HACKER SUMMER CAMP 2024 GUIDES — Part Six: HOPE XV

DCG 201
67 min readJul 13, 2024

--

Welcome to the DCG 201 Guides for Hacker Summer Camp 2024! This is part of a series where we are going to cover all the various hacker conventions and shenanigans both In-Person & Digital! This year in 2024 we have completely lost our minds and thus we will have a total of 18 guides spanning 3 months of Hacker Insanity!

As more blog posts are uploaded, you will be able to jump through the guide via these links:

HACKER SUMMER CAMP 2024 — Part One: Surviving Las Vegas & Virtually Anywhere 2024

HACKER SUMMER CAMP 2024 — Part Two: Capture The Flags & Hackathons

HACKER SUMMER CAMP 2024 — Part Three: Design Automation Conference #61

HACKER SUMMER CAMP 2024 — Part Four: ToorCamp 2024

HACKER SUMMER CAMP 2024 — Part Five: LeHack 20th

HACKER SUMMER CAMP 2024 — Part Six: HOPE XV

HACKER SUMMER CAMP 2024 — Part Seven: SummerCon 2024

HACKER SUMMER CAMP 2024 — Part Eight: DOUBLEDOWN24 by RingZer0

HACKER SUMMER CAMP 2024 — Part Nine: TRICON & REcon 2024

HACKER SUMMER CAMP 2024 — Part Ten: The Diana Initiative 2024

HACKER SUMMER CAMP 2024 — Part Eleven: Wikimania Katowice

HACKER SUMMER CAMP 2024 — Part Twelve: SquadCon 2024

HACKER SUMMER CAMP 2024 — Part Thirteen: BSides Las Vegas 2024

HACKER SUMMER CAMP 2024 — Part Fourteen: Black Hat USA 2024

HACKER SUMMER CAMP 2024 — Part Fifteen: DEFCON 32

HACKER SUMMER CAMP 2024 — Part Sixteen: USENIX Security Trifecta 2024

HACKER SUMMER CAMP 2024 — Part Seventeen: HackCon 2024

HACKER SUMMER CAMP 2024 — Part Eighteen: SIGS, EVENTS & PARTIES

HOPE XV (HACKERS ON PLANET EARTH)

Date & Time: Friday, July 12th — Sunday, July 14th

Location: St. John’s University (8000 Utopia Pkwy, Queens, NY 11439)

Website: https://www.hope.net/

Tickets: https://hope.net/tickets.html

Virtual Platform(s): Matrix, LIVESTREAM (custom)

Schedule: https://schedule.hope.net/hopexv/schedule/

Live Streams:

Marillac: https://hope.net/marillac.html
Little Theater:
https://hope.net/littletheatre.html
Tobin:
https://hope.net/tobin.html

Virtual Chat:

Matrix: https://element.hope.net/

Discord: https://discord.gg/9hABUzz

IRC: irc.2600.net/#hope

Affordability: There will be tickets available at the door for $250. Cash and all major credit cards are accepted. They can also be bought or sold through the ticket exchange on the HOPE wiki.

Code Of Conduct: https://hope.net/codeofconduct.html

The Hackers on Planet Earth (HOPE) conference series is a hacker convention sponsored by the security hacker magazine 2600: The Hacker Quarterly that until 2020 was typically held at Hotel Pennsylvania, in Manhattan, New York City. Occurring biennially in the summer, there have been twelve conferences to date with the most recent occurring 20–23 July 2018.

A New HOPE will be a transformational conference for the hacker community — in so many ways. We’ve all been through a lot, and it’s been challenging. It is a time to come together again to inspire, transform, and share HOPE.

The 15th Hackers On Planet Earth (HOPE) conference will be held from July 12–14, 2024.

HOPE XV is a THREE DAY EVENT, spanning from Friday, July 12nd through Sunday, July 14th, 2024.

The event is live and in-person, at St. John’s Univeristy, in Queens, New York City.

HOPE XV will include scheduled talks, panels, workshops, keynotes, geeky vendors, food, art, concerts, performances, and much more!

As with all HOPE conferences, you will be able to watch all of the talks for free online, live-streamed. They will also all be recorded and available online after the conference.

We’ve had so many truly amazing people appear on stage at our HOPE conferences over the years. Sadly, a number of our shining stars have passed away. See the Memoriam Page For Details: https://hope.net/memoriam.html

This is where many at DCG 201 got their start after following the local NYC 2600 meetings. Most of our friends from New Jersey and New York City are involved in this convention, and we have many fond (and not so fond memories) from the original bed-bug infested roof partying Club Mate drinking Hotel Penn. Focused more on the hacker community and hacktivism, HOPE is a huge staple for us at DCG 201 and hackers from around the world as there is no convention that is quite like it.

NOTE: Due to multiple reasons that he is unable to list here, our Co-Founder “Sidepocket” would like to use this small section to inform everyone that he is NOT attending HOPE XV this year. You can reach out to him online and if you are in the NYC area, you know how to contact him.

EMERGENCY NUMBERS IN NEW YORK CITY

Department of Health and Mental Hygiene (DOHMH) Bureau of Communicable Disease: 866–692–3641

Emergency Preparedness Mental and Behavioral Health & NYC Well: 888-NYC-WELL or 888–692–9355

Poison Control Center (24/7): 212-POISONS or 212–764–7667

Department of Homeless Services: 212–361–8000

Emergency Management: 718–422–8700

Emergency Medical Services: 718–999–2770

Fire Department (FDNY): 718–999–2000

Bronx: 718–999–3333

Brooklyn: 718–999–4444

Manhattan: 212–999–2222

Queens: 718–999–5555

Staten Island: 718–999–6666

Hospital Preparedness Program Office of the Chief Medical Examiner: 212–447–2030

Terrorism Hotline: 888-NYC-SAFE or 888–692–7233

QUEENS TURNS FROM DETROIT TO A SUBURB IN NEW JERSEY IN THE SPAN OF THREE BLOCKS, HALP!!!

NYC Travel & Queens Hotels

Once you’ve arrived in New York City, here are some transit suggestions for getting to the St. John’s campus. You can also find suggestions and specific time information at https://tripplanner.mta.info.

Offline NYC MTA Subway Map for Android: https://play.google.com/store/apps/details?id=com.thryvinc.nycmap&gl=US

Offline NYC MTA Subway Map for iOS: https://apps.apple.com/us/app/new-york-city-subway-map/id683294660?ign-mpt=uo%3D8

Accessibility Map: https://new.mta.info/map/5346

One ride on a subway or local bus is $2.90 (transfers are free between modes of transit). 7-day unlimited MetroCards, as well as pay-per-ride options, are available; a $1 surcharge also applies for getting a new MetroCard. MetroCard vending machines are available at subway stations and transit hubs, but not at bus stops. All buses and subway entrances are also equipped with OMNY readers, which will allow you to use a contactless credit or debit card for your fare. If you do not want to leave a digital trail of your travels, we suggest you purchase a MetroCard with cash or coins. Learn more about buying MetroCards at https://new.mta.info/fares/where-to-buy-a-metrocard.

VIA MTA LOCAL TRANSIT

(You will need to sign up to the OMNY system or a MetroCard to ride the MTA. One ride on a subway or local bus is $2.90 7-day unlimited cards ($33), as well as pay-per-ride options, are available; a $1 surcharge also applies for getting a new MetroCard. MetroCard vending machines are available at subway stations and transit hubs, but not at bus stops.)

There are nearly an infinite number of ways of getting from one place to another in the subway system. All subway lines run frequently around the clock. Here is how to get to HOPE from three of the closest subway stations.

169th Street — F Train

Catch the Q30 or Q31 bus at the intersection of Hillside Avenue & Homelawn Street. Get off at Utopia Parkway & Union Turnpike (around 10 minutes). Cross Utopia Parkway and walk to Gate 4 on Union Turnpike.

Kew Gardens/Union Turnpike (E or F Train) (wheelchair accessible)

Catch the Q46 bus on Queens Boulevard outside the Pickman building. Get off at Union Turnpike & 175th Street (around 15 minutes). You will be at Gate 4 (the pedestrian entrance to HOPE).

Jamaica Center (E, J, or Z Train) (wheelchair accessible)

Catch the Q30 or Q31 bus on the corner of Sutphin Boulevard & Archer Avenue (adjacent to the Long Island Railroad building). Get off at Utopia Parkway & Union Turnpike (around 20 minutes). Cross Utopia Parkway and walk to Gate 4 on Union Turnpike.

OMNY TAP-TO-PAY SYSTEM

There are three ways to pay using OMNY:

  • A Digital Wallet
  • A Contactless Bank Card
  • The OMNY Card

All three payment methods generally work the same, in that you have to hold the payment method against a special OMNY reader to unlock the turnstile.

A Digital Wallet

Your smartphone or smartwatch likely already supports a digital wallet like Apple Pay, Google Pay/Wallet or Samsung Pay. With these digital wallets you usually set up one or more credit/debit cards as a payment option(s) and select one as the default payment. Depending on your phone/watch settings, you might have to unlock the device before you can use it at the OMNY reader. On Apple Pay, I recommend you set up your card as a Transit Express card, which will allow you to tap your phone/watch without unlocking your device. With most digital wallets, as you tap your device against an OMNY reader it will vibrate indicating successful payment.

A Contactless Bank Card

Many credit cards, debit cards or prepaid cards already support contactless payment. Oftentimes, on the back of these bank cards you will find this logo: which indicates that the card supports contactless payment. You might have to call your bank to activate contactless payment if you have never used it that way. If you bank card does not support contactless payment, you can still pay with it if you add it to a digital wallet discussed previously.

The OMNY Card

The OMNY card is a physical, plastic card. It is shaped like a credit card with the word OMNY in the front. It has barcodes both on the front as well as on the back of the card. The back side also has a magnetic stripe as well as an expiration date.

These cards will carry a monetary value/balance similar to the old Pay-by-value MetroCard. Each time you use the card to pay for a ride, the cost of the ride will be subtracted from its balance. OMNY cards are not yet sold in subway stations, but you can buy them at local convenience and neighborhood stores (like CVS, Walgreens, 7-Eleven stores) with cash or credit. If you have trouble finding a store, the New York Transit Museum Gallery & Store at Grand Central Terminal also sells them. They come in a black gift-card like sleeve like so:

It costs $5 to purchase an OMNY card, which does not go towards the balance of the card. When you buy the card, the retailer will ask you how much money you want to put on the card. The minimum amount to load is $1, which is a bit useless given that a single fare costs more than that. You can return to any retailer to reload your card when its balance is low or do so online at omny.info. Inside subway stations, you will also find OMNY readers where you can tap these cards to find out how much value you have left, but currently there is no way to recharge those cards inside the subway station yet. New OMNY-card capable vending machines to buy and recharge OMNY cards inside subway stations are slowly being introduced and will be fully available throughout the entire system by the end of 2024.

As noted the OMNY card has an expiration date printed on the back of the card after which the card becomes unusuable. Newly issued cards don’t expire until 7 years from issuance. You can transfer any remaining value on the card to a new card up to two years after the expiration date.

A word of caution: the OMNY card has a bunch of details in the back including an 18-digit card number, a CVV number and an expiration date. Using these information, anyone can register the card online and see the card’s entire past usage including all the subway stations you have swiped in. As such, be careful about posting pictures of the card on social media.

Once you are set up with any of these three payment methods, you are ready to use it to pay for your subway ride. You will find OMNY readers at every turnstile at every subway station and on every MTA bus throughout the entire system. The readers look like this:

Note that the reader is slightly angled to the left, because each reader always unlocks the turnstile to the left of it.

In order to use OMNY, first make sure that the reader has the four blue corner lights and says “OMNY TAP HERE”:

As you approach the turnstile, simply hold your payment method near the reader (you don’t actually have to touch it). You will hear a beep and the digital screen will display “GO” with green corners:

At this point, the regular single-ride fare of $2.90 has been deducted from your payment method and you should proceed in going through the turnstile to the left of the reader. You do not have to hurry as the turnstile will remain unlocked until you go through it (but don’t hold up other commuters behind you for that matter). If for some reason the tap is not confirmed, an error message will appear with one of the following reasons:

  • TAP AGAIN: The tap was not successful. Simply try again.
  • TAP ONE CARD: You are likely trying to tap with multiple payment methods at the same time. This usually happens if you tap a physical wallet with multiple eligible cards in it, or maybe your mobile phone has one of those fancy cases that also holds a credit card. Make sure to tap only one payment method at at time.
  • PAYMENT METHOD EXPIRED: The bank card has expired.
  • PAYMENT NOT ACCEPTED: This particular payment method you used is not accepted with OMNY.
  • RIDE LIMITED EXCEEDED: While you can tap a single payment method multiple times to pay for multiple people traveling in a group, you can do so only at maximum 4 times (including yourself) at any given station.

Children under 44 inches (112 cm.) regardless of age can ride trains for free as long as they are accompanied by a fare-paying adult. (The children can just walk underneath the turnstile.)

UNLIMITED RIDE

Besides using OMNY to deduct $2.90 for each ride, the MTA also supports a fare capping mode. Think of it as an “unlimited week pass”. This is how it works:

In any given 7-day period, if you use OMNY more than 12 times, all remaining rides until 11:59pm on the 7th day are free. This is known as fare-capping and basically sets the maximum amount you have to pay at $34 (a little bit less than 12 * $2.90).

In order for this to work, you must use the exact same OMNY payment method each time. The system will deduct $2.90 for each of the first 11 rides. The 12th tap will only cost $2.10 (to make this a whole $34) and all remaining rides will be free for the rest of the 7-day period.

Note that the 7-day period can start on any day of the week, but ends at midnight on the 7th day. For instance, if you first tap on a Wednesday at 10pm your “free” window will end next Tuesday at 11:59pm.

For those travelling in a group, remember that you can use a single OMNY payment method multiple times at a given turnstile to let through multiple people, but only the first tap in that case will be counted against your fare capping goal. In other words, each person must accrue their own 12 rides individually using their own payment method.

For those familiar with the old yellow MetroCard system, you might recognize that $34 is the same cost in both systems, but there are a few key differences.

First, with OMNY you don’t have to commit to paying the full $34 for the week pass right away. You might not know ahead of time if you use it more than 12 times, so with fare-capping you get the best of both worlds and the system decides on what will be cheaper for you. With the previous MetroCard, you pay $34 up front even if you end up only using it for a single ride.

Secondly, OMNY does not support monthly passes (yet), which is why you’ll still see some local New Yorkers still use MetroCards.

OTHER OMNY INFORMATION

Here are some other things to know about OMNY:

  • NYC-based students, senior citizens, and people with disabilities can use OMNY at a reduced fare ($1.45 per ride). This involves first applying for the old MetroCard Reduced-Fare program here and then linking your Reduced-Fare transit card with your OMNY account online. See the MTA website on this for more information.
  • The system currently only supports full-fare, Pay-per-ride, Reduced-Fare and the weekly fare capping options. It does not yet support the monthly Unlimited Ride option, which we do not expect to arrive until 2024.
  • In the Pay-per-ride mode, the system allows for a single free transfer between subway and buses (within 2 hours). With OMNY, make sure to tap the exact same payment method on both forms of transportation. The OMNY reader still says “GO” on the second tap, but at the end of the day, the MTA will only charge you a single fare.
  • While not required, you can also optionally register for an OMNY account online so you can view your trip history and manage your payment methods. This even works retroactively, so even if you register today and specify the details of your payment methods, you can see a full history of past usage as far back as a year including the specific time and location of each tap. Presumably in the near future, you can recharge your OMNY card online here as well.
  • If you only have cash, the only way to use OMNY is by buying the OMNY card at a local retailer. The majority of subway stations are not yet equipped with vending machines to buy or recharge OMNY cards yet, but we expect them very soon in 2024. For now, you are better off buying the old MetroCard with the cash instead. Every subway station is still equipped with a MetroCard vending machine.
  • A long term goal is for OMNY to replace all of New York’s transportation modes. You can already use it on all subway lines as well as the Staten Island Railway. It is also available on local, limited, and express buses including Select Bus Service routes buses. In addition, you can use OMNY to pay for the AirTrain at the JFK airport as well. Expect to see OMNY even on commuter rail lines like PATH, Long Island Rail Road and Metro-North in the near future.

VIA MTA EXPRESS BUS

(You will need a MetroCard to ride the MTA. 7-day unlimited options, as well as pay-per-ride options, are available; a $1 surcharge also applies for getting a new MetroCard. MetroCard vending machines are available at subway stations and transit hubs, but not at bus stops. If you plan on utilizing the Express Bus option, one ride is $6.75. You can also purchase a 7-day unlimited MetroCard with Express Bus availability for $62.)

Jamaica LIRR Station

Head downstairs to street level and catch the Q30 or Q31 bus on the corner of Sutphin Boulevard & Archer Avenue (adjacent to the Long Island Railroad building). Get off at Utopia Parkway & Union Turnpike (around 20 minutes). Cross Utopia Parkway and walk to Gate 4 on Union Turnpike.

169th Street Subway Station (F Train)

Catch the Q30 or Q31 bus at the intersection of Hillside Avenue & Homelawn Street. Get off at Utopia Parkway & Union Turnpike (around 10 minutes). Cross Utopia Parkway and walk to Gate 4 on Union Turnpike.

Kew Gardens/Union Turnpike Subway Station (E or F Train)

Catch the Q46 bus on Queens Boulevard outside the Pickman building. Get off at Union Turnpike & 175th Street (around 15 minutes). You will be at Gate 4 (the pedestrian entrance to HOPE).

Jamaica Center Subway Station (E, J, or Z Train)

Catch the Q30 or Q31 bus on the corner of Sutphin Boulevard & Archer Avenue (adjacent to the Long Island Railroad building). Get off at Utopia Parkway & Union Turnpike (around 20 minutes). Cross Utopia Parkway and walk to Gate 4 on Union Turnpike.

Via Express Bus

The QM5 and QM6 express bus provides a one-seat ride from numerous stops in midtown Manhattan to Union Turnpike & Utopia Parkway for $7 (coins, OMNY card, or MetroCard only).

VIA LONG ISLAND RAILROAD (LIRR)

(Long Island Railroad tickets are available for purchase at LIRR stops, including Penn Station. They may be purchased in conjunction with MetroCards at marked kiosks. You will need a MetroCard to get on the local bus.)

Take the Long Island Railroad to Jamaica (around 20 minutes from Grand Central Madison or Penn Station in Manhattan, or Atlantic Terminal in Brooklyn). Head downstairs to street level and catch the Q30 or Q31 bus on the corner of Sutphin Boulevard & Archer Avenue (adjacent to the Long Island Railroad building). Get off at Utopia Parkway & Union Turnpike (around 20 minutes). Cross Utopia Parkway and walk to Gate 4 on Union Turnpike.

VIA CAR (ALSO DIRECTIONS FOR LYFT, UBER, ETC.)

The official street address for St. John’s University is 8000 Utopia Parkway, Jamaica, NY 11439. Secure garage parking is readily available on campus!

HOPE is very easy to get to by car. And parking is free! (We make no promises about traffic, though.)

Directions From Manhattan

Take the Queens Midtown Tunnel to the Long Island Expressway. Take Exit 25 (Utopia Parkway). Stay on the service road to Utopia Parkway and turn right. Follow Utopia Parkway and cross Union Turnpike; turn right at Gate 3 for free parking. (If you want to avoid the tunnel toll, use one of the four free bridges and make your way to the Long Island Expressway. This could add significant time, however, depending on traffic and time of day.)

Directions From Brooklyn

Option One

Take the Belt Parkway (east). Take Exit 19 (Van Wyck Expressway or I-678 north). Take Exit 8 (Main Street/Union Turnpike). Make a right onto the Grand Central Parkway service road. Turn left at Homelawn Street which will become Utopia Parkway. The campus will be on your left. Turn left at Gate 3 (just before Union Turnpike) for free parking.

Option Two

Take the Jackie Robinson Parkway (east) to Exit 8E (Grand Central Parkway east), exit at Utopia Parkway (Exit 18) onto the service road. Turn left at Homelawn Street which will become Utopia Parkway. The campus will be on your left. Turn left at Gate 3 (just before Union Turnpike) for free parking.

Directions From the Bronx

Option One

Take the Throgs Neck Bridge to the Clearview Expressway. Take Exit 2 and make a right onto Union Turnpike. Make a left onto Utopia Parkway and an immediate right at Gate 3 for free parking.

Option Two

Take the Triboro (RFK) Bridge to the Grand Central Parkway. Exit at Utopia Parkway (Exit 18) onto the service road. Turn left at Homelawn Street which will become Utopia Parkway. The campus will be on your left. Turn left at Gate 3 (just before Union Turnpike) for free parking.

Directions From Long Island (North)

Option One

Take the Northern State Parkway to the Grand Central Parkway. Take Exit 19 (188th Street). Turn left and make an immediate right onto the service road. Follow the service road to Utopia Parkway. Bear right onto Utopia Parkway. Turn left at Gate 3 (just before Union Turnpike) for free parking.

Option Two

Take the Long Island Expressway. Take Exit 25 (Utopia Parkway). Stay on the service road to Utopia Parkway and turn right. Follow Utopia Parkway and cross Union Turnpike; turn right at Gate 3 for free parking.

Directions From Long Island (South)

Take the Southern State Parkway to the Cross Island Parkway. Proceed to the Grand Central Parkway (west). Take Exit 19 (188th Street). Turn left and make an immediate right onto the service road. Follow the service road to Utopia Parkway. Bear right onto Utopia Parkway. Turn left at Gate 3 (just before Union Turnpike) for free parking.

Directions From Connecticut

Follow I-95 south to the Bruckner Expressway toward the Throgs Neck Bridge. Cross the bridge to the Clearview Expressway. Take Exit 2 and make a right onto Union Turnpike. Make a left onto Utopia Parkway. Turn right at Gate 3 for free parking.

VIA CITI-BIKE RENT-A-BIKE & REVEL SCOOTER

HACKERS ON A PLANE

From JFK Airport

A taxi or rideshare will typically take around 20 minutes.

You can use the JFK Airtrain which will get you to Jamaica Center for $8.25. From there, catch the Q30 or Q31 bus on the corner of Sutphin Boulevard & Archer Avenue (adjacent to the Long Island Railroad building). Get off at Utopia Parkway & Union Turnpike (around 20 minutes). Cross Utopia Parkway and walk to Gate 4 on Union Turnpike.

From LaGuardia Airport

The easiest and quickest way to get to HOPE from LaGuardia is to take a taxi or rideshare to the campus (less than 15 minutes usually).

If you really want, you can get to HOPE for a single bus/subway fare by taking the free Q70 bus to the Jackson Heights-Roosevelt Avenue subway stop. From there, take the E or F train to Kew Gardens/Union Turnpike. Catch the Q46 bus on Queens Boulevard outside the Pickman building. Get off at Union Turnpike & 175th Street (around 15 minutes). You will be at Gate 4 (the pedestrian entrance to HOPE).

Other Airports

From Long Island MacArthur, simply get to the adjacent Ronkonkoma train station and take the Long Island Railroad to Jamaica. Head downstairs to street level and catch the Q30 or Q31 bus on the corner of Sutphin Boulevard & Archer Avenue (adjacent to the Long Island Railroad building). Get off at Utopia Parkway & Union Turnpike (around 20 minutes). Cross Utopia Parkway and walk to Gate 4 on Union Turnpike.

FROM NEW JERSEY (AKA OUR HOME TURF)

If you’re flying into Newark Liberty, take the Newark Airport Airtrain to Penn Station in Manhattan and, from there, take the Long Island Railroad to Jamaica.

Driving From New Jersey

Take I-95 north or I-80 east to the George Washington Bridge. Cross the bridge and take the Cross Bronx Expressway. Take Exit 6B (I-295 south) to the Throgs Neck Bridge to the Clearview Expressway. Take Exit 2 and make a right onto Union Turnpike. Make a left onto Utopia Parkway. Turn right at Gate 3 for free parking.

OH, ONE MORE THING ABOUT NYC COMMUTING

RIP

WHERE TO STASH YOUR GEAR, WARES AND BODY

Pretty much all housing options HOPE arranged are sold out at this point, but New York City has plenty of hotels, AirBNBs and other lodging options you can choose from!

FAIRFIELD INN NEW YORK LAGUARDIA AIRPORT/FLUSHING

We have a discounted rate at this hotel. It’s not as close as the others below, but cheaper. It’s close to LaGuardia Airport (28–66 College Point Blvd.), a 20-minute drive to HOPE, or by bus. As of June 30, some discounted rooms remain.

Use this booking link to get the special HOPE conference rate of $189/night.

You can also call 1–800–960–6727 and use the code HOP to make a booking.

FAIRFIELD INN & SUITES BY MARRIOTT

COURTYARD BY MARRIOTT

(adjacent hotels located at 183–31 and 183–15 Horace Harding Expressway)

We secured a fantastic deal with two nearby hotels that are right next to each other, adjacent to the Emerald Pub, and close to all kinds of food options. These hotel rooms are SOLD OUT!

Link to the Fairfield or Marriott websites to find available rooms and rates.

DORMITORIES

This year, we’re offering extremely low-priced housing in campus dormitories. Originally this was going to be the off-campus Henley Dorm, but space opened up on campus for the HOPE group. Dormitory rooms are SOLD OUT!

You can select your roommates and suite-mates, and St. John’s allows mixed-gender housing. After you fill out the form, you will be contacted to provide full details (legal name, preferred gender, photo, payment, which nights you will stay; bring your government ID when you pick up your room keys in July).

FOOD & BOOZE

Paid HOPE XV ticket holders will receive a FREE bottle of Club-Mate while supplies last! Thanks to Ferrymen, the US distributor of Club-Mate, for making this available. More information is online at https://club-mate.com

  • Across the street the campus is Regina’s Pizza, which we found to be a nice place while setting things up at St. John’s University. It’s on the corner of Utopia Parkway and Union Turnpike — exit gate 4 or 5, turn right
  • 7–11 at 168th and Union Turnpike (open 24 hours) — exit gate 5, turn left
  • Dunkin’ Donuts at 168th and Union Turnpike (open 6 AM to 10 PM) — exit gate 5, turn left
  • Shopping center at corner of Union Turnpike and Utopia Parkway — exit gate 4 or 5, turn right, cross Utopia Parkway
  • There’s also a dumpling place, a bodega, and a Subway down the block, plus a sushi place and a bakery across the street — exit gate 4 or 5, turn right
  • Sheik Shack — does Burgers and Masala fries. 82–37C, 164th St, Queens, NY 11432. 1100–0100hrs most nights

You’ll do best finding places by getting out and exploring! Union Turnpike is a more commercial street than Utopia Parkway.

Places in Queens to check out:

  • Queens Night Market (Saturday night, 5 PM — midnight) -

4701 111th St, Queens, NY https://www.queensnightmarket.com/

  • New World Mall, Flushing (open daily until 10 PM) -

https://www.newworldmallny.com/shopping-center/ Flushing is the center of Queens’s Chinatown, and this shopping center has a huge food court!

  • Unofficial Bar:

Emerald Pub 183–01 Horace Harding Expy (near hotels)

  • Great sandwiches:

Double J Deli 16802 Union Tpke

More Halal: https://www.zabihah.com/mob/sub/United-States/New-York/New-York-City/Queens/9Gku594eh7

ON CAMPUS

We plan on having many more food options on campus than in 2022, such as food trucks and various outlets in Marillac Hall. And, of course, Starbucks in the D’Angelo Center will be open as well.

OFF CAMPUS

There are a whole bunch of restaurants for sit-down and take-out nearby. Just exit at Gate 4 and make a right. You will see them across the street at Utopia Parkway, starting with Regina’s Pizza and continuing for blocks on both sides of the street. Some will have special discounts for HOPE attendees.

NEAR THE HOTEL

If you’re staying at either the Fairfield Inn & Suites by Marriott or the Courtyard by Marriott, there are lots of options nearby.

The Emerald Pub is an Irish dive bar, adjacent to the hotels and open til 4 am, serving cheap drinks and food. This place was a favorite gathering point for HOPE attendees in 2022.

There are plenty of food outlets on the other side of the Expressway (cross via the underpass at Utopia Parkway), including the 24 hour Bagel Oasis and a wide variety of local and chain restaurants.

NEAR HENLEY DORM

If you head left from the dorm and turn left on Homelawn Street for three blocks, you will find more places than we can possibly name all along Hillside Avenue.

CHINATOWN

The biggest Chinatown outside of Asia is a 10–15 minute ride from HOPE. It is very much worth visiting if you have the chance. It would fill a book to list the many places where you can hang out and get great food until all hours of the night. Just wandering around and exploring will be an experience you never forget.

From HOPE or Henley

While you can get there and back using buses, we don’t recommend it for the amount of time it takes. Getting a rideshare or a taxi will get you there in under 15 minutes. Just ask the driver to take you to Main Street and Kissena Boulevard.

From Hotels

It’s very easy to get to Chinatown by bus from this location. Take the Q17 bus from the bus stop right outside the hotel (Horace Harding Expressway & 185th Street) or the Emerald Pub (Horace Harding Expressway & 183rd Street). Get off at Kissena Boulevard & Sanford Avenue (under 20 minutes). Walk in the direction of the bus for one block. Be amazed.

A rideshare or a taxi will get you there in around 10 minutes. Just ask the driver to take you to Main Street and Kissena Boulevard.

ABOUT SAINT JOHN’S UNIVERSITY QUEENS CAMPUS

St. John’s University is a private Roman Catholic higher education institution in Queens, New York City. It was founded in 1870 by the Congregation of the Mission (C.M., the Vincentian Fathers) with a mission to provide a growing immigrant population with quality higher education. Originally located in the Brooklyn borough of New York City, the flagship campus was moved to its current location in the Queens borough during the 1950s. As of 2020, St. John’s alumni total more than 190,000 worldwide.

CAMPUS & HOPE XV MAP

HOPE Registration Desk is in the Marillac Building’s “Terrace” cafeteria, on Level 2. There are some signs to help you get there.

Note that the general parking lot is for daytime only. All overnight parking needs to be in the parking structure near Gate 6. The exception is that people with current handicap/accessibility tags can park in a labelled accessible spot in the general parking lot overnight. Access to campus after 11pm is via Gate 6 only. Get your parking pass at the InfoDesk in Marillac Terrace.

A New HOPE Schedule App:

Official

ANDROID: https://play.google.com/store/apps/details?id=info.metadude.android.hope.schedule

F-Droid: https://f-droid.org/packages/info.metadude.android.hope.schedule

Hacker Tracker

ANDROID: https://hackertracker.info/#Android

iOS: https://hackertracker.info/#iOS

HACKER GATHERINGS

Please feel free to organize meetups for any topic. There is space at HOPE XV in Marillac Terrace.

2600net IRC & Facebook Meetup

Friday — 9pm EST

Marillac Terrace

Free water, soda, food!

irc.2600.net/#hope http://fb.2600.chat

Meet other members, friends, get something to eat and drink. Everyone is welcome. https : //fb. me/e/4Dyah5aLI

ASK THE EFF DRUNK EDITION

Friday — 7pm EST

Stout NYC (60 E 41st St, New York, NY 10017)

Synth Meetup

Saturday — 10:30pm — 12:30am

Tobin 219 (Hardware Workshop)

Get together and geek out over music synthesizers, music synthesis, making sound, and creating music. Hardware, software — anything goes! All are welcome to come and talk synths, play synths, share projects, learn, and share. Some attendees have made their own synths at workshops at HOPE XV — please bring them! Please feel free to bring any synth or sound-making device.

Presenters:

Mitch Altman
Ed Bear
Travis Johns
Jack Schoonover

Anarchist Assembly

Saturday, 15:00–16:00 (US/Eastern)

Anarchist Hacker Village

Open, gently guided discussion. Open stack, all welcome!

Restore the Fourth

Sunday — 12:00pm

D’Angelo Center (near the Starbucks)

Come chat with our members, learn how to get involved, and meet Cory Doctorow for a great conversation about the surveillance state.

We welcome all to join Restore the Fourth for drinks after Day 1 (Friday) has concluded at 10:00pm at The Emerald Pub, 183–01 Horace Harding Expy, Queens, NY 11365. We’ll be wearing our “I do not consent to a search” merch.

Nugget Meshtastic Meetup

Sunday, 15:00–17:00 (US/Eastern),

Script-Kitty Village

Come learn about Meshtastic, the long-range, low-power, encrypted off-grid messaging protocol. We’ll be setting up our Meshtastic Nuggets, going over the setup options, and exploring the advanced options that make Meshtastic more useful. We’ll cover setting encryption, choosing a device role, and connecting over serial, web, and bluetooth. We’ll also look at some of the optional modules, like broadcasting sensor telemetry data or adding a GPS.

VILLAGES

All Villages Will Be Located in the Marillac Terrace (Village Area)

Amateur Radio Station

Everyone is welcome to visit Special Event Station W2H, which plans to operate on several amateur radio bands during the HOPE XV conference, using various modes to freely communicate with hams around the globe — sans telecom infrastructure! If you’re an amateur “ham” radio operator, you’re part of a hacker community that goes back over a century. Bring your handie-talkie to QSO with the many hams at HOPE to keep up with what’s happening.

As with past HOPES, a 70cm repeater is planned with input of 442.875 MHz (PL 167.9) and the output at 447.875 MHz. We also encourage simplex ops on 147.545 MHz and 433.545 MHz (PL 77.0).

Anarchist Hacker Village

A space for anarchists, abolitionists, anti-authoritarians, other like-minded folks, and friendly faces to meet and socialize. This is a space where hacking and technology are tools for total liberation. They will have freely available swag like zines and stickers, and possibly more things like tea. So please come by.

The Badge Clinic

If you own a HOPE electronic badge or other similar device, then celebrate by coming to The Badge Clinic with your stories, questions, and answers. Nurses at The Badge Clinic serve electronic therapy to hackers interested in badges. They encourage families and kids to become their most hacked patients.

The Badge Clinic is open for your exploration of modern and classic hacker-made wearable electronics. Their raison d’être includes answering questions about the 30th anniversary HOPE XV electronic badge, as well as other devices. Electronic devices resembling hacker badges or accessories (lanyard, simple addon, SAO, programming cable) can get therapy at The Badge Clinic. Nurses who have taken the Hackocratic Oath serve by assembling a museum of historical badges, showcasing devices that you bring to them, examining and surgically repairing badge problems, and advising hackers on electronic badge related topics.

The Badge Clinic will be hosting an ongoing workshop for all three days of HOPE XV, where everyone can come by and learn about (hack) their hackercon badges. Come by with your stories, questions, and answers! Nurses at The Badge Clinic serve electronic therapy to hackers interested in badges. They can surgically repair badge problems and advise on all hackercon electronic badge-related topics.

Calyx Mobile Privacy Village

The Calyx Institute’s mission is to educate the public about privacy in digital communications and to develop tools that anyone can use to build “privacy by design” into their Internet access. By developing encryption and anonymity tools that can help users maintain their privacy, they hope to make online security easier and more accessible for everyone online.

They are a non-profit education and research organization devoted to studying; testing, developing, and implementing privacy technology and tools to promote free speech; free expression; civic engagement; and privacy rights on the Internet and in the mobile communications industry.

They believe that everyone deserves privacy and security online, regardless of their technological know-how. Many tools exist for encrypting online communications and keeping your data private. However, many people don’t know that they need these tools or how to access them. The Calyx Institute will continue to develop these tools and educate the public on the best ways to use them, with the goal of making cybersecurity, privacy, and freedom of expression accessible to everyone. Through research and development, legal advocacy and defense, and by distributing information and open-source software as widely as possible for the benefit of the general public in both democratic and repressive contexts, they hope to build a more free and accessible Internet.

DevKitty Village

DevKitty is a cat-themed hacking platform created by Alex Lynd. They host frequent workshops at L.A. hackerspaces, and also pop up at conferences around the United States!

The DevKitty Village will offer hardware and hacking mini-classes throughout the day where attendees can learn at their own pace and ask questions about any of the proposed topics.

Their development kit, the DevKitty (formerly Nugget), is a cat-themed hacking companion you build yourself. They will give out free samples that attendees can solder themselves and use to follow along with the mini lessons on any of the three days!
They will offer a small soldering and repair area where they can work on projects, or build one of their kits. Levels will range from beginner to advanced; lessons will be offered asynchronously and at the attendee’s pace.
The DevKitty Village will offer hardware and hacking mini-classes throughout the day where attendees can learn at their own pace and ask questions about any of the proposed topics.

Workshop Hilights:

Hackerspaces Village

The Hackerspace Village is organized by some of New York City’s local hackerspaces. They are all nonprofit and 100 percent volunteer-run.

This is the village to learn about upcoming workshops, meetups, and parties. Talk about hackerspace design patterns. Swap stories about projects and organization strategies in case you want to join a hackerspace or start your own!

Lockpick Village

A place to learn and practice lockpicking. As part of Lockpick Extreme, Christine Bachman and Bob Hermes have run lockpick villages for many public conferences including B-Sides SF, B-Sides Chicago, and the Diana Initiative. Here you will find the necessary materials, locks, picks, instructional aids, and knowledgeable instructors.

The Lockpick Village will be hosting an ongoing workshop for all three days of HOPE XV, where everyone can come by to learn and practice lockpicking. All of the necessary materials will be available for you to use, including locks, picks, and instructional aids. Knowledgeable instructors will give you an understanding of how locks work.

Physical Security Village

The Physical Security Village explores the world of door hardware bypasses and techniques generally outside of the realm of cybersecurity and lockpicking. Come learn some of these lock bypasses, see how to fix them, and have the opportunity to try them out for yourself. They will be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in-depth look at more complicated bypasses. Learn about elevator hacking, as well as defeating alarm systems and surveillance cameras, with cutaway and display models of common hardware to show how it works on the inside. It is very easy to get started in this village — simply read the instruction sheets provided, scan a QR code to learn the techniques, or ask any of the volunteers in the green shirts if you have questions!

Script-Kitty Village

Want to learn ethical hacking? Come by the cat-themed Script-Kitty Village and learn something new from one of their exciting, beginner-friendly projects! Check out their workshops and kits teaching soldering, Wi-Fi hacking, bad USB attacks, LoRa hacking, and more.

They will have open-source, cat-themed tools for learning ethical hacking and prizes for their adorable Pusheen-hacking CTF challenge. If you’re a fan of the Null Byte, Hak5, Retia, or SecurityFWD YouTube channels, come meet your favorite hacker content creators at the village!

The Script-Kitty Village will be hosting workshops at their Village all three days of HOPE XV.

Workshop Hilights:

FILM SCREENINGS

All Screenings Will Be Located in the Little Theater.

Musings of a Mechatronic Mistress: The Peculiar Purpose of Tiffany the Sex Robot

07–12, 19:00–19:50 (US/Eastern), Little Theatre

A screening of Jasmin’s 24-minute short documentary/sci-fi film, Musings of a Mechatronic Mistress. The film presents Tiffany, a self-aware sex robot, on her quest to discover her identity, purpose, and creator. Exploring the future of intimacy and human-robot interaction in a humorous and engaging manner, the documentary aims to initiate discussions on queerness, feminism, sex tech, sexual identity, and societal norms. Following the screening, there will be a panel discussion to delve deeper into these themes. Jasmin will be joined by two of her interviewees featured in the film in a panel discussion whose theme will be “Redefining Intimacy and Human Connection in the Age of Intelligent Machines.”

Hacking at Leaves: A film by Johannes Grenzfurthner

07–13, 20:00–22:30 (US/Eastern), Little Theatre

Hacking at Leaves documents artist and hazmat-suit aficionado Johannes Grenzfurthner as he attempts to come to terms with the United States’ colonial past, Navajo tribal history, and the hacker movement. The story hones in on a small hackerspace in Durango, Colorado, that made significant contributions to worldwide COVID relief efforts. But things go awry when Uncle Sam interferes with the film’s production.

After the screening, a panel discussion with various people involved in the film will cover themes including hacking, DIY, colonialism, the Navajo and Diné cultures, COVID-19, the pandemic, the USA, the Southwest, nuclearism, Internet history, computer culture, science fiction, subversion, and social change.

CONCERTS & ENTERTAINMENT

HOPE XV Kareoke!

Saturday, 22:00 — ???, Marillac Terrace

Demoscene 2024: Just When You Thought There Wasn’t Any More!

Saturday, 23:00–02:00 (US/Eastern), Marillac Auditorium

The demoscene once consisted of hackers, crackers, and pirates. Back then, software pirates would compete for the most cracked games, but they would also hire artists to decorate their new distributions. Eventually, they ditched the piracy bit and continued creating amazing works of art, motion graphics, music, and of course, code. Squeezing every bit of computing power out of a platform, they now regularly compete at events around the world. There’s more to this story — join Inverse Phase for this talk about not only how we got here, but what’s being done in 2024 to push the envelope today in algorithmic computer art.

LaFrae Sci a.k.a Frae-Frae

Friday, 22:00–23:00 (US/Eastern), Little Theatre

LaFrae Sci a.k.a Frae-Frae is an internationally acclaimed multi-instrumentalist, composer, entrepreneur, imaginationist, sound scientist, and Executive Director of New York City’s Willie Mae Rock Camp(williemaerockcamp.org). The through line in Sci’s work has been the philosophy that music is more than entertainment, and that Black music is inextricably linked to technology. Sci puts this philosophy into practice with her groundbreaking work at Willie Mae, and in her live performances that explore the African American ecstatic tradition, Dancefloor Liberation alaDetroit Techno, and Noise.

2200 LaFrae Sci a.k.a Frae-Frae

The through line in Sci’s work has been the philosophy that music is more than entertainment, and that Black music is inextricably linked to technology. Sci puts this philosophy into practice in her live performances that explore the African American ecstatic tradition, dance floor liberation a la Detroit techno, and noise.

Sci is an internationally acclaimed multi-instrumentalist, composer, entrepreneur, imaginationist, sound scientist, and executive director of New York City’s Willie Mae Rock Camp (williemaerockcamp.org).

2300 Lil CISO

Lil CISO will be performing his entire Spotify catalogue and throwing in a freestyle.

Known for his effortless rhymes and clever wordplay, underground MC Lil CISO has battled many adversaries in the cyber trenches. With the release of his first hit single “Security God,” he has taken the infosec world by storm, proving that no matter the topic, a good rapper knows how to tell a story.

2330 RADIO WONDERLAND

HOPE regular Joshua Fried aka RADIO WONDERLAND gives a taste of his new musical project combining furiously precise phase patterns with performance art, talks about his long disdain for gesture controllers, and explains why he is now using them anyway. Along the way, he’ll surely touch on Max For Live (Cycling ‘74/Ableton).

It’s become a HOPE ritual to dance to the live cut-up radio grooves and spinning Buick steering wheel of RADIO WONDERLAND. Joshua has remixed They Might Be Giants and partnered with John Flansburgh in the ’90s duo Hello The Band. His music has been performed on many continents, by himself and by the likes of the Bang on a Can All-Stars.

Saturday-1:30 AM MrSynAckSter

MrSynAckSter will be performing live coded music. Enjoy the storm of improvised breaks, bloops, and bleeps. Take in the ethereal mix of 8-bit music, jazz, and drum and bass as it is improvised live. The sound of live code chopped into a maelstrom of grooves, cuts, and glitches.

MrSynAckSter has spent his entire life hacking computers and making mysterious machine bleeps and bloops. He journeyed to New York City from the depths of Florida in 2011 to pursue experimental jazz-noises. In the city, MrSynAckster found untold sonic anarchy in the NYC avant-jazz and experimental noise scenes. In 2012, he was awarded the Brooklyn College John Cage award for experimental music for his work with experimental game-based music.

Corset Lore

Friday, 23:00–23:30 (US/Eastern), Little Theatre

Not just a means to a genre end, Corset Lore, the solo chip music project of Tamara Yadao expresses idiosyncratic musical worlds of baroque avant-pop on a Game Boy DMG. This HOPE XV, Corset Lore brings new and classic Game Boy material alike, including chip-adjacent remixes with vocals.

She is the recipient of a commissioning grant from the American Composer’s Forum and has performed her chip music at the Centre Pompidou in Paris, Museum of Modern Art PS1 NYC and a main stage set at Super MAGfest.

This August 2024, her new sci-fi concept album, 81 Terpsichore, will come out on UK Sheffield net label, Pterodactyl Squad.

https://www.instagram.com/corset_lore/

MrSynAckSter

Saturday, 00:30–01:30 (US/Eastern), Little Theatre

MrSynAckSter is performing live coded music. Enjoy the storm of improvised breaks, bloops and bleeps. Take in the ethereal mix of 8-bit music, Jazz, and drum and bass as it is improvised live. The sound of live code chopped into a maelstrom of grooves, cuts, and glitches.

Sam Mulligan

Saturday, 22:30–23:30 (US/Eastern), Little Theatre

Sam Mulligan plays fun rock songs with silly lyrics, distorted guitars, and gameboys. With an emphasis on equal parts positivity and absurdity, Sam’s goal is to make you smile, but hey, it’s your face and you should do what you want with it.
Sam is hard at work on an album of original music all about pizza — but really, it’s about life through the lens of pizza. Pizza isn’t transparent though, so who knows what that means. The album, “Pizza Forever”, is slated to be independently released in October 2024. You can find Sam at www.sammulligan.com, or on most social medias at @heyscram.

Margaret Anne Schedel, Dan Gitlin, Jess Rowland, Martin Bisi

Saturday, 23:30–00:30 (US/Eastern), Little Theatre

  • Martin Bisi is an original No Wave and Post-Punk producer from New York City who has been part of its musical history for the past four decades.
    Bisi made landmark recordings by Brian Eno (On Land), Sonic Youth, Swans, Unsane, Lydia Lunch, John Zorn, Africa Bambaataa, JG Thirlwell/Foetus, Cop Shoot Cop, Herbie Hancock’s “Rockit”, Helmet, Live Skull, White Hills, Dresden Dolls and countless others.
  • Dan Gitlin is a Brooklyn based Chapman Stickist, guitarist, synthesist, and general noise making guy performing a combination of structured improvisation and composed music.
  • Jess Rowland is a NYC-based sound artist, musician, and composer. She is also an educator and advocate for weird sounds at The School of Visual Arts and Princeton University.
  • With an interdisciplinary career blending classical training in cello and composition, sound/audio data research, and innovative computational arts education, Margaret Anne Schedel transcends the boundaries of disparate fields to produce integrated work at the nexus of computation and the arts. With a diverse creative output spanning interactive multimedia operas, virtual reality experiences, sound art, video game scores, and compositions for a wide variety of classical instruments with interactive audio and video processing, she is a Professor of Music at Stony Brook University and also teaches at the Peabody Institute.

Maxx Klaxon

Sunday, 00:30–01:10 (US/Eastern), Little Theatre

Maxx Klaxon presents the 2024 edition of AUTHORITARIAN IDOL, an audiovisual spectacle satirizing the U.S. election. This special presentation, featuring a mix of retro electropop and interactive 3D multimedia, includes interviews with digital avatars of the presidential candidates. Prepare to don red/blue glasses, bop to the beat, and experience the ultimate power game.

CriptasticHacker

Sunday, 01:10–01:30 (US/Eastern), Little Theatre

CriptasticHacker (he/him) is a vocalist and rhyme sayer in the tradition of the 80s and 90s boom-bap hip hop era. While often performing potent political songs for civil rights and paying homage to the black pioneers of this world-renowned art form, he also enjoys the craft for expressing his love of open source hacking, Sega Genesis, and similarly fun nerd things.

CriptasticHacker’s upcoming performance will include a brand new Open Source rap and a retro throwback to the simmering rivalry between Sega and Nintendo gamers in the 1990s. Be sure to check it out!

Workshops will be primarily located between Tobin 219 (Hardware Workshop), Tobin 221 (Workshop 2) and Tobin 223 (Workshop 3). This does NOT cover any workshops that are in the Villages, for those please scroll up to that section. These are only our recommendations out of the total listof workshops that you can find here: https://schedule.hope.net/hopexv/workshops

DCG 201 WORKSHOP HIGHLIGHTS FOR HOPE XV (EST)

A Brief Introduction to tmux (A Better Way to Use the Command Line Remotely)

Friday, 13:00–14:00 (US/Eastern), Tobin 223 (Workshop 3)

tmux is a terminal multiplexer, a tool that makes working on the command line better and easier. It can allow you to work across connections, and to get multiple views on the computers that you are using. murph will show how it works, how to install it on popular systems, and how to use it.

Build Your Own Toolkit Against Online Censorship: VPNs, Strategies and Beyond With Outline

Friday, 15:00–17:00 (US/Eastern), Tobin 221 (Workshop 2)

In an era of escalating online censorship, maintaining a free and open Internet is crucial. This workshop delves into the Outline ecosystem, a comprehensive toolkit that empowers individuals and organizations to circumvent censorship, share VPN access, and even develop their own blocking-resistant protocols. Participants will gain the knowledge and skills to:
Become VPN Providers: Learn to set up and manage your own Outline server using Outline Manager to share free Internet access with others.
Harness the Outline SDK: Utilize Outline SDK to test and evaluate censorship circumvention strategies, create small tools, and even develop new protocols in restricted regions.
This workshop is designed for individuals passionate about Internet freedom and those seeking to understand the technical underpinnings of censorship circumvention. Participants will gain hands-on experience with the Outline platform, enabling them to actively contribute to a more open and accessible Internet.

{almost} Free Radio Stations

Friday, 19:00–22:00 (US/Eastern), Tobin 219 (Hardware Workshop)

Surplus electronics are everywhere in modern life, and ripe with creative applications. Maybe you remember the iTrip, which transmitted music to a car stereo? It turns out that these radio transmitters can be hacked back to life very quickly! This session will cover the basics of running a low-power radio station for art and fun, from soldering circuits, to the legal limits. At the conclusion of this workshop, every participant will have one upcycled FM transmitter which is secretly a synthesizer! All ages, no experience necessary.

BlueLeaks Explorer: Learn to Analyze Hacked Police Documents

Friday, 20:00–22:00 (US/Eastern), Tobin 221 (Workshop 2)

In conjunction with Micah’s talk (“Hacks, Leaks, and Revelations: The Art of Analyzing Hacked and Leaked Data”), he will be teaching a workshop specifically about one of the datasets: BlueLeaks. In the summer of 2020, during the BLM uprising, someone hacked hundreds of U.S. law enforcement websites and leaked the data to Distributed Denial of Secrets. The dataset contains evidence of police misconduct. In this workshop, he’ll share a copy of the BlueLeaks dataset — which is full of documents marked “Law Enforcement Sensitive,” including from agencies like FBI and DHS — with all participants and teach you how to start analyzing it. Specifically, you’ll learn how to run custom software Micah wrote called BlueLeaks Explorer directly on your laptop, running inside Docker containers. Bring a laptop running Linux, Windows, or macOS and, if possible, an external hard disk. You’ll need about 300GB of free disk space.

Learn to Solder With BiaSciLab and Girls Who Hack!

Saturday, 09:00–10:00 (US/Eastern), Tobin 219 (Hardware Workshop)

In this workshop, you will learn the basics of soldering by assembling the Girls Who Hack soldering kit! This class is aimed at kids (younger ones will need adult supervision), but adults are welcome as long as they make room for the kids.

Mastering Security in Development

Saturday, 10:00–14:00 (US/Eastern), Tobin 223 (Workshop 3)

This is a hands-on workshop that provides participants with an introduction to secure software development and leveraging DevSecOps tooling to aid in this. Participants will learn about setting up a local development environment that includes security tooling. Following this, they will progress into learning how to use DevSecOps tooling within GitHub to detect security issues and flag accidentally committed secrets. The workshop will then conclude with a review of how GitHub runners and other features can be used to aid in secure deployments.
Having a GitHub account (which is free) set up in advance would be good. Optional: Have a license for Copilot or set up a 30-day trial: https://docs.github.com/en/copilot/quickstart

Build your own ArduBoy

Saturday, 10:30–12:30 (US/Eastern), Tobin 219 (Hardware Workshop)

DIY ArduBoy is comprised of an Arduino micro, OLED display, and six buttons. A piezo speaker is optional. It’s super easy to build this on a breadboard or to solder it together. You can easily put one together within 30 minutes and then load up your favorite game. What’s great about this is that people can continue to learn and code on the device after they have taken it home, and perhaps add more features, like a rechargeable battery. Construct a quick and dirty open-source video game system! Learn how each component works as you solder it to a custom designed circuit board. Add buttons, buzzer, and an OLED display to an Arduino to create a DIY Arduboy! Beginner friendly: time and support will be offered for first timers. It is great for confidence-building. Please note that this is not primarily designed as a “learn to solder” workshop.

Bringing Privacy-Focused Computing Curriculum to Your School

Saturday, 14:30–15:30 (US/Eastern), Tobin 223 (Workshop 3)

Weary of corporate-influenced computer science education? Looking to bring privacy-focused computing curricula to your middle school? This workshop will provide a deeper dive into the design of our public interest computer science curriculum for educators. It will provide hands-on training, discussion, and next steps for educators to bring this curriculum to their school.

Is There HOPE for Phone Privacy? CalyxOS and Privacy-Focused FLOSS Phone Solutions

Saturday, 16:00–17:00 (US/Eastern), Tobin 223 (Workshop 3)

Your phone: useful tool and trusted companion, or sneaky spy spilling all the private details of your life? You decide! This presentation aims to shed light on the phone privacy threats that users face (like location tracking, insecure communications, and more) and how privacy-focused FOSS smartphone operating systems like CalyxOS can be the foundation of effective mitigation strategies to safeguard our mobile devices. This workshop will discuss the top threats to phone privacy and learn how CalyxOS’ “privacy-by-design” approach to digital security can help us better protect ourselves and our digital identities.

Onion (Web)Rings: Self-Hosting Websites With Tor

Saturday, 17:30–19:00 (US/Eastern), Tobin 223 (Workshop 3)

Self-hosting your own websites is one entry point into making creative, small-scale, and meaningful reclamations of technologies present in our everyday lives. This workshop is a tiny exercise in homemade website infrastructure with a privacy-centric lens! It will start with a brief introduction to Tor and how websites can be hosted and accessed anonymously. Then, you’ll spend time going through the process of installing, configuring, and running Tor to host a personal website. You’ll then create your own web pages (bring your own or personalize the provided template), and form a short-lived webring by linking to each other’s onion websites.

Everyone Is Shanti Sena

Saturday, 21:30–23:00 (US/Eastern), Tobin 221 (Workshop 2)

Shanti Sena is a version of community policing that has been in practice for over 50 years at Rainbow Gatherings. It is one way to begin implementing de-tasking, which is an alternative to calling the police should a disruption occur. The workshop includes a history of Rainbow Gatherings, Shanti Sena at Rainbow Gatherings, and five types of Shanti Sena. It also covers Rainbow’s connection with Occupy Wall Street. Included will be a video demonstration of Shanti Sena in action. You will see how Rainbow is the opposite of cancel culture, learn diffusion tips with love as the main ingredient, and practice roll playing in different scenarios.

Hands-On Linux: A Practical Introduction for Everyday Users

Sunday, 12:00–16:00 (US/Eastern), Tobin 221 (Workshop 2)

Dive into Linux with this hands-on workshop! Explore essential concepts, from file navigation to terminal commands, and even install Linux yourself. Whether you’re new to Linux or looking to deepen your skills, you will learn to unlock its potential for productivity and innovation.

DCG 201 TALK HIGHLIGHTS FOR HOPE XV (EST)

This is the section where we have comb through the entire list of talks on both days and list our highlights for the talks that stand out to us. Note that this does not invalidate any talks we didn’t list, in fact, we highly recommend you take a look at the full convention schedule beforehand and make up your own talk highlight lists. These are just the talks that for us had something stand out, either by being informative, unique or bizarre. (Sometimes, all three!)

4th Track Talks

4th track talks are being held in TOBIN 217.

Limited support for AV is available.

FRIDAY, July 12th

Outline Toolkit: VPNs, Serverless Strategies, and Beyond — Build Your Own Defense Against Online Censorship

10:00–10:50 (US/Eastern), Little Theatre

In an era of escalating online censorship, maintaining a free and open Internet is crucial. This talk dives deep into the Outline ecosystem, a comprehensive toolkit that empowers individuals and organizations to circumvent censorship, share VPN access, and even develop their own blocking-resistant protocols. From the user-friendly Outline manager and cross-platform Outline client to the empowering Outline SDK and powerful Intra, Junyi and Vinicius will explore technologies that are reshaping the fight for digital freedom.

Protecting jetBlue Airways From Cyber Threats in the “Clouds”

11:00–11:50 (US/Eastern), Marillac Auditorium

JetBlue Airways is a New York-based airline with flights across the U.S., Europe, and Latin America. Every day, thousands of crew members come together to safely transport customers across their network. Randy and Greg help protect jetBlue and will showcase how an airline operates from an IT perspective, and all of the ways that jetBlue CyberSecurity protects its customers, ensures safety in data and IT operations, and protects the brand and website from an onslaught of daily web attacks and other threats targeting aviation. This talk will focus on web application attacks and defenses, observability, and aviation intelligence sharing.

Group Mesh Messaging for Large-Scale Protests

12:00–12:50 (US/Eastern), Little Theatre

Large-scale protests are an important form of civil action against authoritarian regimes. They inherently require communication, which leads these regimes to shut down the Internet in an attempt to quash the movement. Smartphone mesh messaging has been explored as an alternative, but is still too inefficient to deploy. In this talk, Tushar will describe Amigo, the first mesh messaging system designed for large-scale protest communication. They create routing and key agreement protocols for group chats, and show their effectiveness using representative protest simulations. Amigo is able to provide large-scale protests with anonymous group communications in the face of Internet shutdowns.

Pwn Chromebook With Linux

12:00–12:50 (US/Eastern), Tobin 201/202

Chromebooks are issued to kids at school, but they are limited. Since the kids were familiar with Chromebooks already, Derek’s school bought them some used Chromebooks as simple devices they could browse the web with and watch videos. They were relatively inexpensive to purchase used, so it was an attractive option. Unfortunately, however, Derek and his team discovered that Chrome OS on these devices was out of support. This was untenable, and thus made these devices “disposable appliances.” Derek’s wife asked if he could put Linux on these since she had seen him do that with laptops in the past. The proposal was to install Linux and completely remove ChromeOS. This talk will outline the steps necessary to achieve that goal. (Involve kids for fun learning experience.)

A Preparation Kit for Increasing Irrelevance

13:00–13:50 (US/Eastern), Marillac Auditorium

As we cross the event horizon from analog-hybrid communication and most tenets of computer hacking being in actual memories of living people, preparing to pack up the final narrative of what happened is paramount. Jason will provide a set of approaches by earlier enthusiasts and dedicated subcultures to get us all ready for a safe and healthy oblivion.

Ham Radio for Hackers

13:00–13:50 (US/Eastern), Tobin 201/202

Some people consider ham radio operators to be the original hackers. In this talk, Dan will discuss some of the cool development projects that ham radio hackers are working on and talk about how you can get your own hacker, errrrr ham radio license.

A Discussion of a Past, Present, and (Possible) Future of Bioweapons

14:00–14:50 (US/Eastern), Little Theatre

Biological warfare is a phenomenon that spans human history, tracing its roots to ancient times rather than being a recent invention. To gain insights into bioweapons’ current and future landscape, it is imperative to look into historical examples of conventional biological warfare and understand how methods were devised and implemented. Our future hinges significantly on our ability to foster transparency and creativity within the global community. This optimism is intertwined with our comprehension of technological advancements, the rapid pace of innovation, the interconnectedness of various domains, and the imperative task of constructing practical defenses against emerging threats. As a poignant reminder, our vulnerability lies in technological shortcomings and our collective failure of imagination. This discourse extends to establishing social norms and mores that are pivotal in shaping attitudes toward biological warfare and encompasses an exploration of prospective research endeavors and emerging initiatives leveraging artificial intelligence (AI) in the realm of bioweaponry. As we confront the intricate interplay between technological advancements and human agency, it is imperative to remain vigilant and resolute in our pursuit of a future safeguarded against the malevolent exploitation of biological agents.

Ask the EFF

15:00–15:50 (US/Eastern), Marillac Auditorium

The Electronic Frontier Foundation (EFF) is thrilled to return to HOPE to answer your burning questions on pressing digital rights issues. Their panelists will provide updates on current EFF work, including the fight against government surveillance and protecting creative expression, before turning it over to attendees to pose questions and receive insights from panelists on the intersection of technology and civil liberties.

Explosive Overflow: Lessons From Rocket Science

15:00–15:50 (US/Eastern), Tobin 201/202

Thirty-nine seconds after its launch towards space, rocket number 501 erupted into a scintillating fireball. No casualties were reported, other than perhaps the ego of a few software engineers. The 1996 inaugural flight of the Ariane 5 rocket was cut short due to a series of software design missteps. This talk will analyze these historical flaws to discuss resilience and product security, touching on the nuance of static analysis, testing, validation, legacy code, assumptions during design, and, for when things don’t blow up, the unique challenge of proving that a negative event did not occur.

Protecting the Network Traffic of One Billion People: Reverse-Engineering Chinese Cryptography

16:00–16:50 (US/Eastern), Marillac Auditorium

TLS is not as universal as we might think! To this day, extremely popular Chinese applications use home-rolled network cryptography. Mona, Jeff, and Zoë have been reverse-engineering various home-rolled cryptography that protects hundreds of millions of users’ sensitive data. They’ll present various case studies from the past several years, including but not limited to: MMTLS, the custom cryptographic protocol that governs all WeChat traffic; various network encryption schemes used by popular Chinese keyboard apps; and flawed cryptography found in popular Chinese browsers. Their research found that faulty cryptography in multiple browsers and keyboard apps — each with hundreds of millions of users — effectively exposed every site visited and every keystroke made to any network eavesdropper. After studying and reporting the (often severe) flaws in these schemes, the companies mostly switched to standard cryptography like TLS.

The presentation will end with a call to action for hackers to help study the network encryption ecosystem in China, which continues to be overlooked by the modern security community.

Incubated Machine Learning Exploits: Backdooring ML Pipelines Using Input-Handling Bugs

16:00–16:50 (US/Eastern), Tobin 201/202

Machine learning (ML) pipelines are vulnerable to model backdoors that compromise the integrity of the underlying system. Although many backdoor attacks limit the attack surface to the model, ML models are not standalone objects. Instead, they are artifacts built using a wide range of tools and embedded into pipelines with many interacting components. In this talk, Suha will introduce incubated ML exploits in which attackers inject model backdoors into ML pipelines using input-handling bugs in ML tools. Using a language-theoretic security (LangSec) framework, they systematically exploited ML model serialization bugs in popular tools to construct backdoors. In the process, they developed malicious artifacts such as polyglot and ambiguous files using ML model files. The team also contributed to Fickling, a pickle security tool tailored for ML use cases. Finally, they formulated a set of guidelines for security researchers and ML practitioners. By chaining system security issues and model vulnerabilities, incubated ML exploits emerge as a new class of exploits that highlight the importance of a holistic approach to ML security.

They’re Still Using Balloons… — Disseminating Information Into North Korea in 2024

17:00–17:50 (US/Eastern), Little Theatre

North Korea is the only country you cannot leave. Within this prison state, anyone found with outside information may be publicly executed. Despite the risks, there’s a growing thirst for outside information. Few organizations are able to quench it, as “dissemination tech” hasn’t progressed much beyond balloons. This talk aims to inspire innovation among fellow makers. It will cover the technology that citizens of North Korea have access to as well as the tools the government uses to block open information access, while highlighting projects and individuals that are making a difference.

Our Defensive Security Blind Spot

17:00–17:50 (US/Eastern), Tobin 201/202

This session will introduce methods to monitor sensitive data and network signals directly on the wire, allowing for real-time detection of data exfiltration, accidental data leaks, and zero-day threats through classification of data traveling within Layers 4–7 of network traffic.

An Account on Cybersecurity Outside of Traditional Spaces

18:00–18:50 (US/Eastern), Little Theatre

Diverse perspectives are crucial for effective cyber defense strategies. Allen Walker shares his nontraditional path in cybersecurity and the importance of mentoring underrepresented groups. He will discuss the trials in building a cybersecurity education organization on a shoestring budget and how he found his stride, all while assisting over 80 people of color from marginalized communities to graduate school in four years and countless more in gaining certifications in IT and cybersecurity. You will hear how collaboration and knowledge sharing among diverse teams can better tackle cybersecurity challenges.

Right to Repair in California (SB 244) — Using New Legislation for DIY Wheelchair Repair

19:00–19:50 (US/Eastern), Tobin 201/202

Our medical aids (DME, or Durable Medical Equipment) are designed with planned obsolescence, closed-source, and perhaps most importantly, without our input. Companies do not hire or seek to hire severely disabled engineers who actually use the products being developed. Instead, medical equipment is designed for insurance companies who will “pay the bill” — leaving out millions of Americans who must use GoFundMe or other means to get their needs met. For the lucky few who can get an expensive medical device, the question is: how can we get repairs done? Most people can’t afford it. DME shops have little to no incentive to do repairs, preferring to bill insurance for a brand new one (and send people through months of waiting and doctors’ appointments to try and get approval). This causes major harm to disabled people, the environment, and (often) taxpayers.

CriptasticHacker has a solution. He’s been doing his own wheelchair repairs since 2012 and has documented many of these repairs and upgrades on his YouTube channel. Now, with the passage of SB 244, he finally has a direct line to the technicians of his wheelchair — something unthinkable even a couple of years ago! The struggle continues in getting access to his firmware and battery charging info so he can keep his chair running for many years to come, and help others in that process as well.

2024: The Evolution of Information Warfare in the Digital Age a.k.a What Happens When You Run the Internet Through CRISPR?

20:00–20:50 (US/Eastern), Little Theatre

This talk will explore the evolution of information warfare and the transformative impact of AI and quantum computing. It will examine recent disinformation campaigns and the exploitation of platforms like TikTok and Telegram. Key defensive strategies include AI-driven detection and robust cyber hygiene. Future scenarios involving hyper-reality, digital sovereignty, and the “3DCs” (Decentralization of Communication, Currencies, and Communities) will be discussed. Emphasizing ethical responsibilities and proactive defense, the session will aim to provide insights and tools to counteract emerging digital threats and protect the integrity of information in the evolving landscape of 2024 and beyond.

Teaching With Microcontrollers: Hope for Ethical Hacking Education on a Budget

22:00–22:50 (US/Eastern), Marillac Auditorium

In this presentation, Kody will share his journey in teaching ethical hacking with low-cost microcontrollers, making learning both accessible and engaging on a shoestring budget. With a background in ethical hacking and expertise in creating low-cost hacking tools, Kody will go over lessons learned teaching numerous workshops and designing prototypes specifically for beginners. The hurdles in teaching microcontrollers, such as complex setups and technical barriers, will be discussed and the talk will explore solutions like WebSerial and user-friendly languages like MicroPython and CircuitPython. Various beginner-friendly microcontrollers, including ESP8266, ESP32S2/3, and Pi Pico, will be covered, emphasizing their educational advantages and how grant funding can make these tools more accessible.

SATURDAY. JULY 13th

Climate Hacking to Save the Planet

10:00–10:50 (US/Eastern), Marillac Auditorium

Let’s use our hacker superpowers to help mitigate the ongoing climate emergency. Greg will discuss some of the things that hackers can do to help lessen climate disruption. Some themes will include:
- Technical mechanisms: for reducing pollution and removing carbon.
- Green energy: production, storage, and transmission.
- Misinformation and disinformation: information engineering for social good.
- Modeling and simulation: forecasting future events and understanding interactions within the Earth’s complex systems.
- Effecting social change: raising awareness, changing behaviors.
- Response and resiliency: how hackers can help during climate-caused disruptions.
The impacts of climate change are being felt everywhere, and hackers can help. Hacker characteristics include resiliency, creativity, and an ability to span knowledge domains. There is much to do, and this session will inspire both thought and action.

Love, Hackers, and Robots: A Reflection of My First Year in the Biohacking Community

11:00–11:50 (US/Eastern), Marillac Auditorium

In the summer of 2023, Karen finally pulled the trigger on something she had wanted to do for many years: her first RFID implant. Along with it, she started posting to forums revolving around biohacking and found that despite her research before getting the implant, she had only barely scratched the surface. She found herself joining a crazy community full of hackers, innovators, and cyborgs — where the only limit was whether the tech had caught up to the ideas yet. This talk discusses her journey as a new biohacker, and what she found in her first foray into what might be the coolest community she’s ever been a part of.

What’s Happening With Appin: Fighting Redacted Reporting and the Censorship of Threat Intelligence

11:00–11:50 (US/Eastern), Little Theatre

The Indian “hacker-for-hire” operation, Appin, obtained an order from a court in New Delhi that forced the global newswire Reuters to remove investigative reporting about Appin’s criminal enterprise. Users of Appin’s services included American lawyers, Russian oligarchs, and Scandinavian businesses, among others. With that court order from New Delhi, Appin’s American lawyers demanded that other media outlets remove their reporting, and many have complied. Appin’s lawyers issued threats to the Internet Archive, the New Yorker, various podcasts, and many others. Litigation between Reuters and Appin is ongoing. What threats can this case pose to free speech and the integrity of cyber threat research?

Past, Present, Predictions — A Look Into AI, Deep Fakes, Social Media PsyOps, and Their Effect on the Upcoming Election Cycle

12:00–12:50 (US/Eastern), Marillac Auditorium

This year, many major nations, including the U.S., are holding elections. With new weapons like AI on the rise, there are more ways than ever for existing Psy Ops attacks to be amplified and for new ones to emerge. There’s a lot to be learned from past mistakes, and our last elections have provided plenty of learning material. In this talk, BiaSciLab will show how past attacks and present tools can affect our election system. She will also demonstrate how social media Psy Ops, powered by AI, can influence voters’ minds and change the course of elections.

Popping S(h)ells — Hunting for Vulns in the Stock Market

12:00–12:50 (US/Eastern), Tobin 201/202

Blaming short sellers for your GameStop shares cratering is so 2021. In this talk, Eric will explore how market manipulation actually works. After first getting through some math and strategy, the talk will take a deep dive into how stock exchanges are built. He’ll talk about assumptions made in designing markets, and show how those design assumptions create vulns that bad actors can exploit. Finally, the presentation will break open the SEC archives and walk through past cases of real market manipulation. You’ll learn why the schemes worked and how those involved got caught. The audience will come away from the talk with a new appreciation for late-stage capitalism, a deeper understanding of how markets work, and (hopefully) sufficient discouragement against trying this at home.

The Fundamentals of Veilid: cDc Breaks the Internet, and You Can Too!

13:00–13:50 (US/Eastern), Little Theatre

Last summer, Veilid was unveiled to the world as a part of the Bovine Resurrection. The team generated press coverage worldwide, and managed to drag the window over on how the press talked about digital privacy. Now they come to HOPE to spread the good word of the future restored, how we can seize the means of computation, and how you can help. They’ll talk about the whys and hows of the Veilid framework, and what this new combined technology stack means for restoring the future we were promised.

AI Made a 0-Day: Noah Get the Boat

13:00–13:50 (US/Eastern), Tobin 201/202

This talk will focus on how Erica used AI to generate an RCE zero-day for server compromise to manipulate search engine AI for vulnerability discovery, for captcha bypass, to make tools that would have been impossible without generative AI, and more. Context-driven hacking with real world examples of attack chaining in relation to AI offense and defense will also be discussed.

Librarians Are Radicalizing Their Communities About Why the Internet Is Broken

14:00–14:50 (US/Eastern), Little Theatre

All Computers Are Broken. The hacker scene knows this and fights against it every day. But what about the regular people in your life, those who describe themselves as “not that technical?” They’re the ones who are often most at risk in the hellscape that is the Internet today. How do we help them understand what’s happening when they go online, and how to protect themselves from the worst of it? Librarians, that’s how! Library Freedom Project is an organization that trains librarians on issues of technology, surveillance, privacy, open source intelligence, free culture, and how to organize collectively towards a better world. The LFP believes librarians are an essential front in the fight to create more democratic and free Internet. Come hear what they’re up to, and why their work won the EFF Award for Information Democracy in 2023.

Using the J Language to Streamline Hacking

14:00–14:50 (US/Eastern), Tobin 201/202

This talk will look at how the simplicity and interactivity of the J programming language allows us to easily work with data and code. You will see examples of steganography, direct manipulation of executable binaries, extracting and organizing data from the web, and general uses of J as a “glue” language to invoke external routines by preparing their inputs and processing their outputs. The talk will conclude with references to resources on learning and using this powerful, dynamic language.

Tobias on Locks and Insecurity Engineering

15:00–15:50 (US/Eastern), Marillac Auditorium

This will be a discussion of lock design and what design engineers, covert entry teams, locksmiths, law enforcement agencies, and lock sports enthusiasts must know to assess a lock’s security properly — and to compromise it. Several examples will be shown during the presentation. Marc is a renowned author of multiple books on locks, keys, and safes. Expect to learn about the complexity of locks and why they can often be defeated, regardless of their security rating.

Hacking Your Health: Adventures in Building a Glucose Monitor

15:00–15:50 (US/Eastern), Tobin 201/202

In the past few years, there’s been quite a stir in the hacking community and in the news about a select group of diabetics who managed to hijack the readings from continuous glucose monitors in order to do everything from automatically dispensing glucose to sending notifications to their phones when they need insulin. This leads to an interesting question: what exactly makes a glucose monitor so special? This talk focuses on boiling down the complex logic of a glucose monitor, from the chemistry to the electrical engineering to the cloud, into a step-by-step process that will make you truly realize the ingenuity of these devices which more than nine million people across the world need to survive.

EOL… RLY? Ending The Epidemic of Bricked and Abandoned Stuff

16:00–16:50 (US/Eastern), Marillac Auditorium

As the Internet of Things ages, a gap has emerged between the useful life of connected hardware devices (measured in decades) and the manufacturer-imposed “support lifespans” of the same products (measured in years). The result: useful and functioning devices — from laptops to smart home appliances to heavy equipment — are reaching an OEM-imposed “end of life” and being abandoned or even bricked by their makers. Businesses, consumers, communities, and our planet are left holding the bag: forced to choose between hosting vulnerable and unpatchable “EOL” devices within their environment, or sending perfectly functioning hardware to the landfill and spending to replace an otherwise functional device. In the meantime, malicious actors are rejoicing at a vulnerable population of hundreds of millions of EOL devices they can exploit and leverage in attacks via IoT botnets, such as those leveraged by cybercriminals and nation-state actors like the Chinese advanced persistent threat (APT) Volt Typhoon.

In this panel discussion, leading experts from the cybersecurity and repair community will dig into the growing phenomenon of “bricked and abandoned” devices — everything from toothbrushes and streaming devices to robot vacuum cleaners. The panel will talk about what’s driving the phenomenon of “abandonware” and about possible solutions — both market and policy based — to the problem that will help us build a secure and resilient future for the Internet of Things.

Modern Day Automobile Safety: Rescue Ops Using CanBus

16:00–16:50 (US/Eastern), Tobin 201/202

Modern vehicles use a concept called “drive-by-wire” (DBW) to control almost every aspect of a car from human-controlled basics (of acceleration, steering, and brakes). The vehicle’s local communications network for DBW is known as CanBus, which simply reports status and delivers commands between the various vehicles’ electronic sensors and physical actuators. DBW/CanBus has received a bad rap because of security vulnerabilities, but has also allowed for more advanced safety features (such as lane change indicators, “lane keep assist,” and front crash detection). As a first responder for over 40 years, John has been involved in hundreds of vehicle extrication calls, and he remembers and recalls the especially difficult ones. As vehicles get more advanced, they also get more difficult to perform rescue operations with. This talk will explain how vehicle manufacturers can do more to increase passenger survivability in the event of a serious accident. Using similar concepts as those already in place for high-rise buildings, DBW/CanBus could automate and standardize rescue stabilization and accessibility operations, reduce the chances of injury to rescuers, decrease time for EMS access and patient egress, and increase passenger survivability.

Less Power to Porn Tech Giants, More Love in the Cyberspace

17:00–17:50 (US/Eastern), Little Theatre

Porn tech giants have the power to alter the ways we think of our sexuality and shape how we perceive our bodies and relationships. To get back in control, there are so many challenges to overcome: the fight against image-based sexual abuse, such as deepfake and non-consensual intimate images (NCII); the balance between age verification of users and their right to privacy; the accountability of big platforms; and the safeguard of marginalized groups and individuals. In this talk, the speakers will explore some examples coming from Europe leveraging the new E.U. tech regulations and assess the potential to replicate these initiatives in the U.S., delineate the core problems that we see for sexual representation in the cyberspace, and point together at their possible solutions.

PortableSecret — Carry and Share Your Most Critical Secrets Without Special Software

17:00–17:50 (US/Eastern), Tobin 201/202

Everyone deserves access to encryption, but not everyone can be bothered to learn how to use it. PortableSecret was designed to bridge this gap. It works on any platform, without special software, and it’s so simple even your parents can use it!

Our Communities, Resiliency, Our Future

18:00–18:50 (US/Eastern), Marillac Auditorium

We all need community. Yet community is currently facing major challenges. Humanity faces major challenges. If we are to survive and thrive, an important key is solving problems in community. On top of how much hard work community always requires from us, mix in the rise of authoritarianism, manipulation through “social” media, the polarization of society, bad actors, trolling, the skyrocketing cost of real estate, the ability of all people (including left-leaning people) to fight one another — and the result is a serious threat to the future of our communities. Yet, our future depends on our ability to continue. How can we create communities that are resilient to the challenges we face? Can existing communities be made more resilient? This talk will draw from Mitch’s extensive experiences with hackerspaces, as well as his lifetime of community organizing, to attempt to explore and answer these and other pertinent questions for our future.

Making Surveillance Policy Change in Canada: Slow Burns and Sudden Actions

19:00–19:50 (US/Eastern), Tobin 201/202

This is a talk about the deobfuscating state surveillance project that aims to map out state surveillance capabilities in Canada and the U.K., as well as the laws that govern them (or do not). Started during the pandemic with collaborators in Canada and the U.K., the research has been a slow and gradual process. Taking advantage of Canada’s access-to-information system, the team has spent three years diving into government procurement and has requested over $750 million worth of federal contracts with manufacturers of a wide array of surveillance technology. In this session, Evan will discuss their work on mobile forensic devices — crafty tools for hacking digital devices which they’ve found to be in use by at least 14 federal agencies, and a journalistic collaboration which quickly led to a parliamentary hearing and substantive policy change within six months.

SUNDAY, JULY 14th

Bait and Switching Costs — How Big Tech Took the Web and How to Take It Back

10:00–10:50 (US/Eastern), Marillac Auditorium

In the early 1990s, the technology giants of the day assembled to deploy their vision of the networked future. But that vision was not the World Wide Web. It was interactive TV, a walled garden in which corporations would provide the only content and the only “interactive” element would be the ability to buy merchandise tied to the programs. Big tech lost that battle, but 30 years later, it is winning the war.

Network effects explain the hyper-growth of one walled garden at the expense of its rivals, but it is switching costs that explain why the audience remains as the walled garden becomes choked with weeds. The first step towards taking the Internet back is to start taking switching costs seriously before taking up any Internet service, especially those which are offered at no cost to the user. This presentation will set out a strategy for first reducing and eventually eliminating switching costs in a range of applications from messaging to IoT to social media based on the technologies provided by the Mathematical Mesh — and a strategy for deployment.

What Wi-Fi Devices Are Nearby? Any Cameras Watching Me?

07–14, 10:00–10:50 (US/Eastern), Little Theatre

Ever wonder what Wi-Fi devices are around you? Ever wonder if Wi-Fi security cameras are recording and uploading videos of you? This talk will explore a tool called trackerjacker, which helps answer these questions. It’s been described as nmap for Wi-Fi.

The Future of Leaks: What’s Next for the Online Library of Hacked Data?

11:00–11:50 (US/Eastern), Marillac Auditorium

Whatever you call it — transparency project, publication collective, or journalism tech — Distributed Denial of Secrets has built the world’s largest library of once-secret information, publishing over 100 million leaked files from 60 countries. Including all the pending publications, DDoSecrets has grown larger than the Library of Congress. Like an “endless scroll” of social media, terabytes of data get regularly liberated from cartels, governments, and corporations. Mixed in with the stream of useful leaks is a flood of disinformation, bolstered by AI-powered deepfakes and state-sponsored troll farms. How are we adapting — or failing to adapt? How can hackers and data journalists collaborate to navigate the ransomware blogs, Breach Forums, and hacktivist Discord channels of variable quality? Core DDoSecrets members Emma Best and Lorax Horne come together to discuss the greatest challenges of today’s leaks librarians, and what the future of source protection looks like in a world saturated by misinformation and capitalism.

Navigating Geopolitical Nuances in Cyberattacks With Advanced IP Address Analysis

11:00–11:50 (US/Eastern), Tobin 201/202

While some countries exhibit disproportionate aggressive behavior in cyberattacks, others show proxy-centric Internet traffic redistribution, and some experience higher frequencies of cyberattacks, leading to more compromised computers within their infrastructure. To investigate these patterns, Andréanne and Constance built a honeynet of RDP Windows servers in the cloud, collecting over 190 million events over three years. This dataset provides valuable insights into the origin of IP addresses, though attributing attacks to specific countries is complex. They found various data sources providing contradictory information about IP addresses and will explain how they used several tools to streamline access to this information, while leveraging open source information. The results reveal that different attack techniques vary by geographic origin, and evidence will be presented of shared hacking tools between cooperating countries, enhancing our understanding of global cyber threats.

Circumventing Prison Tech Censorship

12:00–12:50 (US/Eastern), Marillac Auditorium

As lockdowns and solitary confinement increase, an out of control private prison tech industry is profiteering off draconian new restrictions on access to communications: banning books, visits, and physical mail to sell a dystopian digital regime where every message is taxed and monitored on sandboxed tablets and kiosks. This talk will unpack the world of carceral technology: map out the major security corporations, what they have in store for us, and how we can fight back. In this era of police repression and imperialist genocide, how can technologists reject complicity and cooptation? How can hackers practice global solidarity instead, working to undermine and overcome the logic of borders and cages on both the net and in the streets?

Working Towards a Sneakernet for Libre Biotech Wetware

12:00–12:50 (US/Eastern), Little Theatre

A valuable feature of biological organisms is that their code (DNA) is contained in their self-replicating hardware. That means it should be possible to develop biotech (tools) that can be shared as easily as plant clippings. In practice, the investment required to do that development is only mobilized when the assurances of intellectual property can be claimed and enforced in order to protect the investment. How then can we work towards a world where biotech innovations can be more easily accessed by anyone? What does a sneakernet for biotech wetware even look like and what sorts of things would it be good for exchanging? This talk will first tell a story about how open data principles have shaped genomic research, then describe the gaps in that openness extending to biotech in general. That will be followed by a description of some examples of how we share biotech wetware and what it could look like in the future.

Harvest: The Most Interesting Computer You Never Heard Of

12:00–12:50 (US/Eastern), Tobin 201/202

Harvest (IBM 7950) was a one-of-a-kind machine that was built by IBM for NSA for cryptanalysis and text processing. It was an add-on to a better known machine called Stretch, the 7030. There were about eight Stretch computers built, but Harvest was unique. Harvest ran from 1962 until 1976, when the mechanical parts of it literally wore out. Harvest was an unusual machine whose architecture has never been implemented since. This talk will examine all that made this computer so unique. If time permits, discussion will include a co-developed programming language.

Hack the Violin: A Hacker’s Approach to Learning, Playing, and Teaching the Violin

13:00–13:50 (US/Eastern), Little Theatre

It’s a common belief that beginning violin player sound is terrible and has to be that way, and with traditional rote-learning approaches this is most often true! Hack the Violin says it need not be so! Hacking all the components to playing the violin, including hacking music, the mind, the body, hearing, feeling, practicing, and performing, Hack the Violin is a hacker’s approach to learning, playing, and teaching the violin that will enable anyone and even the chair they’re sitting on to make some beautiful melodious sound on the violin right away! Feel free to bring your violin/fiddle along so you can try the hacks for yourself!

Enshittification: Why Everything Suddenly Got Worse and What to Do About It

14:00–15:50 (US/Eastern), Marillac Auditorium

The rapid, precipitous decline of every digital service we depend on isn’t a coincidence. It’s the result of specific known, policy choices made by specific, named individuals. We can reverse those decisions (and we can determine what sized pitchfork those individuals wear).

Enshittification wasn’t inevitable: it was the foreseeable outcome of a plan to encourage digital monopoly platforms and turn them loose to extract unimaginable value from both their users and business customers, leaving behind a homeopathic residue of utility to keep us locked in.

This talk will explain what enshittification is, how it works, why it’s happening now — and, most importantly, how we can reverse it, by seizing the means of computation and building a new, good Internet suitable to serve as the digital nervous system of a connected world confronting environmental collapse, genocide, and rising fascism.

Cap2r: Rescuing the Forgotten Texts Hidden in Analog Video

14:00–14:50 (US/Eastern), Tobin 201/202

Closed captions for analog television were in widespread use from the early 1980s until being supplanted by the digital signal transition in the 2010s. However, these data are not routinely captured when transferring or archiving recordings of the time. The service that provided accessible information to millions of viewers should be preserved alongside the video and audio that is routinely digitized. Submitted for your approval: a system to extract and preserve these encoded messages using readily available components. Delve into the secrets of the analog signal, harness the power of newly-obsolete hardware, and marvel at what is possible with a little ingenuity.

The Arduboy Story

15:00–15:50 (US/Eastern), Tobin 201/202

The story of Arduboy, an open-source, credit-card-sized gaming system based on Arduino, designed to create a community-driven platform for learning and creativity. Kevin will share his journey from developing a digital business card to creating a viral product with tens of thousands of units sold and a thriving community contributing hundreds of games. He will highlight the challenges and successes in developing and scaling Arduboy, emphasizing the importance of community engagement, maintaining vision, and adapting to change. The talk concludes with insights into the open-source economy and the value of intrinsic motivation in fostering innovation and learning.

A Revolution in Representation: Computation Comes to Democracy’s Aid

16:00–16:50 (US/Eastern), Little Theatre

Large groups of people are using open-source software to clarify their internal signal from noise, and by doing so, are bringing about a revolution in representation the world over. The simple idea of having a direct say over one’s own future can feel very remote in today’s democracies, but it’s become possible in the last decade with technological innovation. Polis (OSS AGPLv3) is one such technology — a deliberation system — that is increasingly used by diverse, participatory pro-democracy movements around the world. Social movements and Indigenous nations have implemented Polis to augment their ability to understand their internal diversity and identify their shared goals en route to more effectively determining their own futures. Governments have implemented Polis to listen to their citizens and help their citizens hear each other, towards strengthening democratic processes and institutions — vTaiwan anyone? This talk will cover the basics of the technology and share stories of its impact.

Privacy-Focused Computing Curriculum for Teens

16:00–16:50 (US/Eastern), Tobin 201/202

This talk will introduce a new middle school curriculum on public interest technology that focuses on privacy, Internet infrastructure, and the role governments and corporations play in control and use of the digital infrastructure. Computer science curricula is often sponsored by large technology institutions, and the curricula are aligned with the policies, procedures, and culture of the technology institutions, which may not serve the interests of students or open Internet culture. This new curriculum hopes to correct that. Part computer science, part social studies — this curriculum recenters computing education on privacy and freedom to help youths understand the loss of — and regain — their digital rights.

Hack (To Heal) the Planet

17:00–17:50 (US/Eastern), Marillac Auditorium

There is only one common, livable planet (thus far), but it is increasingly becoming uninhabitable for humans and non-humans. What could hackers do to help address this existential issue? It turns out hackers have already done a lot to raise awareness of environmental problems — and continue to do so with important hacks in the public and environmental interest. In this talk, Unixjazz will cover important chapters in hacker history, but will also discuss ongoing projects that were primarily organized as hacker responses to the environmental crisis. In particular, he will introduce an ongoing project in the Arctic Circle that is bringing a set of tools and approaches from hackerdom to help study and mitigate the impact of permafrost instability. The ultimate goal of this talk is to make a call for hackers worldwide to get involved and engaged in hacking (to heal) the planet.

Innovating for Impact: Building Technology in Resource-Constrained Environments

17:00–17:50 (US/Eastern), Little Theatre

Developing technology within nonprofit organizations presents a unique set of challenges and opportunities. Unlike for-profit enterprises, nonprofits often operate with limited funding and resources, which necessitates a different approach to innovation and development. Jason has spent the last few years navigating this environment, and developing strategies that have come to inform how the Human Rights First Innovation Lab approaches technical work. This talk will explore the intricacies of creating impactful tech solutions in these settings, offering insights and strategies to navigate the constraints while maximizing positive outcomes.

--

--

DCG 201

North East New Jersey DEFCON Group Chapter. Dirty Jersey Represent! We meet at Sub Culture once a month to hack on technology projects! www.defcon201.org