did not get ‘pwned by a girl’. If anything, the reverse is true.