[Nettime-bold] H2K2 - Hope (Hackers on Planet Earth)

[Are Flagan <areflagan@mac.com>]

A report from H2K2 ­ HOPE (Hackers on Planet Earth) Conference, July 12-14,
Hotel Pennsylvania, NYC, New York.

Presumes no previous knowledge of hacking and hopefully expands on some
previous knowledge of hacking.

-af

+ + + + +

Read_Me

H2K2 is only the fourth conference of HOPE (Hackers On Planet Earth) and the
third at Hotel Pennsylvania in New York City. From a relatively modest start
in 1994, the conference has gradually and quite impressively grown in size
from occupying only a small amount of hotel real estate to breach the
capacity of an entire floor during the most popular events. While the
earliest hacker ³conferences² (usually abbreviated Con, as in SummerCon
1987) were very informal and, sadly, often marred by arrests, the gradual
recognition of the hacker enterprise and ethic has led to large public
events like HOPE that are comprised of 12 quite exhausting but equally
invigorating hours of programming per day. Unlike other hacker gatherings
that have taken a very commercial turn, such as the DefCon extravaganza in
Las Vegas (which sidelines as the security industry¹s
peek-at-the-underground showcase), HOPE is heavily invested in the social
and political agendas that motivate and support hacker activity. The list of
speakers and topics is consequently not only cloaked in handles and obscure
network acronyms. It also includes authors and industry experts that,
respectively, have sales ranks on amazon.com and command six-figure
salaries. The common thread is a belief in a free and open society that
readily shares information and knowledge to collectively improve on the
world we live in. Faced with the oppressive culture of security and secrecy
that currently sweeps this nation, the concerns raised, the information
shared, and the stories told at HOPE resonate with an unprecedented urgency
when one considers the increasingly analogous relations between computer
networks and society at large. Each fundamentally operate according to
constantly developing and intermittently agreed-upon protocols that can be
equated with democratic principles, but each of these are also increasingly
controlled by corporate and legislative interventions. When a bona fide,
public forum like HOPE compels some audience members to cover their faces
with bandanas (others, presumably jokingly if black humor counts, sported
silly false noses and moustaches) to hide from the Feds seated watchfully in
the back, the debated lines of contention drawn in session after session
found its mirror image in the assembled crowd. You cannot ask of a
conference to be more real and relevant than this surreal scenario
advertised.

Computer hacking is by all accounts driven by compulsive and obsessive
behavior that does not rest until a problem is solved or curiosity is
satisfied. It was perhaps fitting then that sessions ran back to back on two
overlapping tracks with a third track offering an open forum for anyone to
speak their mind or report on the latest exploits. Those whose ability to
absorb knowledge was not already besieged by this bit-rate could linger in
the network, workshop and merchandise area, which also featured what
amounted to an archeology of hardware available for nostalgic
experimentation. Most, however, came equipped with their own top-of-the-line
laptops and the organizers had kindly installed a wireless network to
support the impromptu groups that formed to share their experiences at the
command line. As such, any gaps in the already overwhelming flow of input
were incredulously filled with computation and programming at an advanced
level, and considering that many participants seemed to have taken part of
their summer vacation in New York City, the sheer endurance of these
attendees should bluntly have silenced any academic, or parental for that
matter, concerns about falling standards and endemic ADD. Not everyone is of
the MTV generation and the Daytona Beach spring break crowd it seems. There
were even family values on display by hacker mums and dads who splurged on
2600 (the sponsoring magazine) caps for their offspring and sat through
complex talks on ICANN¹s increasingly dubious future with them.

This is not to suggest that HOPE was a tech-savvy version of Bible camp. But
considering the avatar nature and negative representation of ³hackers,² the
uninitiated (counting yours truly) may be excused for initially commenting
on the normality and, gender excluded, diversity of the scene behind the
screen. And the educational aspects indicated above are not really an
attempt to repackage hacker activity in a wholesome glow suitable for
wholesale consumption: education, as a transaction in knowledge, actually
sketches the very foundation of hacker activity. The central document that
supports this claim, commonly known as ³The Hacker Manifesto² (search Google
and you will find it by the thousands), was read aloud and commented on by
its author in a session entitled ³The Conscience of a Hacker,² which is the
original title given the text when it first appeared in Phrack magazine.
Written when The Mentor was not much more than a child himself, it bemoans a
disillusionment with the educational system and its stifling standards,
which are overcome by independent experimentation with computers (this is
only a short quote from the text, which was written on January 8, 1986,
shortly after The Mentor was arrested): ³I¹ve listened to teachers explain
for the fifteenth time how to reduce a fraction. I understand it. ³No Ms.
Smith, I didn¹t show my work. I did it in my head.² Damn kid. Probably
copied it. They¹re all alike. I made a discovery today. I found a computer.
Wait a second, this is cool. It does what I want it to do. If it makes a
mistake, it¹s because I screwed it up. Not because it doesn¹t like me. Or
feels threatened by me. Or thinks I¹m a smart ass. Or doesn¹t like teaching
and shouldn¹t be there. Damn kid.² The Mentor added his own statistics to
the latter Manifesto point by estimating that of the roughly 150 teachers he
had been in contact with during his career as a student, only two had left
an inspirational and inquisitive mark on him through their teaching. Despite
its staccato flow and basic language, the relative simplicity of the text
hides very complex relationships between institutions and individuals, as
well as technology and society. It is fundamentally the failure of living up
to the responsibilities of these relations that is being criticized in The
Hacker Manifesto, and technology takes on the role of realizing a new set of
human relations, born from individual responsibility, that truly value
freedom and education. Perhaps easily dismissed, 17 years after it was
written, as a conventional litany against authority, the Manifesto
nevertheless had a young HOPE audience repeatedly nodding to its message.
One can suspect that the approval partly stems from the politicians¹
feebleminded, and still ongoing, attempts to improve the public school
system through testing, testing, testing, testing, testing, testing, testing
and testing. Meanwhile The Mentor has come of age to comply with some
institutional dictums, notably those of Sigmund Freud, by actually marrying
a public school teacher, but he is putting all destructive suspicions about
his early text to shame by scavenging for discarded computer parts in his
spare time to build, in collaboration with his wife, computer labs for the
kids. It appears that ³The Conscience of a Hacker² has always been a solid
work in progress.

There were other proposals aired to integrate a hacker ethic into the school
curriculum from a K-12 level. Greg Newby, a professor at the University of
North Carolina, who made an overtly strong case for hacker respectability by
wearing a tuxedo, proposed that base concepts of information value, privacy,
security and secrecy should be taught alongside basic computer literacy. As
students progress, he suggested that these concepts would get increasingly
complex with attention lent to data integrity and credibility. He also
strongly favored a move from an interface and end-user mentality toward a
curriculum that exposes the nuts and bolts of computing. Newby fundamentally
invoked the curious, motivated and talented hacker, and his or her community
of peer group communication, as a role model for such an expansive approach.
The prime lesson taught in schools, he noted, must be that honest
exploration does not get you into trouble, but serves as the very
cornerstone of progressive learning.

As the introductory paragraphs suggest, the purpose of HOPE is to share
knowledge and Javaman ambitiously kicked off the conference with ³The Shape
of the Internet.² He proceeded to dispel any fears that what was coming up
would be cloaked in technical terms and incomprehensible code snippets by
bravely drawing ³live² on an overhead transparency to illustrate his points.
Despite being blinded by the projected light, he managed to adequately
trace, with a felt tip pen, various scientific models for how the shape of
the Internet has been imagined and mapped. Similar projects have also been
undertaken by a number of net artists with varying degrees of success. Those
familiar with Starrynight, for example, will partly recognize what Javaman
arguably deemed the most advanced and persuasive attempt. By utilizing the
BGP protocol, essentially a connect list that each server maintains based on
received routing information, it is possible to define the number of edges,
or chosen connections, that radiate from each node. Using the premise that
every edge that can exist between nodes does indeed exist, it is then
possible to compile a graph to express the relations. The result poses all
kinds of questions about how the Internet is actually shaped and how its
shape is growing, and some findings revealed what we might have suspected:
most servers seek to connect via the popular networks and, secondly, routes
are chosen for economic reasons. An offshoot is that 1% of ISPs control 99%
of the traffic and bandwidth is consequently centralized, which makes it
more prone to both failure and surveillance. However, with the recent
collapse of some Internet backbones due to corporate bankruptcies, the
subject-to-failure part of the theory disproved itself as nodes immediately
found new routes when the previous hubs disappeared: the Internet did not
collapse. Javaman offered some very interesting alternatives for networking
protocols that included various peer-to-peer methods, such as the ³Fisheye²
protocol that maintains only cursory routing information toward the
periphery of the network. Perhaps the future of what we today subsume in the
Internet lies in these types of configurations?

One of the most vocal sessions came in the form of ³Crypto for the Masses,²
a panel compiled of Matt Blaze, Greg Newby, Anatole Shaw and a fourth
unknown party who declined the honors of putting HOPE on the resume. It
sought to investigate methods whereby personal identity, anonymity and the
right to privacy may be preserved in a network environment, and furthermore
to discuss the hurdles faced by crypto and its adopters. After covering the
tried and tested, but somewhat hard to implement for the less computer
literate, PGP (Pretty Good Privacy) schemes that are in the process of
disappearing, the encryption built into Web browsers became a topic.
Primarily developed to satisfy a consumer demand for secure credit card
processing, it was deemed laughable from a security point of view. More show
than tell, it is primarily there to lend an appearance of security, and the
panelists unanimously agreed that it is, perhaps unbeknownst to most
computer users, rather pointless to embed security into an otherwise
insecure environment, such as, to quote the favorite hacker example, the
Windows operating system. Metaphorically and simplistically speaking it
amounts to installing a steel door in a paper building.

Privacy, however, loves company and the question is if encryption is really
needed or desired for the vast majority of byte transactions that take place
over the Internet daily. It is a public space and most people want to be
seen and heard while browsing and expressing themselves in its passages.
While few disagree with this sentiment, it becomes problematic when
encryption is by design denied some, like regular computer users, and made
available to others, like government. Failed government schemes like Key
Escrow, which was outlined by Matt Blaze in the session ³Educating
Lawmakers: Is it Possible?,² speaks of an authoritarian paranoia that is
afraid of encryption on the grounds that it will deny (it) access to
information. Key Escrow involved the prototype production of a Clipper chip
with a proprietary encoding algorithm embedded that moreover demanded all
encryption keys to be passed on to the NSA through a backdoor.

In the ³Crypto for the Masses² panel Blaze had already made a strong case
for why widely available encryption might be a good thing all around.
Recognizing that the Internet will always be the subject of surveillance, he
suggested that encryption would only slightly diminish surveying powers by
crucially demanding that agents take an extra step to access this type of
information. On the flipside, and to the benefit of those collecting what in
their view amounts to evidence, more sensitive information will arguably be
passed along encrypted channels over the Internet, which will make it open
to a subpoena.

But if it is at all possible to educate lawmakers about such pros and cons
was perhaps inadvertently answered by fellow panelist and journalist Declan
McCullagh (www.politechbot.com) with his hilarious, and equally shocking,
anecdotes about ignorance in D. C. How about the legislative body of Dianne
Feinstein, a Democrat from California, that let out a squeamish scream when
the word mouse crept into the technology dialog and was mistaken for a stray
rodent? And as Lamar Smith, a Republican from Texas and the sponsor of the
Cyber Security Enhancement Act passed by the House of Representatives on
July 15 (the CSEA imposes the possibility of life sentences for ³reckless²
hackers), commented earlier this year: "Until we secure our cyber
infrastructure, a few keystrokes and an Internet connection is all one needs
to disable the economy and endanger livesŠA mouse can be just as dangerous
as a bullet or a bomb." Somehow, and perhaps not so surprisingly, the
instrumentality of knowledge and education has been replaced by a somewhat
irrational fear of plastic pointing devices (that are easily confused with
furry animals, or weapons of mass destruction).

A heated-to-the-point-of-boiling discussion that crept across both
security-related panels was the forthcoming introduction of the Microsoft
Palladium standard. Essentially an updated version of the principles
employed by the failed Key Escrow plan, it involves, through an already
ongoing collaboration with the chip manufacturer Intel, the implementation
of hardware controls under what has been billed as a ³trusted² computing
platform. Problem is that you may as well pay a lot less and get a nice
color TV that remains similar in scope and is less hostile to its owner.
Microsoft and its cohorts will essentially decide what you may or may not do
with your machine, and it is not even a qualified guess to suggest that
built-in monitoring and digital rights management will fit the bills that
support the unilateral trust being built here. While the science of the
project was described as retarded by those in the know, it will of course
adversely affect how the majority of users experiences computers in the not
so distant future. Put succinctly, the Microsoft advertising slogan of
³Where do you want to go today?² becomes even more of a dumb rhetorical
question. A contention was offered, however, that owners would hate their
dictating machines with such vigor that widespread tinkering with the
control mechanisms will turn the end-user population as a whole into
³hackers² and launch a new, open collectivity in computing. Similar concerns
were expressed with regards to privacy. If there were a serious spill of
some proportion, consumers would demand cryptography applications to protect
their identities and communications, if and when desired. Both projections
resound as feasible, but it would certainly be preferable to bypass
potential bankruptcy or disaster and go straight to the decent and desirable
products that respectfully take their owners and users into account.

Hackers have always believed that computers and technology have a vast
potential to make people¹s lives better. But rather than dwelling on
cyberpunk utopias and futuristic projections of the lofty metaphysical kind,
hackers have developed the skills to actually approach this fundamental
premise from a very pragmatic angle. Hacking is not, at its philosophical
and practical core, a destructive enterprise, but rather a directed quest
for the improvement of existing systems. Given how central the cause is for
the application of knowledge and skills, there were a number of talks that
addressed, as already noted, the current network environment in analogous
relation to society at large.

Sida Vaidhyanathan, a cultural historian and media scholar moonlighting as a
professor at New York University, called his keynote crack at this equation
³Life in a Distributed Age.² After collecting the usual cheers for lamenting
the loss of free speech and progressive scholarship due to copyright and
technical anti-circumvention provisions, Vaidhyanathan returned to the roots
of western civilization in ancient Greece to outline an alternative social
model based on cynicism. Derived from the philosophy of Diogenes, cynicism
maintains that virtue is the only good and its essence lies in self-control
and independence. This freedom from convention coupled with moral zeal
would, according to Diogenes, allow for a highly practical politics that
finds its expression in a borderless polis, a decentralized,
self-regulating, informed and competent political body-at-large. Our
projected cyberspace fits this revolutionary corpus, but its realization in
the Internet has of course led to limitations that force the negotiation of
more modest goals than those inspired by the cynical mold. Returning to what
brought him the first accolade, Vaidhyanathan quoted numerous sources that
seek to limit the vast hospitality of the Internet as a decentralized and
responsible space with demonizing rhetoric. The goal is to persuade the
public that the Internet, and technology in general, is dangerous unless it
is used with the proper level of supervision and control. Statements like:
³Our enemies are prepared to use our technologies against us,² which was
made by Richard Clarke, President Bush¹s Office of Cyber Security Director
(also known for his ³electronic Pearl Harbor² analogy), in relation to the
9/11 tragedy are both hopelessly vague and frighteningly encompassing. They
raise the usual questions of who ³we² are and how ³technologies² became
³our[s].² Furthermore, Vaidhyanathan contested, if the Internet helped the
terrorists buy airline tickets it was box cutters that initially performed
and aided their gruesome deed. Legislation limiting sales of sharp or
pointed utensils should according to this logic be forthcoming, but it is of
course more likely to concentrate on areas that may limit the power and
profits of the few, such as open computing and democratic networks.

A similar demonizing was noted by author Doug Rushkoff in his ³Human
Autonomous Zones: The Real Role of Hackers.² After the dot-com pyramid
schemes failed so miserably (for some) and the Internet mercifully shrugged
off business, corporations and mainstream media have increasingly started to
load it with negativity. Symptoms abound and Rushkoff noted that as early as
the Atlanta Olympics we were subjected to what the media termed an
³Internet-style² bomb. Obviously quite misleading from a technical point of
view (the bomb was presumably not modeled after the Internet but its
construction may have been available on the Internet, and no doubt
elsewhere), the language and context thrives on ignorance and lack of
contestation to support the reporting media¹s role in bringing ³accurate²
and ³truthful² stories. Storytelling consequently formed the locus of his
talk. Stories compete for believers and those that control the stories we
live by essentially shape our reality. Rushkoff quoted numerous examples of
proprietary oral traditions and Walter Cronkite¹s signature byline at the
end of his newscasts, ³that¹s the way it is,² summarizes most of them.
Within this closed and one-directional economy of exchanges, hackers emerged
as autonomous voices in a climate where independence was outlawed. By
breaking the spell of programming and feeding broadcasts into a feedback
loop, they demystified technology through shareware and made it available
for uses and contexts that were not supported by the hierarchical structure
whereby stories were, and still are, disseminated. Current attempts at
legislating the Internet and the airwaves, and even hardware (see notes on
the Microsoft Palladium standard above), seek to restore the bullhorn
mentality that hackers passionately resist. As computer interfaces and
operating systems have become increasingly opaque to produce more end-users
with entertainment terminals rather than computing platforms, hackers have
maintained knowledge of computing and not lost sight of the broader social
interaction that encodes choices and spreads information. Here rests the
autonomous zone that remains the real role and function of hackers.

Another panel presenting the Indymedia network of Independent Media Centers
(IMC) brought some of this philosophy to a practical solution. Indymedia was
developed as a continuation and expansion of an online newsroom offered
during the pro-democracy protests in Seattle. It revolves around an evolving
open source code that is distributed by participating Indymedia Web sites in
many countries. The code supports the upload of rich media content such as
images, and the sites consequently offer users the ability to post their own
news stories with a local and personal flavor. Some translation and
cross-posting takes place. Links to sites on the global IMC network are
available at www.indymedia.org.

But pockets like the Indymedia network are unfortunately becoming
increasingly rare on the Internet as licensing restrictions and fees limit
Web casting and the forceful influx of corporate interests are seeking to
silence and dominate it. Several talks dwelled on these developments and
although the topics were different, the methods encountered displayed a
clear pattern where lawyers are replacing individual policing of copyright
and trademarks for federal legislation intended to represent their
interests. How a democratic body can become the executive branch of select
corporations has of course already been answered by the recent revelations
surrounding White House ties to industry.

The panel titled ³Bullies on the Net,² featuring Emmanuel Goldstein, Eric
Grimm and Uzi Nissan, first covered the 30 lawsuits brought by Ford Motor
Company against virtually every domain name that could in some way be
associated with any of its own or subsidiary car models or brand names. A
Swede selling used spare parts for classic Volvo vehicles (a company part
own by Ford) was consequently sued for pursuing a modest and entrepreneurial
livelihood under www.classicvolvo.com. Likewise, fans of the endangered
jaguar at www.jaguarcenter.com (currently featuring a nice big-cat drawing
by Amanda, age 13) were slapped with a suit to avoid confusion between
things that purr and things that rev. Uzi Nissan, who by the merits of his
own last name claimed Nissan.com in 1994 to advertise a computer business,
Nissan Computers, which he started in 1991, talked about his own collision
with the car industry. Five years later after his entry in the domain name
root, Nissan Motor Company, also known as Datsun (unlike Nissan who has
always been known as Nissan), sued him for 10 million dollars. The legal
back and forth is still ongoing and Nissan, the man, is 2.2 million dollars
in the red as a result. Due process in this type of litigation involves
intimidation followed by an attempt to exhaust the opponent¹s resources, and
it has obviously established precedents that have little to do with basic
fairness under the law.

For those interested in subversive uses of media and still remain somewhat
puzzled by the contention last year that bin Laden was inserting hidden
messages in his video broadcasts (rather than straightforward arguments that
Americans should not hear), would have enjoyed the talk Peter Wayner
(www.wayner.org) gave on steganography, which translates as the art and
science of hiding information in digital data. Although he was hard pressed
to define ³hidden,² and was shrewdly hiding his lack of a definition behind
Goedel¹s theorem that prevents us from being logical about detection, the
methods outlined were elucidating enough to bypass such premises. Generally,
to hide data in data means that it must be inserted in places where it will
not be detectable unless you know where and how to look for it. In some
respects (and just to confuse matters further), you essentially need to know
what has taken place to describe what has happened. The Catch-22 can look
like this: in a standard image file data can be replaced up to a threshold
without affecting how the image appears to the viewer. Examining the
distribution of tones, however, may indicate certain levels of suspicious
patterns, but this is not a guarantee that something secret or evil has been
embedded; it may be the work of a benign compression algorithm, for example.
Of the methods covered, the least technical from a non-computer science
point of view was the replacement of digital noise, or redundant
information, with a message. Wayner showed illustrations of how he had
written algorithms to perform such tasks for image files. It basically
involves replacing the least significant bit in the bit plane with one that
belongs to the ³hidden² message; i.e if a value of 255 is changed to 254 in
a binary notation the result goes from 11111111 to 11111110, where the last
digit signifies the alteration of data. Without direct references or a
comparative analysis that point to this manipulation, the conundrums of
detection discussed above are obviously haunting any claims about secret
transmissions (for example in relation to the aforementioned video tapes).

Interestingly, researchers looking to embed digital watermarks in
copyrighted content have embraced steganography to turn the copying of
digital files into an ally in their protection schemes. One not-so-secret
message here is that any unauthorized use of images, for example, can be
successfully contested in a court of law, as the steganographic content,
once unveiled, can be submitted as evidence that the offending file is
indeed controlled and owned by the prosecuting party. Uses of the same
science have essentially gone from being banned to becoming highly desirable
once the rights to secrecy are reversed.

An emerging term that borrows from its hacker roots is hacktivism. Broadly
it covers activities that primarily use the Internet, although it arguably
covers technology in any form, to stage demonstrations. Treating cyberspace
as a public arena, activists turned hacktivists seek to engage issues over
the network, just like people have assembled and marched in the streets to
voice their opinions or misgivings. In a presentation entitled ³Digital
Demonstrations: DDoS attack or Cyber Sit-in?,² Maximillian Dornseif offered
a thoughtful and balanced overview of this kind of action. The benefits of
moving protest online, as he presented them, were the increased visibility
of the protest to a larger number of people; the lack of a physical presence
(anyone with the inclination and an Internet connection can take part);
increased anonymity for those involved; and a reduced investment with
regards to time and money. Although ³demonstrators² are not easily counted
online, advertising the actions in advance can compensate for this
shortcoming, and consequently attract hungry-for-novelty media attention to
these new forms of protest. The agenda is inadvertently reported even if the
format feeds the story. Many online demonstrations have already taken place.
Dornseif gave technical beta on how demos have occurred in the past (mainly
through service overloads generated by reloading Web sites repeatedly or
seeking processing that quickly exhausts the system resources), but he
stressed that the future of online protests should take other users into
account and avoid denial of service attacks. The point is to forcefully make
a case, not to damage it. Of the technical scenarios he offered, the
prospects of ³communicating slowly² (as he named the self-explanatory
method) seemed the most promising. By communicating with the server one
character at a time, the system resources are slowed to a painful crawl.
Comparing the plan to one where, for example, office workers ³strike² by
doing their duties in slow motion (the analogy is not applicable to certain
bureaucracies, as time will cease to exist), these protests could be
explained legally within already existing guidelines and in keeping with
more traditional forms of demonstration. Protesters would less likely become
victims of persecution and prosecution as a result.

No hacker conference is of course complete without a set of presentations
dealing with the art and craft of hacking itself. These were usually high on
entertainment value and quite intriguing with regards to the science, but
they were outnumbered by talks addressing social and political issues
concerning the hacker community. A couple of presentations dealing with
computer viruses and the security of wireless networks are worth mentioning
to expose precisely how futile ant-virus software can be and how networking
through 802.11b can, almost, be equated with public broadcasting.

Robert Lupo, with the you-guessed-it handle of Virus, gave a PowerPoint
overview of what viruses are, i.e. self-replicating code that attaches to a
host, and how viruses may be defined, as malicious code that executes on
behalf of the user but without his or her knowledge or approval. The number
of viruses eventually accumulated in this talk and their various methods of
implementation (some spoken of with open admiration) were enough to make any
computer user feel like a hypochondriac. Adding to the earliest virus
discovered in 1981, there are now about 71,000 known viruses (currently
increasing with about 1000 ³official² viruses per year), but only a handful
have reached any kind of notoriety in the wild. Working as an anti-virus
programmer, Lupo reported that the anti-virus companies receive about
400-800 viruses per month that they have to neutralize. The offshoot of all
this is that your anti-virus software always works retroactively; it
provides a cure for an already known virus that rarely remains in
circulation for very long. Or in common cold terms: the epidemic has passed
by the time you have paid for and received your flu shot. Of course, stray
strands may still be around, but the risk of infection is dramatically
reduced. The most advanced anti-virus applications actually update their
protection files continually to reduce the risk of exposure. For common
users, such practices are of course impractical, but they are reflected in
how desktop software is starting to link their applications to servers that
update files of known viruses regularly. As for more drastic improvements,
Lupo discussed software that detects any hostile activity in a system and
alerts the user before it is able to execute. Unlike the applications used
today, this will provide more general security against malicious code. The
best protection of all, however, it to leave the anonymous messages that say
³I love You² or ³How would you like a million dollars?² alone before you
remove them.

As far as hands-on hacking without entry goes, the ³Fun with 802.11b² panel
was a live performance with plenty of part numbers and DIY gadgets. Pointing
a network sniffer in the general direction of Midtown Manhattan, Dragorn,
Porkchop and StAtIc FuSiOn projected the findings behind them as a streaming
backdrop of data packets from hundreds of networks in the area. Only about
half actually encrypted their traffic, and quite incredulously a quarter had
maintained the default factory settings for access (the consequences of
which were not explored but remain clear). Fun and games were also at the
presenting hackers own expense, however, as the sniffer was picking up local
traffic from the conference network and this did, of course, not go
unnoticed for long by the equipped crowd. Soon messages communicating room
numbers for explicit purposes dominated the packets. But somewhere in the
audience someone brilliantly mixed up accepted file path syntax with
language and cleverly pitted it against the crazed paranoia of secrecy,
monitored networks and criminalized hacker activity by forwarding
usr/local/bin/laden. That action appropriately and succinctly sums up HOPE.

_______________________________________________
Nettime-bold mailing list
Nettime-bold@nettime.org
http://amsterdam.nettime.org/cgi-bin/mailman/listinfo/nettime-bold