"So it was a bunch of smelly communists that took a break from playing with linux and looking at kiddy porn to gather together and (shock) relay their displeasure with the current politcal administration.  Yeah that sounds like fun.  Looks like that one Aaron guy didnt follow his own advice to 'shut the hell up, you don't know anything'.  Sounds like a really nice guy though."

--- Anonymous Coward comment on Slashdot regarding H2K2.

"'You should try one of my body tune-ups,' says [John] Draper.  'It's a great energy boost.'  Indeed, he spends a good deal of time at the conference enticing young attendees back to his hotel room, where he offers full-contact 'stretching' sessions."

"... he won't give his handle - spent over $3,000 on a loft in Chelsea, insurance and other expenses, with plans to stage a $25-a-head orgy.  Instead, he says, 'the FBI investigated us; we were going to let some 17-year-olds come, so we were crossing a state line with the intent of having sex with a minor.'"

--- Very interesting quotes in Hello, My Name Isn't ... while at H2K.

"... twenty-some years later he showed up in the San Francisco rave scene, a wild-looking man with gray hair and majorly fucked-up teeth as a result of his prison experience.  He would stay up for days dancing and partying -- 'high on the energy', he said -- and trying to seduce young rave boys."

--- Old quote about regular HOPE attendee "Captain Crunch" on 666.com.

"Suddenly pedophilia's relevant.  I'll give this some context.  All day friday and possibly all day saturday, (I can only vouch for friday) there seemed to be a team of legit journalists interviewing each panelist right after they got off the stage.  Except they were using a huge VHS camera.  And they weren't claiming to be a college class.  yadda yadda.  So anyhow it seems that each interview started out seeming quite legit but all of a sudden one of the lines of questioning became, 'do you have any evidence that Capn Crunch is a child molestor?  How about Emmanuel, I hear he hangs out with young boys.'  Then all of a sudden there are people all over here, all over the 2600.com irc chat, all over the slashdot threads spreading innuendo about Cap'n Crunch and Emmanuel."

--- Some comments about $2600 Magazine, HOPE, "Captain Crunch," Steve Rombom, etc. which are posted at http://steverombom.org.

"Actually, he has been seen doing the same things in public.  People notice it at meetings, and warn other teenagers.  A certain person named Hitman from NYC 2600 mention to someone to watch out for Emmanuel.  The kid went back to Emmanuel and had Hitman banned from HOPE 6.  I have always wonder where to of the teenagers that alway hung out with Emmanuel went.  RedHackt and Mr.Ohm disappeared from the scene after being close friends with Emmanuel."

"Maybe he was taken into custody because he was molested by Emmanuel Goldstein who is a suspected Pedophile."

"What is wrong with you people?  It's perfectly normal for a young boy to sleep in the same bed with a grown man."

"Probably just a ploy so that the Hope conference won't look so lame (as always) when compared to next week's Defcon conference"

--- Some very interesting comments on the "Steve Rambam" arrest at HOPE Number Six which were posted in the Washington Post blog.

"Before joining Gist, David Ruderman designed software for web sites including Time, Money, Fortune, Entertainment Weekly.  At Time Warner's Pathfinder site, he developed web applications for community building, text retrieval, and content management.  He has developed electronic books for Times Mirror, and at Cold Spring Harbor Laboratory, Dave even worked on one of the first human-genome databases.  In 1984, Dave co-founded the hacker zine 2600.  He earned his Master Degree in Computer Science from the State University of New York at Stony Brook and holds a Bachelor Degree in Biology."

"Gist Communications is backed by Neptuno G.m.b.H., a subsidiary of Sal. Oppenheim Jr. & Compagnie, a private bank based in Cologne, Germany.  Neptuno's initial investment was several million dollars."

--- September 16, 1996 quote in the New York Times about GIST Communications.  David Ruderman, one of the co-founders of $2600 Magazine, is GIST Communications' Vice President of Technology - and fucking rich!

"Today he earns in the low six figures by advising executives on how to protect their companies from the current generation of ingenious but reckless geeks."

--- Quote about Kevin Mitnick from Jonathan Littman in his Playboy article The Invisible Digital Man.  Nothing like using manufactured fear, history revisionism, and blatant lies to help you pull in six-figures a year.

"[Jello] Biafra has spent large amounts of time and money on attorney fees and court costs.  He continues to spend money on his appeal.  Although he lives in a 1.1-million-dollar house in the hills of San Francisco, he is asking others for donations to pay for his appeal.  The appeal will nevertheless reaffirm the court Judgment against him.  These resources could be used to maintain his record label, Alternative Tentacles.  But by continuing with his expensive, failing and misguided legal maneuvers, Alternative Tentacles may very well go under."

--- You just paid $100 to watch a bunch of gay millionaires tell you how to think!

1. HOPE: Hackers On Planet Earth  (1994)
2. Beyond HOPE  (1997)
3. H2K  (2000)
4. H2K2  (2002)
5. The Fifth HOPE  (2004)
6. HOPE Number Six  (2006)
7. The Last HOPE  (2008)

• $2600 Magazine Information  ASCII Big Brother Doesn't Want You to See
• H.O.P.E  Caution: Wikipedia
• $2600's HOPE Message Forums  Have your say!
• Caution:  90% of these speeches are propaganda.

HOPE: Hackers On Planet Earth

• HOPE took place on August 13-14, 1994 at Hotel Pennsylvania in New York City.
• Post-HOPE Analysis  From Off The Hook, August 17, 1994.
• Picture Archive
• Schedule
• USENET Announcement
• Hackers on Planet Earth  - Pre-HOPE editorial in $2600 Magazine Vol. 11 No. 2 announcing their first conference.
• Opening Doors  - Post-HOPE editorial in $2600 Magazine Vol. 11 No. 3 discussing their first conference.
• Bumper Sticker
• Registration Form
• Gray Areas Magazine Review of HOPE  by Netta Gilboa

1. Keynote Speaker: Robert Steele - Robert Steele  (9.2M MP3)
• Former Central Intelligence Agency case officer Robert Steele welcomes hackers to New York.  Includes Jello Biafra's opening speech recording.
2. TDD Fundamentals - Bernie S. (Ed Cummings)
• The use of TDD's (Telecommunications Devices for the Deaf), procedures, and the use of TDD relay services.



3. Fun With Pagers - Thomas Icom
• Have you ever had the opportunity to monitor the pager of your choice, seeing each and every page as it comes over, alphanumeric included?  You will.  The entire city of New York is wide open and we'll demonstrate exactly how it's done.  More pager tricks and little-known facts will be presented.
4. Control The World From Your PC - Paul Bergsman
• Paul Bergsman will show attendees how to use a home computer to decode DTMF signals, control relays, lights, motors, and input burglary sensor data, monitor electric trains, and record voltage, temperature, or frequency.
5. Cellular Phones - Bernie S., Jason Hillyard (Mr. Upsetter), and Count Zero (John Lester)
• OK, how is it done, really?  We've all heard about cellular phone cloning but how many of us have had the guts to actually do it ourselves?  Actually, probably quite a few because it's relatively easy.  But, as with any technological trick, there is a multitude of misinformation being handed out.  That won't happen here as the true experts will be on hand to demonstrate cloning and answer questions.  We will show how cloning is not just for criminals and how you can clone a phone on your own PC!  Cellular software to do this will be made available for free!  You will also see first hand the risks of using a cellular phone.
6. The N.Y.C. Metrocard - Red Balaclava (Jeopardy Jim [Jim Vichench])
• New York City has just introduced a brand new farecard system for mass transit, one unlike any other in the United States.  We have been gathering data on this system for some time now and hackers all over the world are trying to figure out ways of cracking it.  Unlike most other mass transit card systems, this one uses master databases.  We will read the cards, duplicate them, and make every attempt to defeat the system.  By the end of HOPE, we will have either cracked it or deemed it secure.  Your participation is encouraged.  We expect to have representatives of the Metropolitan Transit Authority on hand to answer questions and keep a nervous eye on us.
7. Chaos Computer Club - Chaos Computer Club
• For many years now, Germany's Chaos Computer Club has been making headlines all over the world for all kinds of mischief.  But, as with all things, there is much much more to the story.  For the first time ever, the CCC will be in this country to answer questions and share information of all sorts.
8. Hack-Tic - Rop Gonggrijp
• Although it's almost entirely in Dutch, Hack-Tic and the many people involved in its production have been the inspiration for hackers all over the planet.  If HOPE is half as successful as the two hacker congresses Hack-Tic has hosted (Galactic Hacker Party of 1989 and Hacking at the End of the Universe of 1993), it will be an incredible event.  Because of the far more relaxed atmosphere in Holland, hackers there are able to accomplish much more without all of the paranoia that is so abundant here.  We will hear their story and find out about all of the technological projects they're involved in.
9. Social Engineering - Cheshire Catalyst (Robert Osband), Supernigger (Zohar Shif), and Emmanuel Golddigger (Eric Corley)
• By far one of the most effective ways of getting information is the art of social engineering.  You will see some live social engineering, get tips on what not to do, hear some great legendary tales from the masters, and listen to social engineering tapes of the past.  You are welcome to participate in our social engineering contest - we give you an operator and you go as far as you can.
10. Lockpicking - Paul Bergsman
• Everything from picks to electric drills to Simplex locks.
11. The National Identification Card - Judi Clark, Bob Stratton, and Dave Banisar
• That's right, it may be coming a whole lot sooner than you EVER thought possible.  As you read this, there is a proposal in the works that would establish several states as a testing ground for mandatory national ID card.  We'll have the latest scoop on who's behind this and reaction from civil liberties and other groups.  We'll also be hearing from people in countries where national ID cards are already a reality and what it means to them.  Can it be stopped?  Should it be stopped?  Why you need to care.
12. Linux - Michael Johnston
• Linux is the freely distributable unix clone available by FTP from many sites on the Internet.  It is a remarkably complete and stable OS for intel-based PC's that is a direct result of the existence of the Internet, which allowed for the cooperative development team of volunteers to communicate in real time during their development of their respective parts of the project.  Linux continues to enjoy rapid development and is already a viable and popular alternative to commercial Unix OS's.  It is being installed in basements and at commercial, academic, and governmental organizations around the world.  Michael Johnston, developer of the new Slackware Professional Linux package (in partnership with Patrick Volkerding, author of the Slackware distribution of Linux on the net), will speak on the differences between the different Linux distributions available "for free" by FTP on the Internet, and in particular the changes in Slackware (the most popular Linux distribution on the net) between versions 1.2 and the new 2.0.
13. Update on Italian Hacker Crackdown -
• Recently, one of the largest computer raids in history took place in Italy, focusing its attention on Fidonet.  The investigation and the overall oppressive atmosphere are continuing.  An update from an eyewitness.
14. How Do Hackers Handle Malicious Users? -
• With so many new people being drawn to the net every day, the criminal element is bound to become more visible.  This means users who destroy files, wipe entire systems, harrass users, and cause intentional pandemonium.  Perhaps the worst part of this is that the media considers such deliberate malice to be another part of hacking.  How do hackers deal with such users and the misperceptions of the hacker world that are created?  Is it proper for hackers to go to the authorities on such occasions or will that ultimately backfire?  You'll hear stories, experiences, suggestions, arguments, etc. from experts and non-experts alike.
15. The Art of Boxing - BillSF (Bill Squire), Kevin Crow, and Mark Abene (Phiber Optik) from prison
• Contrary to popular belief, boxing is not dead.  As you will see, there are so many possibilities.  We will have some top phone phreaks on hand to show you what works, what doesn't, what used to work, what never did, and what probably might.  American boxing is only one small part of the entire global picture.  In this panel, we guarantee all questions will have answers.  Also included: An overview of current inband systems like R1, R2, and C5.  The pains of ANI and the ease with which it can be spoofed.
16. Hacker Authors - Panel
• Steven Levy (Hackers), Winn Schwartau (Terminal Compromise), Paul Tough (Harpers, Esquire), Paul Bergsman (Control The World With Your Computer), Julian Dibbel (Village Voice, Spin), Rafael Moreau, production staff for Hackers.
17. Wearable Computers and Chordic Input - Doug Platt
• Doug Platt of Select Tech will be walking around the HOPE conference wearing and demonstrating a computer of his own design that will be connected live to the Internet via wireless technology.  Doug will be reporting live on the HOPE conference via the Internet as he walks around.
18. History of $2600 & TAP Magazine - Manny Golddigger, David Ruderman, Scott Skinner, Joe630, (Ben Sherman), and Cheshire Catalyst
• How did it all start?  How did it almost never happen at all?  Are our phones tapped?  What's the craziest letter we ever got?  Who are the people behind the names?  How many lawsuits have we been threatened with?  What do the covers mean?  Where is it all leading?  Get the picture?  (TAP Magazine)
19. Full Disclosure - Live Shortwave Broadcast From HOPE -
• Learn all about Full Disclosure, a magazine many consider to be as dangerous as $2600!  Free copies will be available.   On Sunday at 8 pm a live call-in from HOPE to Full Disclosure Live will take place on international shortwave on WWCR at 5810 kHz shortwave.
20. Legal Issues & Clipper Chip - Dave Banisar
• Dave Banisar of the newly formed Washington DC based Electronic Privacy Information Center (EPIC) will fill us in on the latest laws, restrictions, and risks facing us all.  There will also be updates on the $2600 Pentagon City Mall incident and tips on how to make the Freedom Of Information Act work for you.  Come to this panel with any questions or comments about the ACLU, EFF, CPSR, etc.
21. What Is This Cryptography Stuff and Why Should I Care? - Bob Stratton, Eric Hughes, Matt Blaze, and Bernie S.
• There have been quite a few articles in the national media recently about cryptography and privacy.  Bob Stratton will attempt to provide an introduction to the terms and technology, how it affects the average citizen, and insights into the public policy debate currently raging in Washington and around the world.  There will be a special emphasis on the relationship of cryptographic technology and emerging personal communications tools.

Beyond HOPE

• Beyond HOPE took place on August 8-10, 1997 at the Puck Building in New York City.
• Post-Beyond HOPE Analysis  From Off The Hook, August 12, 1997.
• Who's Hacking Whom?  HOPE Springs in Manhattan  by Peter Wayner
• Beyond HOPE Hacks into Big Time  by Austin Bunn
• HOPE On A Rope  by Noah Robischon
• Hackers on Holiday  by Joe Territo

1. HIP Opening  (1.2M MP3)
• Hacking In Progress (HIP) opening speech.
2. The Beyond HOPE Press Conference  (2.8M MP3)
• As we kick off the conference, we thought it would be only right to take questions from the various members of the press who will be in attendance.  This will also be the time where we will be announcing things too shocking to be printed here.  It's a good opportunity for all of us to meet the people who will be covering the conference and to dispel all those myths and rumors that seem to follow us around the planet.
3. $2600 Panel - Manny Golddigger, Pamela Finkel, David Ruderman, Bernie S., Ben Sherman (Joe630), Dave, Kiratoy (Shawn West), Scott Skinner, and Mark Abene (Phiber Optik)  (7.6M MP3)
• Since this whole thing is being thrown together by $2600 and friends, we thought it would be nice to have a panel dedicated to the zine, what has happened over the years, where $2600 is going, and what could be done better.  This is your chance to ask whatever questions you've had festering over the past 13 years.
4. Opening Address - Hacking for the Next Century - Brock Meeks  (5.1M MP3)
• In this age of heightened awareness about security and hacking, where have all the good hacks gone?  Too many are claiming the title "hacker" when they are no more than snot-nosed wannabe posers.  Or worse, downright petty criminals, as was witnessed at Defcon when people were trying to pass counterfeit bills and bad counterfeit bills at that.  Brock will talk about where hackers have come from, where they've gone, and where they should head into the new millenium.
5. Tiger Teaming Panel - Chris Nichols, Laura Brown, Steve Lutz, and Mark Abene  (6.0M MP3)
• What are the implications when hacking becomes legal?  Over the years, major companies have learned to rely on the expertise of the same people they once tried to prosecute.  Hear some interesting stories about what has happened in this weird marriage of two cultures.  And decide for yourself what kind of effect this will have on the future of hacking.
6. Information for the Masses - Steven Rambam (Steven Rombom)  (6.9M MP3)
• There is so much information available on all of us, but most of it is only accessible to governments and to major companies/big business.  In this session, the hackers will "level the playing field" and access data that is not restricted, but is rather... expensive.  Or just plain hidden.  There will also be a discussion on just how much info is out there, including such categorization as religion, health, sexual preference, etc.
7. The L0pht - Brian Oblivion, Weld Pond (Chris Wysopal), Kingpin (Joe Grand), Mudge (Peiter Zatko), Space Rogue (Christopher Thompson), Tan (John Tan), and Stefan (Stefan von Neumann).  (7.7M MP3)
• This, incidentally, is the entire L0pht lineup all in one place at one time!  They will be talking about recent projects and accomplishments, not the least of which will be their adventures with Windows NT and why Microsoft would like to see them shot.  Look for some new projects to be introduced and for a discussion of emerging trends and shortcomings in the technologies that are backing them.  This will be followed by a Q&A session.
8. Cryptography: Opportunities, Threats, and Implementations - Bruce Schneier  (7.5M MP3)
• From encryption to digital signatures to electronic commerce to secure voting - cryptography has become the enabling technology that allows us to take existing business and social constructs and move them to computer networks.  But a lot of cryptography is bad, and the problem with bad cryptography is that it looks just like good cryptography; most people cannot tell the difference.  Security is a chain: only as strong as the weakest link. In this talk Bruce Schneier will take a look at the future of cryptography: the needs, the threats, the limits of technology, and the promise of the future.
9. Live Broadcast - Off The Hook - Emmanuel Golddigger, Phiber Optik, and more!  (14.3M MP3)
• A special two hour live broadcast from the conference to the entire tri-state area.  Off The Hook airs weekly on WBAI 99.5 FM and has gotten a very diverse audience over the years.  This show will obviously be different than most since there aren't usually hundreds of people in the studio like there will be here.  There will be all kinds of special guests and surprises, most of which we probably won't even be expecting.  We hope to link this show to the HIP conference and have it available live over the mbone and real audio to make this the largest hacker broadcast ever.
• A special edition of Off The Hook broadcast live from the Beyond HOPE conference at the Puck Building in New York City.  Guests include Major Hacking, Cyberjunkie, Bernie S., Veggie, Mike Roadancer, Steve Rambam, Paul from name.space, as well as a special media panel (Paper Tiger, Cyberwire Dispatch, Netly News, Japanese TV, Internet Underground).  Listen for the ring voltage complete with Caller ID data every time phone calls are taken.
10. Pirate Radio - "Steal This Radio" Staff, Lazlow Jones of the Techno-File Radio Network  (No Audio Available)
• What does pirate radio have to do with hacking?  Are you SERIOUS?!  Come on, don't be stupid.  First off, it's wrong to call micro-broadcasters pirates.  If anyone's a pirate, it's those megacorporations who take over the airwaves and dictate what it is that we watch and what kind of music we listen to.  But it's our own fault, for standing by and watching it happen.  Tonight you can begin to change.  Meet the people from "Steal This Radio," a low-power operation eminating from somewhere in the neighborhood.  This station has no censorship, lots of interesting and diverse programs, and a growing audience.  And there are more of these stations popping up on the dial all over the country.  Learn how it's done and hear firsthand how commercial broadcasting operates.
11. Where Hackers and Criminals Collide - Ira Winkler  (8.5M MP3)
• A talk on how and where the hacker and criminal communities intersect.  This presentation will also address what basic skills a "real hacker" would have.  Highlighting this topic will be an "Are You Clueless?" test.
12. GSM Phones and the Future - Phiber Optik, and t0m from England  (14.1M MP3)
• One of the newest hacker toys is the GSM phone, which has been around in Europe for quite some time and has just being introduced in this country fairly recently with companies like Omnipoint and Sprint Spectrum.  We'll show the capabilities and potential weaknesses of these phones and compare the different systems that exist throughout the world.  Learn about the future of telecommunications from the people who will help to shape it.
13. Metrocard - Red Balaclava (Jeopardy Jim [Jim Vichench])  (8.4M MP3)
• The mystery transit employee who appeared at the original Hackers On Planet Earth conference in 1994 returns (via ISDN) to talk about the easily hackable but ingeniously self-correcting payment method of New York City's subways and buses.  We will also discuss the subtle - and possibly increasing - dangers of the Transit Authority's ability to trace your travels via Metrocard.
14. Low Bandwidth Access - Cheshire Catalyst  (6.8M MP3)
• A discussion and demonstration on how to achieve Internet access using simple text-only computer terminals and web browsers to access information on the World Wide Web.  While you don't get all the graphics and whiz-bang, you can get basic information, download files, images and software for later perusal, and you don't need a Windows machine to do all this!  Webmasters will be given tips on making their pages more accessible to these users.
• Notes
15. Dangerous Legislation - Shabbir Safdar  (8.4M MP3)
• There has been much movement recently involving dangerously vague legislation aimed against hackers and, not coincidentally, against privacy.  There are some really scary and little known details that may surprise the hell out of you.  Hear firsthand how the legislators' ignorance of technology and desire to control the masses could make your life a living hell.  Find out what you can do now to help shape pending laws on cryptography, privacy, free speech and even owning a computer.
16. CDC and World Domination - Assorted Panelists  (1.6M MP3)
• Cult of the Dead Cow is the oldest active group in the hacker underground (around since 1984), and they've got a little bit to say about the impact of the Internet on the world around us.  From Chinese dissidents to our own political activists, the underdogs finally have an advantage over the Goliath of Big Brother....  The times they are a changin'.  1997 is the Year of the Cow, and cDc is your only hope for absolution.
17. Social Engineering - Zak, Manos Megagiannis, Manny Golddigger, Netweasel (Ryan M. Basile), Thee Joker (Jason), Cyberjunkie, Deth Vegetable (Luke Barrymore), and assorted panelists  (10.1M MP3)
• One of the panels we had the most fun with at the first HOPE was the social engineering seminar.  We expect to have at least as much fun this time as hackers attempt to demonstrate live just what it means to get unauthorized information out of a human being.  No matter how advanced and secure our networks and systems become, this is one form of hacking that can never die.  At least, not until there are no more people.
18. The Kevin Mitnick Story - Attorney Donald Randolph  (5.0M MP3)
• For more than two and a half years, Kevin Mitnick has been held in a prison by the U.S. government.  And during this whole time, all kinds of mistruths and fictions have been uttered by the prosecution, echoed by the media, and believed by the public.  On this panel, Mitnick's lawyer Donald Randolph will help set the record straight and provide some little known details on what has happened so far.  Find out who Kevin Mitnick is and who he isn't.
19. Prisoners - Phiber Optik, Bernie S., and Manny Golddigger  (12.3M MP3)
• One of the sadder aspects of the hacker world is the growing number of hacker prisoners.  Some victims of this will describe their experiences and what kinds of tricks the government plays on naive young people.  If you want to be a hacker who stays out of jail, it might be good to sit in on this one.  If you're interested in things that go on in our nation's prisons, prepare to have your eyes opened.
20. The r00t Panel - Hosaka, rs, and loki  (3.5M MP3)
• "The most beloved, the most hated, and the most respected hacking group of all time" (r00t description of themselves) will discuss their history, their evil deeds, and their many uses of silly putty.  Your one and only chance to see a real live hacking group yet to narq out themselves.  They're all a bunch of idiots, but they own you.
21. Closing Ceremonies - The Grand Finale  (5.7M MP3)
• About eight hours after the HIP conference in Holland ends, it'll be our turn to pull the plugs.  This may take a while.

H2K

• H2K took place on July 12-14, 2000 at Hotel Pennsylvania in New York City.
• Post-H2K Analysis  From Off The Hook, July 18, 2000.
• Complete Panel & Speaker List
• GSM and CDMA PowerPoint Slides  Slides from Jason Hillyard's presentation.  (Audio not available)
• Krispy Kremes and Ancient Ethics  by Brendan Koerner
• Why Defcon Beats H2K  by Drew Ulricksen
• Hard Times at Hacker High  by Robert Lemos
• Underground Online H2K Q&A Video Segments
• H2K - Hackers On Planet Earth 2000  Photos by Rob T. Firefly.

1. Keynote Speaker: Jello Biafra - Jello Biafra (Eric Reed Boucher)
• The Jello Biafra keynote speech took place on Saturday, July 15, 2000.  In this historic cultural exchange between the punk rock icon/free speech activist and the hacker community, Jello manages to draw powerful connections despite not having any actual computer experience.  He addresses issues such as corporate control of the media, the presidential election, censorship, the future of the Internet, Napster, pirate radio, online activism, and hackers.
2. The Hacker's Code - Greg Newby
• Is it possible to have a shared code of ethics?  Is it desirable?  Will this help distinguish hackers from script kiddies from criminals?  A look at some possible examples, including the Hacker's Manifesto, Hippocratic Oath, The Three Laws of Robotics, and others.
• Hacker's Code
3. DeCSS and the DMCA - Hackers vs. Corporate America - Emmanuel Golddigger, Jon Johansen, and Macki
• A look at what DeCSS is, what it's not, and how the DMCA is going to effect each and every one of us.
4. Hackers of Planet Earth - Cyberjunkie, Rop Gonggrijp, and Andy Mueller-Maguhn
• You thought hacking was an American thing?  Think again.  There are hackers in every nook and cranny of the globe, and this "meeting of the minds" is what the authorities fear the most.
5. Hacktivism - Terrorism or A New Hope? - Reid Fleming, Oxblood Ruffin (Laird Brown), and ShapeShifter (Terrence McGuckin)
• We've all heard the phrase but what does it mean?  Is there such a thing as activism on the net and, if so, how does it work?  How much organization is there?  And how much disorganization?
6. Hardware and Electronics Q&A - Javaman (Adam O'Donnell), Kingpin (Joe Grand), and Brian Oblivion
• An open discussion on various forms of hardware led by people who spend an awful lot of time experimenting with technology.
7. High School Horror Tales - Greg Newby and Various Teenaged Boys
• We've all read the letters from high school kids who have their copies of $2600 seized by the principal or who get suspended or even expelled for using an unauthorized command on one of the classroom computers.  Unfortunately, this seems to be the rule, not the exception.  An examination from a first-person perspective.
8. Information on the Masses - Steve Rambam
• How much information is out there on every one of us?  Who is able to access it?  How much can money really buy?  And just how much digging do you really have to do in order to find out the real secrets?  An update to the Beyond Hope discussion by world renowned private eye Steve Rambam that will shock, enrage, frighten, and intrigue you.
9. The Jon Johansen Story - Jon Johansen and Per Johansen
• On January 24, 2000, 16-year-old Jon Johansen and his father were both arrested by Norwegian authorities under pressure from the Motion Picture Association of America and the major film studios it represents.  The authorities seized his computer, some disks, and a mobile phone.  Jon, a member of Masters of Reverse Engineering, was believed to have been responsible for reverse engineering CSS and thus igniting the controversy that resulted in $2600 being sued in federal court for publishing the program on its web site.  The story of what happened is told by Jon and his father.
10. Has Anyone Learned ANYTHING? - Rick Forno
• While a select few may have learned how to cope with the issues inherent in the Information Age, the majority have not.  A look at current security trends that explores exactly how far corporate America and the government have come in accepting/dealing with computer and information security.  Are we any better off now?  Have major incidents been an eye-opener to anyone?  Are current laws and processes effective?  Sadly, the report card is NOT GOOD.
11. The Legal Panel - Martin Garbus, Emmanuel Golddigger, and Robin Gross
• On the eve of the MPAA lawsuit against $2600, members of the defense team outline strategy and the facts of the case.
12. Lockpicking - Barry Wels and Hans "Unicorn" van de Looy
• Europe's leading experts on locks talk about the philosophy of starting lockpick "sportgroups," answer questions about all sorts of locks, and even try to open a few.
13. Low Bandwidth Access - Cheshire Catalyst, and The Voxy Lady
• A discussion that disparages flashy graphics and shockwaved sites in favor of informative text based content, not just glitz.
• Notes
14. Low-Power FM - Bernie S., Pete Tridish, and Andy Yoder
• A guide to the pitfalls and hurdles involved with starting your own radio station.
15. Hackers and the Media - Robert Lemos, Doug Mohney, Viktorie Navratilova, and Deborah Radcliff
• Straight from the mouths of journalists - why do hackers always seem to get such bad media exposure?
16. Ethics in Military and Civilian Software Development - Sam Nitzberg, Winn Schwartau, and Robert Steele
• A discussion of the ethical considerations in developing military and civilian software.
17. MTV - How Did It Happen? - Izaac Falken, Tommee Pickles, and Weld Pond (Chris Wysopal)
• We all know about the travesty that MTV put out on its "True Life" series last year on the subject of hackers.  An ex-employee of MTV joins with other participants in the ill-fated show to discuss just how it happened and where it went wrong.
• MTV True Life - "I'm a Hacker"  (38M WMV)
18. Cracking the Hacker Myth: A Study by the Laurentian University Hacker Research Team - John Dodge, Bernie S., and Bernadette Schell
• Members of the Laurentian University Hacker Research Team describe the purpose and goals of their research.
• Additional Information
19. Napster: A New Beginning or Beginning of the End? - Jello Biafra, Glen Otis Brown, James Hanna, Keith Hopkin, Lazlow Jones, and Siva Vaidhyanathan.
• We've read the papers and seen the hysteria.  Many of us have also been affected by the clogged bandwidth.  So what will programs like Napster wind up doing to the Net, the music industry, artists, and the consumer culture?
20. The Old Timer Panel - Cheshire Catalyst and Captain Crunch
• Hard as it may be to believe, there are hackers who have been active for twice as long as many of the H2K attendees have been alive!  Quite a bit has changed since the old days - the technology, the laws, the amount of interest.  And there are some things that haven't changed at all.
21. The King's Mob Open Source Mediamaking Panel - Matt Pizzolo
• New York's "do-it-yourself" new media and movie studio demonstrates how it's possible to shatter major corporations' grasp on independent production and distribution.
22. Pirate Radio 101 - DJ Anne Animus, Mr. E, Ken-Zo, and Professor Klystron
• What microbroadcasting is all about presented by members of a "pirate" radio station.
23. Internet Radio - Fearfree, Juintz (Mike McTeague), and Porkchop (Michael Kaegler)
• While it's true that radio space on the dial is controlled by fewer and fewer people, broadcasting on the net is something that almost anyone can do.  How to get started, how to do it right, and how to make a difference.
24. RetroComputing - Graphix, Mr. Ohm, Nightstalker (Chris Tucker), and Sam Nitzberg
• This panel discusses obsolete computers like TRS-80s and Atari 800s while answering all kinds of obscure questions and even auctioning off some ancient hardware.
25. The Robotic Graffiti Writer - The Institute for Applied Autonomy
• Learn what a "politically motivated robotics collective" is all about and hear what the Robotic Graffiti Writer along with the "propaganda distribution device" known as Little Brother have accomplished.
26. Selling Out: The Pros and Cons of Working for The Man - Scott Blake
• There's lots of talk in the media about hackers who get straight jobs in the security industry.  What does it cost a hacker to get a real job?  What are the benefits?  What about those nasty intellectual property agreements?  Hear about the benefits and the sacrifices.
• PowerPoint Slides
27. Social Engineering - Cheshire Catalyst, Emmanuel Golddigger, Robert J. Lupo (v1ru5), and Kevin Mitnick
• A HOPE tradition that began back in 1994.  Hear how we intercepted an AT&T security bulletin about this very panel and used it for some serious laughs.  Also, Kevin Mitnick joins in over the telephone with his interpretation of what social engineering is and isn't.
28. Spy Stuff: Everything You Never Believed But Wanted to Ask About - Robert Steele
• For more than two hours, a room full of people was held spellbound by former clandestine case officer (spy) Robert Steele's informal discussion about spy stuff, smart nations, dumb governments, and more.
29. The Mock Trial - Adam Cohen, Emmanuel Golddigger, Jon Johansen, Glenn Kurtzrock, Bernie S., Shana Skaletsky, Scott Skinner, and Alexander Urbelis
• An informative and at times hilarious portrayal of what could have happened at the DeCSS trial.  The real trial started less than two days after this version.
30. Introduction to Computer Viruses - Robert J. Lupo
• A discussion on how viruses work, the different types and styles, and what the future holds.
31. H2K Closing Ceremonies - Cheshire Catalyst, Emmanuel Golddigger, Porkchop, Bernie S., and Ben Sherman (Joe630)
• The final words from H2K as thanks are given, door prizes are flung, cleanup begins, and we all look towards 2002.

H2K2

• H2K2 (HOPE 2002) took place on July 12-14, 2002 at Hotel Pennsylvania in New York City.
• Post-H2K2 Analysis  From Off The Hook, July 17, 2002.
• H2K2 Speaker Info
• H2K2 Wrapup
• AT&T Warns Workers Not to be Duped by Hackers
• H2K2: Hackers on Planet Earth  by Angst
• H2K2 - Hackers On Planet Earth  Photos by Rob T. Firefly.
• H2K2 - Hackers On Planet Earth  Photos by golgo13.
• H2K2 - Hackers On Planet Earth  Photos by shredder.
• H2K2 - Hackers On Planet Earth  Photos by Dataprophet.
• H2K2 - Hackers On Planet Earth  Photos from phzero.net
• H2K2 - Hackers On Planet Earth  Photos by Deviant.
• Dual And Rax Do H2K2  Random video footage from Radio Freek America.  (6.1M RealMedia)

1. Abuse of Authority - Bernie S. (Ed Cummings) and ShapeShifter (Terrence McGuckin)
• Over the years, there have been many stories in the hacker world of law enforcement personnel who have abused their authority.  Two of the more dramatic cases in recent memory both come out of Philadelphia.  Many of us are already familiar with the horror story of Bernie S. who toured five dangerous prisons for over a year - not because of what he was charged with - but because the United States Secret Service was upset about his collection of information about them.  Then there is the case of ShapeShifter, $2600 layout artist, who was arrested at the Republican National Convention in 2000 (shortly after leading a panel on the RNC at H2K) and held on half a million dollars bail as if he were a terrorist mastermind - all because he had been targeted for speaking out in public.  Hear the games the authorities play and how public education really can make a difference in putting an end to such abuse.
2. Access Control Devices - Mike Glasser
• There are all kinds of access control devices that we come in contact with every day.  They include such things as magnet readers, proximity card readers, fingerprint readers, camera systems, biometrics, and basic standard operating procedures for a business.  This talk will be a comprehensive guide to what's out there.
3. The Argument Against Security Through Obscurity for the Non-Digital World - Greg Newby
• In the world of networked computers, security through obscurity is generally ineffective.  Hiding algorithms, protecting source code, and keeping procedures secret might be effective initially, but eventually the cloak of secrecy is penetrated.  This talk will examine how security through obscurity is relied upon in the non-computerized world.  When can security through obscurity work?  What risk analysis should we use to examine the role of obscurity in the non-computerized world?  The talk will present and examine the hypothesis that an "open source" mentality should be applied to security procedures for public places.  This is a logical extension of the lesson in cryptanalysis - that no cryptographic method can be considered trustworthy until it has undergone a rigorous examination by qualified persons.  Similarly, can we trust security procedures in the physical world designed, ostensibly, to protect the public if these procedures never undergo public scrutiny?
• PowerPoint Slides
4. Black Hat Bloc or How I Stopped Worrying About Corporations and Learned to Love the Hacker Class War - Gweeds (Guido Sanchez)
• Hackers must deal with governments and ultimately the corporations that wield most of the decision making power within them.  Looking over the past few decades of hacker interaction with corporations, we notice some interesting trends in the two worlds that indicate strong influences of the corporate and hacker worlds on the other's ethics and culture, often only hinted at to the rest of the world via biased corporate PR machines in the form of broadcast and publishing media.  Hacker posts to Bugtraq become resumes, hacker tech like BBSes and IRC become the technical implementations of every Internet startup's business plan, hackers testify in front of Congress to warn them of impending doom directly resulting in increased federal cybercrime funding, while piracy is accepted by governments and media (but not the public) as theft.  Has hacking become the fast venture capitalist track to shiny gadgets that go fast and make noise, a la Slashdot?  Should we ignore intellectual property legislation and treaties that are passed solely to make rich people richer?  This talk takes a look at where hacker/corporate/government relationships have been, where they are now, and where they could be going - hopefully shedding some light on everyone's motivations along the way.
5. Bullies on the Net - The Ford and Nissan Cases - Emmanuel Golddigger, Eric Grimm, and Uzi Nissan
• We could fill the entire weekend with stories like these and we have no doubt there will be many more such tales in the years to come.  With the help of agencies, corporations, treaties, and laws with acronyms like ICANN, WIPO, WTO, and the DMCA, the individual very often finds himself at the mercy of corporate giants with virtually unlimited funding - and seemingly unlimited power.  Throughout it all however, there remains hope.  Hear the story of Uzi Nissan, who is being sued by the Nissan Motor Company for daring to use his own name on the Internet.  We'll also talk about how the Ford Motor Company sued $2600 - and lost.
6. Caller ID Spoofing - Lucky225 (Jered Morgan) and Tray Smee
• A demonstration of how Caller ID works as well as methods that can be used to emulate and display spoofed Caller ID messages on Caller ID and Caller ID with Call Waiting boxes using a Bell 202 modem.  Details on the technical aspects such as Caller ID protocol for both regular and Call Waiting Caller ID.  If all goes well, you may actually see a live demonstration of spoofed Caller ID.
• Notes
7. "The Conscience of a Hacker" - The Mentor (Loyd Blankenship)
• Probably the most famous single essay about what it's like to be a hacker is The Conscience of a Hacker by The Mentor, written in 1986. It's been quoted all over the place, including the movie Hackers.  It remains one of the most inspirational pieces written about the hacker community and it's survived well over time.  This year, we're pleased to have The Mentor himself give a reading of it and offer additional insight.
• Video Excerpt
8. Conspiracies - Gonzo DeMann (Michael J. Ferris), Leo, and Rev. Sergey
• Technology can be a wonderful thing, but it can be quite harmful as well.  Unenlightened corporate interest as well as government interest can make for some savage bedfellows.  This panel will deal with technology, its good uses and some of its evil ones.
9. Crypto for the Masses - Matt Blaze, Greg Newby, and Anatole Shaw
• This panel will approach cryptography from the perspective of enabling a "digital world" where key social schemes are preserved - personal identity, anonymity, and the right to privacy.  We'll talk about the basic inner workings of cryptosystems, and discuss how they can be applied now to create and enforce cyber rights.  We'll also discuss the hurdles faced by crypto and its adopters, along with the public at large.  And we'll learn just how crypto is being threatened and abused by certain global goons.
10. Cult of the Dead Cow Extravaganza - (No Audio Available)
• This year, the megamerican computer hackers of patriotism, Cult of the Dead Cow, honor our country with "Hooray for America!" -- an all-star revue including the Anheuser-Busch Clydesdales, NASCAR champion Dingus McProstate, and the Dallas Cowboy Cheerleaders.  Reid Fleming will give a thorough and thoroughly educational description of the history and symbology of the Great Seal (which you can find on the back side of a $1 bill).  Grandmaster Ratte himself will lead the audience in a sustained chant of "U.S.A.! U.S.A.! U.S.A.!"  Oh, and maybe there will be some new software too
11. Databases and Privacy - Steve Rambam (Steve Rombom)
• Once again, world renowned private eye Steve Rambam will enlighten and frighten attendees with the latest updates on the personal information that is out there about each and every one of us.  Find out which databases contain the most invasive information and who has access to them, as well as what you can do to protect your privacy.  There will also be a discussion on truth and accountability on the net as well as live demonstrations.
12. A Day in the Life of a Directory Assistance Operator - Cheshire Catalyst
• Odds are most of us take things about the phone companies for granted.  But there is a whole world that we don't see which is always operating.  Hear how the system really works from The Cheshire Catalyst.
• Slides & Notes
13. The DeCSS Story - Emmanuel Golddigger, Robin Gross, and Ed Hernstadt
• At our last conference, we were preparing to go on trial for daring to have the code to DeCSS on our web site.  Quite a lot has happened since then.  The public perception of entities like the MPAA and the RIAA has gone down the toilet as their true motives became apparent.  We were the first in what will be a long line of courtroom battles to defend freedom of speech, fair use, and open source technology.  While we lost the case and the subsequent appeal, we still somehow feel victorious.  Find out why.
14. Digital Demonstrations: Criminal DDoS Attack or Cyber Sit-in? - Maximillian Dornseif
• Being able to carry political opinions to the public by showing them on the street is a basic part of democratic rights.  Nowadays, a steadily increasing part of our life takes place in cyberspace.  Things which aren't happening in cyberspace will therefore get less and less public attention.  How can protest be taken into the virtual realm?  What strategies for "online demonstrations" have we seen so far?  How about the ethical and legal dimensions?  Who gets hurt?  Host Maximillian Dornseif will present a new approach for conducting online demonstrations without adversely affecting other users on the net.
15. DMCA Legal Update - Mike Godwin, Eric Grimm, and Robin Gross
• Since we last met, the Digital Millennium Copyright Act has claimed more victims and been at the forefront of all kinds of legal action.  We even had the first instance of a programmer being thrown into prison because of a program he wrote while in his native Russia!  Hear the latest on the Dmitry Sklyarov case and others that the DMCA is responsible for as well as what is being done to put an end to it.
16. Domain Stalking - RenderMan (Brad Haines)
• Ever wanted to legally have a $900 million dollar company in your debt?  Intellectual property is a big deal to a lot of companies (witness the $2600 vs. Ford case) and it can be very easy to legally screw with it.  This presentation will be a discussion of how easy it can be to get a company in your debt by simply watching their domains and catching them when they neglect to renew.  It's a bigger problem with large companies than you think and can be exploited for many good causes.  Hear how everyone from Symantec to the Red Cross to Jello Biafra has benefited from RenderMan's watchful eyes.
• PowerPoint Slides
17. Educating Lawmakers - Is It Possible? - Declan McCullagh and Matt Blaze
• Trying to educate Congress about technology is approximately as useful as teaching a pig to type.  It doesn't work and you get one peeved pig.  But there are sometimes ways to make a difference in law and policy circles without becoming a wholly owned tool of the Demopublican Party.  A discussion with journalist Declan McCullagh and cryptologist Matt Blaze.
18. Face Scanning Systems at Airports: Ready for Prime Time? - Richard M. Smith
• A talk about the technical problems of face scanning systems being used at airports to pick out terrorists.  Will these systems work like the promoters are claiming they will?  Or will they fail to catch terrorists and instead turn our airports into round-up zones for petty criminals?
19. Freedom: File Not Found - Bryan Maloney
• Since the explosion of the world network in the early 1990's, visionaries and pundits have been promising that "information wants to be free" and the web's free exchange of knowledge and ideas would be a liberating political and economic force throughout the world.  It's been almost ten years now: where is this newfound freedom, especially in places like China?  The Middle East?  What about right here at home?  This talk will discuss government/corporate efforts to restrict the free flow of information on the Internet and the political, ethical, and socioeconomic consequences.  Topics will include hardware in use by the People's Republic of China to monitor and censor information it deems "subversive," routing tactics in Saudi Arabia to enhance government oversight and censorship, and the constitutionality of email snooping hardware and software in use in America.  A Q&A session will follow.
20. Fucking Up the Internet at ICANN: Global Control Through the Domain Name System and How to Escape - Andy Mueller-Maguhn
• Did you know that the entire Internet domain structure is controlled by a mysterious group called the Internet Corporation for Assigned Names and Numbers (ICANN)?  Andy Mueller-Maguhn, longtime member and spokesman of Germany's Chaos Computer Club and currently elected from European users to be on the board of ICANN, will explain the latest developments at ICANN and how the mixture of intellectual property and governmental interests affects the freedom of the Internet.  Paul Garrin, founder of Name.Space and Free.The.Media!, will talk about his initiatives to establish rights to access to the legacy ROOT.ZONE, from the historical antitrust action against Network Solutions in 1997 through the US Department of Commerce's IFWP process (the predecessor to ICANN), and Name.Space's $50,000.00 TLD application to ICANN in 2000 (ICANN kept the money and took three TLD's previously published by Name.Space).  The question is raised: Is there hope for seeking fair access to the legacy ROOT.ZONE through due process or is it time to treat ICANN as "damage" and route around it?
21. Fun With 802.11b - dragorn (Michael Kershaw), Porkchop (Michael Kaegler), and StAtIc FuSiOn
• Would you be surprised if you could turn on your laptop anywhere in the city and find yourself on someone else's network?  How about if you were able to connect to the Internet?  Or see someone's private data go flying by?  It's all possible and it happens all the time - all over the country.  This panel will cover 802.11 wireless ethernet networking basics, as well as detecting and monitoring wireless networks with active and passive methods.  Community free networks, custom antennas, and methods of securing wireless networks will also be covered.
22. Fun With Pirate Radio and Shortwave - Craig Harkins and Allan Weiner
• Too few people take the time to appreciate shortwave radio.  Even fewer have the opportunity to appreciate pirate radio.  Here's your chance to learn more about these fascinating subjects.  Allan Weiner will talk about his days operating Radio New York International, a famous pirate station from the 80's that served the New York area before it was raided by federal authorities in international waters.  (We have no idea how the feds got away with that.)  Today Weiner operates shortwave station WBCQ - along with chief engineer Timtron - which serves nearly the entire western hemisphere from studios in Maine.  Craig Harkins joins the panel to talk of his experiences operating Anteater Radio during much of the 90's from an 18-wheeler truck.  He received international acclaim from listeners while consistently evading American and Canadian radio police.
23. GNU Radio: Free Software Radio Collides with Hollywood's Lawyers - Eric Blossom and Matt Ettus
• The GNU Radio project is building a platform for experimenting with software radios - systems where the actual waveforms received and transmitted are defined by software, not special purpose hardware.  One of their projects is building an all-software ATSC (HDTV) receiver.  An all-software free ATSC receiver would allow among other things the construction of the mother of all "personal video recorders."  Think Tivo or Replay on steroids.  The folks from the Broadcast Protection Discussion Group (BPDG) have other ideas.  They'd like to lock up the cleartext signal and make sure that only members of their club would be allowed to build receivers, modulators, and storage devices for digital TV.  A discussion of where this is all likely to head.  Panel participants include GNU Radio technical folks Eric Blossom and Matt Ettus as well as representatives from the EFF.
24. H2K2 Closing Ceremonies
• A final review of the events of the weekend along with all kinds of guests, giveaways, and more.  Remember, only wimps leave early.
25. Hacking for Community Radio - Pete Tridish, Josh Marcus, Dave Arney, Roland Aguilar, and K. Clair
• The technical and political struggle to take back the airwaves for the community.  A panel discussion about the attempt to build linux based free software that can stream broadcast quality audio over the Internet from a studio to a transmitter site.  In addition, there will be discussion on attempts to use wireless ethernet to shoot broadcast quality audio across town with high gain antennas and 2.4 gigahertz amplifiers.
26. Hacking Nanotech - Jim "Cipz"
• Nanofabrication technology is an up and coming field that will revolutionize the way humans live on a day to day basis.  Host Jim "Cipz" tells what the future projections about nanofabrication are - things like robots so small you would need an electron microscope to see them.  There will also be an examination of some amazing achievements that have been accomplished already as well as an analysis of the possible ethical problems that may arise with nanofabrication in the future.
27. Hacking National Intelligence: Possibilities for a Public Intelligence Revolution - Part 1 - Robert Steele
• Part 2
• Part 3
• Robert David Steele, author of two books on intelligence reform and sponsor of the Council on Intelligence, will provide a briefing on the state of the world, 21st Century tradeoffs that are NOT being made by our elected leaders, and how citizens can take back the power by practicing the new craft of intelligence to monitor and instruct their elected officials on key national security decisions.  Among other major aspects, this would translate into a freezing of the Pentagon budget at $250 billion a year and redirection of $150 billion a year toward global education, public health, water and energy conservation, and "soft power" options including diplomacy and information peacekeeping, a term Steele devised in the early 1990's.
28. Hacking the Invisible World - Craig Harkins, Bernie S., and Barry Wels
• Everything you could possibly want to know about the workings of scanners, frequency counters, intercepting/spoofing RF A/V feeds, STL's, pagers, infrared signs, night vision, electronic surveillance, etc.
29. Hardware Q&A - Javaman and Binary (Nick Amento)
• Explore a different form of hacking and interface directly with fellow electronics enthusiasts.  Javaman and friends will try to answer any questions related to hardware and electronics including but not limited to hardware tokens, radio/wireless technologies, embedded systems, smart cards, and secure hardware design.
30. How to Start an IMC in Your Town - Jello Biafra (Eric Reed Boucher)
• At H2K, Jello Biafra urged attendees to become the media.  Since then, many people have done just that.  One of the most powerful tools in fighting the corporate media's stranglehold on information in this country has been the Indymedia network.  Learn what's involved with becoming a part of Indymedia, the various hurdles and roadblocks you can expect to face, and how you can make a difference.
31. Human Autonomous Zones: The Real Role of Hackers - Doug Rushkoff
• How the role of hackers in society has changed.  They used to be a necessary counterbalance to corporate and government power.  Now, it's more like hackers are the only ones who understand the technology.  They have become a balance to the power of technology itself.  A discussion by renowned author Doug Rushkoff.
32. "I Am Against Intellectual Property" - Nelson Denoon
• In the words of host Nelson Denoon: "Quit fucking apologizing for filesharing.  Intellectual property is evil, filesharing is freedom fighting, and the sooner Jack Valenti is bumming quarters for a living, the better.  The question is not how to protect artists, it is how to muster enough force to protect the right to hack."
33. The Ins and Outs of Webcasting - Lee Azzarello, Lynea Diaz-Hagan, Tarikh Korula, Lazlow Jones, and Kevin Prichard
• While the airwaves have been almost completely taken over by corporate interests, there is a whole world of broadcasting on the Internet just waiting for creative minds.  Find out what it takes to get an Internet station going and what kinds of creative programming are possible.  Also, learn what the recently mandated RIAA licensing fees will mean to the future of this broadcasting medium.
34. Introduction to Computer Viruses - Robert Lupo
• Understanding the fundamentals of how to identify, remove, and defend against hostile code.  Robert Lupo will cover how different computer viruses work - boot sector, file infector, multi-parti, VBS, Java, the different OS viruses, etc.  He will also explain how to remove different computer viruses with and without anti-virus software and discuss the future of computer viruses and hostile code.
35. Jello Biafra's State of the World Address - Part 1 - Jello Biafra
• Part 2
• Part 3
• Since his keynote address at the H2K conference in 2000, Jello Biafra has witnessed further corporate consolidation and censorship of mass media.  He's also been on the front lines of the growing uprising against corporate power itself.  He may speak about that, and/or the Bush mob's cynical exploitation of the tragedy on September 11, or the corporate music biz convention on "the future of digital music" he was invited to speak at a few days before H2K2.  He's not sure yet so stay tuned.
36. Keynote Speaker: Aaron McGruder - Aaron McGruder
• Just about everyone has at one time or another read the daily comic strip The Boondocks.  Not everyone has appreciated it.  In fact, it's generated a share of controversy among the mainstream for its "alternative" views.  In addition, McGruder has devoted space to hacker issues, most notably the DeCSS case - which was presented accurately for probably the first time in most of the papers his strip appears in.  McGruder is one of those rare individuals with access to the mainstream who actually "gets" the technical issues.  Needless to say, he has been targeted relentlessly by censors for daring to speak his mind.  Sound familiar?
37. Life in a Distributed Age - Siva Vaidhyanathan
• Distributed information systems of all kinds are challenging cultural and political assumptions.  The moral of the story is that whether we like it or not, it's time to take anarchy seriously.  We have spent the past 200 years thinking centralization of power and information was the greatest challenge to republican forms of government and corporatized commerce.  But now, it should be clear, decentralization and encryption have emerged as the most important dynamics of power.
38. Lockpicking - Barry Wels
• Barry "The Key" Wels returns from The Netherlands to provide details of some high security lock weaknesses and to demonstrate some state of the art techniques of exploiting them.  He will tell the story of a company that had the famous line "Nobody can pick this lock" on their website.  Of course, this was the ultimate motivation for the sport-lockpickers.  This panel is where you can find out if a particular lock can be picked or not.  Spare locks are always welcome, as TOOOL (The Open Organization of Lockpickers) is short of good locks.
39. Low-Power FM Basics - Pete Tridish and John Ramsey
• Learn exactly how to navigate the LPFM licensing process.  Pete Tridish of the Prometheus Radio Project and John Ramsey of Ramsey Electronics will present background about the fight for community radio and explain the absurd technical limitations placed on low-power community FM radio stations by powerful corporate interests.
40. Magical Gadgets: The Profound Impact of Yesterday's Not-So-Trivial Electronics on Our Digital World - Jay Hanson and Paul Zurek
• Rewind to an age when electronics had originality; the era when a new product was inspired by creativity.  Get the story about the evolution of IC-based devices, and see for yourself how the soul of electronics has been sold out.
41. Magic Lantern and Other Evil Things - Rudy Rucker Jr.
• A talk by Rudy Rucker Jr. on the BadTrans worm and the FBI's Magic Lantern software.  Both of these pieces of software are very similar and install keystroke logging software on clients' machines.  Rucker has collected a couple of gigabytes of the BadTrans data and will explain how he parsed it and created a web-based tool for people to browse the database.
42. Making Money on the Internet While Still Saying "Fuck" - Philip Kaplan (Pud)
• Pud of www.fuckedcompany.com will speak about his experiences setting up and maintaining a popular Web site for corporate rumors.  How does he handle confidentiality of rumor-mongers, avoid lawsuits, provide custom software to drive the site, and make money from it?
43. Negativland: Past, Present, Future - Part 1 - Mark Hosler
• Part 2
• If there is any one group who personifies the concept of "fair use," that group would have to be Negativland.  The Bay Area based band has, over the years, drawn the ire of everyone from rock band U2 to American Top 40 host Casey Kasim to angry parents to confused legislators.  Founding member Mark Hosler hosts this presentation which will focus on media literacy as well as the activism, pranks, and hoaxes that Negativland has engaged in over the years.  A number of rare Negativland films will also be shown.
44. The New FBI and How It Can Hurt You - Mike Levine, Declan McCullagh, and Robert Steele
• On May 29, the Federal Bureau of Investigation dramatically changed its focus.  Now, instead of investigating crimes, its mission is to prevent them, meaning they have virtual carte blanche to infiltrate any law abiding organization or gathering to make sure all is right.  And, even better, their third priority of dangerous crimes to stop (next to terrorism and espionage) is "cybercrime."  We all know what a wide net that can be. Hear the dangers firsthand from the people who follow this kind of thing.
45. Open Source Security Testing Methodology Manual - Tyler Shields
• The OSSTMM came about as a need for an open, free security testing methodology in response to the numerous security testing companies who claimed to have a secret, internal, and corporate confidential methodology for testing.  It was this methodology that they used to differentiate themselves from other testing companies.  The problem was that often it didn't exist and the tests turned out to be no more than commercial scanners set loose on a list of systems.  The development of the OSSTMM began as a series of logical steps to make a good test and grew into the need to make the most thorough test.  This presentation will show the origin of the OSSTMM and the logic behind it, as well as results of reverse-engineering the reports of corporate tests, commercial tools, and commercial presentations.
46. The Password Probability Matrix - Jon Erickson (Smibbs)
• A windowing method for brute-force password cracking using lossy compression.  Cryptologist Jon Erickson will present the specifics for a newly developed password cracking method and perform a demonstration of it.  The method is a hybrid between using computational power and storage space for an exhaustive brute-force attack utilizing a compressed matrix of probabilistic values.  He will demonstrate the ability to crack any 4 character password with a fixed salt in under 8 seconds (assuming 10,000 cracks per second), using only a 141 meg file.  A normal exhaustive brute-force on the same system would take over 2 hours, and flat text storage of the plaintext/hash pairs would normally use over a gigabyte of storage.  This translates to 99.9% keyspace reduction and 89% storage compression.
47. The Patriot Act - New York City People's Law Collective
• Members of the New York City People's Law Collective will be discussing the dangers of the Patriot Act and providing information on warrants, hacktivism, what is legal and what is not, and ways that hackers, activists, and normal citizens can protect themselves from The Man.
48. Protection for the Masses - Rop Gonggrijp
• Host Rop Gonggrijp gives updates on two projects designed to help people protect their privacy from prying eyes.  One is a localhost mail proxy for PGP that is really nice and could "save the world" as the PGP plugins stop working (soon...).  The other one is Secure Notebook, a project to create a notebook which runs Windows, yet is secure against theft.  Source for all projects will be open for review.
49. Proximity Cards: How Secure Are They? - Delchi
• They're used everywhere but they could be making you even more vulnerable to privacy invasion.  Delchi has been working with proximity based card systems for two years and has developed a method of casually extracting data from proximity cards in a public environment.  Riding in an elevator, subway, or just walking down the hall, a person can bump into you, say "excuse me," and walk away with the decoded information from the proximity card in your pocket.  It could then be possible to build a device that can capture and replay these snippets of information on demand or to even brute force a proximity card system.  This talk will focus on the vulnerabilities of the systems and show a low-power working prototype.  Alternatives will be discussed, as well as other vulnerable aspects of proximity based building and computer access systems.
50. Report From Ruckus - The Ruckus Society
• Very recently, history was made in California as The Ruckus Society held its first-ever Tech Toolbox Action Camp.  It lasted for a week and brought together geeks and activists from around the world who shared information on how they're using the Internet and other technologies in working for change.  Part of the goal was to emerge from this and show others what they learned.  Some of the attendees of the Ruckus Camp will be here to do just that.
51. RetroComputing - Mr. Ohm, Sam Nitzberg, Nightstalker (Chris Tucker), and Bernie S.
• This year's retrocomputing panel will focus on hardware hacking and cloning such systems as the Apple ][ and C64.  Also included will be a discussion on homebrew microcomputers and kits from the 70's as well as antique cellphone hacking.  Witness firsthand genuine pieces of history.  Attendees are encouraged to bring their really old (working) computers for the "retrocomputer neighborhood" in the network room.
52. Secure Telephony: Where ARE the Secure Phones? - Eric Blossom and Rop Gonggrijp
• Panel participants will take a look at the history of secure phones, what's worked and what hasn't, who the players are, and what needs to happen to make truly secure telephony a ubiquitous reality.  Panel members include former Starium CTO Eric Blossom and Rop Gonggrijp of NAH6.
53. The Shape of the Internet: Influence and Consequence - Javaman
• Network researchers have discovered strong power law relationships in the Internet.  These can be interpreted as a direct fingerprint of the fractal structure present on the net.  Work has only recently begun on analyzing the implications of such a structure on attack tolerance, government snooping, and the like.  In this talk, a review of these topics will be presented, along with a proposed network structure that can avoid such issues.
54. Social Engineering - Bernie S., Emmanuel Golddigger, Cheshire Catalyst, and Alexander J. Urbelis
• A tradition started at the first HOPE conference in 1994, the social engineering panel remains one of our most popular each and every time.  It would be wrong for us to tell you what we have planned because then our victims might have a fighting chance of escaping.  Suffice to say, we will find someone somewhere who will tell us something they really shouldn't have because they believed we were somebody we weren't.  This panel is always open to participants so if you feel you're worthy, just let us know during the conference and you might find yourself up on stage trying to be clever on the phone.
55. Standing Up To Authority - John Young and Deborah Natsios
• "How is it you folks have gotten away with not getting shut down by the powers-that-be?" is the question most frequently asked of Cryptome since its inception in 1996.  Post-9/11 H2K2 is an opportune time and place to reconsider implications of this question with Cryptome founders John Young and Deborah Natsios, New York City-based architects (of bricks and mortar), who will discuss their means and methods of sustaining activism in the face of opposition, with reference to ongoing cases.
56. Steganography: Wild Rumors and Practical Applications - Peter Wayner
• Is Osama bin Laden sending coded messages in the pictures of goods for sale on EBay?  Is that MP3 file carrying a secret note that tracks the listeners?  Steganography is the art and science of hiding information in digital data and it stretches the boundaries of information theory and philosophy.  An artful programmer can hide secret messages in such a way that a 1 is not always a 1 and a 0 is not always a 0.  This talk will explore some of the popular schemes for inserting messages and discuss how they're used by hackers, poets, corporate bean counters, and programmers on a deadline.
57. Strategic Thought in Virtual Deterrence and Real Offense: The Computer's Role - Wanja Eric Nae, and Sam Nitzberg
• Computers are pivotal components in modern society: daily life, banking, and military.  What must be considered and what risks do we all face when they are used in conflict?  These concerns are societal in nature and apply to both "minor" and "major" groups, governments, and militaries.  There will be opportunity for ample questions from the audience.  The intention is to share the overall attendee perspective.  The goal is to be thought provoking, not scare-mongering.
58. Teaching Hacker Ethics with a Common Curriculum - Greg Newby
• An introduction of a new proposed curriculum guideline for teaching information ethics to students in elementary school, high school, and college.  This curriculum is being proposed through the North Carolina chapter of Computer Professionals for Social Responsibility.  The idea is to foster creative, exploratory, effective, and intelligent use of information tools (aka, the hacker ethic), rather than powerless end-user mentality.  There are many reasons to desire a common suggested curriculum for different educational levels.  We might argue that most major advances in computing were brought about by hackers.  We could point out that it's necessary to encourage creative and exploratory behavior for the next generation of computer users to do brilliant things.  For today's hackers, the goal is simply to shape tomorrow's hackers so that they will use their abilities to help create a better society.
• PowerPoint Slides
59. Technomanifestos: Visions of the Information Revolutionaries - Adam Brate
• Author Adam Brate discusses the seminal works of the information age, from Norbert Wiener's Cybernetics to Abbie Hoffman's Steal This Book to Richard M. Stallman's GNU Manifesto, uncovering the remarkable stories behind the beginnings of the personal computer and the Internet and how they are changing society.
60. Tracking Criminals on the Internet - Richard M. Smith
• How certain criminal investigations have been investigated in the past couple of years with perps being tracked by IP addresses, email, and web surfing.  Such cases include the murder of Daniel Pearl, the search for Bin Laden, the Melissa virus release, the Clayton Lee Waagner escape, the anthrax attacks, and the Wakefield mass murders.
61. The Ultimate Co-location Site - Avi Freedman and Ryan Lackey
• Sealand was founded as a sovereign principality in 1967 in international waters, six miles off the eastern shores of Britain.  The island fortress is conveniently situated from 65 to 100 miles from the coasts of France, Belgium, Holland, and Germany.  HavenCo has been providing services since May 2000 and is fully operational, offering the world's most secure managed servers in the world's only true free market environment - the Principality of Sealand.  Avi Freedman and Ryan Lackey of HavenCo will talk about the challenges and potential of this unique working environment and what it could mean to the future of the net.
62. The Vanished Art of Human Intelligence - Part 1 - Mike Levine
• Part 2
• A collection of videos and analysis by WBAI talk show host and 25 year federal agent Mike Levine.  Learn about the dangers of the use of human intelligence in the hands of amateurs and imagine what is about to happen under the new anti-terrorism laws.

The Fifth HOPE

• The Fifth HOPE took place on July 9-11, 2004 at Hotel Pennsylvania in New York City.
• Post-Fifth HOPE Analysis  From Off The Hook, July 14, 2004.
• Random The Fifth HOPE Footage  From Jason Scott.
• The Fifth HOPE 2004  Photos by Rob T. Firefly.
• HOPE5 - The Fifth HOPE  Photos from telephreak.org

1. AS/400: Lifting the Veil of Obscurity - StankDawg (David Blake)
• The AS/400 system from IBM is a powerful system that is in widespread use.  Despite that, it is difficult to find information on it or learn about it from any school.  A general overview of its design and the architecture of the OS will be presented.  This will then be tied into fundamental computing knowledge to show where "interesting" data can be found and where possible weaknesses are in the system.
2. Automotive Networks - Nothingface
• This presentation provides an introduction to the electronic networks present on late model automobiles.  These networks will be described loosely following the OSI model of networking.  Common uses of these networks will be presented and the privacy implications of some uses will be questioned.  The presentation will conclude with an introduction to OpenOtto, a free software and hardware project implementing the network protocols previously described.
3. Bloggers at the DNC - Brad Johnson
• The Democratic National Convention has become a sclerotic, television-driven celebrity parade.  This year bloggers - aka hacker journalists - are being invited onto the floor to shake things up.  Can the Internet bring democracy back to the mother of all Democratic Party shindigs?  The panel will talk about what is planned - from WiFi to video blogging - and how you can get involved, in Boston or remotely.
4. Building Hacker Spaces - Binary (Nick Amento), Count Zero (John Lester), Freqout, Gweeds (Guido Sanchez), Javaman (Adam J. O'Donnell), Mangala, Shardy, Rev. Al, and Dr. Nick
• This is a panel discussion on how to build and maintain a hacker space, hosted by representatives of the Philadelphia Walnut Factory, the Hasty Pastry (Cambridge), New Hack City (San Francisco), PUSCII (Utrecht), ASCII (Amsterdam), the L0pht (Boston), and the Hacker Halfway House (Brooklyn).  Experiences and tales will be shared.
• Video Excerpts
5. Building the Anti-Big Brother - Peter Wayner
• This will be a talk on how databases can do useful work and serve society without storing any personal information.  For the past several years, Peter has been exploring how banks, stores, and businesses everywhere can offer their customers personalized service without keeping personal data about them where it can be abused by nefarious insiders or malicious outsiders.  Building these systems requires more of a change in attitude than a change in technology because all of the solutions use standard encryption tools as a foundation.  Topics will include how to build these systems and when they can help make the world a safer, saner place.
6. Bypassing Corporate Restrictions from the Inside - barbwire
• Working for an organization can be annoyingly restrictive.  As they feel they need to cater to the lowest common denominator, you are subjected to web content filters, outgoing port restrictions, and firewalls.  This panel attempts to provide an understanding of how these restrictions are usually implemented and how techniques such as tunneling can be your saving grace.  It will also address potential security implications and measures that should be considered whenever you compromise your own company's infrastructure.
7. Cheshire's Rant Session - Cheshire Catalyst
• When The Cheshire Catalyst spoke about problems at his Directory Assistance job at H2K2, corrections that nobody could get done in over three years were miraculously being made within two weeks after getting back to work following the convention.  Could telephone company agents have infiltrated the convention and reported back?  What other Large Corporate Problems aren't corporate executives listening to?  Write out your rant and be sure you can deliver it in 45 seconds (isn't that what the stopwatch mode on your digital watch is for?).  When it's all over, any hyperlinks mentioned by ranting attendees will be available on the web, allowing the Agents of Normality to not only find out what you're ranting about, but have your own references to work from when they report back to their executives.
8. The CryptoPhone - Rop Gonggrijp and Barry Wels
• Trying to keep government out of everyone's phone calls is a lost battle.  What little legislation we had to protect us will be removed in the next few years and ignored until then.  Storing the content of all phone calls forever is now affordable, even for smaller countries.  Strong end-to-end cryptography on a massive scale is the only answer.  But where are the phones?  CryptoPhone makes a phone based on a commercially available PDA/phone that features an open protocol and published source code.  And there's a free Windows client if you don't want to buy the phone!  The talk will outline precisely how it works, what's next, and how you can help.
9. Cult of the Dead Cow Hactivism Panel - Part 1 - Eric Grimm, Sharon Hom, Dr. James Mulvenon, Oxblood Ruffin (Laird Brown), and Nart Villeneuve
• Part 2
• Over 40 years ago, Marshall McLuhan declared that the Third World War would be an information war in which civilians and the military wouldn't be particularly distinguished.  That vision has become a reality.  Governments from China to Zimbabwe have strangled access to information critical of their regimes, often with the aid of American companies.  And as quickly, resistance has sprung up to challenge that repression.  Areas of opportunity are beginning to emerge as hackers, human rights activists, and the academic community begin to join forces.  This panel will explore the phenomenon of state-sponsored censorship and grassroots resistance from the political, legal, technological, and human rights perspectives.
10. Digital Rights Management - Michael Sims
• Digital Rights Management is quickly becoming pervasive in electronic devices of all sorts.  This minimally-technical overview of DRM systems in use now and planned for the future will show you how and why your ability to make use of electronics is being reduced by corporate desires to increase profits and exercise control over their products.  The emphasis here will be on DRM systems that have gotten little publicity.  The DVD CSS system will be touched upon but most of the time will be spent describing systems for controlling television broadcasts, DRM built into CPUs and BIOS's, and other areas that haven't gotten nearly as much attention as CSS.
11. Distributed Password Cracking API - David "Bernz" Bernick
• The low-cost of the modern PC, the proliferation of the Internet, and the speed of its underlying networks make parallel task-based computing very possible.  We've seen massive networks like SETI demonstrate this.  SETI is programmed for a simple task: Get a piece of data, process it at leisure, spit out results if any, get a new piece of data.  This has been used already to do some brute-forcing of security tasks with systems like distributed.net.  But that system is sophisticated and large and you can't make it do tasks like cracking crypt() passwords or websites or any variety of brute-forcing tasks.  This talk is about an extensible framework and API for creating distributed password crackers.  The framework is easy to use, easy to distribute, and easy to add different kinds of cracking to.  The software will be released open-source during the conference.
12. Encryption Key Signing - Seth Hardy
• It's a surprising fact that a large number of attendees at this very conference, even those who call themselves hackers and/or security professionals, probably don't use any sort of encryption - or don't use it properly.  One reason may be because people think nobody else uses it.  So until it has a stronger presence, it won't be as widespread as it really should be.  In order to help fight this, Seth will be hosting a key signing session.  There will be a rundown of why people should be using strong crypto, how the web of trust works, and moderation to public verification of identity and key fingerprints.
13. Everything You Ever Wanted to Know About Spying, 9-11, and Why We Continue to Screw Up - Part 1 - Robert Steele
• Part 2
• Part 3
• Part 4
• Part 5
• Two 30 minute PowerPoint slide shows will be presented, followed by as much discussion as desired.  The first, "9-11, U.S. Intelligence, and the Real World," will discuss the specifics of how we failed and why we will continue to fail.  The second, "The Failure of 20th Century Intelligence," will discuss the specifics of how American intelligence has blown it in collection, in processing, in analysis, in leadership, and in mindset.  If desired, for those who last into the night, other briefs will be available, including "New Rules for the New Craft of Intelligence" and "The Literature of Intelligence: Why People Hate Us and Why We Don't Get It."
14. The Fifth HOPE Closing Ceremonies
• Another one of our traditions is to gather everyone together in one room and bid farewell until next time while summarizing some of the highlights of the last three days.  This is also where we give away various prizes to audience members.  If you're one of those people who booked your return trip for Sunday afternoon, you'd best get on the phone and change those plans.  The weekend ends Monday morning, after all!
15. Keynote Speaker: Kevin Mitnick - Kevin Mitnick  (13.1M MP3)
• I'm an idiot, now buy my books!
16. Frustrating OS Fingerprinting with Morph - Kathy Wang
• Sun Tzu once stated "Know your enemy and know yourself, and in a hundred battles you will never be defeated."  By denying outsiders information about our systems and software, we make it more difficult to mount successful attacks.  There are a wealth of options for OS-fingerprinting today, evolving from basic TCP-flag mangling tools such as Queso, through the ICMP quirk-detection of the original Xprobe and the packet timing analysis of RING, to today's suite of multiple techniques employed by nmap.  The ultimate advantage in the OS-detection game lies with the defender, however, as it is they who control what packets are sent in response.  Morph is a BSD-licensed remote OS detection spoofing tool.  It is portable and configurable, and will frustrate current state-of-the-art OS fingerprinting.  This presentation will discuss the current techniques used for OS fingerprinting and how to frustrate them.  There will be a live demo, and Morph v0.2 will be released with this talk.
17. Hack Nano - Jim "Cipz"
• This is a continuation of Jim's presentation at H2K2 on hacking nanotechnology.  This year there will be more on developing simulation software, thinking of new ideas, and investigating current discoveries.  All of these are theory and thought driven.  There will be a demonstration of some experiments and a discussion on the realities of nano hacking and why it's an important area of exploration.
18. Hacker Radio - Sl1pm0de (Matt Smith)
• Hacker radio is a growing phenomenon throughout the world.  Hackers are discussing the current issues faced in today's technological world over the airwaves and through the net.  There are all sorts of hacker issues being discussed via hacker radio including the DMCA or software patents in the European Union that seriously limit innovation and allow for others to have too much control over something you purchased in your home.  By having this discussion in a radio format, those outside the hacker community have the opportunity to hear it and learn.  The evolution of hacker radio from the early days of spreading information via bulletin board systems, websites, forums, and mailing lists to today's online audio streams will be explored.  There will also be a discussion of hardware and open source software methods for setting up your own show and getting your own opinions and ideas out there for all to hear.  Current examples of hacker radio will be featured.
19. Hackers and the Law - Dr. D. Kall Loper, Annalee Newitz, and Wendy Seltzer
• This panel will cover current legal crises around privacy, free speech, and intellectual property, with a special focus on the concerns of hackers.  Presenters will discuss the laws which protect (or don't protect) your right to anonymous free speech online, your right to reverse-engineer, and your ability to make fair use of your digital media.  They will also discuss the USA-PATRIOT Act and the ways this sweeping set of laws changed the nature of investigation and the rules governing wiretapping online.
20. Hackers in Modern Imperialist America vs. Barbarians in the Holy Roman Empire - Christopher Davis
• In the time the Roman Empire controlled most of western civilization, the barbarians were known as enemies to society - savages that lived in the frontiers of the empire that resisted control by the Romans.  Today, as the United States moves forward with an imperialist foreign policy, a new enemy has emerged that is resisting the system from the outskirts of the socially accepted: the hackers.
21. Hacking CDMA PRLs - The Prophet  (Babu Mengelepouti)
• CDMA is the dominant mobile phone technology in North America and is operated by Alltel, Sprint, US Cellular, Verizon, and many other carriers.  On CDMA handsets, roaming is controlled via a configuration file called the PRL.  In this talk, you will learn how to unload PRLs from CDMA handsets, how to disassemble them, and how they can be hacked.  This talk isn't about making free phone calls or doing anything illegal, but you will learn how to determine what you're really buying when your carrier promises "nationwide service."
22. Hacking More of the Invisible World - Bernie S. (Ed Cummings) and Barry Wels
• An update on the H2K2 panel focusing on HF, VHF, UHF, and microwave signals.  You will learn what's out there and how to intercept it.  There will also be a discussion on TSCM (Technical Surveillance Counter Measures), the art of evading electronic surveillance, and a presentation of selected intercepts and equipment demonstrations.
23. Hacking National Intelligence: Power to the People - Robert Steele
• Do you want to live in a nation where decision makers lie, cheat, and steal?  Where national intelligence is so secret that you are not allowed to know a) the truth, b) that national intelligence (spies) are ignorant about the real world, and c) that what policy makers tell the people (e.g. about reasons to go to war in Iraq) has nothing to do with reality?  Imagine instead an America in which public intelligence supersedes secret intelligence and elitist corruption is displaced by an informed democracy in which consensus conferences at every level assure that "We the People" all serve the public interest.  That is "The OSINT Story."  Come hear the story and discuss how we are going to run the world as we achieve open spectrum, open source software, and open source intelligence.
24. Hacking the Grid - Greg Newby and Porkchop (Michael Kaegler)
• One of the biggest projects in computing for big science and enterprises these day is computational grids.  Grid computing is at the heart of marketing plans from Oracle, IBM, Sun, and other big companies.  For them, "grid" is mostly a buzzword that describes various ways of tying computers together.  A more specific use of "grid" is found in big science, however.  The national TeraGrid, based on the National Science Foundation's Middleware Initiative (NMI), uses the Globus toolkit and a variety of other packages to run some of the world's largest supercomputers.  It's also used to tie many smaller computers and clusters together in the academic and business worlds.  Can this "big iron" be hacked?  This talk will examine real and potential weaknesses in Globus and other elements of NMI, as well as the promise and reality of end-to-end security for Grid-enabled computers.
25. Hardware Bus Security in Embedded Systems - Dan Matthews
• Surprisingly, every individual comes into contact with over 100 embedded computer systems every day.  A great many exist in our homes without our realizing it and many more operate the commonplace items in the world around us.  An "embedded system" is a self contained miniaturized "computer system" (CPU, memory, I/O) that is dedicated to performing a single type of operation.  They are now common in households through HVAC (Heat Ventilation and Air Conditioning), stoves, refrigerators, televisions, video players, set-top boxes, lawn sprinkler systems, and many other items.  They are in the world around us controlling our street lighting, door openers, intruder alert systems, product theft security, speed cameras, and much more.  The concept of security for these buses is traditionally very low because the designer has always been able to depend on physical security of an enclosed box.  However, as more of the "boxes" are connected together more external buses and networks come into being and more opportunities for access and malfunction, whether through poor design, unforeseen circumstances, or foul play, become possible.  This is a discussion of the progression of design from self-contained systems to more complex ones with internal buses and finally external standard buses.  There will be an explanation of what an embedded system is and examples of complex embedded networks.  Their security, and hence your security, is at risk in many cases, much of it due to "security through obscurity."
26. Homeland Security And You: Harry Potter Meets Reality - Marc Tobias
• A study of how conference participants can use their expertise to assist private industry and government in assessing vulnerability.  Marc Tobias will present his ideas for a National Security College to train young adults in many topics: crypto, lockpicking, encryption, etc.  He will outline the technical subjects that would need to be taught so students could assist in protecting private sector and government from cyber and physical attack.  Also, a look at some of the potential conflicts students might have in such an environment, including attitudes on intellectual property and its protection.
27. How the Great Firewall Works - Bill Xia
• China currently puts in the most effort to censor information on the Internet.  Bill was first involved in freenet-china and started DynaWeb in 2002.  He has developed a thorough understanding of China's Internet censorship technology ranging from IP blocking to DNS hijacking etc.  Various techniques have been implemented to get around them.  There will be an explanation of a censorship algorithm never before publicly released as well as a live demo on how it works.  Time permitting, an analysis of how the Chinese government uses information control on its people will also be presented.
28. How The Net Worked
• The Fifth HOPE network has been in the planning stages for many months.  Did it hold together?  How was it built?  What worked and what didn't?  An open discussion from members of the network crew on what it's like to do something on this scale, some of the hurdles that were faced, ways in which the technology has evolved, and how we can do things differently for future gatherings.
29. How To Break Anonymity Networks - Nick Mathewson
• Today's anonymous communication software (such as Mixmaster, Mixminion, Nymservers, JAP, Tor, Anonymizer, etc.) allows people to communicate while concealing their identities from each other and from external attackers.  But no deployed system is strong enough to protect every pattern of user behavior against a sufficiently resourceful adversary, and many of them fall to far simpler attacks.  In this talk, Nick will discuss working attacks against today's anonymity networks, drawing from past technical and social attacks on deployed networks and from recent academic research in traffic analysis, stylometry, and mix-net design.  He will present defenses to these attacks when such defenses are known to exist.
30. How To Send Encrypted Email - Joshua Teitelbaum
• One day you wake up and you have the sinking feeling that someone may be reading your e-mail correspondence.  Your only recourse is to encrypt or hide your sensitive communications.  This is a look at one web-based solution - CryptoMail - and how it deals with the problem of simplifying encrypted e-mail while maintaining a high level of confidentiality.  A detailed analysis of the CryptoMail session establishment, message encryption, and data store model will be presented.  Furthermore, a demonstration of the working system will be given and attendees may create accounts, ask questions, or comment on the system.
31. How to Talk to the Press - Stephen Cass
• Whether you're an activist planning a campaign, a hacker caught in a legal squabble, or just a bystander buttonholed on the street, dealing with journalists can be an essential part of ensuring that your views are heard.  IEEE Spectrum Magazine associate editor Stephen Cass talks about how you can improve your chances of getting a fair hearing.  Topics include understanding what journalists want, interviewee tips, and how to get the attention of news organizations.
32. Incentive Structures: Mechanisms of Control - Jason Kroll
• Where do incentive structures come from?  How do political elites use incentives to make us die for them?  How do market elites use incentives to control politicians and co-opt the media?  How can we stop them from doing the same to computing and communications technology?  Why does mankind have to be led through the desert for 40 years every time technology advances?  How are cultural and religious values like computer code and the institutions they create analogous to programs?  How are markets like the AIs in The Matrix?  When mechanisms of control get out of control, we have to ask who really coded Agent Smith and how can we retain control of technology before it comes to that?
33. Indymedia 2004
• How are hundreds of independent journalists from around the country going to work together to cover the Democratic and Republican National Conventions?  From networks to working groups, from distributed communications such as text message networks and leaflets, and from FTP video transfers to people hawking newspapers on street corners, this session will examine all the tools of organization and distribution that will make these large scale collaborations possible.  Find out how IMCs everywhere have challenged the monopolies of mass media and how this summer in particular will be one of the most active ever for independent media.
34. An Introduction to Dissembler - Jon Erickson (Smibbs)
• A presentation of a tool called dissembler, which can be used to generate printable ASCII polymorphic bytecode from any existing piece of x86 bytecode.  The technique used will be explained and the tool will be demonstrated to exploit various sample programs.  Q&A session afterwards.
35. The Kismet Story - Dragorn (Michael Kershaw)
• Hear the tale of how the widely acclaimed wireless network detector, sniffer, and intrusion detection system came to be from its creator.  This talk will also focus on how Kismet's development has been shaped by other security tools and users, along with predictions on where it's likely to go in the future.  Also included will be a look at the current state of open wireless drivers and the impact security tools are having on the use of wireless networks.
36. Lockpicking - Part 1 - Matt Blaze, Marc Tobias, and Barry Wels
• Part 2
• Lockpicking is becoming popular as a sport/hobby among hackers throughout the world.  In a special two-hour session the joy of lockpicking will be explained and demonstrated, from basic techniques to the state of the art.  A whole range of new tools and tricks will be covered.  Many stories will be told including that of Matt discovering a vulnerability in MasterKey systems as well as the members of Toool (The Open Organization of Lockpickers - www.toool.nl) discovering a severe vulnerability in a European lock.  This forced a major European lock manufacturer to shut down the factory for a few days and collect a lot of locks from shops.
37. Making Use of the Subliminal Channel in DSA - Seth Hardy
• This talk will focus on one reason why it's extremely important to verify the trustworthiness of your encryption programs.  A number of papers about a subliminal channel in the Digital Signature Algorithm (DSA) used by the United States Digital Signature Standard were published more than ten years ago.  This channel allows for undetectable communication via digital signatures.  The subliminal channel is generally viewed as a method of legitimate but hidden communication, but it can also be used for leaking secret information (such as keys) in an undetectable way to anyone who knows what to look for.  This presentation will show how this subliminal channel works and demonstrate - using a patched version of the GNU Privacy Guard - how to use it for both benign and malicious reasons: legitimate communication using the subliminal channel, and leaking secret keys with each signature.
38. Media Intervention via Social and Technical Hacking - Nathan Martin and Tyler Nordgren
• The Carbon Defense League (CDL) and Conglomco are two tactical media arts collectives engaged in both technical and social hacking processes.  Their first collaboration with each other was a website that facilitated barcode relabeling for "user defined pricing."  The site was live at re-code.com before it was shut down by pressure from Wal-Mart, Kellogg's, Price Chopper, and the FBI.  CDL and Conglomco will present details of their past and present projects (including peoplesjeans.com) and discuss alternative tactics for media intervention.
39. Mischief and Mayhem at the RNC - ShapeShifter (Terrence McGuckin)
• Back in 2000 at H2K, Bernie S. and ShapeShifter led a discussion on secrets of the major political conventions in the United States.  Not long afterwards, ShapeShifter was arrested on the streets of Philadelphia on suspicion of being a "ringleader" of dissent.  In the end, he won his case against the city and all charges were dismissed.  Like Bernie, his interests weren't squashed because of unjust prosecution.  That's why this panel will focus on the 2004 Republican National Convention taking place across the street from the Hotel Pennsylvania in late August.  The panel will detail how cops spy on people, their methods of surveillance, and how they often abuse authority.  You will learn how to infiltrate organizations like the RNC, how to look for and find security holes, and how mischief and mayhem is achieved.  There will also be details on a unique scavenger hunt.
40. Non-Lethal Technology - Gonzo DeMann (Michael J. Ferris)
• Technology is neutral.  The patterns to which it is submitted are what determines if it can be used for betterment or detriment.  This panel will go into that.  As we all know, technology has greatly helped mankind.  But what about technology that has been altered so that it can be used for non-lethal means?  Imagine a bomb that can be dropped that won't kill anyone but will kill any technological related hardware.  How about a blast from a sound wave, or a radio wave that can do physical damage to the body?  These and other topics will be discussed, as will the technology behind it, and sinister applications.
41. Off The Hook Special Broadcast - Part 1
• Part 2
• As part of the $2600 20th anniversary and the HOPE tenth anniversary, we're putting on a special two hour edition of our weekly WBAI radio show live from the conference.  We did a show like this once before at Beyond HOPE in 1997 and it was great fun.  We'll have all kinds of special guests who will visit the stage and we'll have plenty of audience participation.  The show will be transmitted over WBAI 99.5 FM in New York City throughout the entire tri-state region as well as throughout the Internet.
• A special edition of the program live from The Fifth HOPE, introducing members of the panel, some of the momentous events that all are occurring at the same time, Porkchop reminisces about the editing of Freedom Downtime ($30), this is Kevin Mitnick's first HOPE conference, the hunt for Kevin at the CFP conference in Chicago back in 1993, memories of the various HOPE conferences, Redhackt gives an update on the movie room, Lazlow discusses how corporate radio is causing destruction, Jim talks about his panel at the first HOPE, how Metrocards can be used to track people, Geoff recalls his first experience at HOPE, Mike reveals some of the difficulties involved in creating the HOPE armbands, Jim talks about the new threat posed by Coke cans to national security, the threat of Furbies, the importance of the radio station, an appeal for people to join the station, introducing Juintz, how others can help with the broadcast, ShapeShifter tells the story of what happened to him at the last Republican National Convention, Greg Newby discusses some of what goes into the planning of the conference, Kevin Mitnick talks about his experience at the conference, the connection is lost, Robert Steele talks about the changes since the first HOPE, the risks posed by New York's water system, Bernie S. talks about the usefulness of the CryptoPhone, Jen discusses the thought behind the artwork at the convention, the story of the posters in the windows, Rop compares the hacker conventions of Europe to those of the United States, how the Galactic Hacker Party and Hacking at the End of the Universe inspired the HOPE conferences, plans for a conference in Holland next year, Bernie S. describes the DBS hacking video that will be shown in the movie room, more about the movie room, Chris describes how the A/V came together this time, some listener mail, Porkchop talks about the early days of audio streaming of Off The Hook, Adam gives an update on the status of the network, Dan Morgan stops by, another outage, how the actual connection to the radio station is working, a question about telemarketing, Rebel appears live, Kevin reveals how he was able to call cell phones from prison, how Bernie S. was able to reach the station from prison, other prison phone memories, some of the new material on the Freedom Downtime ($30) DVD, how things are different in Canada, a question from Risctaker, Dan compares his magazine and radio show to those of $2600, some words about "Grand Theft Auto," how the "Free Kevin" message got out to a larger audience, the famous Autumn 1997 cover, how people can become volunteers at the conference, the issue of IP portability, Cheshire talks about his upcoming rants session.
42. Packet Purgatory - Twist Your Packets Before You Set Them Free - Todd MacDermid
• Ever wondered what it would be like to have your own custom IP stack readily programmable?  Ever wanted to be able to use stock clients connecting to stock servers, but still be able to tweak the underlying connection?  Have you ever wished you could poke at individual packet bits within a real connection without having to patch your kernel?  Packet Purgatory is a library that allows userland programs to do all of the above portably.  This talk will highlight the development of Packet Purgatory, how to use it, and ideas for future tools.  Also included in the talk will be a discussion of two example tools that have been constructed on Packet Purgatory: Stegtunnel, a tool to hide covert channels in TCP/IP connections and LSRTunnel, which spoofs connections using loose source routing.
43. Phreaking In The Early Days - Captain Crunch and The Cheshire Catalyst
• Captain Crunch and his friend The Cheshire Catalyst will tell some "war stories" from the early days of phone phreaking.  They'll explain what the Blue Box did, how it was used, and some of their "adventures" in using them.  And kids, don't try this at home!
44. Phone Losers of America - Murd0c, Rob T. Firefly (Rob Vincent), I-baLL (Leo), Judas Iscariot, and Big-E
• The Phone Losers of America was created in 1994 as a general hacker/phreaker group.  They eventually started PLA Magazine which in its lifetime released 46 issues (the most recent being a few months ago).  The PLA has done many things over the years, including pulling pranks, operating numerous voice bridges, running their own forums, etc.  This panel will involve a discussion of the history of the PLA, what they are up to now, and the future.  There will also be some videos and sound files presented along with a few "how-to" presentations.
• Video  (54M WMV)  (YouTube)
• PLA Panel Photos
• PLA Media CD
45. Pirate Radio: Running a Station and Staying on the Air - b9punk (Jennifer Gergen) and Monk
• A guide to the setup and operation of a pirate radio station and how to stay on the air when the federal government wants you off.  Monk, founder of KBFR and ongoing benevolent dictator of the group (now over 40 DJs broadcasting 24/7), will moderate this panel on how to beat the authorities at their own game.  Discussion will include types of technologies used to stay a step ahead of the FCC (and some that have failed) as well as more general information on how to set up and run a successful pirate radio operation.
46. Preserving Digital History - A Quick and Dirty Guide - Jason Scott (Jason Sadofsky)
• Knowledge doesn't move forward without history and while there have been many steps to capture the stories, lore, and data of different aspects of computer cultures, a lot of the same mistakes are made over and over.  In a fast-paced talk, Jason Scott of www.textfiles.com busts out some ideas, tools, and mindsets towards halting the loss, bringing the stories back, and making something to build upon instead of throw away.  Along the way, expect a few bucketloads of trivia and memories to sauce up the proceedings.
47. Privacy - Not What It Used To Be - Steve Rambam
• Steve Rambam has been at every one of our conferences and each time he's outdone himself with tales and demonstrations on how much data is stored on each and every last one of us.  We all hear the news reports about how government and industry want to expand their databases and share all kinds of information.  We hear how people try to protect their privacy and how various organizations attempt to quash the legislation that would broaden these databases.  But what we don't hear is how much of our info is already out there and how much of it is being shared between law enforcement, private industry, and many more.  Steve will share some of his vast knowledge on the subject and leave you feeling terrified and helpless.  And as a special treat, a selected "victim" will learn firsthand just how much personal data can be uncovered on them.
48. Prometheus Radio Project - Dharma Dailey, Josh Marcus, Hannah Sassaman, and Pete Tridish
• The Prometheus Radio Project started with radio pirates fighting for local groups to be able to run community radio stations.  But over the years, Prometheus has sued the FCC to stop media consolidation, built stations in places like Guatemala and Colombia, and experimented with using off the shelf wireless technologies to do for hundreds of dollars what commercial stations spend tens of thousands to do.  This panel will help bring you up to date on the political debates in Washington about low-power FM, reforming the spectrum for wireless broadband access, and the grassroots organizing that can be done to reshape the media.  A picture show of community radio barn raisings and stations that Prometheus has worked on around the world will be included.
49. Propaganda in Art and Media - b9punk (Jennifer Gergen), Mike Castleman, Frederic Guimont, and Lazlow Jones
• We see propaganda around us every day, some of it a lot more obvious than others.  This panel will show you how to find it and how to make some of your own.  Whether it's something like Frederic's comic book adaptation of George Orwell's 1984 or Mike's "Students For an Orwellian Society" website, you too can have fun with manipulation of the masses.  Lazlow will reveal from the inside how mainstream media strives for control of the masses while b9punk will explain how much of her propaganda art creations came to be displayed at this conference.
50. Retaliation With Honeypots - Laurent Oudot
• Most of the time a honeypot is considered to be a security resource whose value lies in being probed, attacked, or compromised.  The purpose of this talk is to explain how honeypots might be deployed not only to use passive defense technologies, but also active defense ones.  As a specific example, think about what might happen the day honeypots are able to automatically strike back at an aggressor or a worm!  Different technical possibilities offered to honeypots on the cyberwarfare field will be explored, such as playing with or even hacking back an usual aggressor (scanner, worm, exploit, client of a trojan, etc.), improving traceback capabilities to find the real source of an attack, etc.  This will open up all kinds of legal implications which will also be discussed.
51. Retrocomputing - Richard Cheshire, Sam Nitzberg, and Steve Wozniak
• The focus of the retrocomputing panel will be computing technologies from the 1980s and even earlier.  Experiences involving the Altair 8800, the Apple II, and other great machines, their software, and operating systems will be discussed.
52. Keynote Speaker: Steve Wozniak - Part 1 - Steve Wozniak
• Part 2
• Buy Apple.
53. Secure Instant Messaging - Phar (Mike Davis)
• A look at the evolution of secure instant messaging and how AOL tried to shake off open source and non-vanilla clients by altering the AIM (oscar) protocol.  The open source community adapted and readapted until AOL finally gave up.  Phar, who has written the first secure messaging clients for Unix and Windows (BLAIM and Impasse), will discuss other IM issues, such as the buyout of ICQ by AOL and the subsequent change (and deterioration) of its protocol.
• PowerPoint Slides
54. Security, Liberties, and Trade-Offs in the War on Terrorism - Bruce Schneier
• Since 9/11, we have the Patriot Act, tighter screening at airports, a proposed national ID card system, a color-coded national alert system, irradiated mail, and a Department of Homeland Security.  But do all of these things really make us any less vulnerable to another terrorist attack?  Security expert Bruce Schneier evaluates the systems that we have in place post-9/11, revealing which of them actually work and which ones are simply "security theater."  Learn why most security measures don't work and never will, why bad security is worse than none at all, and why strong security means learning how to fail well.  Most of all, learn how you can take charge of your own security - personal, family, corporate, and national.
55. Security Through Automated Binary Analysis - Dildog (Christien Rioux) and Weld Pond (Chris Wysopal)
• Automated binary analysis techniques have become sufficiently advanced so that having the source to software is no longer a prerequisite for finding security flaws.  The binary is equivalent to the source.  And a patch is equivalent to a detailed description of a security flaw.  This talk will cover the implications of the latest binary analysis technology and give an overview of some of the technology available.
56. Security Through Diversity - Javaman (Adam J. O'Donnell)
• Establishing a diversity of operating systems and software on the Internet is now being viewed as essential to global information security.  This talk will explore how individual systems and large networks can improve their tolerance to massive attack through this principle.  Copies of obscure OS's will be handed out for good questions.  Interpretive dance may or may not be involved.
57. Slaying the Corporate Litigation Dragon: Emerging the Victor in an Intellectual Property Cybersuit - Atom Smasher
• Have you ever wanted to tackle a corporate giant and live to tell about it?  Meet web warrior Atom Smasher, whose lifelong fascination with law proved an invaluable commodity the day he found himself in the cross-hairs of some Fortune 500 big guns.  In this lively discussion he'll recount his personal odyssey with the "men and women in black" whose federal lawsuit attempted to pull the plug on his whistle-blowing site.  Learn how he responded to a cease and desist letter, what he did when served with a lawsuit, and how he triumphed in his legal battle.
58. Social Engineering - Emmanuel Golddigger and Kevin Mitnick
• This has always been one of the more popular panels since we started it at the first HOPE in 1994.  And this year, for the very first time, Kevin will be at the conference to be part of the festivities.  He authored a book on the science of social engineering entitled The Art of Deception which was an eye-opener to many in the corporate world.  Emmanuel has been confusing people on the telephone for many years and derives great pleasure out of getting total strangers to give him information he has no right to possess.  In addition to a discussion of methods and stories, be prepared for some live demonstrations over the phone.  Suggestions for good targets are always welcome.
59. Keynote Speaker: Jello Biafra - Part 1 - Jello Biafra (Eric Reed Boucher)
• Part 2
• I'm a rich, gay idiot.
60. Tactical Media and the New Paranoia - Mike Bananno and John Henry
• The Institute for Applied Autonomy (IAA), The Yes Men, and the Critical Art Ensemble (CAE) are activist collectives that use unconventional means to deliver their message.  The IAA is an anonymous collective of artists, hackers, and radical engineers who have produced projects such as high speed graffiti-writing robots and map-based websites that help people avoid surveillance cameras.  The Yes Men have gained international notoriety for their use of extreme social engineering in order to impersonate World Trade Organization officials at conferences, on the web, and on television.  A feature length film documenting their antics will be released by United Artists in August.  The Critical Art Ensemble is a collective that explores the intersections between art, technology, radical politics and critical theory.  Their books including Electronic Civil Disobedience and The Molecular Invasion have been translated into 18 languages and are used in universities the world over.  Recently the FBI has accused the group of bio-terrorism.  Due to the ongoing investigation, members of CAE are unable to speak publicly on these issues.  However, members of IAA and The Yes Men will describe the events of the case and discuss it as it relates to investigations of hackers.
61. Technology in Romania - Catalin Acio
• An overview of the ten year period in Romania from 1989 to 1999 and the challenges involving access to technology, the perception of IT in the formerly communist country, and issues of freedom of speech and information.  Ninety percent of all access to the Internet is still done via timed dial-up connections which makes connectivity much harder for programmers, researchers, and the average citizen.  Learn about the differences in technical cultures and what is being done to level the playing field.
62. Ten Years of Practical Anonymity - Len Sassaman
• Strong anonymity systems have been available for public access on the Internet for the last decade.  During this time the Internet landscape has changed considerably, while the body of knowledge in the field of anonymity research has deepened greatly.  This talk will review the history of anonymity systems, describe the methods by which modern anonymity systems protect their users, explore the classes of attacks which exist against anonymity systems, and give examples of practical anonymity systems which can be freely and easily used by the public at large.  Emphasis will be placed on e-mail anonymity and the long-lived anonymous e-mail software Mixmaster and the associated remailer network, though other forms of Internet access anonymization will be included for discussion.
63. Terrorism and Hackers - Greg Newby
• This presentation will put forth a full range of activities in which hackers can apply their skills to achieve goals related to "the systematic use of violence to create a general climate of fear in a population and thereby to bring about a particular political objective" (britannica.com).  This range includes many specific ways for hackers to combat terrorism, methods to fight terrorist tendencies of your country, and how hackers might actually participate in terrorism.  Despite being demonized by corporate media and the subject of many recent laws, most hackers, like most people of all types, are not terrorists.  What can we do to protect against hackers being misperceived as threats and terrorists?
64. Today's Modern Network Killing Robot - Viki Navratilova
• This is an overview of the new generation of DDoS tools.  Back in the day, a couple of large pings could take down lots of machines.  When those techniques stopped being effective means of taking down networks, people started writing DDoS programs.  These programs required a little bit of manual work to install, but were effective at taking down large networks for a while.  This generation of DDoS tools was made famous in the media for victimizing famous websites for hours at a time.  Soon people learned to control the damage done by these tools, and so a new generation of DDoS tools was born: Ones that could infect thousands of machines automatically to create large botnets and hide their communications in order to evade detection better than their predecessors.  These botnets are now the most effective DDoS tools in popular use today.  This talk will go over the more popular botnets, such as gtbot and sdbot, and talk about how they work and some ways to spot them on your network.  There will be a demonstration of an irc botnet in action.
• Note:  The recording of this panel is incomplete, though we've posted what we have.  Please accept our apologies.
65. Urban Exploring: Hacking the Physical World - John and Laura Leita
• Urban exploring is the art of going places off limits to most and unseen by many.  Explorers are brave souls who often dredge through great dangers for their art.  Often they research and document historic abandoned places to accompany pictures and video taken on the locations of sites with enormous history.  Otherwise they are simply in search of a beautiful view.  John and Laura will talk about the different locations of interest to urban explorers, such as abandoned asylums, steam tunnels, rooftops, abandoned rail spurs, former used industrial sites, and deserted gold coast estates.  From there they will go into how this art is best performed and various associated issues.  Topics will include how to find urban exploration sites, how to go about exploring and documenting them, UE photography and video, computer assisted exploring, and research techniques to learn about a site.  A Video CD presentation will be shown to illustrate urban exploring and show some cool places.
66. When Corporations Attack - Acidus (Billy Hoffman), Virgil Griffith, Dan Morgan, and Wendy Seltzer
• We all know the wrath that major corporations are capable of unleashing when the actions of hackers and other individuals anger them.  This panel will focus on two of these cases.  Dan was the publisher of Satellite Watch News, a publication that focused on the technical workings of the satellite industry.  DirecTV (owned by General Motors) managed to completely shut down the newsletter and take nearly all of his possessions.  Acidus and Virgil did research into the Blackboard college ID card system (used at universities everywhere) and they uncovered all kinds of interesting facts.  This was to be presented at the Interz0ne conference in Atlanta in 2003.  Blackboard filed an injunction that not only kept that from happening but has prevented the two from discussing specifics about Blackboard to this day.  In addition to these three panelists, a representative of the EFF will be on hand to talk about the legal aspects of these frightening cases.
67. Where'd All That Spam Come From? - John Draper
• A study of the mechanisms spammers use to flood your mailbox along with what some of the work and research of SpamCrunchers have uncovered.  Topics of this talk will include spam bots, spam trojans, some of the sneaky methods spammers use, how they get around filters, why none of this stuff really works anyway, and what you can do to significantly cut down on spam.
68. Wireless and WiFi: The Good, the Bad, and the Ugly - Dragorn, IrishMASMS, Mike Lynn, and Porkchop (Michael Kaegler)
• A panel to discuss wireless networking: the basics of 802.11 and current products, along with stories of wardriving and a look at network security.  Find out why you should care about your network's security even if you don't think anyone else would take an interest in your traffic.  Questions and comments from the audience will be solicited.

HOPE Number Six

• HOPE Number 6 took place on July 21-23, 2006 at Hotel Pennsylvania in New York City.
• Post-HOPE Number 6 Analysis  From Off The Hook, July 26, 2006.
• Official HOPE Number Six T-Shirt  Get yours today!

1. $2600 Meetings: A Valuable Resource or a Waste of Time? - Rop Gonggrijp, Emmanuel Golddigger, LexIcon, and others
• Since they began in 1987, $2600 meetings have sprung up all around the world.  They inspired the movie Hackers. helped to launch a number of federal and state investigations, provided journalists with fodder for all sorts of wild and crazy stories, and brought all sorts of hackers together who might otherwise never have met.  But is this a good thing or a bad thing?  Do the meetings actually strengthen the community or do they expose it to hostile elements that help to destroy it?  You will hear a number of perspectives as well as stories on things that have happened at the many meetings that have taken place.  If you've ever attended a $2600 meeting, we'd like to hear your feedback at this panel.
2. Aether Madness with the Prometheus Radio Project - Dharma Dailey, Andy Gunn, Hannah Sassaman, Pete Tridish, and Anthony Mazza
• The Prometheus Radio Project started with radio pirates fighting for local groups to be able to run community radio stations.  Over the years, Prometheus has sued the FCC to stop media consolidation, built stations in places like Venezuela and Tanzania, and experimented with using off-the-shelf wireless technologies to do for hundreds of dollars what commercial stations spend tens of thousands for.  Prometheus fights for change by going straight to the pileup where technology, politics, and the media crash into each other.  This panel will help bring you up to date on the political debates in Washington about low-power FM, reforming the spectrum for wireless broadband access and other uses, and the grassroots organizing that can be done to reshape the media.  A picture show of community radio barnraisings and stations that Prometheus has worked on around the world will be included.
3. Alienation and Engagement - Jason Kroll
• The hacker sense of social responsibility is undermined by our alienation from the mainstream.  From bad school experiences in childhood to the content property grab of today, we infer the world to be hostile and corrupt.  Unwilling to become sociopaths, yet unable to find avenues for social change, we are tempted to withdraw from civil society and limit ourselves to technical contributions.  A discussion of three non-technical areas where hackers can make positive contributions and where we might find principled people: journalism, economics, and law.  The next civic establishment has to come from somewhere and this should be our historical era.  So we might as well participate - or maybe just take over.
4. The Art of Electronic Deduction - StankDawg (David Blake)
• This was an unscheduled talk given to replace a postponed presentation.
5. Basics of Forensic Recovery - Kall Loper
• This presentation will introduce the basic model for forensic recovery of data in civil and criminal contexts.  Technical challenges of acquisition and analysis will be briefly covered but the primary emphasis will be on the requirements of bringing data to court.  Common tools will provide examples to illustrate the model.  There will also be a brief discussion of provisions of the enforcement mechanisms of the Digital Millennium Copyright Act and recent case law dealing with failures to comply with production of evidence.
6. Binary Revolution Radio - Stankdawg and Guests
• Binary Revolution Radio is a weekly Internet radio show that has been around since early 2003.  The show covers topics that are of interest to the hacking community including hacking, phreaking, programming, digital rights, social engineering, and everything in between.  The beginning of season four of this show coincides with HOPE Number Six this year and this will be an episode of the show recorded in front of a live studio audience!  There will be lots of special guests, audience participation, and maybe... just maybe... punch and pie.  You have to show up to experience it live and see why "The Revolution Will Be Digitized!"
7. Bin Laden, National Intelligence, and How NOT To Spend the Taxpayer's Treasure - Robert Steele
• This presentation will address the Ten Threats, Twelve Policies, and Eight Challengers.  And if you want to find out what all that means, you'll just have to attend.  Robert was our keynote speaker at the original HOPE in 1994 (and our very first speaker ever) and has continued to rivet audiences ever since with stories and facts about national intelligence.
8. Breaking Down the Web of Trust - Seth Hardy
• The web of trust best known for its use in PGP is now used in a number of other applications and is established as a good method for doing non-centralized PKI.  But how good is it?  How does one define a metric for trusting a trust metric?  We have key signing parties and extensive tutorials on good trust policies, but a lot of people still don't understand the basic concept of "trust," especially when it is superimposed on the world of graph theory.
• Seth will take a look at the web of trust as it is currently used, including statistics on the PGP WoT and what that means in practical terms.  And from there on, it's all about trust, including the trust metrics involved (and why they could be a lot better) and the current "correct" practices for establishing trust (and why they could be a lot better).  To finish, Seth will talk about some of the many bad trust policies that have managed to become mainstream and commonly accepted, even by many self-described "computer security professionals."
9. Building a Hacker Space - Porkchop (Michael Kaegler), Harry Hoffman, Dragorn (Michael Kershaw), and Nick Binary (Nick Amento)
• By pooling resources, hackers can get bigger and more impressive toys to accomplish bigger and more impressive projects.  This talk focuses on setting up and managing collectives for fun and profit - from finding a space to keeping it going.  Presented by people who did it in Massachusetts, New York, and Pennsylvania.
10. Building the Anti-Big Brother Databases - Peter Wayner
• Databases don't need to be huge collections of personal information waiting to be exploited.  This talk will show how a few simple encryption functions can build a database that answers questions for the legitimate users but locks out all illegitimate users including those with the root password.  The techniques make it possible to build privacy-preserving systems with much less complexity and overhead than conventional techniques.
11. Can Security Detectors Be Hacked? - Paul Renda
• Today we are challenged by a multitude of security detectors.  But can they be beaten?  This talk will deal with their vulnerabilities.  The electromagnetic spectrum will be explained along with how waves propagate.  Security systems like X-ray backscatter and mm wavelength microwave will be discussed along with possible defenses.  Most of the talk will focus on the ubiquitous metal detector - the walk-through and handheld variety.
• The question of whether radio frequency devices can compromise security will be explored.  Front door and back door attacks (coupling modes) will be defined.  The urban myth of radio frequency devices/weapons will be discussed.  It will all top off with a discussion of Carl Jung and King Hubbert and how they relate to terrorism.
• This talk is dedicated to Paul's cousin Tommy Farino, a New York Fire Department captain who died on 9/11.
12. Citizen Engineer - Consumer Electronics Hacking and Open Source Hardware - Phillip Torrone and Ladyada (Limor Fried)
• This is a hands-on session on all the things you're not supposed to do (but want to) with the gadgets that fill our drawers and shelves: transform an old VCR into an automatic cat feeder, use open interfaces to control Roomba robotic vacuums.  Projects like these (and others, such as WRT54G hacking, iPod Linux, car-computer hacking, etc.) are part of a growing trend where consumers are going back and hacking what they buy.  Just as computer hacking is closely tied to the open source software movement, so can such embedded gadget-hacking lead to an open source hardware movement.
• Video  (58M WMV)  (YouTube)
13. Comparison of WAN Routing Protocols - Miles Nordin
• A comparison of three members of a class of WAN routing protocols called "interior gateway protocols."  Each member of the class - RSTP, OSPFv2, and IS-IS - is bound to a different kind of datagram: Ethernet frames, IP packets, and OSI CLNP datagrams respectively.  Most companies with large WANs use one of the first two protocols for two purposes: to route around failed redundant links and to automatically find the correct path to a destination address on a large network with many hops.  Including RSTP in the comparison is a realistic acknowledgment of the way L2 switching is abused these days.  Including OSI in the comparison should reveal some habitually irritating aspects of switched IP networks that are mere accidents of history, and others that are more fundamental.  Miles will provide background about how Ethernet switching works, what an IGP is, and what the now mostly-abandoned supposed-future OSI world feels like.
14. Constructing Cryptographic Protocols - Joe Salvatore Testa II
• This lecture will show how to construct advanced cryptographic protocols.  Beginning with a set of requirements for a communications protocol that includes immunity from replay attacks, traffic analysis resistance, and resiliency against partial compromise, the audience will be shown how a naive protocol can be iteratively improved into a protocol satisfying those requirements.
15. Coupon Hacking - Sam Pocker
• The price of everything has become too expensive.  As retailers feel they need to cater to the lowest common denominator, you are held prisoner in artificially antiseptic environments, customer service is a mockery of intelligent discussion and basic common sense, and yet somehow we now live in a consumer-driven economy.  This presentation attempts to provide an understanding of how you can fight back - how to understand what you are really seeing when you walk into a supermarket, a "big box" mass merchant retailer, or even a local mall.  It will also address "coupons," how you can read the barcodes with the naked eye and decipher them, and how you may use them to get nearly anything for free, or almost free.
16. The CryptoPhone Project - Frank Rieger and Barry Wels
• In 2003 a group of enthusiasts turned a standard PDA phone into a military grade voice encryption device.  Unlike other players in the secure communications market, CryptoPhone decided to publish the complete source code for review.  Not only that but a software-only client that will turn your PC and modem into a CryptoPhone is available for free download.  The product range has expanded to landline and satellite solutions.  What is next?
17. E-gold - As Misunderstood As Hackers - Richard Cheshire, and Oddsman (James M. Ray)
• Internet Commerce is a wonderful concept.  So is Internet privacy.  They clash where the government can access private bank records.  E-gold allows private transactions to remain private.  Unfortunately the Bad Guys want their transactions to be most private, giving e-gold and their financial brethren a bad reputation.
18. Exploring Your World with Open Source GIS, GPS, and Google Maps - Mike Dvorak and Paul Suda
• Digital mapping is the ideal information sharing medium for urban explorers, war walkers, and travelers alike.  Powerful open source geographical information system (GIS) software such as GRASS exists for users of all computer platforms to explore, analyze, and digitize custom maps.  A brief overview of mapping will be given and then GRASS will be used to demonstrate how to make an annotated bike trip map around New York City.  The Google Maps API for making customized maps will also be explained and demonstrated.
19. Europe Has Hackers Too - mc.fly (Elmar Lecher), Frank Rieger, and Rop Gonggrijp
• There are hackers on the other side of the pond too!  This is a view of parts of the European hacker scene, especially that of Germany and the Netherlands.  The Chaos Computer Club will be discussed along with other European hacker groups.  You will learn about the major differences between the American and European hacker scene, see what the different lifestyles are like, and get a good look at some of the European hackers' nicest projects.  There will also be details on upcoming European conferences which you are cordially invited to.  After the presentation an open discussion will permit you to ask any questions about all of those fancy countries on the other side of the pond.
20. Everything You Ever Wanted to Know About Spying and Intelligence - Part 1 - Robert Steele
• Part 2
• This is an update of Robert Steele's famous informal presentation, completely unstructured, which will address all sorts of specific details about spying, information, intelligence, emerging threats (hackers are NOT one of them), strategy, anti-Americanism, and the destruction of the treasonous Republican and Democratic parties.
• Note:  This guy is a fucking idiot.
21. Flash Sucks for Advertisers - The Digital Divide - Richard Cheshire, and Gerald Greene
• While the contention is that Macromedia Flash sucks for consumers who can't download Flash, it actually means that the advertisers using it are not getting their message out to those consumers.  This will be a discussion of Internet access and The Digital Divide, with emphasis on the Internet's role in special education.
• Notes
22. The Future of Wireless Pen Testing - Dragorn, Frank "Thorn" Thornton, and RenderMan (Brad Haines)
• The future of wireless pen testing and vulnerabilities of 802.11 networks, RFID, and Bluetooth, including a then-and-now perspective of the past five years of development in wireless vulnerabilities and research, pet peeves, the future of wireless protection standards, and topics from the audience.
23. The Geek Comedy Tour 3000 - Chris Barylick, Frank Hong, Jimmy Meritt, Justin Schlegel, Evan Valentine, Danny Rouhier, Joe Deeley, Paul Schorsch, James Jones, Erin Conroy, and Ryan Conner
• Picture what happens when you give the kids who were picked last for dodge ball a microphone and some stage time.  The Geek Comedy Tour 3000 is just that.  A collection of some of the best standup comedians from the Washington DC area, this group comes to the stage with a high-energy approach as well as topical, intelligent material that is accessible to both techies and non-techies alike.
24. The Geeky, Personal, and Social Impact Sides of Creating Defensive Technology - Mitch Altman and Ladyada (Limor Fried)
• Ever wish you had the power to turn off a TV in a restaurant or disable an intrusive cell phone?  Social defensive technologies are "reality hacking" devices that give us the sort of sociopathic control we've come to enjoy on the Internet alone.  Three years ago, Mitch decided he'd had enough of televisions and designed the TV-B-Gones, a universal "off" keychain remote.  Around the same time, Ladyada designed a personal RF jammer.  Together they will discuss these projects in the context of reclaiming personal space, culture-jamming, and how we can design technologies that do what we really want.  Don't expect good WiFi/cell reception.
• Video  (126M WMV)  (YouTube)
25. Ghosts (and Zombies) in the Machine - Brad Johnson
• What do dark fiber, zombie networks, web ghosts, and net spooks have in common?  They're all scary!  Boo!  Come for a fun and wide-ranging survey of largely unrelated Internet phenomena, from computers zombied by script-kiddie rootkits to MySpace pages and blogs left after their creators have died.  Is there really a ghost in the machine?  Maybe not, but there's definitely a lot of bizarre stuff around the edges.
26. Hack the Palate!  How to Set Up a Kitchen Hack Lab - Gweeds (Guido Sanchez)
• Chefs are a lot like hardware hackers.  Both geek out, absorbing the specs of vegetables/technology for the purpose of creating something that nobody else has: innovative food/new machines).  So what kind of food comes out of a kitchen that's turned into a hack lab?  Something delicious.  Something geeky.
27. Hackers And Academia - Adam J. O'Donnell (Javaman), Matt Blaze, and Gillian Andrews
• In many ways, the hacker community and the academic community don't appear to get along.  The classical view of how both academia and the hacker community operate seemingly are mutually exclusive, with the academy priding itself on rigor and proof while the hacker community espouses a "proof by example" methodology.  The relatively slow pace of academia turns off hackers, and the lack of rigor of hackers does the same for academics.  During this panel discussion, we show how the two worlds are not that far apart and present individuals who are actively trying to bridge the gap between the two.  Current students, past students, professors, and hackers, one in the same, will be present for the discussion.
28. Hackers in Prison - Mark Abene (Phiber Optik), Bernie S., and Kevin Mitnick
• For the first time ever, the three most famous imprisoned hackers of the 90s appear together on the same panel.  Mark served ten months in 1994, bernieS was locked up for 14 months in five maximum security prisons in 1995 and 1996, and Kevin was held for nearly five years.  Each of these cases received a lot of exposure from $2600 and Off The Hook which wound up getting the attention of mass media and the public.  But these cases are only the tip of the iceberg.  You'll hear some of the background, learn about what's going on today with some other cases, and maybe even hear some prison stories.
• Kevin Mitnick unfortunately wound up in a hospital in Colombia for the entire conference and is replaced here by Darci Wood.
29. Hacking Copyright and Culture - Fred Benenson
• Taking things apart, reusing, and remixing the old in order to create the new are tenets of the hacker ethic.  But these impulses have also been at the heart of artists, musicians, and writers since the beginning of human creativity.  Complete access to copy, reuse, and remix work is necessary for cultural and technological progress, a progress that the current state of copyright and the increasing ubiquity of DRM threatens to permanently undermine.
• This fight has become political.  From protests to boycotts, from lobbyists to students, there is a movement underway and an increasing number of ways to get involved and fight for your digital rights beyond sending $15 to the EFF and running GNU/Linux (which you should already be doing).
• This talk will be about the current state of the free culture student movement and events being organized in the area, including the first ever anti-DRM protests, a Creative Commons art show, and a DVD remix contest.
30. Hacking the Mind: Hypnosis, NLP, and Shellcode - Mike Murray
• The similarities between the methods used to exploit a computer network and the language patterns involved in hypnosis and Neuro Linguistic Programming (NLP) are striking.  In this talk, nCircle's director of vulnerability research Mike Murray (who is also a Master NLP practitioner and certified clinical hypnotherapist) will demonstrate the use of hypnotic language patterns, metaphors, and other patterns of influence, as well as showing how a good hypnotist structures inductions in a similar way to the methods of a skilled computer hacker.  Hypnotic analogues to buffer overflows, shellcode, and other types of computer attacks will be demonstrated, leaving the audience with a deeper appreciation for language patterns and their effect on the human mind.
• Slides
31. The HOPE Net: What Worked and What Didn't
• This is where we review what it took to put the network together.  There are bound to be some fascinating stories to share as far as what went on over the weekend.  This network is by far the biggest ever attempted at any hacker conference on this side of the ocean with more bandwidth available than many countries have.  This makes the stories even more entertaining.  The network gurus of HOPE will have a lively discussion on the challenges of running a network at a hacker conference right before it all gets taken apart.
32. HOPE Number Six Closing Ceremonies
• The tradition continues.  Instead of going home early, we encourage people to stay late and celebrate the conclusion of the conference.  (Consider Monday a lost day.)  You will hear some of the highlights of the past three days and get one last chance to see people before the next time we decide to do this.  It's also a chance to win all sorts of prizes by demonstrating skills and abilities or just by being at the right place at the wrong time.  And most importantly, you will finally learn who Number One is.
33. How to Steal Someone's Implanted RFID - And Why You'd Want To - Annalee Newitz and Jonathan Westhues
• Annalee Newitz will talk about how she got a RFID implant to demonstrate some of the basic security problems with these devices.  These are problems that the companies who make RFID systems are either ignoring or outright lying about.  She'll discuss the process of implanting the RFID, including getting the surgery and unpleasant dealings with VeriChip.  She will also talk about the many problems with security used for implanted RFIDs (and security problems with RFIDs used as access control devices).  Then Jonathan, the RFID-hacking expert who cloned Annalee's RFID, will talk about how he did it and (hopefully) he'll be able to give a demo.  He'll describe how he made his device and how it can also be used for proximity card cloning.  He also has a new cloner which he may or may not want to talk about in detail.
34. How to Talk to the Mainstream Media - Stephen Cass
• Blogs, vlogs, podcasts, RSS, even old school web sites and mailing lists - there's never been more ways for hackers to get their message out.  So why bother dealing with the Mainstream Media?  Because that's where the audience is.  Only a tiny percentage of blogs have sizable audiences and even the biggest of those are dwarfed by the audiences for TV news, mainstream media websites, or the circulations of the larger dead-tree newspapers and magazines.  If you're interested in getting your point across to as many people as possible, this talk will improve your chances by telling you what professional journalists want and why, how you can help give it to them, as well as what pitfalls to avoid.
35. IBOC vs. DAB-T: In-Band vs. Multiplexed Digital Radio - Russell Trafford-Jones
• More and more U.S. stations are going digital using "In Band On Channel" methods where the data is sent with the analog radio station.  But a lot of the rest of the world uses a different frequency for the digital version of the station.  This talk describes the transmission methods technically, discusses the pros and cons of the different methods as well as the commercial implications, and focuses on how community radio can fit into the changing landscape of radio.
• Will the U.S. and its listeners lose out by using different systems than most other countries? A look at this question, why IBOC has been adopted, and how digital radio helps and hinders reception.
36. Keynote Speaker: Richard Stallman - Richard Stallman
• Talking about software rights, except for the right for you to do what you wish with your own code.
37. Keynote Speaker: Michael Hart - Michael Hart
• Using eBooks to break down the bars of ignorance and illiteracy.
38. Keynote Speaker: Jello Biafra - Jello Biafra (Eric Reed Boucher)
• Hacked by Uncle Sam, vote fraud, and the end of democracy.
39. Law Enforcement Wiretaps: Background and Vulnerabilities - Micah Sherr, Eric Cronin, Sandy Clark (Mouse), and Matt Blaze
• The politics of wiretapping is a hot topic (again) lately.  But how do the police actually tap telephones anyway?  How might tapping technology fail?  Telephone wiretap and dialed number recording systems are used by law enforcement and national security agencies to collect critical investigative intelligence and legal evidence.  This talk will examine the technology of (legal) wiretapping and show how many of these systems are vulnerable to simple, unilateral countermeasures that allow wiretap targets to prevent their call audio from being recorded and/or cause false or inaccurate dialed digits and call activity to be logged.  An exploration of possible workarounds, as well as the broader implications of the security vulnerabilities in evidence collection systems.
40. The Life and Times of Alan Turing, Father of the Computer - Karamoon
• Alan Turing was an intriguing guy whose life was as tragic as it was amazing.  Known as the father of the computer, the man who broke the Enigma code, and a sad victim of British homophobia in the 1950s, Turing serves as a role model for many hackers, computer scientists, and mathematicians.  This talk tackles three subjects: Turing's role in breaking the German Enigma code, Turing as the father of the computer, and Turing's personal life (and death).  A look at Turing's life in chronological order, focusing on events which had profound effects on his thinking and feelings.  Turing's story is ultimately a sad one, but along the way you'll see a breakthrough in cryptography and the birth of the computer.  You'll also want to fight much harder for freedoms that we still take for granted, despite the fact that they are disappearing fast.
41. Lockpicking: Exploits for Mechanical Locks - Barry Wels and Marc Weber Tobias
• Every mechanical lock, no matter how sophisticated, can be bypassed.  And here you will learn how.  A wide variety of opening techniques will be demonstrated.  Ranging from "lock decoders" that are in use by the intelligence community to till tools and techniques that allow a layman to open a wide variety of locks with little training and using only inexpensive tools.  Even the opening of some state of the art electronic locks will be demonstrated on stage.  If you're willing to learn then simply join one of the training sessions during the conference (in the lockpick village) to have Barry and his friends teach you how to pick and bypass locks yourself.  You are invited to bring your own locks and find out if they are any good.
42. Low Level Firmware Analysis and Hacking - John Maushammer
• A presentation using examples from John's experience reverse engineering disposable digital cameras.  Hardware disassembly, reading firmware from the flash chip, firmware disassembly, figuring out hardware registers, and how to identify and circumvent lock codes will be among the topics touched upon.  The CVS camcorder lock and the vulnerability that hacked it will also be discussed.
43. Magnetic Stripe Technology and the New York City MetroCard - Joseph Battaglia
• Curious what's on all those magnetic stripes in your wallet?  Learn how magnetic stripes work and how you can use parts from your "junk drawer" to build a simple reader.  Joe's reader design is easy to build and is capable of reading proprietary formats that most commercial readers can't.  The software, which runs under Linux and requires only a sound card, does most of the work and is easy to tweak.  Also included in the lecture will be a discussion about the New York City MetroCard and how its proprietary encoding was reverse engineered with this reader design.
44. Making Reliable Links Using WiFi - Catonic Cinotac
• Ever wondered exactly how much engineering goes into professionally installing WiFi links to 99.999 percent availability?  In this talk, Catonic will be covering calculating path loss, Fresnel zones, gain, power, and other topics which when combined are used to design RF links between two locations.  The information in this talk is useful for VHF, UHF, and microwave link planning.  Additionally, Catonic will be providing an analysis of some of the factors considered when iFiber Redwire planned and then executed last year's record WiFi shot of 125 miles.
45. Managing Your Company's Intellectual Property: An Introduction to IT Security - Daniel Estrada
• Data is every company's most valuable asset and its protection is imperative for survival.  This presentation gives managers and other business leaders the practical foundation they need to secure their intellectual property, properly comply with legislative requirements, and maximize the overall value their IT strategies provide.
46. The Monochrom Collective - Johannes Grenzfurthner, and Roland Gratzer
• A talk medley from monochrom, a worldwide operating collective from Vienna dealing with technology, art, context hacking, and philosophy which was founded in 1993.  They specialize in an unpeculiar mixture of proto-aesthetic fringe work, pop attitude, subcultural science, and political activism.  Their mission is conducted everywhere, but first and foremost "in culture-archaeological digs into the seats (and pockets) of ideology and entertainment."
• This session will be a little tour-de-farce about their projects and political motivation.  A joyful bucket full of good clean fanaticism, crisis, language, culture, self-content, identity, utopia, mania and despair, condensed into the well known cultural technique of a gala show.
• Among their projects, monochrom has released a leftist retro-gaming project, established a one baud semaphore line through the streets of San Francisco, started an illegal space race through Los Angeles, buried people alive in Vancouver, and cracked the hierarchies of the art system with the Thomann Project.  In Austria they ate blood sausages made from their own blood in order to criticize the grotesque neoliberal formation of the world economy.  Sometimes they compose melancholic pop songs about dying media and they have hosted the first annual festival concerned with cocktail robotics.  At the moment they're planning a conference about pornography as one of the driving forces of technological innovation.  They also do international soul trade, propaganda camps, epic puppet theater, aesthetic pregnancy counseling, food catering, and - sorry to mention - modern dance.
47. Network Monitoring and the Law - Alexander Muentz
• A discussion of federal and state criminal law as well as civil penalties, expectations of privacy at work, and the relative rights and duties of employers, employees, and IT workers.  Also included will be an explanation of network monitoring and the Wiretap Act.
48. The New Engineers of Graffiti - James Powderly, Evan Roth, Theodore Watson, and Evan Harper
• The Graffiti Research Lab is dedicated to outfitting graffiti writers, street artists, and protesters with open source technologies for urban communication.  The goal of the G.R.L. is to technologically empower individuals to creatively alter and reclaim their surroundings from unchecked development and corporate visual culture.  During 2006, the G.R.L. has toured across the globe demonstrating and teaching new graffiti technologies and DIY skills to diverse public audiences.  Their work has been featured in alternative and mainstream news sources like the New York Times, Wooster Collective, TIME Magazine, Visual Resistance, and The Village Voice.  In May 2006, Ars Electronica gave the G.R.L. an Award of Distinction in Interactive Art.  You can find their work at www.graffitiresearchlab.com.
• This panel will give an introduction to geek graffiti and focus on the Eyebeam OpenLab with particular attention to public domain DIY hardware hacking, GNU software, and Creative Commons content.  Some GRL tools will include LED "throwies," the "night writer," the "electro-graf," and more.
49. Off The Hook - The Indecent Version - Featuring the Off The Hook Cast
• Yes, that's right, the acclaimed WBAI radio show does an edition that the FCC won't permit us to air.  Restrictions on what we're allowed to say over the radio will be addressed in a very "direct" manner.  Over the years the American broadcast media has become increasingly government-controlled with the federal authorities determining what is decent and what is not.  The result has been a whole lot of blandness and conformity, not to mention a good dose of fear and paranoia behind the scenes.  While we may not be allowed to say a lot of things over the air, we CAN say them in a room full of people.  At least for now.  One day perhaps this edition will be allowed to be heard on the radio.  For now, though, you can win a prize by figuring out just how much we could be fined and imprisoned if this show were to make it to air.  In all honesty, we believe it will be a pretty "decent" hour.  You can even bring the kids.
50. Password Cracking and Time-Memory Tradeoff - Jason Davis
• An in-depth explanation of the applications of time-memory tradeoff when applied to password cracking and its relevance to the future of the IS industry.  Also, a demonstration of what quite possibly could be the fastest web-based MD5 password cracker on the planet.
51. Phone Phreaking 101 - Black Ratchet (Ben Jackson)
• Have you ever caught yourself thinking "Gee, I wonder how this phone thingy works?"  Do you often dream about what's inside that building downtown with your local phone company's logo emblazoned upon it?  Do you find yourself confused when people start talking about "op-diverting," "setting up 8s," or "getting on the bridge?"  If so, then this presentation is for you.
• Ever since the early 1990s, most people have thought that phone phreaking was dead.  They have thrown their black, red, and blue boxes out with their trash and have dismissed the idea of "phone phreaking" with the same zeal that they dismissed the idea of the Easter Bunny and Santa Claus.  But phone phreaks still survive to this day!  The phone network was one of the first great networks.  Yet today it just sits there, only explored by a handful of people.
• This presentation is an attempt to change all that.  It will answer basic questions and clear up common misconceptions about phreaking, the phone system, and telephony in general.  It will also attempt to clear up urban legends that continue to exist today and show people that phreaking is not a dead art.  Topics covered will include history, basic phone network operation, VoIP, myths and misconceptions, general phreaking, and stupid phone tricks.
52. Privacy Is Dead - Get Over It - Steven Rambam, Gerard P. "Jerry" Keenan, Reginald "Reggie" Montgomery, Kevin Noppinger, and Kelly Riddle
• This will be a wide-ranging lecture covering databases, privacy, and "computer-aided investigation."  Steven is the owner of PallTech, the largest privately held online investigative support service in the U.S.  This talk will include numerous examples of actual data and secret databases as well as a demonstration of an actual online investigation done on a volunteer subject.  During the second hour, Steven will be joined by a four member panel of investigators and intelligence experts.
53. Privacy Through Technology: A Hands-On - Aldert Hazenberg and Paul Wouters
• Until recently, using cryptography to protect your privacy when using the web, email, or instant messenger while connecting your laptop all over the world from very insecure and untrusted networks was a daunting task that most people could never set up.  For those who could, it proved impractical to use over a longer period of time.  Fortunately, things have changed a lot in the last year.  But the notion that cryptography is too difficult to use is still a widespread belief.
• In this presentation, Aldert and Paul will demonstrate how easy it is these days to use cryptography.  They will bring a Windows and an OSX laptop, and demonstrate how to set up encryption tools from scratch.  After the presentation, a slide show version of their presentation will be available as download for everyone to take home.
• Topics will include how to secure email using GPG with Thunderbird and Mail.app, how to protect IM traffic using OTR with a variety of IM clients such as Gaim, Adium, iChat, Trillian, or other clients using the OTR proxy, how to encrypt your browsing using Tor and Privoxy, how to build an L2TP VPN to encrypt all your traffic while browsing at Starbucks by using your home DSL, how to encrypt your VoIP calls using Gizmo and Zfone, how to enable WPA/WEP security on your wireless network, and how to use an encrypted hard disk using FileVault or Windows software.  Finally, they hope to be able to show you the first IPsec encrypted WiFi mobile phone.
• This presentation will be a hands-on training.  That means no slide shows on how things work in theory, but demonstrating live to you that it only takes a few minutes to set up the cryptographic tools to protect your privacy.
54. Proactively Secure Programming Techniques - Joe Salvatore Testa II
• This lecture will teach several proactively secure programming methods that can be applied to direct-memory languages like C and C++.  These methods are an application of the fundamental defense in depth principle that can provide an extra level of security against common buffer overflow attacks, double-free vulnerabilities, and logic errors.
55. Project MF - Mark Abene (Phiber Optik)
• This project began in late 2005, when the website www.phonetrips.com came to Mark's attention.  On that site one can find old recordings of phone sounds: call-progress tones, clicks, ker-chunks, all sorts of things.  Someone had traveled around the country back in the 70s capturing these magical sounds.  In addition, there were a handful of actual recordings of blue boxing recorded in a narrated "radio show" format for all posterity.  Hearing those tones brought back memories of when Mark himself experimented with blue boxing back in the 80s.  Blue boxing can best be defined as directly signaling those legendary MF tones across analog trunks in the old telephone network, exploring the inner workings through pure sound alone.
• After repeatedly listening to these "phonetrips," Mark thought to himself, "It's a shame all that's gone now.  No more analog trunks or MF signaling, no more 2600 Hz.  SS7 and the completely digital, intelligent routing network are the order of the day."  And that's just the way things are.  But wouldn't it be cool if there was some way to bring it all back?  And so...
• This presentation is the daring story of how Mark used Asterisk and VoIP to bring back blue boxing - essentially a fully working model, connected to the public telephone network, of analog signaling in all its glory.  We can all blue box again and Mark will show you how you too, with some Asterisk and VoIP experience, can use his code modifications to Asterisk to set up your very own working analog trunks and vintage routing codes, and ultimately recreate a piece of history for all telecom enthusiasts, MFers, and phone phreaks to enjoy.
56. Pseudonymous Software Development and Strong Distribution - V. Alex Brennen
• A talk and tutorial on cryptographically strong pseudonymous software development and distribution models with the intent being to show hackers that when developing software is forbidden by law, developers can use PGP and other tools to continue to safely exercise their right to free speech in the form of source code.  There will be a description of software release, upgrade cycle, security advisories, development team collaboration, and how to handle the reception of bug reports and patches from users.  In addition you will learn how software developed by cypherpunks like the anonymous re-mailers, onion routing network implementations, and PGP key server networks can be used.  See how the software works in theory (not command line options, etc.) covering topics like public key cryptography, digital signatures, zero knowledge proofs, and reputation systems.  There will also be a discussion of the use of not commonly used cryptographic technologies such as ring signatures to prevent successful rubber hose attacks by authorities.
57. Radio Communications for Hackers, Amateurs, and Activists - LinH, Bernie S., Joseph Battaglia, and Skip Arey
• Sometimes cell phones, telephone lines, and Internet connectivity just aren't good choices for communications.  Whether those networks are down, unreliable, too expensive, or you just don't trust carriers or ISPs to not hand over all your communications records to Big Brother's data-mining program, there are alternatives.  Amateur (ham) radio, GMRS, FRS, MURS, Part 15, and other technologies can provide free and effective short-range or even global voice/data communications.  This panel will explain how you can use the magic of radio to take control over your communications.
58. Retrocomputing - Sam Nitzberg, Cheshire Catalyst, Sellam Ismail, and Jason Scott (Jason Sadofsky)
• A regular feature of HOPE conferences, this year's retrocomputing panel will reminisce about bulletin board systems.  The dial-up BBS was how many people sent their first email, read forum posts, and found the electronic communities that would later migrate to the Internet.
• Sellam will also give a brief introduction of the history of computing and talk about the various eras since the invention of the first modern day computers in the 1950s with an introduction to Babbage's work in the 1830s.  Also discussed will be hacker history, phreaking history, how the culture sprang up, and what it has morphed into today.
59. RFID Privacy - Old Threats and New Attacks - Karsten Nohl
• A look at the challenging requirement of anonymity in RFID systems.  After a discussion on proposed solutions to the privacy threat you will see how easily such solutions can be circumvented or completely broken.  By looking at the physical characteristics of the tags, Karsten will demonstrate how new attacks can circumvent these solutions, some of which have been implemented in a lab.  There will then be a look at the back-end infrastructure of the RFID system which will show that the currently outlined implementation will compromise privacy in ways that have never been anticipated - basically allowing for customer tracking over the Internet by everyone.
60. Selfness-Copyfight: From Censorship to New Business Models - Jorge Cortell, and Alvaro Gonzalez
• Pro-copyright cartels use direct extortion, among other methods, to keep their outdated business models and views alive.  Yet the "copyfight" goes on and more and more examples every day prove that their view is not only very shortsighted, but dangerous.  "Selfness" is the extreme opposite of copyright, not only practically (it is currently being used as a business model), but also philosophically.
• Slides
61. Social Engineering - Emmanuel Golddigger and Others
• Once again we continue the tradition of not only explaining what social engineering is, but demonstrating it to the throngs as well.  Emmanuel has been confusing people on the telephone for many years and gets a whole lot of pleasure out of tricking total strangers into giving him information he has absolutely no business having.  And after you see this in action, you'll be able to do it too!  We always appreciate suggestions on who can be targeted.  All sorts of special guests may drop by this panel.
62. TrackSploits - Lance James and Joshua Brashars
• In a time where bureaucracy can hold you back against a foe that is more agile, fast, and who definitely doesn't care about the laws they break, a new method of forensics is being developed.  TrackSploits have been used against phishers, malware authors, and distributors as well as "black hat" hackers to gain intelligence on them in a passive, yet active, manner.  These techniques do not break the law, but they will bend them and test the law's resilience.  Techniques include tracking attackers behind proxies, breaking encryption algorithms to unmask IP addresses, stealing data back from the phishers in real time, and using cross-site attacks to track malware authors.  This talk will open your eyes about intelligence gathering and counterespionage against relentless entities dedicated to causing havoc and profiting from it.
63. Under The Desk at MIT - V. Alex Brennen
• A formal announcement of the creation of the Public Domain Software Foundation (PDSF).  The PDSF is meant to be a parallel to the Free Software Foundation.  It is being started to advocate and support the placement of source code and documentation in the public domain rather than under the GNU licenses.  This presentation will include an explanation of how cryptographic management of identity makes many licenses unnecessary.  Package and patch management solutions are becoming much more automated with Linux distributions as well as with various software packages.  An explanation of why this trend is making the public domain a necessity for many types of modern software.
64. Underground Documentaries: The Art of the Interview and the Access - Julien McArdle (Seal) and Jason Scott (Jason Sadofsky)
• This panel will cover what it takes to make your own underground indy documentary - from asking "attack questions" to recording industry execs to approaching historical legends to sit down with you and be interviewed.  Topics will include the equipment required, legal no-nos, the Creative Commons, editing, distribution, and how to do it all on the cheap.
65. Urban Exploring: Hacking the Physical World - John and Laura Leita
• A continuation of The Fifth HOPE talk that will cover more urban exploring.  Topics will include how to find and navigate university tunnels and how certain aspects of society work/worked by looking through ruins.  This presentation will include pictures and videos of various urban exploration sites.  There will also be a discussion of urban exploring photography, ethics, laws, and safety.
66. Virtual Private Servers and the (Free) Open Source PBX - Mark Silverberg (Skram)
• Mark will show how VPS virtual server technology can combine with the Asterisk PBX to replace your expensive, proprietary phone system - while still using the same server to run your website!  Not only does this exciting technology apply to old school Nortel sysadmins (with large corporate budgets) but phreaks at home can try this too!
67. VoIP Unlocking - The Prophet  (Babu Mengelepouti)
• Voice over IP (VoIP) services such as Vonage, AT&T CallVantage, and Packet8 have recently gained popularity.  Unfortunately, there's a catch: your VoIP phone only works with the phone company you bought it from.  In this live demonstration, The Prophet will show you how to free a D-Link DVG-1120M VoIP adapter from the chains of AT&T CallVantage service.  He will also demonstrate FreeWorldDialup, a free alternative to paid VoIP services.
68. Vulnerabilities in a Connected Future - Sysmin (Nathan Hamiel), and QuiGon (Gene Cronk)
• This presentation deals with the vulnerabilities of emerging connected technologies and their uses.  As manufacturers continue to pump out new technology without properly assessing the risks, those risks end up affecting customers.  The focus of this presentation deals with vulnerabilities and attacks on Smarthomes and Smartcars taken from analyzing these emerging technologies.  Vulnerabilities also exist in these technologies from how users interface with and utilize them.  Modern connected technologies are intrusive and it is important that everyone understand the dangers.  This presentation also delivers a healthy dose of problems with the next generation IP protocol, dealing with problems in its implementation and future.  IPv6 will play a big part in the connected future with integration into previously mentioned technologies and mobile devices.  Lastly, the presentation will discuss problems with biometric authentication technologies and refute how these devices are being touted as security silver bullets.
69. Weird Technology - Gonzo DeMann (Michael J. Ferris), and Leo
• This panel will deal with technology that is a bit off the beaten path, technology of the government, private sector, and the home brew variety, as well as the legalities and affects of all this weird tech.
70. Wireless Security Flaws - Raven Alder, 3ric Johanson, and Brandon Uttech
• Wireless security flaws are commonplace but not many people realize just how much of the inner workings of infrastructure and management traffic for large networks are often accessible over wireless.  Working as a team of professional penetration testers, the first time these three saw routing protocols and management traffic visible over 802.11, they thought the client really lacked clue.  The tenth time, it wasn't so funny anymore.
• This session will show you the common switching, routing, and management traffic commonly present in urban wireless environments, discuss the security risks (from information disclosure to remote exploit), and show you how to prevent this sort of highly critical data from leaving your network by way of your access points.  Using examples from the last five years of growing urban wireless presence, this talk will show the initial signs of backbone control traffic creeping out of poorly secured access points and present statistics on overarching protocol trends over time.  The talk will then take a more serious turn, showing the sorts of damage that a malicious attacker can wreak on a network with the information provided in just a few routing protocol packets.  Lower level attacks such as switching and CDP will also be covered.  Finally, a ray of immediately practical hope will be offered, giving recommendations on actions that will prevent this sort of critical data from being advertised out of your wireless access points.

The Last HOPE

• The Last HOPE took place on July 18-20, 2008 at Hotel Pennsylvania in New York City.
• Post-The Last HOPE Analysis  From Off The Hook, July 23, 2008.
• The Last HOPE - Part 1  YouTube video from Afternoon Playland.
• The Last HOPE - Part 2  YouTube video from Afternoon Playland.
• Emmanuel Goldstein - Sock Puppet Q&A  YouTube video from Afternoon Playland.
• Speaker Information
• The Last HOPE Video Tracker
• The Penn Is Mightier

1. Advanced Memory Forensics: Releasing the Cold Boot Utilities - Jacob Appelbaum
• This talk will cover some of the issues involved with Cold Boot attacks.  A description of the multiple methods (disk, network, etc.) developed for targeting computers whose memory is being targeted for extraction.  The tools used for these experiments will be released here.  In addition, code will be released that was written and has improved since the initial public release of these experiments.  This includes a dumper using a standard iPod with unmodified Apple firmware.  In addition, an improved AES keyfinding tool has been implemented.  Great caution has been taken to not stomp on important bits in memory.  All of the tools will be released as free software.  Possibilities for protection as well as other ideas for improvement of the attacks in software and hardware will be discussed.  The paper related to this talk can be found at http://citp.princeton.edu/memory.
2. The Art of Do-Foo - Matt Joyce
• The one thing that sets a nerd apart from a hacker, a dork, or anyone else for that matter is simple.  Nerds seek to quantify every facet of their lives.  From baseball statistics to Star Trek trivia, there's a little nerd in all of us.  But true nerds pursue the quantification of everything.  The idea of this talk is to quantify successes and failures within the New York City community.  By utilizing modern information theory and simple statistics, we can isolate the key factors that have both positively and negatively influenced the culture in our region.  Why have specific projects succeeded?  Why have others failed?  What are key factors in the success of a community?  This talk will have fun exploring a roller coaster of statistical exploits on what may be one of the coolest and difficult to quantify datasets our planet has ever known.  Learn how to get down with your nerd self in a fun and educational foray into the hacking culture, and the numbers that comprise it.
3. The Attendee Meta-Data Project - LexIcon, Daravinne, Neo Amsterdam, Aestetix, Echo, Dementia, Matt Joyce, and Christopher Petro
• The Attendee Meta-Data (AMD) project is a large scale study of the movement, demographics, participation levels, and interests of HOPE conference attendees over the three day conference period.  At registration, preregistered attendees and others on a first-come first-serve basis will receive a numbered badge with an active RFID chip and a unique PIN.  They will take the badge number and PIN to a terminal, or to the internal website via their own laptop, choose a username, log in, and fill out a web survey querying biographical and interest-based data.  As attendees move around the entire conference area, their presence will be tracked and their movement information will be compiled in a database alongside their contextual data.  All this information will be funneled into a real-time data visualization.  During the conference, attendees will be able to query the database and generate their own visualizations and data comparisons, play games based on timing and location, and find others with similar interests during game sessions.  In this talk, the AMD project development team will discuss the concepts involved and answer questions about the system.  On the last day of the conference during our closing ceremonies, the team will address the project's original goals, the results obtained during the conference, and what was learned throughout the whole process.
4. Autonomously Bypassing VoIP Filters with Asterisk: Let Freedom Ring - Blake Cornell and Jeremy McNamara
• Foreign governments and ISPs within Panama, Belize, the Caribbean, Mexico, Brazil, the UAE, China, India, Saudi Arabia, and others have implemented VoIP filters of some type.  The effect is obvious - phone calls are effectively blocked.  How can Asterisk developers and providers develop mechanisms to help maintain communication through the wake of government supported access control mechanisms?
• PowerPoint Slides
5. Bagcam - How Did TSA and/or the Airlines Manage to Do That to Your Luggage? - algormor
• Ever wonder exactly how TSA or the airlines managed to destroy your luggage or what security measures are actually in place once your checked luggage disappears from view?  After having yet another bag destroyed while flying several months ago, algormor decided to build Bagcam to find out what happens once the airlines have control of your luggage.  Bagcam is a small suitcase containing a mini-DVR and pinhole camera.  This presentation will cover the construction of Bagcam, potential future enhancements to Bagcam, and issues to consider should you decide to build your own Bagcam.  In addition, various security measures currently in place for commercial passenger flights and the efficacy of these measures will be discussed.  Finally, select footage will be presented from flights through Washington DC's Reagan National Airport (DCA); Ted Stevens Airport in Anchorage, AK (ANC); Sky Harbor in Phoenix, AZ (PHX); Chicago's O'Hare (ORD); and other airports.
6. Biohacking - An Overview - Chris Seidel
• Biological systems are large assemblies of parts that function together following rules of basic chemistry.  As systems, they can be studied, modified, and engineered for novel purposes.  DNA molecules contain the information used to encode living systems, and methods exist for discovering and manipulating this information.  This talk will cover the basic components of biological systems, including how DNA can be modified to make new proteins or genetically modified organisms, such as fluorescent mice, therapeutic viruses, or bacteria that eat explosives or smell like bananas.
7. Botnet Research, Mitigation and the Law - Alex Muentz
• This talk will discuss current U.S. federal laws that affect botnet researchers and IT professionals defending against botnets.  Existing methods of capture, analysis, and mitigation will be analyzed from a legal perspective.  Likely scenarios and outcomes will be discussed in an accessible manner.
8. Building a Better Ballot Box - Smoke
• We all know by now the folly of current election technologies from Premier and Sequoia Voting DRE (Direct Record Electronic) systems as well as some of the new, more promising systems on the horizon such as the open source OVC (Open Voting Consortium ) and Scantegrity.  The question of whether we can do better will be raised.  What needs to be done to make this process better than it is today?  Both software and hardware methods to secure the ballot box will be discussed.
9. Building Hacker Spaces Everywhere: Your Excuses are Invalid - Nick Farr and Friends
• Four people can start a sustainable hacker space.  Whether you're in an urban area where space is expensive, in the middle of BFE where finding four people is hard, or just outside of an active war zone in Uganda, there are few excuses left for not joining the global hacker space movement with a place of your own.  This talk will cover the ten most often heard excuses for not building a hacker space and how existing hacker spaces, fab labs, co-working spaces, and other tech-oriented "third spaces" have solved them.
10. Citizen Engineer - Consumer Electronics Hacking and Open Source Hardware - Phillip Torrone and Limor Fried
• In addition to the future of DIY, building hardware, open-source hardware, and a roundup of amazing projects anyone can build, this talk will present the debut of the film Citizen Engineer - named after the HOPE Number Six talk.  The session will be the first time this how-to video series for hacking is shown in public.  There will also be some hands on hardware demos, hacking, and a lot of trouble.
11. A Collaborative Approach to Hardware Hacking: NYCResistor - Bre Pettis and Friends
• In this panel, 18 members of NYCResistor will each, in turn, speak about a piece of infrastructure or project associated with their hacker space collective.  By presenting 18 perspectives on the infrastructure, process, and projects, you will experience different windows into the organization.  The presentation will encompass stories and pictures of cake, lasers, and drink serving robots as well as insight into such fascinating topics as book balancing, documentation, and the massive importance of failure.  NYCResistor is a Brooklyn-based hacker space focused on learning, sharing, and making things.
12. Community Fabrication - Far McKon (Jon McKamey)
• In the 1970s, computers were still the foray of big business and government.  They were known to be powerful tools, but they were beyond the reach of individuals.  Though several other home computers came out in the early 70s, the MITS Altair 8800 is generally credited as sparking the home computer revolution, which in turn sparked computers everywhere.  The base of another revolution in fabrication powered by hobbyists will be revealed here.  The Fab@home, RepRap, and other projects will (hopefully) do the same thing for fabrication.  This talk will cover community based fabrication, why it's so cool, and how it could fundamentally alter the global economy for the better.
13. A Convergence of Communities - John Strauchs
• Most people in either industry already know something about the relatively recent convergence of computer technology (CT) and physical security.  But they probably aren't aware that computer professionals are increasingly assuming a leadership role in the process, as well as the management of the process.  Moreover, the physical security and computer technology (CT) and information technology (IT) communities have traditionally been at odds.  Computer professionals don't know as much about physical security electronic systems and devices as they think they do.  Conversely, physical security senior managers know virtually nothing about CT and some don't want to!  This session will examine the convergence phenomenon from both perspectives.  It will review what is occurring, how it is happening, and what effects it has on both security and CT/IT.  The effects upon, and from, the Department of Homeland Security will be discussed.  The session will conclude with an in-depth analysis of Homeland Security's shortcomings and unmet needs and the role of CT/IT in protecting the nation.  The critical need to triage security resources will be examined, along with a look at how it should be done, as well as an attempt to understand why it isn't already happening.
14. Crippling Crypto: The Debian OpenSSL Debacle - Jacob Appelbaum, Dino Dai Zovi, and Karsten Nohl
• In May 2008, a weakness in Debian was discovered which makes cryptographic keys predictable.  A Debian-specific patch to OpenSSL broke the pseudo-random number generator two years ago, which led to guessable SSL and SSH keys.  The vulnerability allows for impersonation of secure servers, as well as the potential to login to SSH secured systems.  Since many popular derivatives like Ubuntu and Xandros are affected, the weak keys are found all over the Internet.  The panel will present their approach to generating lists of weak keys using cloud computing and explain how they collected large numbers of SSL certificates of which several thousand are weak.
15. Death Star Threat Modeling - Kevin Williams
• In the field of Information Security, the terms vulnerability, threat, and risk have specific meanings and are often misapplied and misidentified in projects.  This presentation will explain threat modeling as it applies to information and application security projects, utilizing the shared memory of the Death Star trench run as an analogy to better understand these concepts.  You will learn how to define risks, threats, vulnerabilities, and countermeasures; how to integrate threat modeling into a software development lifecycle; examine example threat modeling methodologies; and hear real-world anecdotes of threat modeling successes and failures.
16. A Decade Under the DMCA - Marcia Wilbur
• In October 1998, the Digital Millennium Copyright Act (DMCA) was signed by President Clinton.  Since that time, the DMCA was used to prevent free speech and reverse engineering.  The DMCA offers patent-like protection although this is a copyright law.  Many people have been adversely affected by the DMCA.  Cases will be discussed and information regarding filing counter notifications will be presented.
17. Dirty New Media: Art, Activism, and Computer Counter Cultures - Jake Elliott
• This talk presents a short history of electronic art by illustrating connections between artists, activists, and hackers. The connections and histories presented include: the demoscene and its origins in software piracy; video and conceptual artists in the 1970s and their activist work; contemporary artists working with circuit bending and other detournements of modern technologies; the Chicago "dirty new media" community; contemporary artists, hackers, and activists creating software and electronic art with a punk/anticapitalist ethos.  Excerpts of work from these different artists and communities will be screened and discussed.
18. Earth Intelligence Network: World Brain as EarthGame - Robert Steele
• The first speaker at the first HOPE in 1994 will describe the emergence of the Earth Intelligence Network, the World Brain, and EarthGame as the triumverate that will empower We the People and make most governance and many organizations both transparent and obsolete.  Emphasis will be placed on the eradication of corruption and restoration of the sovereign individual.
19. E-Mail: Descendant of the Telegram - The Cheshire Catalyst
• The former telex hacker will take us on a verbal tour of yesteryear when telegrams meant the smell of machine oil and teletype machines.  You'll learn how the term "break text" became the equal sign and why you should indent your name five spaces to "sign" your e-mail.  It's a geek thing.  Maybe you can understand.
20. The Emperor is Naked - Michael Kemp
• Virtualized technologies are being lapped up left, right, and center by corporates committed to the cash savings they promise.  Sadly, the savings that can be gleaned are not without the attendant risk.  Instead of nice normal networks that people can understand, many vendors are offering networks in a box.  As well as being lovely single points of failure, they have a number of risks that remain largely unexplored.  Research has already been conducted around platform virtualization technologies such as VMWare, but there still exists a fundamental flaw within virtualized resource technologies that no one seems to have spotted.  This talk will illustrate why and how virtualization works, what the difference is between what the vendors say and how it is being implemented in RL, and will discuss a theoretical vulnerability that if it can be exploited can bring down the house of cards.
21. Escaping High Security Handcuffs - Ray
• Everybody knows normal police handcuffs are no real challenge for lockpickers, even though it helps to know the inner workings and tiny differences of the various models in use today.  Less publicly known is that there's also a variety of "high security" handcuffs on the market, used mainly for high-risk prisoners and during transfers.  But those also have their weaknesses...  This talk will give an overview of the products in use today and their different attack vectors - not only focusing on picking but also bypassing some of the most advanced locking mechanisms used in this field.
22. Evil Interfaces: Violating the User - Gregory Conti
• In a perfect world, interfaces help users accomplish tasks quickly and efficiently.  However, in the real world, interfaces are often designed to manipulate users into behaving according to the designer's calculated and suspect intent.  Malicious interfaces abound on the web - employing trickery, misdirection of browsing, forced viewing of advertisements, and even animations designed to trigger epileptic seizures.  Evil interfaces are seen virtually anywhere profit is at stake, from desktop applications and websites to gas pumps and toothpaste dispensers.  This talk explores malicious interface techniques both on and off the desktop, and aims to energize the audience to pursue positive solutions. You'll leave with a better awareness and understanding of the problem, increased resistance to attack and ideas for generating solutions.
23. Exploration of Possibilities: Brain Hacking - Dot.Ret
• The human brain is an incredibly complex and advanced central processing system.  Interestingly enough, in spite of its uniqueness in several respects, it has many qualities in common with modern computer systems.  Like modern computer systems, the brain and ultimately the mind can be predictably influenced and even exploited.  This talk will cover the basic nature of the brain in relation to computer systems and will discuss the relevance, the advantages, and the dangerous implications of this topic.
24. Featured Speaker: Jello Biafra - Jello Biafra (Eric Reed Boucher)
• A regular speaker at HOPE since 2000, Jello provides a unique and charismatic look at what's been going on in the world since the last time we all got together.  Whether you're a technologist or a technophobe, his words will almost certainly have an effect on your emotions one way or another.
25. Featured Speaker: Kevin Mitnick - Kevin Mitnick
• The "world's most dangerous hacker" and subject of our documentary Freedom Downtime ($30) (along with many other more sensationalist pieces over the decades) gives us an update on what's been going on in his life since the last time he was here in 2004.  (A severe case of food poisoning in Colombia forced him to cancel his HOPE Number Six appearance - which may be one of the stories he tells this time.)
• How to Unmask Caller-ID Using Asterisk  (YouTube)
26. Featured Speaker - Steven Rambam - Part 1 - Steven Rambam (Steven Rombom)
• Part 2
• Hopefully there will be no surprises this year.  In 2006, privacy expert Steven Rambam's two hour panel was disrupted by federal authorities who arrested him at the conference just prior to its commencement.  In the end, he was completely vindicated and went on to finally give his talk several months later to a packed house at a local university.  This year, Steven will be on for three hours, in part to make up for what you may have missed last time, but mostly because what he says about the state of privacy in our society will captivate you.
27. Featured Speaker: Adam Savage - Adam Savage
• The esteemed co-host of the popular TV show Mythbusters on the Discovery Channel and "a maker of things" will give a captivating talk on the nature of his particular obsessions.
• Post-Talk Interview  (3.5M MP3)
28. From a Black Hat to a Black Suit - How to Climb the Corporate Security Ladder Without Losing Your Soul - Myrcurial (Dave Lewis)
• You want it all.  You can see the brass ring and you want to jump for it.  But you're scared.  You don't want to put on a suit and watch your soul shrivel like the spot price on RAM.  There is another way.  In this session, you will learn: why you want to do this to yourself, how to get the first job (which will suck), how to turn the first job into the next job (while still having fun), how to get the top job (sooner than you thought you could), and how to do it all without feeling like a corporate whore.  You want to hack the planet?  You've got to start somewhere.
29. Ghetto IDS and Honeypots for the Home User - Black Ratchet (Ben Jackson)
• Have you ever wondered what the heck was pounding on your Internet connection?  Or what exactly was making your cable or DSL connection's activity light blink wildly when you knew there was no traffic from you?  If so, this presentation will shine a light into the dark corners of your personal tube, showing you the unending stream of junk that comes across your Internet connection as well as how to pick out the good, the bad, and the ugly.  This presentation will cover the steps involved in setting up a poor man's IDS and honeypot.  Using open and freely available tools, strategies of IDS deployment on your home LAN and the setup of both low interaction and high interaction honeypots will be covered.  Learn what you can expect to see, how to pluck out the signal from the noise, and generally be aware of what is flowing in - and out - of your LAN.
30. Graffiti Research Lab Extravaganza - Graffiti Research Lab
• GRL's presence at HOPE this year will be represented by Graffiti Research Lab in Utah.  Michael Auger (aka Love Monkey 4000) will come from the mountains of Utah to the Big Apple to run workshops, conduct technology demonstrations, screen a movie, and announce (for the first time) a new GRL project very close to his heart: One Laser Tag Per Child.  The event will start with a LED Throwie workshop.  Throwie workshops only last until the supplies run out, anywhere from 30 minutes to an hour.  The screening of the new GRL movie (fresh from Sundance, MoMA, the Tate Modern, etc.): Graffiti Research Lab: The Complete First Season will then begin.  People will be encouraged to misbehave with their throwies in the dark, yell at the screen, etc.  All this will be documented so that the HOPE viewing of The Complete First Season will actually be footage for the sequel: Graffiti Research Lab: The Complete First Season II.  After the movie ends, GRL Utah will come to the front of the room and introduce GRL live via webcam from Korea.  New GRL technologies and initiatives will be unveiled, including (but not necessarily limited to) the One Laser Tag Per Child system.  During the course of the HOPE conference GRL Utah will man a table where interested attendees will be able to do the following: play with lasers, get trained on how to set up the laser tag system, take a closer look at the prerelease of the One Laser Tag Per Child system, download the disc image of the GRL movie (or buy the actual DVD), learn how to set up a GRL in their hometown.
31. Grand Theft Lazlow - Hacking the Media by Laughing at Them - Lazlow Jones
• A talk by Grand Theft Auto IV cowriter and coproducer Lazlow focusing on that phenomenal project as well as what's been going on in media in the last decade.  Beginning in 1996, corporations began gobbling up every newspaper, billboard, radio and TV station in the United States.  Ironically, since then, readership and ratings have plummeted, resulting in entertainment executives and editors programming even more sensationalist and desperate content.  Lazlow discusses how parody of the media in video games, on TV, and online can often garner a larger audience reaction than the media establishment itself.  He will describe why the mainstream media invents crises, and the reaction by the media and Hollywood establishment to the growing popularity of interactive worlds where players are celebrities rather than smug starlets tittering for TMZ.  How can you hack the media?  In this interactive talk Lazlow talks about his work in radio, video games, and the future of the media, democracy, and the role of comedy in it.
32. Hackateer Premiere - John Threat (John Lee) and Mark Abene (Phiber Optik)
• Hackateer is an episodic adventure series about a team of hackers who are being chased by quasi-government agencies.  The show blends a reality "Do-It-Yourself" tech show with a scripted spy/adventure narrative shot in anime style.  Embedded within the entertainment of an episode, viewers learn how to take everyday technology and use it in ways they never dreamed of and not always originally intended.  The show also features interrogations with top hackers and tech people from around the world that are kidnapped by the Hackateers.  Hackateer is also unique in that the show is cast with real underground hackers and the stories are drawn from world famous hackers and their real life exploits.
33. A Hacker's View of the Freedom of Information Act (FOIA) - Phil Lapsley
• As part of his book on the history of phone phreaking, Phil submitted hundreds of Freedom of Information Act (FOIA) requests to various three-letter government agencies.  In this talk he will give an overview of how FOIA works, describe the type of documents you can get via FOIA, and discuss some of the typical FOIA stumbling blocks and workarounds to them.  He will then focus on FOIA from a "hacker's perspective" and will examine the recent launch of several FOIA/hacker related websites such as GetGrandpasFBIFile.Com, GetMyFBIFile.Com, TvShowComplaints.Org, UnsecureFlight.Com, WhatDoTheyKnow.Com", and GovernmentAttic.Com.
• Notes
34. Hacker Space Design Patterns - Jens Ohlig
• How do you get a hacker space started?  How do you manage it once you have a space?  This talk presents wisdom collected over a decade of building sustainable hacker spaces in Germany.  Through "design patterns," Jens and Pylon will cover the essentials of assembling an initial group, finding the perfect location, and managing the community.  Earlier versions of this talk have inspired the creation of the U.S. hacker spaces NYCResistor and HacDC.  This version will inspire and help you create a hacker space where you live!
35. Hackers and Planet Earth - Peter Jackson
• Technological innovations of the last few centuries have changed our relationship with Planet Earth.  With fossil fuel supplies in decline, energy demand growing, and worrying climate change predictions, the future doesn't look great.  The presentation will start by briefly looking at the challenges that lie ahead.  What can we as hackers, both individually and collectively, do to be more environmentally sustainable?  How could we use our skills in the event of the situation reaching crisis point?
36. Hacking Cool Things with Microcontrollers - Mitch Altman
• Microcontrollers can do your bidding.  This presentation will show a few fun, simple projects that Mitch has hacked together as examples to show how fun and easy it is to create your own microcontroller projects - even for people who have never built anything in their lives.  Sample projects include: The Brain Machine, TV-B-Gone, Trippy RGB Light, LED Cube, Solar BugBot, and Mignonette (a very simple handheld game platform).  Basic hardware design, simple firmware design, and how to use the free, open source software available for programming the chips used will be discussed at this talk.
37. Hacking Democracy: An In Depth Analysis of the ES&S Voting Systems - Matt Blaze, Sandy Clark (Mouse), Eric Cronin, Gaurav Shah, Micah Sherr, Adam Aviv, and Pavol Cerny
• Last Fall, Ohio Secretary of State Jennifer Brunner commissioned Project EVEREST, a comprehensive security review of the electronic voting technology used in her state.  The project contracted several academic teams and others to examine the election procedures, equipment, and source code used in that state, with the aim of identifying any problems that might render elections vulnerable to tampering under operational conditions.  The ten-week project examined in detail the touch-screen, optical scan, and election management technology from e-voting vendors ES&S, Hart InterCivic, and Premier Election Systems (formerly Diebold).  Penn led the analysis of the ES&S system source code, which is also used by voters in 42 other U.S. states besides Ohio.  This talk will outline the U. Penn team's findings, which included the discovery of exploitable security vulnerabilities in almost every hardware and software component of the ES&S touch-screen and optical scan systems.  Some of these flaws could allow a single malicious voter or poll worker to alter countywide election results, possibly without detection.  The team will discuss their findings and will also describe more generally the process of analyzing 700,000 lines of unfamiliar source code in less than ten weeks under highly constrained conditions.  The full 334 page report (which also includes analysis of the Hart and Premier systems done at Penn State and WebWise Security) can be downloaded from the Ohio Secretary of State's web site.
• Academic Evaluation and Validation of Election-Related Equipment, Standard and Testing - Final Report  (11.6M PDF)
38. Hacking International Networks and System(s) using VoIP - Da Beave (Champ Clark) and Jfalcon
• There is an entire world of PSTNs out there that most people never bother to look into.  People have a tendency to call within their area (country) and never stray or "wander" outside.  This talk hopes to change that perception.  With VoIP, we have the ability to call worldwide for fractions of a penny.  Why not call that X.25 network in Russia?  Or India?  Why not explore foreign data networks and find new and old things still out there?  Think war dialing in the U.S. is washed up?  Why not try a country where computers and technology are built on the hardware we've thrown out?  In many parts of the world, phone networks and data networks are built using the existing PSTN infrastructure.  They simply can't afford to purchase modern SONET/DS hardware.  Nor can they afford to run fiber optics or coax to every neighborhood.  The legal ramifications in hacking such systems are significantly less than hacking U.S. computer networks.  The media is filled with reports of Chinese hackers infiltrating U.S. networks.  That being said, doesn't it make sense to return the favor?
• Google Video Stream
39. Hacking the Mind, Hacking the Body: Pleasure - Part 1 - C4bl3FL4m3
• Part 2
• A continuation of the infamous "hacking Sex" third track presentation from HOPE Number Six.  This will be a talk about sexuality, pleasure, and our bodies from a hacker's point of view covering such diverse methods as hypnosis, BDSM, role play, sex toys, and body modification.  C4bl3FL4m3 will share her in depth (and sometimes hands-on) knowledge in increasing the pleasure felt by ourselves and our partners.  With brand new material as well as tried-and-true secrets, this presentation is perfect for all genders and orientations.  Topics covered will include erotic hypnosis, sex toys and their usage, BDSM, body modifications, meditation and other sexual/spiritual forms of mind altering, sexual role play, sexual techniques, cybersexuality, tele and technodildonics.
• Notes
40. Hacking the Price of Food: An Urban Farming Renaissance - Bicycle Mark (Mark Fonseca Rendeiro)
• With the global price of food rising dramatically around the world, the number of people at risk of starvation and malnutrition will also increase.  The United Nations Food Program announced earlier this year that it would not have enough money or food to meet its targets due to the cost of food.  In Egypt and other parts of the world, people have been rioting in the face of food shortages and sharp increases in prices.  In places like Thailand that are famous for exporting rice throughout the world, the government has announced cutbacks in exports because of shortages.  A grim picture, to say the least.  Yet while this crisis seems to be unfolding, another rise has come to pass - the return of urban and community farms.  How do these farms manage to exist, seemingly, outside the global game?  Is their business model sustainable and is this truly a renaissance of growing and thinking locally?  Through a series of podcast interviews and reports, the case is presented of how some farmers are hacking the price of food.
41. Hacking the Young Lady's Illustrated Primer: Dispatches from the Field of Educational Technology - Gillian "Gus" Andrews, and Ivan Krstic
• The takeaway message of this panel will be that the critical element in teaching with technology is people - and that hackers need to consider what this means.  The talk will encourage the audience to consider the best ways to tackle the horrendous failures of current technology education.  Topics to be covered: Neal Stephenson's The Diamond Age/Young Lady's Illustrated Primer and whether it can be achieved; the one laptop per child project and the difficulties it currently faces; hair-raising experiences writing an A+ certification curriculum; whether the Pacific Northwest Tree Octopus is real; responses from seventh-graders (or Why Johnny Can't Read on the Internet); and Richard Feynman already taught us everything we needed to know about education - why aren't we listening?
42. The History of Phone Phreaking, 1960-1980 - Phil Lapsley
• This talk will give a brief history of phone phreaking from 1960 to 1980 the Golden Age of the analog telephone network.  After a quick introduction to the then-modern long distance network and "operator toll dialing," you'll see how the first "blue box" came to be, look at why organized crime loved the technology, and see how AT&T and the Department of Justice reacted to this fad in the 1960s.  You'll then follow the phreaks into the 1970s as their hobby hit the mainstream in 1971 with the publication of Secrets of the Little Blue Box in Esquire and the founding of YIPL, the first phone phreak newsletter.  As a bonus, you'll get to listen to some sounds of the old network!  If you've ever used a blue box, this will be a phun trip down Memory Lane - and if you haven't, you'll get to listen to some great examples of hacking with tones!
43. Home Is Where The Heart Is? The Question of Jurisdiction - Douglas Spink
• A presentation on the subject of corporate legal jurisdictions and related topics.  While this sounds boring on the surface, it's actually not - and is more and more relevant every year for those in the tech game.  As physical human beings, we do in fact have a "home jurisdiction" in the legal sense, which is wherever we are living at present.  However, corporations are also "people" in the legal sense but have a flexibility of where they call home.  This ties into areas of international legal issues, corporate governance, privacy of company information, financial systems/banking, personal versus corporate liability, and so on.  Basically, for anyone from a coder who wants "a company" to bill his clients through, all the way up to major tech projects that span multiple jurisdictions in a sophisticated way, few of us who play the tech game are not directly impacted by the question of where a company lives, where it calls home.
44. How Do I Pwn Thee? Let Me Count The Ways - RenderMan (Brad Haines)
• The business world has spawned a new kind of creature, the mobile, traveling worker.  This creature typically carries a multitude of wireless devices on them while traveling to and from clients.  Unless special care has been taken, these devices present a plethora of ways to pwn them and their data.  This talk will take a look at a worst case scenario and go through all the ways one of these business travelers can be pwn'd at a distance by a bored attacker in an airport, hotel, or other public space.
45. How Piracy Feeds a Starving Audience - Michael Perkins
• This talk will present observations of the relationship between technology and art in a comprehensive look at how the rise of piracy and its effect on the music industry can enrich the art form as well as the global audience.  Drawing from the ideology of open source and user-supported technology, this talk will attempt to demonstrate that the concept of "free music" is set to overhaul the way in which music is created and acquired.  The topics to be discussed include the history of the music industry, the war with the RIAA, Digital Rights Management, Creative Commons, and more.
46. How to Talk to the Mainstream Media - Stephen Cass
• Why bother with the mainstream media?  Because that's where the audience is.  Only a tiny percentage of blogs have sizable audiences and even the biggest of those are dwarfed by the audiences for TV news or the circulations of the larger dead-tree newspapers and magazines.  Even online, websites run by mainstream media organizations are major players.  If you're interested in getting your point across to as many people as possible, this talk will improve your chances by telling you what professional journalists want and why, how you can help give it to them, and what pitfalls to avoid.  Also: how to become a TV pundit!
47. Identification Card Security: Past, Present, Future - Part 1 - Doug Farre
• Part 2
• Come learn how identification cards have taken over our lives, how they can be manufactured at home, and how you can start a legal ID making business.  Learn all the tips and tricks about amateur ID manufacTuring
48. The (Im)possibility of Hardware Obfuscation - Karsten Nohl
• This talk will discuss several different approaches to reverse engineering proprietary algorithms from hardware.  It will focus on our mostly automated approach to reconstructing functionality by using a combination of analyzing photos of chip structures and protocol analysis.  Using these techniques, the Mifare RFID tags were hacked, which caused quite a bit of public discussion about proprietary cryptography and "security by obscurity."  The cryptography of the Mifare tags has several vulnerabilities including weaknesses in the random number generator and low resistance against brute force attacks.  Furthermore, statistical flaws of the cipher enable very practical key-recovering attacks.  This presentation will show the whole range of attacks as well as some general techniques to improve cryptographic protocols so they are more resistant.
• Notes
• Slides
49. The Innermost Unifier: Today It's the Corporate Anthem - Johannes Grenzfurthner
• Using different historical and current examples (especially from the area of the hardware/software-industry), Johannes will give a theoretical and applied - and not unamusing - overview on the musical genre of corporate anthems.  Come and sing along.  Powernapping is welcome, too.
50. Installation Art in HOPE Space - Daravinne (Christina Olson), Albert Hwang (Phedhex), Randy Polumbo, Erik Sanner, and Sean Mongomery
• In an effort to continue the knitting together of the art scene and the tech scene, Daravinne has gathered local artists to create art installations in the lobby and mezzanine spaces of the conference.  Four artists are being showcased, each with their own unique spin on tech art.  Albert Hwang has created a 3D wiremap, Randy Polumbo has some electrified flowers, Erik Sanner wants us to play chess, and Sean Montgomery's biofeedback wearables will tell you how you're feeling.
51. The Intersection of Culture Jamming, Hacking, and Hacktivism - Part 1 - Pan, Phineas Narco, Tim Maloney, %20, Fred Church, Steev Hise, Ricardo Dominguez, Bernardo Attias, and Mark Hosler
• Part 2
• Over the past nearly 20 years, the Internet has proved to be fertile ground for projects that raise awareness, question authority, and inspire social cohesion.  Culture jamming, hacking, and hacktivism have helped provoke changes in the technical, cultural, and political aspects of our society.  This panel aims to provide an overview of these techniques through examples of some of the more memorable projects.  Starting with the manipulation of voicemail services and leading up to denial of service attacks on government web servers, the panel will cover how these projects were organized and executed as well as the reaction that they inspired.  This 90 minute panel will also include a discussion section (with audience participation encouraged) where they will contemplate what use these techniques have in light of the quickly changing Internet and digital media landscapes.
52. Introduction to MCU Firmware Analysis and Modification with MSP430static - Travis Goodspeed
• The Texas Instruments MSP430 is a low-power, 16-bit microcontroller which is rapidly gaining in popularity in the embedded world.  MSP430static is a tool for reverse engineering the MSP430's firmware.  Following a quick tour under the hood of this tool, this lecture will demonstrate how to analyze, modify, and reflash a black-box firmware image.
53. Introduction to the Open Web Application Security Project - Tom Brennan (jinxpuppy)
• This talk will provide attendees with an introduction to the Open Web Application Security Project as well as a discussion and demo of application security hacks based on research of common client issues discovered when performing assessments.  In the end, those attending will have a better understanding of APPSEC.
54. IPv6, the Next Generation Network Playground - How to Connect and Explore - Joe Klein
• A replacement for IPv4 was first imagined after the 1990 report warning of IP address exhaustion was released.  It took another five years until the RFC for IPv6 was released and another year before it was implemented in an operating system (BSD) and a network (6BONE).  During that time RFCs meant to extend the useful life of IPv4 were killing the end-to-end connections.  This includes RFC 1518 - Classless Inter-Domain Routing (CIDR), RFC 1631 - Network Address Translation (NAT), and RFC 1918 - Address Allocation for Private Internets.  From that point on, many protocols required workarounds, patches, and hacks just to continue to communicate.  Worse yet, each change reduced the usefulness of firewall and increased the attack surface.  Now, 18 years later, we have the opportunity to test and explore this replacement for IPv4.  This presentation will discuss the basics of IPv6 including features, benefits, and addressing.  There will also be a review of how to connect to the IPv6 network - even if your ISP is clueless.  Discussion will include a review of tools needed to test and explore IPv6 as well as a look at the most common IPv6 vulnerabilities.
• Slides
55. Keynote Speaker: Steven Levy - Steven Levy
• The author of Hackers: Heroes of the Computer Revolution and chief technology writer and a senior editor for Newsweek will give us his insightful perspective of hackers, technology, and history.
56. Kitchen Hack Lab: Interactive Food Disassembly - Gweeds (Guido Sanchez)
• Open-source recipe development vs. secret restaurant techniques, hacked hardware vs. expensive science toys.  Food hacking is the redheaded stepchild of molecular gastronomy.  With audience participation, there will be some weird cooking, documenting of tasting notes on the wiki, a demonstration of current culinary exploits with kitchen appliance hacks, and an introduction of some recent food hacking ventures including hack lab tours and some dope culinary software.
57. The Last HOPE Closing Ceremonies - Part 1
• Part 2
• This is where it all comes to a thrilling conclusion.  In an even longer than usual finale, we'll be sharing some of the highlights and technical details of the AMD project and what we learned from our experiment of RFID-enabled badges for 1500 of our attendees.  We'll also have our entire network team on stage to let you know what succeeded this year and what didn't.  And then it's on to the actual closing down of what will certainly prove to be a most memorable conference.  Highlights will be recollected, prizes will be awarded, tears will be shed.  This is the moment where we all realize just how much fun it's been and how we can accomplish great things (like cleaning up after the closing ceremonies) if we join forces and work together.
58. Macro Social Engineering - LexIcon
• Macro social engineering is using social interactions, mass media, and other methods to affect wide scale social change.  LexIcon will talk about leadership and the artist's editorial voice in relation to his own efforts to improve both the hacker community and the global community.
59. Maintaining a Locksporting Organization and Breakthroughs in the Community - Doug Farre and Jon King
• This presentation will go into detail about how to start and maintain a locksport organization and how groups like these can lead to influential research.  You'll learn how to keep everyone excited about lock picking and how to turn your club into a well oiled machine for years to come.  In addition, you'll find out what it takes to produce a good lock picker and see how anyone can influence the lock industry even after only a few months of being on the scene.  Jon King's research on high security Medeco locks will be revealed in detail.  There will also be a demonstration on how to build a tool to pick high security cylinders, and how the responsible disclosure of exploits in the hardware world can make a positive impact for all involved.
• 'Medecoder' Demonstration  (YouTube)
60. Methods of Copying High Security Keys - Barry Wels and Han Fey
• In this two hour workshop you will learn some new and advanced opening techniques for high security locks from two key members of the locksport group Toool in the Netherlands.  Special attention will be given to duplicating high security keys and detailed analysis of modern locking systems.  After the presentation, some of the tools and techniques can be seen up close at the Lockpicking Village.  You are invited to bring your complex locks or "impossible to copy" keys....
61. Monumental Women Who Influenced Today's Technology - L33tphreak
• An historical summary of females who either participated in or were pioneers of advancements that affect the technology-driven industries of today.  This talk will be covering topics including: the gender bias surrounding ENIAC and how it pushed women to show they can succeed in a "man's world," how "The Women of ENIAC" came to be and why, historical females in computing sorted in chronological order by birth starting in the early 1800s, the women who contributed to telephony, and ending with a short video clip borrowed from Nightline.  This is designed as a 50-minute whirlwind journey exposing the estrogen-laced side of technology - women are strongly encouraged to attend and show their pride of being female geeks (a rare find in the testosterone ocean of technology).
62. The New York City Taxi System: Privacy vs. Utility - Nick Leghorn
• When people think of New York City, three icons come to mind: the Statue of Liberty, the Empire State Building, and the classic yellow taxi cab.  However, even the most seasoned New Yorker barely understands the complicated system that transports over 241 million passengers every year, includes more than 40,000 vehicles, and generates in excess of $2 billion every year.  During this presentation you will learn about the New York City taxi system and how the new technologies (such as GPS tracking, credit card transactions, SMS messaging, and touch screen kiosks in the car) are being implemented, including the privacy and security concerns that surround them.  You'll also take a peek at some of the proposed changes that will make the New York City taxi system more accessible and more efficient.
63. No-Tech Hacking - Johnny Long
• The best way to describe this talk is to simply quote some of what we received from its presenter:"I'm Johnny.  I hack stuff.  I've been at it for quite a while now, and I've picked up a few tricks along the way.  I get asked about my tricks all the time, mostly by kids who saw that movie.  You know the one.  But I've always said no.  I've held onto my secrets as part of the pact I made with the hacker underground.  I mean, I'm allowed to give talks and presentations about hacking stuff, but the secrets... the real super-cool secrets I've had to keep to myself.  The head of the underground said so.  But I got this email the other day that says I'm THIS close to getting kicked out of the underground.  Seems the glare of the public eye has been on me for far too long and I've become a liability.  So, I'm going to be proactive. I'm going to quit before they can fire me....  The underground is gonna be sooo ticked off."
64. "Off the Grid" Voice & Data Communications - Skip Arey and Bernie S.
• It's Orwellian.  We're so conditioned to believe we've little choice but to rely on government-regulated, corporate-owned voice/data networks designed to log our communications traffic and content.  People can be held incommunicado by routine network failures, natural disasters, and by political actions- often when communications is needed most.  But modern two-way radio can provide effective and reliable short-range and global voice/data communications at relatively little cost, and it can't be logged by conventional (CALEA) methods.  This discussion will tune into the latest surprising developments in amateur (ham) radio, unlicensed spread-spectrum, and other two-way radio technologies and applications.
65. One Last Time: The Hack/Phreak History Primer - Jason Scott (Jason Sadofsky)
• In 2008 $2600 is 24 years old, the computer bulletin board system is a 30 year relic, and a good number of attendees of HOPE were not born when some events of the "modern" era of computers and hacking began.  Historian Jason Scott of textfiles.com presents a quick primer of a large part of the basics of hacking and phreaking history, touching on those sometimes obscure or hilarious subjects that may have escaped notice in a Web 2.0 world.
66. Packing and the Friendly Skies - Why Transporting Firearms May Be the Best Way to Safeguard Your Tech When You Fly - Deviant Ollam
• After a particularly horrible episode of airport theft, Deviant made the decision to never again travel by air with unlocked luggage.  Because of this he now flies with firearms all the time.  Federal law allows (in fact, it requires) passengers to lock firearm-bearing luggage with non-TSA-approved padlocks and does not permit any airport staffer to open such bags once they have left the owner's possession.  In this talk, you will learn the relevant laws and policies concerning travel with weapons.  It's easier than you think, often adds little to no extra time to your schedule (indeed, it can expedite the check-in process sometimes), and may actually be the best way to prevent tampering and theft of bags during air travel.
• PowerPoint Slides
67. Pen Testing the Web with Firefox - John "DaKahuna" Fulmer and Michael "theprez98" Schearer
• Hacking the web has never been easier.  Whether you're using Firefox as a standalone tool for information gathering, modifying your browser with innovative extensions, or using Firefox as a web front-end for other penetration testing tools, you can hack all within the potentially anonymous cozy confines of your customized browser.  Putting it all together brings your hack-foo one step further.  DNS lookups, uptime reports, hosted hash crackers and online scanners are at your browser's fingertips.  With Firefox's innovative add-on feature, a number of powerful extensions have been developed for security scanning, ethical hacking, penetration testing, and general security auditing.  Finally, a number of penetration testing applications are built specifically with web-based front-ends.  Add in a few recommendations for your setup and a few places to test your hacking skills, and your recipe for hack soup is complete.
68. PenTest Labs Using LiveCDs - Thomas Wilhelm
• Despite being discussed in both books and a magazine article, the De-ICE.net Pentest LiveCD project is not well known.  To help spread the word, this talk will discuss the history and current state of the project along with ideas for the future.  In addition, a new project will be presented for the first time for those interested in learning more about Pentest tools.
69. PGP versus PKI - Laura Raderman
• Both PGP and PKI take advantage of public key technology, but they are fundamentally different in the ways they perform key management.  The talk will start with a quick overview of asymmetric cryptography before diving into the details of how and why PGP and PKI are different, what audiences they serve, as well as how to get on the "PKI bandwagon."  The discussion will be focused on the key management and trust issues in both technologies.
70. Phone Losers of America - Murd0c, Rob T. Firefly (Rob Vincent), I-baLL (Leo), and Sidepocket (Jordan White)
• The Phone Losers of America's 15th anniversary panel will include video presentation of various prank calls, real-life pranks on unsuspecting businesses and people, audio prank calls, real-time questions and answers, as well as a history of prank calls, phone phreaking and the ways the PLA have gone about setting everything up.
• PLA Media DVD  15 Years of PLA (July 2008)
71. Phreaking 110: The State of Modern Phreaking - I-baLL
• An intermediate talk about phreaking today.  Discussion will include information about INWARDS operators and how to reach them, along with Automatic Call Distributor phone exchanges that allow anonymous access to all sorts of weird locations (911 operators, local operators, etc.) while confusing the crap out of the people on the other line as they see you coming in from nonexistent locations.  Also touched upon will be the basics of SS7, the IAM, differences between CID, CPN, and ANI plus CLIR and CLIRO.  Discussion will include Caller ID spoofing, tips on how to increase your chances of getting a fully legal tour of your local CO, and other topics such as calling supervision, telephone extenders, and weird telco tie lines.
72. Phreaks, Confs, and Jail - TProphet and Barcode
• In the mid to late 90s, phreaks spent a lot of time on teleconferences (known as "confs,") created a lot of mischief, and more than a few went to jail.  Fast forward a decade and phreaks still spend a lot of time on confs, create even more mischief, and still occasionally go to jail.  Join TProphet for a walk down memory lane and into the present day, where practically any security can still be defeated by a smooth-talking social engineer.  More importantly, learn how new technologies such as VoIP can impact the trustworthiness of the telephone system (even including critical infrastructure such as 911).
• Google Video Stream
73. Policy Hacking: Taking Back Public Sector IT - Arjen Kamphuis
• On January 1st, 2002, Arjen tried to access the website of the Dutch national railway (www.ns.nl) using Linux.  The site refused him access, saying it was IE-only.  This sparked a conversation with members of parliament about the need for open standards.  Over a five year period, he progressed from talking to opposition MPs to meeting the economics minister directly and was able to significantly influence national policy despite total lack of funding or any specific mandate.  As a result, the Dutch public sector will move to standardize on Open Documents Format and use open source where comparable functionality is available in all new procurements as of 2008.  Use of ODF as a public sector document standard will be mandatory in 2009.  This talk will tell the tale of why this was accomplished, how it was done, and how others can do it too in other countries around the world.  You'll learn how to get access to the powers-that-be, how to get non-technical people interested in the subject, and how to align your policy proposals with existing policies.  While some of the political reasons for wanting open standards and open-source in government IT will be touched upon, the focus of the talk will be mainly on how to get results.
74. Port Knocking and Single Packet Authorization: Practical Deployments - Michael Rash
• Port Knocking and its big brother, Single Packet Authorization (SPA), can provide a robust additional layer of protection for services such as SSH, but there are many competing Port Knocking and SPA implementations.  This talk will present practical usages of fwknop in Port Knocking and SPA modes, and discuss what works and what doesn't from a protocol perspective.  Integration points for both iptables and ipfw firewalls on Linux and FreeBSD systems will be highlighted, and client-side support on Windows will be demonstrated.  Finally, advanced functionality such as inbound NAT support for authenticated connections, sending SPA packets over the Tor anonymity network, and covert channel usages will be discussed.  With SPA deployed, anyone scanning for a service with Nmap cannot even tell that it is listening; let alone target it with an exploit (zero-day or not).
• Notes
75. Postal Hacking - CypherGhost
• A review of the United States Postal Service discusses numerous mail-related issues.  What is the heaviest thing that you can send in a flat rate box?  What happens if you mail a sphere?  What are the mysteries of digital postage meters?  A look at how modern automation allows you to send a letter 3000 miles for only 42 cents and what security vulnerabilities might exist in that infrastructure.  How the new "PLANET" barcode will track all mail in the future.  It's all 100 percent legal, but sure to make the mailman wonder.  Postal inspectors welcome.
76. Programming Your Mobile Phone for International Calling - The Cheshire Catalyst
• Many people are not aware of the nuances of setting up their mobile telephone for use in telephone networks overseas.  Whether they plan to call their correspondents before they leave the states, or if they plan to call friends back home once they are there, The Cheshire Catalyst will explain how to program telephone numbers in the Contact List of a mobile phone so they will work no matter where the call is placed.
77. Project Telephreak - Da Beave (Champ Clark), Slestak, Notkevin (Kevin Reilly), Gid, R0d3nt, and Jfalcon
• Telephreak was a group that was never meant to be.  That is, it wasn't started as a "group" or "club" for dorks.  It just ended up that way.  It started as a conference system that could be used to talk with other like minded individuals around the world.  This club of dorks now encompasses several projects, mostly due to the members' diverse interests.  These include OpenVMS clusters (public access) and VoIP related projects (Asterisk add-ons) to X.25 networks.  This panel will also be discussing "Project Telephreak" that's located in the Mezzanine area.  They will also discuss other projects currently being worked on, such as iWar, the Deathrow Project, various Asterisk projects, and non-VoIP projects.
78. Pseudonymization Methodologies: Personal Liberty vs. the Greater Good - Jon-Michael C. Brook
• Think of four facts that can separate you from the rest of the general populous: name, address, date of birth, or Social Security Number perhaps.  They are all likely what's currently referred to as Personally Identifiable Information (PII).  In the data privacy realm, PII disclosure is the CSI trace evidence that corporations are increasingly finding themselves as silhouettes within blood splatter patterns on the wall.  These PII disclosures may be avoided through the use of anonymization, or more importantly, pseudonymization. This talk will focus on the history, methodology, benefits, risks and mitigations, and current players, as well as provide a demonstration of the technology.
79. REAL ID Act and RFID: Privacy and Legal Implications - Tiffany Strauchs Rad
• Radio Frequency Identification (RFID) is a practical and useful technology for locating items without the requisite close proximity as needed with older technology, such as bar codes.  However, new technologies such as RFID "powder," internal and external pre-crime detectors, and insertion into children's clothing and other personal items have pros and cons associated with the practicality of its use.  In addition, RFID use in access control, identification documents, and banking cards, while convenient and illegal to jam, may lack important security features to prevent unauthorized scanning and usage of the data contained.  The REAL ID Act mandates using RFID in ID cards that most Americans should carry for domestic airline travel and must carry for international travel.  This discussion will examine current RFID technology and security concerns as well as how the RFID technology implemented in REAL ID Act cards and passports may pose privacy and security risks.
80. Reprimand Panel - Gonzo DeMann (Michael J. Ferris) and I-baLL
• One would think that, after being online for six years, an e-zine would have a few stories to tell, and the Reprimand does.  There will be nothing technical on this panel.  It will be a lighthearted look back over those six years, the beginnings of the zine, and some of the adventures that were had.  Come listen to the culture jam, and be with friends talking to friends.
81. RIAA Litigations: How the Tech Community Can Help - Ray Beckerman and Zi Mei
• This talk will be an update on RIAA litigations against ordinary individuals based on allegations of p2p file sharing.  It will focus on the RIAA's legal theories and how they threaten the Internet, the RIAA's reliance on "junk science" to make its case, and what the tech community can do to help.
82. Safecracking - Eric Schmiedl
• Despite many appearances in film and television, fairly little is widely known about how safes can be opened without the proper combination or key.  This talk will attempt to address some of the questions commonly asked about the craft, such as is it really possible to have a safe open in a minute or two using just a stethoscope and some clever fingerwork?  (Yes, but it will take a bit more time than a few minutes.)  Are the gadgets used by secret agents in the movies ever based on reality?  (Some of them.)  The talk will cover several different ways that safes are opened without damage, as well as the design of one lock that is considered completely secure.
83. Sharing Your Love of Technology with Normal People - Prometheus Radio Project Tips - pete tridish and Steph99
• Prometheus Radio Project, based in West Philly, builds radio stations with farmworkers' unions, civil rights groups, neighborhood associations, and others who want to free the media from corporate control.  They have built radio stations in Guatemala, Kenya, Mexico, and Tanzania, as well as all over the United States.  In Greek mythology, Prometheus was the one who stole fire from the gods, who had been hoarding this powerful technology, and taught humanity to use it.  Representatives from Prometheus Radio will discuss their work building radio stations and fighting to change the laws so that more groups can have access to the airwaves.  In this talk, they will particularly focus on their practices in demystifying technology with groups that lack prior technical training.  Prometheus has built 11 stations in "radio barnraisings," where over 200 volunteers converge to build a full operating radio station over a three day weekend, with most participants having never touched a soldering iron before in their lives.  While focusing on Prometheus' experience with radio, this presentation can be helpful to any nerd who has tried to explain a technical subject to people who lacked technical knowledge or skills.  Are there things that geeks can do that can help normal people share our fascination with technology?  It's magical when someone who thinks they know nothing about a technology suddenly realizes that they understand it and can use it just as well as the rich and powerful can!  Prometheus will share the tricks of popular technical education they've learned over the years.
84. Simulating the Universe on Supercomputers - Mark Vogelsberger
• This talk will describe recent progress in the field of cosmic structure formation and will mainly focus on computational problems and methods carrying out such large simulations on the fastest supercomputers available today.  It will also present very recent results on a new simulation of the Milky Way dark matter components.  There will be a discussion of virtual maps of gamma-ray annihilation radiation seen by a NASA satellite.  If this satellite can discover dark matter by its annihilation, this would mark a new very large step in science.
85. The Singularity: Focus on Robotics and Hackers - Ben Sgro (mr-sk)
• The 1970s was an era of technological breakthroughs.  Exciting projects and groundbreaking discoveries were made by hackers, government, and commercial entities.  Today we should consider ourselves lucky to be sitting in the front row for the birth of the robotics industry.  Nearly 40 years after the birth of the computing industry, our lives are merged with the Internet.  Similar to the 1970s computing industry, early robotic developments are complex and their practical applications are rare.  Less than 40 years from now, our bodies and minds will be merged with the robotics and technologies we are creating today.  In our lifetime, we will see software merged with robotics that mimic humans, surpass them, and proceed to yield creations of their own.  There will be no distinction between human and machine or between physical and virtual reality.  AI, robotics, and other emerging technologies will result in the Singularity; a fundamental paradigm shift for human kind.  This presentation will dive into the Singularity, current and emerging robotics, and discuss where hackers fit into all this.  Various robotic platforms will be on display as well.
86. Social Engineering - Emmanuel Golddigger and Friends
• In a tradition that began at the very first HOPE conference, the art of social engineering will be discussed and demonstrated against random hapless victims over the telephone live for your entertainment.
87. Spy Improv: Everything You Ever Wanted to Ask and Did Not Know Who to Ask - Part 1 - Robert Steele
• Part 2
• The recovering spy and ass-kicking critic of everything stupid will range wild, interspersing comments on 9/11, Dick Cheney, Rudy Guliani, and other misfits, with straight-up, no bullshit answers to any question.
88. Starting Your Own Con for Fun and No Profit: A How-to - Paul Schneider (Froggy) and Jodie Schneider (Tyger)
• One of the core values of the hacker scene is the concept of DIY.  If you don't like something, whatever it is, get busy, do-it-yourself, and do it better!  In this presentation there will be a discussion of the experiences in starting Notacon in Cleveland from the ground up with little to no experience.  A look at some of the problems and pitfalls encountered, as well as some of the things Jodie and Paul did to save themselves tons of headaches.  Along the way they will touch on the concepts of taxes, law, organization, human nature, and even some of the stupid shit people have done at previous events.  This will be a discussion about what's possible in the future at other events and an inspiration for those who have an idea to throw a con to just go ahead and do so!
89. Strengths and Weaknesses of (Physical) Access Control Systems - Eric Schmiedl and Mike Spindel
• Access control systems are widely used in security, from restricting entry to a single room to locking down an entire enterprise.  The many different systems available - card readers, biometrics, or even posting a guard to check IDs - each have their own strengths and weaknesses that are often not apparent from the materials each vendor supplies.  This talk provides a comprehensive overview of 20 different access control technologies that focuse on weaknesses (particularly little known or not-yet public attacks) and other points that a buyer would not likely get from a vendor.  Also presented will be a model for thinking about access control systems in general that will provide a useful framework for evaluating new or obscure technologies.
90. Technical Surveillance Countermeasures - A Brief Primer on the Arcane Art and Science of Electronics Surveillance and "Bug" Detection - Marty Kaiser
• The spooky world of covert electronic surveillance and countermeasures by governments, corporations, and individuals is veiled in secrecy, intrigue, and myth.  Few people are well qualified to speak authoritatively about it, and fewer still are willing to.  Hear firsthand from one of the most legendary and respected wiretap and bugging experts in the United States about some of the methods and technologies used, some case studies, and the future of privacy and surveillance from an insider's viewpoint.
91. Undoing Complexity - From Paper Clips to Ball Point Pens - Matt Fiddler and Marc Tobias
• This talk will be a systematic approach to dissecting and disabling multiple layers of physical security in locks.  In this presentation, the focus will be on embedded design defects in high security locks, and how their discovery translates into security vulnerabilities and the disclosure of such flaws.  The attack methodology for high security locks will be reviewed.  Demonstrations will include case examples, examining tolerance exploitation, code design analysis, and leveraging the interaction of internal components within a locking system to achieve different types of bypass. The application of this program in the development of covert, surreptitious, and forced methods of entry will be examined.  Also discussed will be the concept of responsible disclosure upon the discovery of security vulnerabilities, and how this concept applies to both those who discover flaws and to the manufacturer that produces them, and why the same concept becomes a technical, logistical, legal, and financial minefield for manufacturers.
92. VLANs Layer 2 Attacks: Their Relevance and Their Kryptonite - Kevin Figueroa, Marco Figueroa, and Anthony L. Williams
• Proper network infrastructure configuration is a crucial step in a successful in depth defense strategy for any organization.  The fact that the network fabric is susceptible to these attacks years after their initial discovery is alarming and disgusting at the same time.  This discussion revisits these attacks using contemporary techniques and tools and also offers equally contemporary solutions to mitigate or foil these malicious network attacks as the case may be.  Networking professionals will be able to walk away from this presentation with solid remedies to these issues and with a reinforcement that they actually still exist and are pertinent to a network security strategy that will function now and in the future.
93. VoIP (In)security: Italians Do It Better - Alessio L.R. Pennasilico
• Various VoIP vulnerabilities will be described here using some real case histories.  There will be a detailed explanation of how a small group of annoyed Italian VoIP hackers used the Chaos Computer Club phone network during the 2007 hacker camp for fun and profit.  Also, the story of a disgruntled employee, ways to fool bosses, how a stupid joke can turn into a social engineering attack, and what the implications might have been had the group been malicious.  Italian grappa will also be a subject of discussion.
94. Warrantless Laptop Searches at U.S. Borders - Decius
• U.S. customs agents have begun randomly searching the contents of laptops carried by individuals across U.S. border checkpoints.  Personal laptops contain increasingly vast and intimate collections of information about their owners, and cannot be easily sanitized for government inspection prior to travel.  The privacy implications of this policy are obviously tremendous.  There is presently a debate in the U.S. court system about the constitutionality of these searches.  This talk will cover the developments so far, explaining (and criticizing) the basic legal framework in which this debate is occurring as well as the reasoning employed by the courts that have heard this issue.  Related topics will also be discussed, such as recent controversy over the Fifth Amendment right to refuse to reveal an encryption password to the police and the Anti-Counterfeiting Trade Agreement.  Attendees will be armed with a deeper understanding of these present threats to our fundamental rights.
95. What and Who is "Anonymous?" - Alex Vanino (DeMiNe0), Dusk, Little Sister, Mike Vitale (Sethdood), PokeAnon, Atkins, and Ryan Hannigan (Dr3k)
• Anonymous is an anti-group which takes nothing too seriously and values free speech in the extreme.  The self-styled Anonymous (used as a mass noun) is a label and Internet meme adopted within Internet culture to represent the actions of Internet users acting anonymously toward a given agenda.  In this sense, Anonymous is "all of us, yet none of us."  The term is used in phrases such as "We are Anonymous.  We do not forgive.  We do not forget."  More recently, in 2008 specific actions were undertaken by specific group, groups, or organizations, also self-named as "Anonymous," and often associated with websites and chat systems on the Internet.  The general public's introduction to the group began with Project Chanology, a protest against the Church of Scientology.  The most visible element of the protest was mass protests of many Church sites worldwide, the first being held on February 10, 2008.  Anonymous, as a protest group, lacks a visible hierarchical structure or leaders, instead relying on individuals to contribute to the group on their own.
96. Wikipedia: You Will Never Find a More Wretched Hive of Scum and Villainy - Virgil Griffith
• Not only the world's largest text-based MMO, Wikipedia is a staple of the Internet user's information diet.  Because of this, Wikipedia is also laden with manipulation, forgery, and the downright unscrupulous.  In a never before seen presentation, Virgil will mine deep into the bowels of Wikipedia to unearth nefarious deeds whose perpetrators never thought would see the light of day.  New software will be released at this talk.  If you liked WikiScanner, you will like this more.
• Slides
97. YouTomb - A Free Culture Hack - Oliver Day, Dean Jansen, Quentin Smith, and Christina Xu
• YouTomb scans sections of sites where popular videos pop up (Digg, Technorati, YouTube, etc.) and adds these videos to a database.  This growing database is continually re-scanned and all the metadata is logged.  When a video from the YouTomb database (about a quarter million right now) goes down, it is featured on the YouTomb website.  The future of YouTomb may include: tracking geographic blocking, caching the videos themselves, tools for bloggers and people embedding YouTube clips, a search function(!), and more.  YouTomb was born at Free Culture MIT.  This session will begin as a presentation, but should quickly become an interactive discussion.
98. The Zen of the Hacker - Joshua Ginsberg
• An inquiry into the conditions under which hacker culture thrives, the curiously American quality of hacker culture, and the evolving challenges for preservation of the hacker ecosystem.