By Jim Scheef
HOPE X, or the tenth Hackers on Planet Earth Conference was held July 18-20, 2014, at the Hotel Pennsylvania in New York City. The conference is biennial and this was the second time I’ve attended. This year the theme was “dissent”. If you believe that the right to dissent, our fundamental right to publically disagree with our government, and the civil liberties that protect our right to dissent, are what make our country great, then you would fit right in at HOPE. Hope starts at 10am Friday and formal sessions run right up to midnight with three tracks at all times. For those with the stamina, informal talks continue well into the night. This repeats on Saturday with more sessions. The Sunday schedule ends shortly after 7pm. Conference registration was $85 well in advance or $150 at the door. There is no food service provided anywhere within the conference itself, but this is New York City so it’s not hard to find a place to get something to eat, ranging from street food to the fanciest restaurants. HOPE is sponsored by the publishers of 2600, The Hacker Quarterly (2600.com).
Over the three days I had no trouble finding interesting talks in nearly every time slot. Occasionally there were more than one in the same time slot. Obviously you need to plan your time in advance. Fortunately the entire conference is recorded with video. The recordings are available on DVD or as streaming video. This year HOPE had a 10Gb (yes, 10 Gigabits) Internet connection with high speed Wi-Fi on all floors used by the conference, so bandwidth was never an issue.
The big events this year were the two back to back keynote sessions. The first was Daniel Ellsberg, the leaker of the “Pentagon papers” that proved that President Richard Nixon and his administration were lying about the war in Vietnam. He was in person at the session (tinyurl.com/l4skens). The second keynoter was Edward Snowden and you know who he is. He appeared live from Russia via a Google Hangouts session (tinyurl.com/kvz2m58). [The links take you to the HOPE X channel on YouTube.] Scheduled for one hour each, the Snowden session ran for two hours. Ellsberg provided some extremely interesting context to the entire Snowden “spy or hero, criminal or whistleblower” debate. For instance, the politicians who call for Snowden to “return home and make his case in court”. This is a totally bogus argument because in the trial, the reasons for “blowing the whistle” are not relevant. In fact such testimony is not even allowed in count, because it is not relevant. The only relevant facts are, did the accused release the documents in question and were the documents classified. The fact that the documents prove our government is spying on U.S. citizens is not relevant. Edward Snowden has been effective as a leaker precisely because he is not in federal custody. If he were, he would have the same access to the press as Chelsea (nee, Bradley) Manning, which is to say zero.
Another key point from Ellsberg is that the number of documents is critical. One memo or email can be dismissed as a mistake or a crackpot and not the official policy of the government. When there are many, ideally hundreds or even thousands of documents, it is impossible to deny the truth. The last point I will relate concerns the “whistleblower or spy” debate. The documents released by both Ellsberg and Snowden are unquestionably the truth and how can it be a crime to tell the truth? Yet that is the position the government is in. The Director of National Intelligence, James Clapper, lied to Congress, yet somehow that is not a crime. If you listen to the first fifteen minutes of Daniel Ellsberg’s talk, I guarantee you will want to listen to all of both sessions.
As thought provoking as those three hours were, there was more. Steve Rambam, a private investigator, is one of the few people who have spoken at all ten HOPE conferences over the last twenty years. His talk this year was “You’ve Lost Privacy, Now They’re Taking Anonymity, or Whistleblowing Is Dead – Get Over It” (tinyurl.com/kmd5266). Steve then talks for two hours and scares you to death. Steve was actually arrested by the FBI at HOPE several years ago. His description of that ordeal is chilling because it is more typical of the federal judicial system than you might imagine and can happen to anyone. In his talk Steve discusses the information that private companies like Facebook and Google amass about all of us. If you think you don’t use Facebook or Google, think again. Any website that has a search tool, like dacs.org, links your computer to Google thru the Google API.
On the lighter side, there are still HOPE sessions about actual hacking. My favorite was “Rickrolling Your Neighbors with Google Chromecast” by Dan Petro (tinyurl.com/mwxa48u). This fun session covered how to take control of your neighbor’s Chromecast and play an arbitrary YouTube video. This is amazingly close to the hacks in the movies where the hacker hero (or villain) types some stuff and suddenly all the TV screens in the area start to display some video of his choosing. Back to reality. Dan’s hack uses a Raspberry Pi to exploit a flaw in the Chromecast device configuration to make a Chromecast drop the connection to the neighbor’s Wi-Fi and then connect to a Wi-Fi that you control, so you can tell it to play the video of your choice, which brings us to the term “RickRolling”. This prank is so lame that I must refer you to the Wikipedia article, wikipedia.org/wiki/Rickrolling. This talk was humorous and fun and shows some great (and 100% legal) hacking.
Other interesting sessions that I either attended or couldn’t get to covered such things as two separate efforts at designing an easy to use encryption standard for email; how to work with (and remove) root kits; a city-wide peer-to-peer Wi-Fi network; and “G-Code: the Programming Language of Machining and 3-D Printers”. The last was extremely well done. Lock picking (the old-fashioned kind with a brass key) is a big hacker favorite and every HOPE has both sessions on the topic and an area where you can learn how it’s done and purchase your own set of picks. Many (maybe all) of the sessions are available on YouTube or other streaming sources, so look at the HOPE X website and then use your favorite search engine to find the video.
My other computer club, the MidAtlantic Retro Computing Hobbyists (MARCH), in Wall, NJ, has had a booth at the last three HOPE conferences, so I have friends to see at the conference. These guys are deep nerds of widely varying interests which always leads to fascinating dinner conversations. The next HOPE will be in 2016; let me know if you want to go.