The Circle of HOPE.

Jul 28 2018

Last weekend the twelfth Hackers On Planet Earth conference, subtitled The Circle of HOPE was held at the Hotel Pennsylvania by 2600 Magazine.  As with most years, I made my cross-country pilgrimage to New York City to attend.  I flew out on Thursday morning with the eventual goal of making it to my hotel early enough that I could order in, relax a bit, and get to sleep early to shake the inevitable jet lag so I could be somewhat functional the next day.  Modulo the usual difficulty in catching a ride from JFK, I made good time and accomplished a decent amount of war driving along the way.  There isn't much to remark on until the next day...

Defcon 25.

Aug 01 2017

Well, I'm finally back from Defcon 25 and writing up my notes while in the throes of con drop before too much of the experience fades from memory.  Suffice it to say that I have opinions about last weekend, which I will attempt to write as concisely as I can.  I don't like being negative about things because my experience is my own, and I much prefer that people have their own experiences and make up their own minds about things.  However, I would be lying if I painted a rosy picture of my attendence of the largest hacker convention on the planet this year.  I did not have a good time, I was not the only one, I learned just about nothing new, and it left me with very few fun (or even good) tales to regale people with.  It also felt like the weekend flew by - three days came and went before I knew it, which is both a little disorienting and not actually a bad thing when looking at the thirty thousand foot view.

After a protracted period of getting ready, most of which involved fighting with trying to get my designated burner phone reactivated after sitting for a year in the box I was finally ready to hit the road.  You can, in fact, purchase functional SIM cards for just about any cellular provider from eBay and buy a pre-paid plan.  Upon arriving in Las Vegas and accepting the 106 degree punch in the face, I hailed a shuttle to my hotel and climbed aboard.  This year, Vlad found us lodgings within easy walking distance of Caesar's Palace, where Defcon had moved to this year.  I hauled my kit upstairs, ordered a pizza, and plopped myself down to read and relax for the first time in a couple of days.

I'd love to tell you how much fun I had at Defcon and give you detailed write-ups of all the talks I went to (taken from copious handwritten notes, of course), but I didn't make it to a single talk, and was able to visit only one village (the Biohacking Village) twice.  Mind you, this was after waiting in line for roughly two hours and not getting into the talks I'd originally come to see.  Not that the talks I wound up seeing weren't interesting, they were, but they weren't what I was trying to attend.  In addition, the Biohacking Village (that I know of) and other village rooms (that I only heard about and thus cannot confirm firsthand) have made a practice of flushing the room (throwing everybody out) to prevent camping, so as to keep the lines moving and thus making sure that most everybody in line gets into something.  The lines for just about every talk I saw were around the corner, sometimes two corners, and most of the way down the hallways.  I didn't bother trying to get into the talks in the main tracks.  Unsurprisingly, go ahead and laugh, I kept getting lost in the labyrinthine hallways of Caesar's Palace.  Possibly much to your surprise, many people who actually have a sense of direction kept getting lost there, too.  Some of the maps posted on the corners and at the infobooths gave incorrect directions to various locations.  Many of the Goons I spoke to didn't know where things were, either.  I don't blame them for it at all; a few admitted to me that they had no idea where anything was, either, so I don't feel alone in my frustration.  I can't speak to how well organized Defcon was this year because I'm not in a position to know what was going on.  What I do know is that Caesar's Palace is very difficult to navigate, and if I'd known how hard it would be I would have gone up a couple of days early specifically to sneak around and learn where everything was ahead of time.

Back from Defcon 25.

Aug 01 2017

Back from Defcon 25.

Exhausted.

Dealt with multiple crises at home.

Didn't spend as much money as I usually do, which isn't a bad thing.

Spent quality time with some old friends.  I hope I made a few new ones.

I have opinions.  They'll have to wait until I get some sleep.

'twas the week before DefCon.

Jul 16 2017

UPDATE - 20170902 - Typos, finding emergency exits.

So, after many years I've decided that it's my turn to write a first-timer's guide to Defcon.  There are many like it, so I'll try to be as frank as I can about the topic.  I'm going to try to write for people who've never been to Defcon before (but may have been to other hacker cons).  I'm not going to lie or joke around (which some of the guides tend to do) and give as much personal advice as I can.  I'm also going to try to not sound like your parents, because nobody likes to read stuff like that.

It's been said that it is a common thing for people to write about their OPSEC protocols for Defcon that they don't use any other time, with the implication that they aren't serious about their security or privacy any other time and are sitting ducks any other time.  I would politely like to point out that not everybody has the same threat model: Defcon has one of the most hostile network environments on the planet, one which is not often found anywhere else.  It is erroneous to assume that people who only talk about how they prepare for Defcon do not take the same kinds of precautions at any other time.  What those people do may not be your business or anyone else's at any other time.

To that end, here are some of the security protocols that I use at Defcon, and happen to use at other times while I'm traveling, as well as some friendly advice to folks new to Defcon.

A toast.

Jan 01 2017

Here's to the sysadmins, who fight to keep everything up and running.  And reboot printers along the way.

Here's to tier-1 tech support, who know the answers but are only allowed to recite from their scripts.

Here's to the pen testers, who keep plugging away.

Here's to desktop support, who occasionally see things they can never unsee.

Here's to the red team, who throw everything from Devo costumes to pork chops to ballroom gowns to the kitchen sink at the mission.

Here's to the hacktivists, who toil endlessly to make the world a better place.

Here's to the open source hackers, whose thankless tasks are labors of love.

Here's to the whistleblowers, who lay everything on the line to try to set things right.

Here's to the lawyers, who honestly answer the question "So, how much trouble could I get in if I did this?"

Here's to the reversers, who yank out their hair while asking the question "What the hell does this even mean?" over and over again.

Here's to the hackers who submit talks to DefCon every year but never get accepted.  You keep trying, over and over again.

Here's to the people with the honest questions, who uncover horrors never before dreamed.

Here's to the newbies, who spend long hours punching away to learn arcane skills to satisfy their own curiosity.

Here's to you.

HOPE XI - This one went to eleven!

Jul 30 2016

It's mostly been radio silence for the past couple of days. If you're reading this you've no doubt noticed that Switchboard (one of my constructs) posted the slides from my talk earlier this week. As sophisticated and helpful as she is, Switchboard can't yet pick thoughts out of my wetware to write blog posts. And so, here I am, my primary organic terminal sitting at Windbringer's console keying in notes, saving them, and then going back to turn them into something approaching prose. I've just now had the time to sit down and start writing stuff about HOPE XI, largely because after getting back all hell broke loose at my dayjob (per usual) so I haven't had the time. In point of fact, this writeup will probably happen over the course of a couple of days so it might come off as a bit disjointed.

It felt kind of strange attending this HOPE. I missed the last one two years ago because I was in the middle of moving into our new place on the other coast so I felt a little out of the loop. I missed just about everything that happened there and I keep forgetting to go back and track down the video recordings (so I'll have another part of me do that). It didn't take long to get back into the stride, though. Once you start attending hacker cons regularly it's easy to find how everything comes together, dive in, and get out of it what you're looking for. There weren't many vendors there because HOPE is largely a talks-and-talking to people kind of conference but I did come home with a few things to practice with as I always do. I also went out of my way to not buy another full wardrobe of t-shirts because, even after getting rid of 4/5 of my collection (including, I hasten to add, much of my collection of hacker convention shirts) space in my dresser is still at a premium. So goes the life of a self-admitted clothes horse. I also found one of Seeed Studio's FST-01 ultra-miniature 32-bit computers for sale at a table and snapped it up to use it with NeuG as a random number generator in a few of my projects because my Geiger counter died some months ago, but that's a writeup for another time.

After landing, picking up my luggage, and catching a cab to the hotel I met up with Seele, Genetik, and Nuke, whom I was splitting a hotel room with. I was a bit chagrined when Seele told me that there'd been a booking mixup and the Hotel Pennsylvania had to give us a different room. What I hadn't expected was that they gave us what amounted to a con suite, two full-sized rooms hooked together like a smallish apartment that easily had room for twice as many people as would be staying there. There was sufficient room that we were able to spread out as much as we liked with room left over so sleeping was quite comfortable. I never really got over the jet lag this time so my sleep schedule was all messed up. I may have averaged about four hours of sleep a night all weekend, modulo having to take a nap for a couple of hours on Saturday afternoon because I could neither concentrate on anything nor tune out background noise for very long. Either one left me with a dizzying sense of sensory overload which left me unable to see straight. It also meant that I spent the next couple of days trying to catch up and crashing hard after work for ten to twelve hours, with very strong but fragmentary dreams as my primary long-term memory optimized itself. It was the kind of sleep deprivation that you didn't know you had, as opposed to the kind of sleep deprivation where you know full well you've been awake for three days straight and you feel it in your bones, your fingers, and even in your hair. I didn't make it to all of the talks I wanted to but I did make a point of picking up a couple of DVDs before I left of the ones I really wanted to hit; I also downloaded most of the livestream recordings to watch later on the media box, probably after I get off the road the week after next.

A colleague of mine once remarked that there comes a point where you pretty much level out of most of the stuff that happens at hacker cons and you get more out of interacting with everyone there than you do from attending talks or seminars. I was somewhat skeptical at the time but open-minded about the possibility. Now I'm wondering if that's not the case because, from reading a whitepaper or two and having part of me do a search I can pretty much reconstruct the content of the talk (as verified by actually watching a recording of the talk later) and get the same thing out of it. I definitely came away from most of the discussions I found myself in with new perspectives on a lot of things.

So it goes.

I will be presenting at The Eleventh HOPE.

May 28 2016

UPDATE: Now that the official HOPE schedule has been published I can say that I'll be speaking in the Noether room on Sunday, 24 July 2016 at 2:00pm EST4EDT.

UPDATE: The Internet Society will be livestreaming video of the talks as they happen. Here's the page listing all of the livestreams.

I found out last weekend (yes, I've been sitting on this - timed posts are the busy blogger's friend) that the talk I submitted for The Eleventh HOPE in July of 2016 was accepted. I will be giving a presentation on Exocortex, my latest work (of mad science), entitled Constructing Exocortices with Huginn and Halo at some point that weekend. I'll be talking about both Huginn (I asked Andrew if he would present with me; he declined because he may not be able to attend HOPE this year (and Andrew, if somehow you can fit it into your busy schedule I'd really like it if you did..)) and Exocortex Halo. To be more specific, I'll be talking a little bit about how they work - what agents do and how they fit together to process information individually to carry out more complex tasks. I'll also be talking about how Halo's constructs send and receive information to and from Huginn to accomplish more sophisticated things (like generate the speech that gets played over a VoIP link or send commands to a personal search engine to index an entire site to sort through later).

This also puts me on the hook to come up with some really off-the-wall but useful stuff to show off. Thankfully I've got several hundred off-the-wall ideas already written down. Now where are my d10's...

When I know where my talk fits into the HOPE schedule I'll post with the specifics. I'd really appreciate it if everyone spread the word about my talk (and thank you in advance if you do).

Catching up on posting.

May 26 2016

I'd beg the forgiveness of my readers for not posting since early this month, but chances are you've been just as busy as I've been in the past few weeks. Life, work, et cetera, cetera. So, let's get to it.

As I've mentioned once or twice I've been slowly getting an abscessed molar cleaned out and repaired for the past couple of months. It's been slow going, in part because infections require time for the body to fight them off (assisted by antibiotics or not) and, depending on how deep the infection runs it can take a while. Now I can concentrate on getting the molar in front of it, which has long been a thorn in my side, er mouth, worked on. Between being in close proximity to a rather nasty infection and the general stresses applied to molars during everyday life the seal on the crown broke at some point, leaving it somewhat loose and making squishing sounds when I chew. I don't know the extent of the involvement, but from coming home from work wiped out just about every night I'm starting to suspect that something nasty is going on in there also; it's a pattern that I've come to recognize over the years as suggestive of an immune response. There's a good chance that this particular pain-in-the-ass is going to need major repairs and, given how little of the original tooth is left (I lost count of the number of surgeries and root canals performed on it a couple of years ago) I'm pretty much resigned to losing the tooth entirely. I'll probably wind up getting an implant in its place if it does get pulled for the sole reason that it'l prevent the rest of the teeth in my mandible from slowly drifting to the fill in the space. Of course, if I do get an implant I'll try to stick a magnet to it and if it works I'll post the pictures.