We are highlighting some of the many different talks and panels that will be featured at The Next HOPE. We have over 100 talks throughout the three day period from July 16-18 at the Hotel Pennsylvania in New York City. And the talks are just one part of the entire weekend of activity.
Here are 45 talks you can see at The Next HOPE. Five more will be posted tomorrow.
Simpsons Already Did It - Where Do You Think the Name "Trojan" Came From Anyway? SMS blockers, ransomware, licenses for trojans, factory installed malware... every day the news is full of accounts of innovative threats altering the landscape of the security arms race. But are these attacks really new? A quick glance at history shows us that these same attacks and defenses have been around for as long as there have been humans. Sandy Clark, Matt Blaze, and Bill Cheswick will talk about the ancient Greek firewalls (and firewall bypasses), Roman security-by-obscurity, ancient port-scanning, and Mozart's "rights amplification" against the Pope. This will be a trip through the ages as the security arms race is analyzed. You'll discover how we got where we are today and learn that even in security, history is always repeating itself.
Electronic Waste: What's Here and What's Next Electronic waste is a problem that dogs technology buyers, system administrators, electronics manufacturers, and especially people who engage in informal - and often dangerous and toxic - disassembly. Stephanie Alarcon will outline the history and scope of the problem, the environmental justice implications, the regulatory environment, industries that may be poised to face or prevent similar issues, and what we as technology workers can do to turn the tide.
Buying Privacy in Digitized Cities As new sensing technologies appear in our cities almost overnight, what does it mean to be visible or invisible? What happens when socioeconomic categories determine when, where, and how you're seen? The asymmetry in who is visible, and where, is a long-standing urban problem, but it is now being built into our technologies and our cities. The worlds of advertising, city planning, and law enforcement are each creating their own inconsistent visions. Privacy is not dead; rather, it is being selectively vivisected. What can we do to fix this? Eleanor Saitta will take a look at a lot of problems, as well as a few solutions, including the announcement of a new competition for the development of tactical countersurveillance tools.
"Brilliants Exploits" - A Look at the Vancouver 2010 Olympics With the 2010 Winter Olympics having come and gone, it's not too late to look back at what an event it was. From a technology standpoint, Colin Keigher will look at CCTV cameras and ticket sales, and from a social standpoint, matters involving intellectual property as well as the police will be examined.
Botnet Resistant Coding: Protecting Your Users from Script Kiddies Zeus botnets are trojans accountable for a large percentage of all trojan infections. Zeus's availability and ease of use make it popular amongst malicious individuals with low technical sophistication. Better social engineering scams, coupled with consistent levels of victim unawareness and carelessness on the part of software vendors, have created a need for greater web security. Peter Greko and Fabian Rothschild will explain how, using a standard LAMP stack and web programming techniques, a guideline was developed to mitigate and reduce the exposure of sensitive information from compromised clients. Because of the resultant confusion, attackers have either given up and moved on to an easier target, or have spent significant amounts of resources undoing damage to harvested POST data. The immediate objective of implementing these new techniques is to reduce the efficacy of Zeus and its counterparts and ebb cybercrime and identity fraud. Future use of these techniques will provide better chances against the compromising of users and web applications.
Hacking the Food Genome Cooking's pretty awesome, but meatspace is such a drag! Can't you just write a shell script to figure out what's delicious? What would the programming language for the Star Trek Food Replicator look like? Join Gweeds and the Food Hacking team for an in-depth demonstration of the Food Genome - an open source culinary informatics platform used for designing menus, disassembling recipes, and visualizing the planet's taste gestalt.
Lock Bypass without Lockpicks You train as hard as you can, picking lock after lock, learning about all the different picks, different picking techniques and styles, anti-picking features, and how to manipulate them... then some guy with a screwdriver takes the hinges off the door faster than you can pick the doorknob. That's right, there are ways to bypass locks which don't involve direct manipulation of the pins, and they not only tend to be easy, but fast. Dan Crowley follows the story of Waldo, one hard-to-find hacker trying to wrestle the truth from the jaws of a shady corporation peddling suspicious medication. Waldo, having been captured and stripped of his picks, must escape using only his wits, and whatever he can find on his way out.
The Telephone Pioneers of America The Telephone Pioneers of America is an organization of mostly retired employees of the Bell System and affiliated companies. They remain active in the community as an organization that promotes their history and industry. You can find them in many communities across the nation, often in the very cities and neighborhoods they spent their careers working in. The pioneers have amassed lifetimes of wisdom working on the telephone system and intimately understand the technology and politics of it. The telephone company will never be what it was when they were employed there and they know that the next generation of pioneers may not ever actually work for "the company" as they did. Using photographs, recordings, and artifacts, Kyle Drosdick will make this unique treasure accessible to members of the audience, especially younger individuals who may not ever have used what is now vintage telephone equipment - like rotary dial phones. There will be a selection of functional and historically significant equipment for attendees to learn about and enjoy thoroughly. This talk is intended to help bridge the gap between hacker and pioneer.
Video Surveillance, Society, and Your Face Video surveillance is pretty simple. Point a camera at something, watch the stream. But the technology has been integrating into our daily lives. From Makeababy websites, to "change your race" kiosks, facial recognition and the technology spawned from video surveillance is creeping into our lives. The police have taken notice of this, and are starting to interpret laws that make it difficult to photograph them legally. Do these technologies and laws imperil your privacy, your rights as a photographer, or even your life? Joshua Marpet will discuss where these technologies are going, how to stay out of jail, and how to keep your face out of official databases.
Sita Sings the Blues: A Free Culture Success Story "If it's free, how do you make money?" One year after the Copyleft release of her animated musical feature Sita Sings the Blues, Nina Paley presents the latest round of hard data from the project. Contrary to MPAA propaganda, the more the audience freely shares the film, the more they purchase DVDs, theater admissions, and merchandise. In this talk, witness the numbers that prove it.
Why You Should Be an Amateur Lots of people think the "maker culture" is a relatively new phenomenon. However, one group has been doing it for close to 100 years: amateur radio operators. While some dismiss amateur radio as an aging artifact from decades ago, today's radio amateurs are putting together wide area wireless networks, developing digital protocols that use the tiniest amount of bandwidth, and building radios from scratch. Ben Jackson will review the basics of amateur radio, the advantages over unlicensed devices, and areas of interest you can apply to your existing projects.
Social Engineering People have been known to come to HOPE just for this panel, in which the history, stories, and demonstrations of social engineering are laid out for all to see - and hear. Something will invariably be revealed over the telephone by someone who really should know better in our traditional live demonstration that never fails to entertain. Join Emmanuel Goldstein and friends for some fun.
Smartphone Ownage: The State of Mobile Botnets and Rootkits Symbian Botnet? Mobile Linux Rootkits? iPhone Botnets? Millions of phones at risk? The press coverage on smart phone threats is at times somewhat accurate, distant, and occasionally (if unintentionally) misleading. They tend to raise questions such as: How close to PC levels (100,000+ to millions of nodes) have mobile botnets reached? Have mobile rootkits reached the complexity of those on the PC? Jimmy Shah will cover the state of rootkits and botnets on smart phones from the perspective of anti-malware researchers, including demystification of the threat from mobile rootkits and mobile botnets, the differences (if any) between mobile rootkits and mobile botnets vs. their PC counterparts, and a look at how samples seen in the wild and researcher PoCs function.
Into the Black: DPRK Exploration North Korea scares people. Allegedly, the DPRK has a super l33t squad of killer haxor ninjas that regularly engage in hit and run hacks against the Defense Department, South Korea, or anyone else who pisses off the Dear Leader. The DPRK also has no real Internet infrastructure to speak of (as dictators don't like unrestricted information), although it does have a number of IP blocks. Michael Kemp will examine some of the myths about the DPRK, and some of their existing and emerging technologies. Some of the available infrastructure associated with DPRK (funnily enough, some of which is in South Korea and Japan) will be discussed and the potential technical threats posed by a pernicious regime analyzed.
Sniper Forensics - Changing the Landscape of Modern Forensics and Incident Response At one time, computer forensics consisted of pulling the plug, imaging everything in sight, and loading those images into a massive forensics program for "analysis." As computer hackers became more resourceful, the complexity of computer forensics increased exponentially. Add to that the growing size of data storage devices, and it becomes infeasible to even consider imaging tens or hundreds of terabytes, let alone loading those images into some forensic software. So what's the answer? How can incident responders hope to remain relevant in today's operating environment? With Sniper Forensics! In addition to offering tips and tools, Chris Pogue will provide real world examples of how the landscape of modern forensics is being changed.
Cooking for Geeks Are you interested in the science behind what happens to the food in your kitchen? Do you want to learn what makes a recipe work so you can improvise instead of simply following a set of instructions? In this talk, Jeff Potter, author of the forthcoming O'Reilly book Cooking for Geeks, will share the key insights into what happens in the kitchen from a geek perspective so that you can improvise and create your own unique dishes.
CV Dazzle: Face Deception As CCTV camera networks proliferate worldwide, so do automated face detection/recognition systems, which can rapidly identify faces in crowds and covertly log individuals' movements. Adam Harvey will show how CV Dazzle is camouflage from face detection. It's based on the original Dazzle camo from WWI and thwarts automated face detection/recognition systems by altering the contrast and spatial relationship of key facial features. Developed as a challenge to the growing prowess of computer vision, CV Dazzle undermines the capabilities of visual capture systems under the guise of high-fashion aesthetics.
The DMCA and ACTA vs. Academic and Professional Research: How Misuse of This Intellectual Property Legislation Chills Research, Disclosure, and Innovation In this panel discussion with Tiffany Rad and Chris Mooney, attendees will gain a greater appreciation about how the Digital Millennium Copyright Act (DMCA) is increasingly being used in ways that chill free speech, disclosure of security vulnerabilities, and innovative research. Using hypothetical examples and discussing case law, this talk will outline procedures for counterclaiming and alternatives to removal of allegedly infringing materials, including discussing why data havens (some in anticipation of enactment of the Anti-Counterfeiting Trade Agreement) are becoming more popular.
Hacking Terrorist Networks Logically and Emotionally This presentation will touch upon broad aspects of forensics, encryption, and social engineering, and how they relate to the tracking of extremists. Hat Trick will outline common vulnerabilities of extremist sites, the unique behaviors of extremists, how to get terrorist IPs and passwords, and what to do with them when you've got them. Mudsplatter will discuss the psychology of manipulation, and how to gain access to even the most secure networks using simple tricks of social engineering. Topics include how to lie with confidence, getting the paranoid to trust you, using trolling to your advantage, and some of the most common liabilities of social networking.
Introduction to the Chip Scene: Low Bit Music and Visuals
Don Miller, Peter Swimm, Joey Mariano
This talk will focus on the global chip scene, an ever growing group of electronic artists that use low-bit and hacked computer and video game consoles to create music and video. Peter Swimm of True Chip Till Death will give an overview of the chip scene past and present. True Chip Till Death is the leading news site of the scene, providing thousands of fans with the latest news on releases, hard- and software, and live events. Joey Mariano and Don Miller will focus on the creation of music and visuals. Mariano, better known as Animal Style, is a musician from Philadelphia who creates music on the Nintendo Game Boy and Sega Genesis. He will give an introduction to various trackers, the tools most chip musicians use to create low-bit music. Miller, also known as NO CARRIER, will be discussing real time visuals. He'll show you how to use your Nintendo Entertainment System, the Commodore 64, and other classic hardware to create live video for chip music events.
Memory Fun 101 - Memory Training for Everyone A powerful memory can be an invaluable asset in life. Memory is absolutely fundamental to learning, so improving one's memory can have a profound positive impact on both academic and job performance. In this fun and entertaining program, Chester Santos will teach attendees the basics of memory improvement. Attendees will learn a number of memory boosting methods that will exercise their imagination and awaken their creativity. Participants will be shown how to utilize both sides of their brain in order to make information stick and become unforgettable. Attendees will participate in enjoyable exercises and will actually be able to feel their memory ability improving throughout the seminar. Everyone will leave this seminar with sharper minds and a solid foundation in exercises and techniques that will benefit them throughout their lives. Talk about providing HOPE!
Hackerspaces Forever: A Panel Presented by Hackerspaces.org We called your excuses invalid at The Last HOPE and you proved us right! Since launching hackerspaces.org at The Last HOPE, there's been phenomenal worldwide growth in the hackerspaces movement. Continuing to build on progress, this panel discussion brought to you by Hackerspaces.org will focus on strategies to help avoid drama, grow your hackerspace, and connect with your community.
The Black Suit Plan Isn't Working - Now What? The suit plan isn't working. At The Last HOPE, James Arlen told you all about the awesomeness of The Black Suit. But you're finding that it's not really working out... maybe it's possible to lower the goal? Can we take advantage of the Econopocalypse, the fact that two years have gone by, and infiltrate the upper echelons without having to leave the Black Hat behind? With cyber humor, blistering criticism, and awesometastic possibilities, spend some time in a discussion about ways to get to the place we all want to be - employed and happy.
The Need for a Computer Crime Innocence Project High profile computer forensic cases like those of Julie Amero and Michael Fiola, where innocent people were falsely charged with downloading illegal files, illustrate the need for professional forensic standards for determining whether a user, or malware infecting their computer, downloaded suspect files. Joe Cicero discusses his experiences dealing with his college administration, attorneys, and the EFF over the problematic research issues that willful installation of malware brings about. He will discuss his project outline and testing protocols and procedure, detailing why certain decisions were made. Audience feedback will be requested on how to create an innocence project designed specifically for computer crime cases. Tech-savvy criminal defense attorney Alex Muentz and EFF's Seth Schoen will round out the panel with their insights.
Privacy is Dead - Get Over It This will be a wide-ranging three hour presentation by HOPE veteran and private eye extraordinaire Steven Rambam that will cover databases, privacy, and "computer-aided investigation." This talk will include numerous examples of investigative online resources and databases, and will include an in-depth demonstration of an actual online investigation done on a volunteer subject. Emphasis will be placed on discussing the "digital footprints" that we all leave in our daily lives, and how it is now possible for an investigator (or government agent) to determine a person's likes and dislikes, religion, political beliefs, sexual orientation, habits, hobbies, friends, family, finances, health, and even the person's actual physical whereabouts, solely by the use of online data and related activity. The final half hour of the talk will be devoted to Q&A.
Cats and Mice: The Phone Company, the FBI, and the Phone Phreaks Ever since the first blue box arrest in 1961, the telephone company, the FBI, and the phone phreaks engaged in a long-running game of cat and mouse. Phil Lapsley will explore the moves and countermoves between the two sides from 1960 to 1980, covering advances in phreaking - new ways to hack the phone system and evade detection - as well as advances in finding and prosecuting those pesky phone phreaks. Based on exclusive interviews with phreaks, FBI agents, and telephone company security officers for his forthcoming book on the history of phone phreaking, Phil will focus on some of the more dramatic battles between the two sides that occurred during the heyday of analog phone phreaking, including the 1962 Harvard "spy ring," a certain well-known phone phreak's wiretapping of the FBI in 1975 (yes, you read that right), and the hacking of the military's AUTOVON telephone network in the mid-1970s.
Hacking Your GPS There is more to a GPS than a pleasant voice telling you to turn right on Cedar Street, and showing a color display of adjacent ramps and intersections. Cass Lewart will focus on the technical implementation of the current GPS system, and how the user location is derived from precise clocks on satellites. You'll see how to capture, send, and analyze NMEA data streams exchanged between your computer and GPS. Privacy issues, geocaching, and secret key codes required to manipulate GPS base maps will also be discussed.
Free Software: Why We Need a Big Tent There's been a lot of talk about diversity in free software lately. Deb Nicholson of the Free Software Foundation will discuss why that's important and introduce some of the tactics from the political organizing world that can be used to build a successful free software project and by extension a successful free software movement. Expect references to Saul Alinksy and Cesar Chavez as well as a bit of an introduction to free software and what it means for our increasingly technology-dependent world.
Grand Theft Lazlow - How Hacking is Both the Death and Future of Traditional and Interactive Publishing, Journalism, and the Media Writer, producer and director Lazlow from Rockstar Games discusses working on several titles including Grand Theft Auto and Red Dead Redemption and how the video game landscape has changed. Included in the discussion will be the console wars, what video game platform is about to die, and how BitTorrent is causing a radical shift in the future of what titles reach market and how you experience games in the future. Also discussed will be the threats that both small publishers like 2600 Magazine and large interactive companies face in an online media landscape that expects everything for free.
2600 Meetings: Yesterday, Today, and Tomorrow In this panel hosted by Rob T Firefly, Grey Frequency, and Gonzo, longtime attendees and website admins of New York City's 2600 meeting will explain how an event that began in the 1980s as a simple way for local hackers to meet each other in person has grown into a major and vital part of the worldwide hacker community. The panel will recap the history of 2600 meetings, and explain the basics for those interested in getting involved with an existing meeting or starting a new one. Issues involved in operating a 2600 meeting's web presence will also be addressed. There will most certainly be a recounting of some favorite meeting stories and experiences, and the lasting effects the meetings have had on all sorts of lives.
American Bombe: How the U.S. Shattered the Enigma Code Many people know the story of Alan Turing and his work at Bletchley Park in designing the British bombes, the machines used to crack the German Enigma codes. What most people don't know is what happened afterward. When the German military added a fourth rotor to the Enigma, a new type of machine was needed in order to crack the codes and keep Allied intelligence out of darkness. These American bombes were the first multifunction computers ever built, and are an important part of the history of modern computing. Shalom Silbermintz will tell the incredible, gripping story of an enterprise that rivaled the Manhattan Project in secrecy and complexity, and ultimately led to the first modern digital computer.
Extreme Lockpicking Barry Wels and Han Fey are back with the newest developments in locks and lockpicking, including bypassing hotel door security and layered attacks on new high security locks. A special on-stage camera will let you see inside the locks while Barry and Han use their techniques to open them. Throughout the conference, they will conduct hands-on lockpicking tutorials and other fun activities in the Lockpicking Village, where you can bring interesting locks (keys optional) for analysis and testing.
How to Run an Open Source Hardware Company In this session, open source hardware pioneers Limor "Ladyada" Fried of Adafruit Industries and Phillip Torrone of MAKE Magazine show how anyone can start their own open source hardware business. The talk will show how Adafruit runs its open hardware business, top to bottom - from choosing a PCB (printed circuit board) manufacturer to selecting which open source online shopping cart works best for selling electronics online. Limor and Phil will also give a detailed overview of the top ten open source hardware businesses, what they do, and what you can learn from their projects and products. If you're considering turning your electronics hobby into a full-fledged business, this is a talk not to miss.
Tor Versus Internet Censorship The Tor project has seen an increased focus on Internet censorship as many more users adopted Tor to get around blocking. In the past year, Tor was a popular means of bypassing censorship in Iran, China, and around the world. Firewall operators have been noticing. Tor has also had to contend with new organized efforts to block access to the network, and has rolled out the "bridges" blocking-resistance system in earnest. Alongside the perpetual need to get more Tor nodes, it's become important to get users to run bridges - and to experiment with ways of communicating bridge addresses to users affected by censorship. Jacob Appelbaum and Seth Schoen will explore the current censorship landscape, along with the bridge mechanism and efforts to recruit more bridges. There will also be an update on how Tor developers are responding to the growing pains and dealing with scaling challenges associated with Tor's popularity. You'll also hear about the challenge of counting the number of users on an anonymity network, and how client software can force the use of encryption to protect users from some attacks after their traffic leaves the Tor network.
"Get Lamp" Screening and Discussion In the early 1980s, an entire industry rose over the telling of tales, the solving of intricate puzzles, and the art of writing. Like living books, these games described fantastic worlds to their readers, and then invited them to live within them. They were called "computer adventure games," and they used the most powerful graphics processor in the world: the human mind. Rising from side projects at universities and engineering companies, adventure games would describe a place, and then ask what to do next. They presented puzzles, tricks, and traps to be overcome. They were filled with suspense, humor, and sadness. And they offered a unique type of joy as players discovered how to negotiate the obstacles and think their way to victory. These players have carried their memories of these text adventures to the modern day, and a whole new generation of authors have taken up the torch to present a new set of places to explore. Get Lamp is a documentary that tells the story of the creation of these incredible games, in the words of the people who made them. Director Jason Scott has previously created BBS: The Documentary, partially filmed at HOPE, and will be on hand to introduce and show the documentary, as well as talk about the production of Get Lamp and his filmmaking, including lessons learned, trivia and stories told, and how exactly one goes about minting a commemorative coin.
Own Your Phone - Ever wonder what makes your phone work... and how to make it work in ways that were never intended? You might be a phreak! Phreaking is one of the most exciting and fastest-changing scenes in the hacker landscape. Join TProphet and phriends for a phun look at some of the newest innovations.
Keeping Your Job While Being a Hacker - Hackers are curious above all other things. While we all think this trait should be rewarded (or at least not punished so much), sometimes employers don't agree. Lawyer Alex Muentz has had more phone calls that he'd like from employees who were fired once they reported a security hole or even showed interest in hacking. This talk will discuss a few case studies, U.S. law, and some recommendations on how to protect your job while remaining an active hacker (or merely a curious person).
Net Wars Over Free Speech, Freedom, and Secrecy or How to Understand the Hacker and Lulz Battle Against the Church of Scientology - Following a brief lecture on Project Chanology, the question will be posed: how can we harness the power of lulzy virality, of pleasure, of trickery, of spectacular trolling for purposes above and beyond sharing the wisdom of Advice Dog? Gabriella Coleman and Finn Brunton will start with a brief look at great activist media in the past, from Guernica and the picture of the whole Earth to projects by the Yes Men - how they spread ideas and helped people get informed, organize, and act. What makes the creation of lulzy memes different? You'll learn how to create exploitable forms and rapid variations, and mechanisms for bringing the best stuff forward. Can we make media memes with goals beyond lulz, and teach activists who've never heard of 4chan to make them too?
How to Bring Your Project from Idea to Reality: Make a Living Doing What You Love - Mitch Altman has brought his personal pet projects (including TV-B-Gone universal remote controls) from idea to reality, and is fortunate to make a living doing what he loves. Mitch will outline the practical steps he took to take his projects from a mere idea, through the steps of research, development, manufacture, sales and distribution, leading, finally, to collecting checks while in the comfort of his home (and while traveling the world). This talk will also show some of the pitfalls of running one's own business.
Wireless Security: Killing Livers, Making Enemies - The message that wireless is unsafe has permeated the IT zeitgeist, however people still forget client devices. This talk by Dragorn and Renderman moves away from guarding the access points to guarding the clients. Considering the fun that is continually had by the authors at airports and public networks, this is a message that needs to get out. Recent vulnerabilities in browsers and other protocols that are often dismissed as "too hard to exploit to be useful" are suddenly very possible and dangerous when wireless is involved, and attacks crossing from layer 2 directly to layer 7 vulnerabilities will be shown.
The Robert Steele Spy Improv on Steroids - recovering spy and veteran HOPE speaker Steele draws on his impressive career in national security to give an uncensored and unforgiving late night talk on why he's seriously pissed off by the Google/NSA Axis of Evil.
Build Robots and See the World - learn about experiences building kinetic artworks like Chassis the Drink-Serving Robot and SWARM, the collection of six spherical orbs that roll without wheels. Electrical engineer Jonathan Foote gives tips and sources for getting started in robotics for the interested beginner.
Hackers for Human Rights - how creative technological efforts can combat oppressive forces, protect dissidents, journalists and activists, and save lives. Adrian Hong, director of The Pegasus Project who has been imprisoned in China for aiding North Korean refugees, illustrates how technology has been used to clamp down on citizens throughout the world and stifle human rights.
Vintage Computing - Historians Evan Koblentz and Bill Degnan show how American computer history wasn't all done in Boston and Silicon Valley. See firsthand a comprehensive working exhibit of early microcomputers.
IPv6 Playground - As systems connect over the next four years, IPv6 is projected to account for over 40 percent of all Internet traffic. IT and IA industry veteran Joe Klein shows how, with this level of growth, expectations are that many new security problems will surface, as they did with IPv4.
This is only the beginning. With over 100 talks at the conference and many more submissions than we've ever gotten before, this promises to be a really memorable event. To register, go to our registration page.