The Last HOPE

[error]

The Last HOPE is more of a hacker event than a freedom event, but this community tends to have a larger than average segment of libertarians within it. I'll be there myself, to learn a few things, have a little fun, and maybe get a few people signed up for the Free State Project.

Some of the talks I intend to drop by. There's much more than this going on, but these are the ones I really want to hit and take something away from:

Autonomously Bypassing VoIP Filters with Asterisk: Let Freedom Ring

Blake Cornell, Grandma Death, Jeremy McNamara

Foreign governments and ISPs within Panama, Belize, the Caribbean, Mexico, Brazil, the UAE, China, India, Saudi Arabia, and others have implemented VoIP filters of some type. The effect is obvious - phone calls are effectively blocked. How can Asterisk developers and providers develop mechanisms to help maintain communication through the wake of government supported access control mechanisms?

Earth Intelligence Network: World Brain as EarthGame

Robert Steele

The first speaker at the first HOPE in 1994 will describe the emergence of the Earth Intelligence Network, the World Brain, and EarthGame as the triumverate that will empower We the People and make most governance and many organizations both transparent and obsolete. Emphasis will be placed on the eradication of corruption and restoration of the sovereign individual.

Escaping High Security Handcuffs

Ray

Everybody knows normal police handcuffs are no real challenge for lockpickers, even though it helps to know the inner workings and tiny differences of the various models in use today. Less publicly known is that there's also a variety of "high security" handcuffs on the market, used mainly for high risk prisoners and during transfers. But those also have their weaknesses... This talk will give an overview of the products in use today and their different attack vectors - not only focusing on picking but also bypassing some of the most advanced locking mechanisms used in this field.

Featured Speaker

Steven Rambam

Hopefully there will be no surprises this year. In 2006, privacy expert Steven Rambam's two hour panel was disrupted by federal authorities who arrested him at the conference just prior to its commencement. In the end, he was completely vindicated and went on to finally give his talk several months later to a packed house at a local university. This year, Steven will be on for three hours, in part to make up for what you may have missed last time, but mostly because what he says about the state of privacy in our society will captivate you.

Grand Theft Lazlow - Hacking the Media by Laughing at Them

Lazlow

A talk by Grand Theft Auto IV cowriter and coproducer Lazlow focusing on that phenomenal project as well as what's been going on in media in the last decade. Beginning in 1996, corporations began gobbling up every newspaper, billboard, radio and TV station in the United States. Ironically, since then, readership and ratings have plummeted, resulting in entertainment executives and editors programming even more sensationalist and desperate content. Lazlow discusses how parody of the media in video games, on TV, and online can often garner a larger audience reaction than the media establishment itself. He will describe why the mainstream media invents crises, and the reaction by the media and Hollywood establishment to the growing popularity of interactive worlds where players are celebrities rather than smug starlets tittering for TMZ. How can you hack the media? In this interactive talk Lazlow talks about his work in radio, video games, and the future of the media, democracy, and the role of comedy in it.

Hackateer Premiere

John Threat, Mark Abene aka Phiber Optik

Hackateer is an episodic adventure series about a team of hackers who are being chased by quasi-government agencies. The show blends a reality Do It Yourself tech show with a scripted spy/adventure narrative shot in anime style. Embedded within the entertainment of an episode, viewers learn how to take everyday technology and use it in ways they never dreamed of and not always originally intended. The show also features interrogations with top hackers and tech people from around the world that are kidnapped by the Hackateers. Hackateer is also unique in that the show is cast with real underground hackers and the stories are drawn from world famous hackers and their real life exploits.

Hacking Democracy: An In Depth Analysis of the ES&S Voting Systems

Matt Blaze, Sandy Clark, Eric Cronin, Gaurav Shah, Micah Sherr, Adam Aviv, Pavol Cerny

Last Fall, Ohio Secretary of State Jennifer Brunner commissioned Project EVEREST, a comprehensive security review of the electronic voting technology used in her state. The project contracted several academic teams and others to examine the election procedures, equipment, and source code used in that state, with the aim of identifying any problems that might render elections vulnerable to tampering under operational conditions. The ten-week project examined in detail the touch-screen, optical scan, and election management technology from e-voting vendors ES&S, Hart InterCivic, and Premier Election Systems (formerly Diebold). Penn led the analysis of the ES&S system source code, which is also used by voters in 42 other U.S. states besides Ohio. This talk will outline the U. Penn team's findings, which included the discovery of exploitable security vulnerabilities in almost every hardware and software component of the ES&S touch-screen and optical scan systems. Some of these flaws could allow a single malicious voter or poll worker to alter countywide election results, possibly without detection. The team will discuss their findings and will also describe more generally the process of analyzing 700,000 lines of unfamiliar source code in less than ten weeks under highly constrained conditions. The full 334 page report (which also includes analysis of the Hart and Premier systems done at Penn State and WebWise Security) can be downloaded from the Ohio Secretary of State's web site at http://www.sos.state.oh.us/sos/info/EVEREST/14-AcademicFinalEVERESTReport.pdf

How to Talk to the Mainstream Media

Stephen Cass

Blogs, vlogs, podcasts, RSS, even old school websites and mailing lists - there's never been more ways for hackers to get their message out. So why bother dealing with the mainstream media? Because that's where the audience is. Only a tiny percentage of blogs have sizable audiences and even the biggest of those are dwarfed by the audiences for TV news, mainstream media websites, or the circulations of the larger dead-tree newspapers and magazines. If you're interested in getting your point across to as many people as possible, this talk will improve your chances by telling you what professional journalists want and why, how you can help give it to them, as well as what pitfalls to avoid.

Identification Card Security: Past, Present, Future

Doug Farre

Come learn how identification cards have taken over our lives, how they can be manufactured at home, and how you can start a legal ID making business. Learn all the tips and tricks about amateur ID manufacturing and pick up the first ever Complete Amateur ID Making Guide. Also, come test your ability to spot a fake versus a real and check out the newest in ID technology: polycarbonate laminates, biometrics, Teslin, and RFID. Lastly, see how corporations are affecting the identification card fiasco in the U.S. and how the Real ID Act is going to affect you. What's in your wallet?

Introduction to the HOPE AMD Project

LexIcon, Daravinne, Neo Amsterdam, Aestetix, Echo, Dementia, Matt Joyce, Chris Petro

The Attendee Meta-Data Project is an attempt to study the movement, demographics, participation levels, and interests of the HOPE conference's attendees on a grand scale. We want to give attendees an RFID chip and matching code number at registration. They will take the code number to a terminal and fill out a web survey querying biographical and interest-based data. We will then track the RFID chips as they move past certain "choke points" going into seminars and moving around the mezzanine (expo area). This biographical, interest, and movement information will be compiled in a database and be used to provide near-real time data visualization. During the conference, attendees will be able to query the database and generate their own visualizations and data comparisons, play games based on proximity to certain sensors, and find other people with similar interests during a special meet-up session. On the last day of the conference we will have a seminar to talk about the project's original goals and the results, and to see what everyone came up with during the conference. This project will test the limits of passive RFID technology, introduce new data visualization techniques, and provide a unique dataset for further study by the global community.

Macro Social Engineering

LexIcon

Macro social engineering is using social interactions, mass media, and other methods to affect wide scale social change. LexIcon will talk about leadership and the artist's editorial voice in relation to his own efforts to improve both the hacker community and the global community.

Methods of Copying High Security Keys

Barry Wels, Han Fey

In this two hour workshop you will learn some new and advanced opening techniques for high security locks from two key members of the locksport group Tool in the Netherlands. Special attention will be given to duplicating high security keys and detailed analysis of modern locking systems. After the presentation, some of the tools and techniques can be seen up close at the Lockpicking Village. You are invited to bring your complex locks or "impossible to copy" keys....

"Off the Grid" Voice/Data Communications

Skip Arey, bernieS

It's Orwellian. We're so conditioned to believe we've little choice but to rely on government-regulated, corporate-owned voice/data networks designed to log our communications traffic and content. People can be held incommunicado by routine network failures, natural disasters, and by political actions- often when communications is needed most. But modern two-way radio can provide effective and reliable short-range and global voice/data communications at relatively little cost, and it can't be logged by conventional (CALEA) methods. This discussion will tune into the latest surprising developments in amateur (ham) radio, unlicensed spread-spectrum, and other two-way radio technologies and applications.

Packing and the Friendly Skies - Why Transporting Firearms May Be the Best Way to Safeguard Your Tech When You Fly

Deviant Ollam

After a particularly horrible episode of airport theft, Deviant made the decision to never again travel by air with unlocked luggage. Because of this he now flies with firearms all the time. Federal law allows (in fact, it requires) passengers to lock firearm-bearing luggage with non-TSA-approved padlocks and does not permit any airport staffer to open such bags once they have left the owner's possession. In this talk, you will learn the relevant laws and policies concerning travel with weapons. It's easier than you think, often adds little to no extra time to your schedule (indeed, it can expedite the check-in process sometimes), and may actually be the best way to prevent tampering and theft of bags during air travel.

Social Engineering

In a tradition that began at the very first HOPE conference, the art of social engineering will be discussed and demonstrated against random hapless victims over the telephone live for your entertainment.

Spy Improv: Everything You Ever Wanted to Ask and Did Not Know Who to Ask

Robert Steele

The recovering spy and ass-kicking critic of everything stupid will range wild, interspersing comments on 9/11, Dick Cheney, Rudy Guliani, and other misfits, with straight-up, no bullshit answers to any question.

Strengths and Weaknesses of (Physical) Access Control Systems

Eric Schmiedl, Mike Spindel

Access control systems are widely used in security, from restricting entry to a single room to locking down an entire enterprise. The many different systems available - card readers, biometrics, or even posting a guard to check IDs - each have their own strengths and weaknesses that are often not apparent from the materials each vendor supplies. This talk provides a comprehensive overview of 20 different access control technologies that focuse on weaknesses (particularly little known or not-yet public attacks) and other points that a buyer would not likely get from a vendor. Also presented will be a model for thinking about access control systems in general that will provide a useful framework for evaluating new or obscure technologies.

Technical Surveillance Countermeasures (TSCM) - A Brief Primer on the Arcane Art and Science of Electronics Surveillance and "Bug" Detection

Marty Kaiser

The spooky world of covert electronic surveillance and countersurveillance by governments, corporations, and individuals is veiled in secrecy, intrigue, and myth. Few people are well qualified to speak authoritatively about it, and fewer still are willing to. Hear firsthand from one of the most legendary and respected wiretap and bugging experts in the United States about some of the methods and technologies used, some case studies, and the future of privacy and surveillance from an insider's viewpoint.

VoIP (in)security: Italians Do It Better

Alessio L.R. Pennasilico

Various VoIP vulnerabilities will be described here using some real case histories. There will be a detailed explanation of how a small group of annoyed Italian VoIP hackers used the Chaos Computer Club phone network during the 2007 hacker camp for fun and profit. Also, the story of a disgruntled employee, ways to fool bosses, how a stupid joke can turn into a social engineering attack, and what the implications might have been had the group been malicious. Italian grappa will also be a subject of discussion.

[K. Darien Freeheart]

I wanna go.

[error]

I wanna go.

What's stopping you?

[Russell Kanning]

cool

[Lex]

Would be nice if these were recorded and put up on google video or something. We did this for the Python Conference this year. Every single talk was recorded and stuck on google video.

[error]

cool

When somebody talks about making government obsolete, they've definitely got my attention.

Would be nice if these were recorded and put up on google video or something. We did this for the Python Conference this year. Every single talk was recorded and stuck on google video.

That's a great idea. I'll see what I can arrange.

[K. Darien Freeheart]

What's stopping you?

Mainly the lack of money and time. It's way too short notice to get my company to foot the bill, though I think I could justify it if I tried hard.

[error]

Audio from The Last HOPE has been posted in case you want to listen to some of the talks.

[K. Darien Freeheart]

Sweet! Any specific talks you recommend?

[error]

Sweet! Any specific talks you recommend?

I recommend different things for different people.

For you, I recommend you look through the whole list.

For Russell, I would recommend "Escaping High Security Handcuffs" not because I expect Russell to do such a thing, but because it would alarm the feds.

[K. Darien Freeheart]

For you, I recommend you look through the whole list.

Damnit, I've got 44 talks to listen to now.   

On the other hand, it couldnt' have come at a better time. I was stuck in traffic for three hours today and maaged to exhaust my supply of fresh FTL.

[les nessman]

The Last HOPE is more of a hacker event than a freedom event, but this community tends to have a larger than average segment of libertarians within it

   I've noticed that as well.  I don't know if it is related to the persons mindset to ask why, or as a result of discovering things are more or less set up to control the average person on the street. 

[K. Darien Freeheart]

For me, it's just that I'm critical. As a kid, the teachers would tell me "This is how you do the math problem" but I always asked "Why" the process was that way. Perhaps genetics, perhaps environment, but I always found ways to improve the flaws. I managed to get that math down to about three steps and would show them, but get things "wrong" because I didn't do the process "right". I really do think the process of critical thinking and "acceptance" conflict, and critical thinking is needed to break past the veil of brainwashing.

Damnit, I've got 44 talks to listen to now.

Listening to some on the way home... They're pretty "Dry" and some of them really need visuals. I think I'm going to whiddle this down to 5 or so.

[Lex]

Where can I get the slides or the guide that he talks about in the "Identification Card Security: Past, Present, Future" by Doug Farre?

[error]

Where can I get the slides or the guide that he talks about in the "Identification Card Security: Past, Present, Future" by Doug Farre?

I dunno, ask him.