I would say that the CCC hacker conventions (esp the CCC congress always in December) are somewhat more famous (but that probably depends on cultural background), of a similar size, and "better" (depending on what aspects you want to compare it). But it's not really a competition anyway.
Related to that, there is the CCC camp 2019 (https://events.ccc.de/camp/2019/) (in Berlin) starting very soon. Probably there will be live streams. And btw, a while ago, you could buy a combi-ticket for both DEFCON and CCC camp, including the flight ticket, for either 1337$ or 1337€.
If you have never been to such an event, I can really recommend to go to it. Actually I can only speak for the CCC and the Dutch events; I heard that the community and mood is much more friendly and open on CCC-like events, compared to DEFCON, and also the focus is much more widespread, e.g. it's also kind of an art event, similar to Burning Man.
Also, there's a lot more going on at DEFCON than just hacking. There's art, music, gatherings of all types, etc.
Overall it was an amazing experience. Although, a little knowledge of German would have been helpful :)
W.r.t. attendees, I am not sure. CCC has multiple events per year, and is also a club with many members. The biggest of their events it the CCC congress (https://en.wikipedia.org/wiki/Chaos_Communication_Congress) which has attendees in a similar order, maybe slightly less, but that is only one of multiple events.
I have heard from people attending both events (DEFCON and CCC) that CCC is much more diverse in topics and what's happening at the events.
Yeah, I think the CCC events, at least recently, got very far into the mainstream and politics and strayed quite a bit from their roots, adding more and more that seemed intent of encouraging newcomers vs being interesting for those that have been involved longer. That's a valid direction, of course, but it feels less like a hacker convention and more like a general mainstream somewhat-tech-related convention, like re:publica with a few tech talks thrown in and set in december.
Back in the days, politics came into play where technology meets the real world and politics are involved, now it felt more like a party's youth organization's online-convention. But I gather that's what the majority of CCC members want, and it's fine by me, there's obviously a demand for that kind of event, they are quickly outgrowing their locations, it's just no longer anything I really care for.
Every now and again the CCC is mentioned in a news story, but it seems like the US media loves to talk about the big hacker gathering in Vegas.
(Probably goes without saying, but I'm well aware of DEFCON and have been for 20 years, I know a handful of people who've been even).
Regarding attendees, I am not sure - haven't been Defcon in a few years (mostly as it started being not so well organized), but went to CCC and that was gigantic in scale.
IMO it is a bit of a weird event because many things are imported. Villages almost all come from the USA (and speakers to some extent) and have their travel and lodging completely covered. It is probably a good way to foster local talent, hence why Baidu pays so much $$$ for it.
I wish they had more photos of the thing. And don't confuse it with defcon China Beta which was in 2018. They really sunk a lot of money into this event apparently, hopefully next year will be as good
I can load up instances of Linux catered to specific ideas (Tails, Buscador, RadioInstigator, etc) and they will just work.
Now we also know how to handle windows, especially when we break into machines and networks with Windows clients and/or AD. Most orgs don't understand even how windows runs, so they get it wrong unsurprisingly.
yes, pretty sure this breaks down by culture/geography
To quote the defcon27 FAQ https://www.defcon.org/html/defcon-27/dc-27-faq.html
"Why yes, DEF CON is FULLY network-enabled. Now that we've perfected the art of a stable hacker con network, we're ascending to a higher level - we're providing you a network that you feel SAFE in using! Since DEF CON 18 we're WPA2 encrypted over-the-air, with a direct trunk out to the Internet. No peer-to-peer, no sniffing, just straight to the net (and internal servers). We'll provide login credentials at Registration. We know the 3G airwaves will be saturated so we're putting our own cred on the line to give you a net that even we would put our own mobile phones on."
They do also provide a free-for-all network, but no-one has to use that...
I'm writing this from Defcon, over a VPN, to an endpoint in Las Vegas. All the benefits of a VPN without a huge latency penalty.
Good point. I'm typing this while at DEFCON and my VPN provider (Private Internet Access) defaulted to the Las Vegas endpoint.