Depending on your level of paranoia, security awareness or interest this may or may not be relevant. With the release of the Snowden files a few years back however, the Cyber Security community gained access to untold knowledge and confirmation of what some had suspected for years – they can listen and sometimes are listening to mobile communication. With ease of accessiblity to devices available to hackers, things like SDR (Software Defined Radio) make reproduction of a Stingray possible. Not wanting you to get distracted by that, I’ll leave you to google it for yourself if you haven’t heard about them. So, getting into Opsec at Conferences. Your functionality is going to be limited if you want to remain secure, but try the following:
Prior to Con
Ensure your device is patched with the latest updates
Avoid bringing a jailbroken device
During The Con:
If using Internet, ensure VPN connections are running, do not use Free, Paid or Public Wi-Fi.
Place mobile phone and laptop in ‘Flight Mode’ when not in use, and inside the conference building.
Never use third party chargers from someone at the con or peripherals like USB Powerbanks
Don’t take or use free promotional items such as USB powerbanks
Increase your awareness of suspicious activity e.g. ‘shoulder surfing’
Enter your phone PIN discretely, or use biometric access.
After the Con
Wipe the device
Reset all passwords used for the duration of the con
The hardest thing about OpSec is that you may not be aware if you’ve done it correctly. It’s not exciting, you don’t get a rush from taking precautions. As an old acquaintance once told me: form the habits when you don’t need to do them, so that when you need them the habit already exists.