HOPE X will be held July 18-20, 2014 at the Hotel Pennsylvania in New York
City. You can get your tickets at http://store.2600.com/
to book online at http://hotelpenn.com or by calling +1 212 736 5000. You
may still be able to get a discount if you mention the HOPE conference. Please follow us on Twitter (@hopex) and help us to spread the word in any way you can. We need to sell more advance tickets in order to make
HOPE X as amazing as we possibly can.
Keynote Address – Daniel Ellsberg
We’re thrilled that the whistleblower of all whistleblowers – Daniel Ellsberg – will be one of our keynote speakers this year. Ellsberg was the cause of one of the biggest political controversies ever seen in the United States when he released the Pentagon Papers in 1971 and changed history. We are honored that Daniel Ellsberg recognizes the value and importance of the HOPE X conference and it’s great to know that he’ll be able to speak in person to a whole new generation of individuals who will also shape the direction of the world one day. We can only hope they’ll also be ready to stand up for their convictions, no matter the cost.
Speakers: Daniel Ellsberg
The Hacker Wars – A Conversation with NSA Whistleblower Thomas Drake
Vivien Lesnik Weisman, director of the upcoming documentary film The Hacker Wars, speaks with Drake on the confluence of hacktivism and whistleblowing. Depending on one’s perspective on who should regulate information, hacktivists and whistleblowers are either criminals or freedom fighters. Drake will discuss his own case and the dystopian dynamic that ensued when the criminal justice system was used as an instrument to destroy him. In light of his personal experience with the state, he will discuss the importance of specific stories of young hacktivists, along with that of whistleblower Edward Snowden, including their battles with the U.S. government.
Speakers: Thomas Drake; Vivien Lesnik Weisman
#radBIOS: Yelling a Database across the Room
How can you distribute digital information using only sounds and computers? Frustrated by the lack of compatibility of wireless hardware in the wild, it was concluded that the audible spectrum was the One True Way to distribute knowledge. This talk will introduce Groundstation, an append-only graph database, and detail the journey of integrating it with the unambiguous encapsulation research of Ossmann/Spill to achieve its ultimate goal – the audible sharing of digital knowledge.
Speakers: Richo Healey
Ask the EFF – This Year on the Internet
Hear from lawyers, activists, technologists, and international policy analysts from the Electronic Frontier Foundation, the nation’s premiere digital civil liberties group fighting for freedom and privacy in the computer age. Since HOPE Number Nine, much has happened on the Internet. From Aaron Swartz’ tragic death to Edward Snowden’s revelations, from TPP to Stop Watching Us, they will put it all in context and answer your questions. This session will include updates on current EFF issues such as their efforts to end mass spying both at home and abroad, their fight against the use of intellectual property claims to shut down free speech and halt innovation, a discussion of their technology projects to protect privacy and speech online, updates on their cases against the NSA, litigation and legislation affecting security research, what EFF is doing to open access to scholarly works, how they’re fighting the expansion of the surveillance state, and much more. Half the session will be given over to Q&A, so it’s your chance to ask EFF questions about the law and technology issues that are important to you.
Speakers: Nate Cardozo; Kurt Opsahl; Adi Kamdar; Peter Eckersley; Eva Galperin
Barrett Brown and Anonymous: Persecution of Information Activists
Barrett Brown, a Dallas-based writer and freelance journalist, was arrested in late 2012 and indicted several times on charges including the publication of a hyperlink. He was earlier pegged by the media as an “unofficial spokesperson” for the hacktivist collective known as Anonymous. But who is he really and what was he trying to uncover that made him a target of the feds? The prosecution was widely regarded as excessive and included a gag order, subpoenas, charges issued against family members, attempts to seize defense funds, and criminal counts so flawed that they were later dismissed. This talk will explore Brown’s work, what happened during his case, the dynamics of his interactions with Anonymous and its implications for other journalists who work with hackers, and why his case outraged many of those who care for free speech and freedom of press.
Speakers: Kevin Gallagher; Ahmed Ghappour; Gabriella Coleman
Building an Open Source Cellular Network at Burning Man
There is literally nowhere else on earth where you can run an experimental mobile phone network with a potential 50,000 users and get away with it (legally). Nowhere else can you learn so much in as short a timeframe about people’s relationships with their mobile phones or what makes a mobile network tick. Since 2006, the folks behind OpenBTS have been running the Papa Legba camp at Burning Man, providing fully licensed independent (free) GSM cellular service in the most unlikely of places. Johnny and Willow will go through the hardware and software tools they deployed in 2013, along with a discussion of lessons learned and future plans.
Speakers: Johnny Diggz; Willow Brugh
Crypto for Makers: Projects for the BeagleBone, Pi, and AVRs
As more devices join the Internet of Things, it is increasingly important that these devices remain protected from surveillance and compromise. This talk will show how to add specialized, commercially available, crypto Integrated Circuits (ICs) to improve the security of your BeagleBone, Pi, or AVR based platform. ICs such as a Trusted Platform Module, I2C authentication chips, and hardware random number generators will be discussed. The CryptoCape, an Open Source Hardware daughterboard, made in collaboration between SparkFun Electronics and the presenter, will be presented in detail. Lastly, this talk will describe the experience of running a Tor relay on a BeagleBone Black for over 200 days.
Speakers: Josh Datko
Elevator Hacking: From the Pit to the Penthouse
Throughout the history of hacker culture, elevators have played a key role. From the mystique of students at MIT taking late-night rides upon car tops (don’t do that, please!) to the work of modern pen testers who use elevators to bypass building security systems (it’s easier than you think!), these devices are often misunderstood and their full range of features and abilities go unexplored. This talk will be an in-depth explanation of how elevators work… allowing for greater understanding, system optimizing, and the subversion of security in many facilities. Those who attend will learn why an elevator is virtually no different than a staircase as far as building security is concerned!
Speakers: Deviant Ollam; Howard Payne
Ergonomic Human Interface Hacking
Do you experience numbness or weakness in your hands? Do you have a permanent case of Emacs pinky? Are you playing vi golf for your health? Since the release of the Macintosh 30 years ago, mainstream human-computer interfaces have changed little, and hardcore computer users (hackers, coders, gamers, etc.) are paying the price.
This talk will examine potential solutions to the repetitive strain injuries commonly experienced by computer users, including: head-based cursor control, ultra-ergo keyboards, foot pedals, and other optimizations.
Speakers: Carl Haken
HTTP Must Die
We all know that HTTP is insecure, but the Snowden revelations of 2013 showed that insecurity runs far, far deeper than most of us could have imagined. It’s bad enough, in fact, that anyone who still supports it is contributing to the weaponization of the Internet by government spy agencies. The speakers believe that nobody at HOPE X has any excuse to be using plain HTTP instead of HTTPS in 2014. In this talk, they will summarize what the Snowden revelations mean for protecting data in transit: scary stuff like how supposedly secure cookies on social network sites can be turned into custom beacons for marking victims of targeted malware. They’ll talk about what every web service provider needs to do at the very minimum to mitigate these attacks, and what clients can do to protect themselves. Finally, they will share some success stories from the last year that show how Edward Snowden has raised the bar for web security and created a safer online landscape for the average user.
Speakers: Yan Zhu; Parker Higgins
Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices
The iOS operating system has long been a subject of interest among the forensics and law enforcement communities. With a large base of interest among consumers, it has become the target of many hackers and criminals alike, with many celebrity thefts of data raising awareness of personal privacy. Recent revelations exposed the use (or abuse) of operating system features in the surveillance of targeted individuals by the NSA, of whom some subjects appear to be American citizens. This talk identifies the most probable techniques that were used, based on the descriptions provided by the media, as well as today’s possible techniques that could be exploited in the future, based on what may be back doors, bypass switches, general weaknesses, or surveillance mechanisms intended for enterprise use in current release versions of iOS. More importantly, several services and mechanisms will be identified that can be abused by a government agency or malicious party to extract intelligence on a subject, including services that may, in fact, be back doors introduced by the manufacturer. A number of techniques will also be examined in order to harden the operating system against attempted espionage, including counter-forensics techniques.
Speakers: Jonathan Zdziarski
Lockpicking, a Primer
If you’re curious about what lockpicking is all about, this is the talk for you. Several different ways of opening a lock will be shown (picking, bumping, snapping, key impressioning) and explained in detail. No prior lockpick experience or knowledge is needed. This talk will start at ground level. Lockpicking has a clear analogy with the digital world (you have a firewall, therefore you are secure; it has a lock, therefore it must be safe). Consider that physical access will, in lots of cases, render your digital security measures obsolete. After this talk, expect to start rethinking your physical security.
Speakers: Jos Weyers
Obfuscation and its Discontents: DIY Privacy from Card Swap to Browser Hack
Data collection, aggregation, and mining have dramatically changed the nature of contemporary surveillance. Refusal is not a practical option, as data collection is an inherent condition of many essential societal transactions. In this talk, we discuss one response to this type of everyday surveillance, a tactic called obfuscation. Tactical obfuscation can be defined as the strategy of producing misleading, false, or ambiguous data with the intention of confusing and/or inhibiting an adversary. Because obfuscation is relatively flexible in its use by average citizens as well as by experts, it holds promise as a strategy for DIY privacy and security. This talk presents a brief overview of obfuscation as political theory, including contemporary and historical examples, then focuses on two recent systems that address data collection: TrackMeNot, which shields searchers from surveillance and data profiling, and Ad-Nauseam, which targets advertising networks that track users across the web. The talk concludes with a consideration of the ethics of obfuscation as representative of a class of strategies whereby weaker parties can both protect against and confront stronger adversaries.
Speakers: Daniel C. Howe
Per Speculum in Ænigmate
In the fall of 2013, artist Maximus Clarke was inspired by news of government and corporate surveillance to create an art project about privacy that could also function as a secure messaging system. The result is “Per Speculum in Ænigmate” – Latin for “through a glass darkly” – combining stereo imagery and PGP encryption. Each project image is an anaglyph 3D photo of a nude model, obscured by pixelation and overlaid with an encrypted message sent by one of the project participants. Message recipients are able to download images from the project site (http://psiae.tumblr.com) and decrypt the embedded texts, without the artist ever reading them. This presentation will showcase the project images in glorious old-school red/blue 3D (glasses will be provided), and discuss the concepts, technologies, and processes involved in their creation.
Speakers: Maximus Clarke
Postprivacy: A New Approach to Thinking about Life in the Digital Sphere
The social construct of privacy is rather new, a result of the civil society. It was supposed to protect people from the state and/or government and its overreach, a “right to be let alone,” as one of the central legal texts defined it. Privacy promised a safe space for the individual to develop new ideas without premature criticism and discrimination, a space where individual freedom unfolded. Did it really deliver on that promise? And was that the promise we needed as a society? Privacy isn’t dead as some people might want to tell you, but it has changed significantly in its definition, in its relevance. And it no longer works as the central foundation of our social utopias. Private people are alone, powerless, and often invisible when faced with exactly those powerful entities that the Internet was supposed to help us fight (corporations, government agencies, etc.). Under the blanket term #postprivacy, some people have started developing ideas on how to rethink how we can harness not only the power of the Internet but the powers, ideas, and skills of each other. How will we as a social structure work between social networks, government snooping, and encryption? How can we save and form the future? This talk will give you a few new ideas.
PRISM-Proof Email: Why Email Is Insecure and How We Are Fixing It
We have had the technology to make email secure against criminals and government spies for decades. Microsoft, Netscape, and Apple have all shipped products with built-in encryption for over 15 years, yet almost nobody uses these features. Millions of people were very upset by the recent Snowden revelations – why aren’t millions of people using secure email and, more importantly, how do we fix it? A part of the reason for the lack of email security is rooted in politics. During the 1990s, cryptography rights activists battled with the NSA and FBI for the right to use strong cryptography, a series of events known as the cryptowars. One part of the problem is that two email security standards emerged rather than one, neither of which is capable of fully replacing the other. But the biggest part of the problem is that any system which requires the user to be thinking about security is too hard to use. This talk will be looking at the history and future of email encryption technology. No prior knowledge of cryptography will be assumed.
Speakers: Phillip Hallam-Baker
Self Publishing Success
Just days before HOPE Number Nine, John Huntington released a self-published version of his book, Show Networks and Control Systems. Several months before, his publisher had decided that they was not interested in an update after three successful editions, so Huntington got his publishing rights back and did a whole new edition himself using Amazon’s Createspace for printed copies and Kindle for e-books. And it’s been a success – Huntington has made far more money self publishing this one edition than the royalties on all three of the previous editions with the publisher combined. More importantly, he has had a far higher level of engagement with his readers, and has been able to do things he never could have done with the publisher, like putting free lecture videos for each chapter on his website, or giving copies away (which he will do at the end of this talk). Huntington will share sales figures, compare the economics and issues related to both printed and e-book editions, and lay out the challenges, pitfalls, and successes of this process.
Speakers: John Huntington
Showing Keys in Public – What Could Possibly Go Wrong?
If a reporter wants to get the point across that certain people shouldn’t have access to a particular key, would it be wise for said reporter to then show that key to the world? Like the New York City subway key? The key to the subway? On the Internet?! This and other media fails will be shown. And maybe even one or two non-fail examples…. Several cases of key-copying-by-sight will be discussed with lots of pictures and videos. How this can happen will be explained, as well as what to do to prevent it.
Speakers: Jos Weyers
Spy Improv: Everything You Ever Wanted to Ask
The former spy, honorary hacker, former candidate for the Reform Party presidential nomination, and #1 Amazon reviewer for nonfiction, again takes on any question. His record, set in 2010, is eight hours and one minute. This year, the formal program provides for two hours.
Speakers: Robert Steele
Surveillance, Sousveillance, and Anti-Surveillance: Artistic Responses to Watching
It’s impossible to imagine a world without surveillance. Its presence reflects a symbiotic relationship with the State and hegemony as a whole. For years, artists have been using surveillance and surveillance technologies to engage and disrupt the surveillance apparatus. This talk will explore works by artists such as Steven Mann, Banksy, The Surveillance Camera Players, and many more working in the medium to answer the question of “how are we to engage with a surveillance society?”
Speakers: Gregg Horton
The Sex Geek as Culture Hacker
“Being a nerd is not about what you love; it’s about how you love it.” Wil Wheaton’s words ring true for many self-identified geeks and nerds. But what happens when what you love is “love,” or even “lust?” Geeks have never been more cool, but mainstream culture is full of negative messages about sex and pleasure. Combining nerd enthusiasm and geek know-how with erotic experiences results in writings, DIY toys, citizen science, and other projects which can promote sex-positivity and consent culture. In this talk, Kristen “where did this b!tch get her doctorate” Stubbs shares stories from the sex geek trenches: the awesome, the awkward, and the randomness in between.
Speakers: Kristen Stubbs
There’s No API for Dying
“There’s No API for Dying” inspires hackers to think more creatively about users by examining the role of death in hardware and software development. Traditionally, Human Computer Interaction has been about using a user-centered design process to create products that ultimately do not require humans to adapt or change to use these products derived from the user-centered design process. The reality is that many products have left behind this process as they have forgotten, failed, or never felt the need to design for the death of a user. Hackers are encouraged to explore an alternative thanatosensitive design process that mandates designers account for the death of a user in their hardware and software projects because death is a part of the user’s experience.
Speakers: Nathan Bennett
This Is the X You Are Looking For
When you hear you are being profiled for which books you check out in a library, what do you do with this knowledge? Do you tell your friends to “evade,” to not check these books out, or to find other means of getting this content? No. You tell everyone in the world to deliberately check these books out (and now we have had the pleasure of reading Catcher in the Rye). This talk is about looking signature detection in the face and confusing or saturating the tool or analyst. A number of techniques will be explored, including a fun malware signature trick called a tumor (it’s OK, it’s benign), and others focusing on open source Intrusion Detection Systems. There may be some random banter about grocery loyalty cards, too. Although this talk intends to be just as technical as expected at a conference like this, it will also be light, fun, and philosophical in nature. Expect a gratuitous slide deck, lots of terminal action, signatures in the nude, hex, and beautiful regex.
Speakers: Eric (XlogicX) Davisson; Ruben Alejandro (chap0)
Vigilante Justice: Masks, Guns, and Networks
This talk will cover the state of vigilante action around the world; what they fight with, who their targets are, how they stay anonymous, and how they organize. Without condemning or condoning any single act, these radically unique responses to crime and corruption deserve our attention. How much power are they wielding? Is nonviolence winning out over violence? Is anonymity giving way to irresponsible action? And what should we expect as these networks deepen? There’s a growing list of options being explored, and these explorers have dramatic and largely unknown stories to tell.
Speakers: Zimmer Barnes
Why the Future is Open Wireless
How do we begin the movement to create a world of ubiquitous open wireless, where sharing and openness is the norm? How do we get it to spread? Speakers from EFF’s activism, legal, and technology teams will describe the open wireless movement (https://www.openwireless.org) and the specific challenges their open wireless router campaign is solving. The first hurdle is convincing the world that sharing Wi-Fi with guest users is, as security expert Bruce Schneier puts it, a matter of “basic politeness.” Another perceived roadblock is the belief that running an open network could subject the host to legal liability. Lastly, even proponents of open wireless lack easy technical solutions to safely enable private and anonymous guest access without reservations. To that end, EFF is developing an easy to set up, secure Wi-Fi router. But, in order to truly realize our open wireless future, they will need your help.
Speakers: Adi Kamdar; Nate Cardozo; Ranga Krishnan