Monthly Archives: August 2017

#SHA2017: Creative Writing Workshop for Hackers

11 Friday Aug 2017

Posted by in Text, Uncategorized, Writing a Novel

Leave a comment

Tags

, , , , , , , ,

Let’s hack words! Together with crime novel author Klaudia Zotzmann at the “Still Hacking Anyway” (SHA2017) camp in Zeewolde, Netherlands – we were doing a creative writing workshop for hackers. When we asked the question who was actually a writer, we had a few hands going up in the air. Then one participant asked: “Does code count as well?” And suddenly we had up all hands in the air.

Within our workshop, we did not write any code, but instead we did some free writing. “Freewriting” is practiced by numerous writers and journalists, for example, when they have writing blockades. Creative writing, in which thoughts are put on paper without thinking about it, helps to get back into the writing flow. Nearly all of our participants were writing with pen & paper, and all of them were actually writing!

After our workshops we saw their eyes shine and their faces gleam. So many happy faces! It was a wonderful experience. And so much fun fun fun. ❤ We are still waiting for the stream to be up, as soon as it is ready, I will share it with you.

Podcast
Directly after our workshop we recorded the latest issue of Klaudias podcast about creative writing. You can download the MP3 here. We did talk in German though. Hope you’ll enjoy!

 

#SHA2017 – My Talk „Best of IoT Fails“

10 Thursday Aug 2017

Posted by in Text, Uncategorized, Video

2 Comments

Tags

, , , , , , , , ,

I did give a talk at „Still Hacking Anyway“ (SHA 2017), a campsite conference organized for and by hackers last week in the Netherlands. I called my talk “Best of IoT Fails“. (My sum-up of the whole event can be found here). Most of the other speakers explained at the beginning of their talk why they chose the subject they were speaking about and how they were related to it. Well, for some reason I did not do that (to be honest: I just did not think that it can be imporant for people) – but it was actually the most asked question afterwards while speaking to people. That’s why I decided it might be a good idea to explain it to you here.

I am working as a full-time journalist, being employed at the daily newspaper KURIER and the technology website futurezone.at in Austria. I have been writing about technology for at least eleven years by now, and I have watched all the major developments taking place around the internet carefully. (( And I just noticed at SHA that I am using the internet for over 20 years now on a daily basis (…. wait, what? Yes, it was 1997 for me when I got my first e-mail-adress.) )) When the „Internet of Things“ (IoT) started to rise, I was watching the developments with curiosity.

When the story started
When the first fridges sent out their spam mails in 2014, I did talk to the local people at CERT.at about their thoughts. And I got really angry when I was hearing that the vendors did not care about IT security within their products at all, just expecting that nothing will happen anyway. 2017 – not much has changed yet and I heard the same story all over and over again from many, many, many more interview partners.

For me – hearing such a story is more than just something to write down on a paper and then go home from work and get over it. I do care about what happens to our society with the change of technology and the importance of IT security. I do care, because I know it affects all of our lifes. And I do want to know the whole world about it, understand it – and then start some changes together. I do not want „Blackout“ by Marc Elsberg gets real, and if it gets real, I would at least feel better if we had a plan. Resilience.

talk-bestofiotWell, to get back to IoT. I had so many WTF moments during my work – talking to a huge vendor of lamps that started with the „digitalization“ of their business a few years ago, connecting their lamps with the internet. I was asking the CEO of this company (which will stay unnamed) about how big their IT security department is going to get after this switch to IoT and he told me that there will be one person working on the security and one on IT support. I hardly kept myself breathing after this information.

So, I hope I could explain you, why I did chose that topic. In my talk, I presented some current examples that I collected as a journalist and did write about that might sound like science fiction, but actually have already taken place. The recording of the talk can be found at: https://media.ccc.de/v/SHA2017-163-best_of_iot_fails or via YouTube.

Feedback and discussion
What did politics do so far? Not much – but they have IoT security at least on their agenda. The FCC did touch the subject in its “Cybersecurity Risk Reduction White Paper”, because it could see that „the private sector may not have sufficient incentives to invest in cybersecurity beyond their own corporate interests“. EU vice president Ansip also told in a speech recently that „EU-wide certification and widely recognised labelling would strengthen trust and confidence in the online environment, while making sure that cybersecurity products and services are technically compatible between countries.“ (This speech does contain a lot of WTF moments as well). A lot of IT security researchers I spoke to advised that we would need clearer rules for vendors and standardisation.

What about you? What I kind of missed is, talking to YOU out there. I regret that and it is due to my lack of experience in doing talks (it was my 4th talk ever). After I finished my presentation I should have asked YOU – on the one side for more examples you might have experienced, on the other side for your suggestions for solutions. Sorry that I did not do this properly, we could have had a nice discussion…  If you want to share some stories now, just post them under this blog entry or do write me an e-mail at shroombab@gmail.com. If you liked the talk anyway, also please rate it in the frab.

#SHA2017 – Still Writing About It Anyway

09 Wednesday Aug 2017

Posted by in Text, Uncategorized

1 Comment

Tags

, , , , , , , , , , , , ,

„Safe Harbour, good morning!“
„Hello, here’s Barbara speaking. Just asking when the next ferry is leaving to SHA.“
„It is currently on the SHA site. In about 15 minutes it should be with you.“
„Great, thank you!“

20621280_10155620102022311_1850706278951946414_n

If you wonder, if there is a Safe Harbour existing at all somewhere in the world: Yes, there is. I can confirm this. It is located in the Netherlands, about 1,5 hours by train from Amsterdam and what you read above was my typical morning conversation for last five days with the Safe Harbour crew at SHA.

I was attending „Still Hacking Anyway“ (#SHA2017), a campsite conference organized for and by hackers. It was the biggest outdoor hacker event worldwide this summer and it is usually organized every four years in the Netherlands. 4000 people from more than 50 different nations attended it in 2017 and I was one of them.

20638719_10155627459442311_5835553586531246951_n

On the boat I met a female hacker from Hannover in Germany called MapC. She picked me up by the ferry and brought me to the SHA in a cosy, comfortable boat with nice seats. It was her 2nd ferry ride she did on her own, after a briefing from the harbour team. She was part of the „angel“ team, which means she was one of the volunteers that are helping all over the place to make this event happen. Without angels, it would not work at all. It is the same volunteering system that is also in action at the Chaos Communication Congress taking place every year around christmas. Everybody can help – and I saw even kids helping out at SHA.

20637795_10155620101822311_9205667938168553931_n

The sun was just going down, and when we reached the SHA Safe Harbour, our motor started to stop. Nick Farr was waiting there on the bridge for us, helping us with a rope and bringing the boat to its final destination. Next to him: Phil Zimmermann, the inventor of PGP technology, who just finished his talk about cryptowars 2.0. I did talk to Phil, until Nick brought me with a nice logistics car with a unicorn on top of it to the entrance to grab my booklet. Then we continued driving to my village.

20729360_10155627459407311_8755543649920783756_n

Yes, you hear right: village. The whole campsite was organized in villages and clusters. My community was located at Lamarr Field (named after Hedi Lamarr) and was part of the cluster „Chaos West“. When I got off the logistics car, I had this feeling that I arrived at home. I was overwhelmed by the warm, welcoming atmosphere and my heart was already lost to all these funny, little weird experiences and those kindness of all the people that surrounded me that it took me no second to share these emotions with everybody else I met. This feeling did not go away one single moment, it just got more intense and more awesome every minute that I spent at the campsite, so that I feel really sad, now, being back „home“ again.

I was so impressed by the fact that villages where actually built up and they had water, power and internet connection. To be more precise: An internet connection with 100 gigabit or even faster (2.5 kilometer UTP, 3 kilometer Fiber). At the campsite there is normally orginially nothing. Nine days before the event a crew of people started with the build up, and from day 0 till day 5 the community continues. The power generators were accompanied by an 42V smart grid that showed how sustainable energy can be used at festivals and camps.

20708331_10155630681807311_2668618024427912309_n

In my village, the tents were decorated by solar-powered LEDs – which had the use case that you can see the cords at night and you are not falling over them while heading into your tent for sleeping. There were enough showers and toilets all over the place and even the community kitchen had running water to cook. The „Chaos West“ community cooked some hot vegetarian meal every night and you could support them by buying a token. There was a Pizza Village around, and the Italian embassy cooked noodles. Everybody was bringing his/her own tableware and nobody ever died hungry. The official food court was a nice supplement, but I do not know anybody at the campsite who would have survived with just eating the stuff that was sold there.

 

So far, so good. So what the hell do hackers do all day? Well, they hack. They try things. They invent. They solder. They discuss. They build wireless radio antennas with empty beer cans. They put roles on a car tent and drive it by remote control. They put roles on couches and drive them by remote control. They put roles on chairs and drive them by remote control. They build cars out of empty Club Maté cases and drive around with them. They build a sound system that could be carried around the whole place and played a different sound each squaremeter. Or they take and build a sauna in a barrel (no joke!).

 

 

They also do programme software for their SHA badges which were an extra nice thing that was organized for us. It was a hand-made electronic badge that every visitor received which could show custom information on an e-ink display. It had a wifi connection and you could solder LEDs on top of it. At day 3 there was some ransomware available for the badge, alongside some games like Tetris and a lot of other fancy stuff which could be found in the badge store.

DGiswTRWAAAVrhE.jpg_largeAnd, yes, there were more than 300 talks and workshops as well that someone could attend during the day until midnight in six different tents (I did give a talk and a workshop myself, but I will write about that in a separate blog article – one of them obviously had to do with words ^^). Then there was a music lounge with live bands and Djs every night. The music lounge was built with lots of love, the disco ball and the lasers in action were overwhelming. I did listen to Moldovers concert and the DJ gig of Sarah Farina, but the music lounge was not the only place where music was played. It was everywhere. At „Chaos West“ we had regularly Djs playing at night, the soundsystem was huge and the smoking machine did its best. On one day a huge fire & music show took place that was done with tesla transformers. It was impressive. When I went back on the boat that day, people were making comparisons between SHA and „burning man festival“. I did understand why.

20664476_10155630681822311_7094677027464104614_nEverytime I was on the ferry I met some very interesting, fascinating people. One of them was the speaker Lindsey that came all the way down from Australia to SHA to talk about her successful campaign #notmydebt. In her talk „Resisting Algorithms of Mass Destruction“ she told the story of how big data was becoming the holy grail for the Australian government looking for immediate savings. Then I saw a talk by Jelena about „Cybersecurity and hospitals“, one about car hacking, and that was it for me at the event. But back „home“ today, I already watched some more, because of „home sickness“. All talks where the speakers agreed to stream and record are shared here: https://media.ccc.de/b/conferences/sha2017

So, to finally wrap it up: I enjoyed „Still Hacking Anyway“ (SHA) a lot. I especially loved: The welcoming atmosphere. The smiles I saw in everybody’s faces. The level of craziness. The attitude „we can do it.“ The way how self-organization worked. And did I talk about the Safe Harbour? Well, yes. Thank you. See you in 4 years.

Tweets related to this story:

//platform.twitter.com/widgets.js

//platform.twitter.com/widgets.js

//platform.twitter.com/widgets.js

//platform.twitter.com/widgets.js

//platform.twitter.com/widgets.js