The Humanity of ShmooCon

I’m missing the ShmooCon hacker conference for the second year in a row because of family activities. But it remains a favorite of mine for several reasons. One is how its not afraid to explore how the human condition affects the security profession.

Mood music:

For starters, ShmooCon has given Johnny Long a platform.

Long, one of the world’s foremost hackers, has given presentations on why he started Hackers for Charity, a nonprofit organization using the skills of technologists to solve technology challenges for various non-profits and provide food, equipment, job training and computer education to the world’s poorest citizens.

Besides the obvious good that comes of this, the organization has done much to humanize hackers and help the world see them as more than introverts in basements using technology to break into networks for nefarious purposes. More than ever, hackers are seen as agents of positive change. Long deserves our thanks for that, and ShmooCon deserves thanks for giving him valuable exposure.

I also appreciate how ShmooCon has showcased the gifts of those who are different.

A powerful example of that was a talk renowned security engineer Marsh Ray gave at ShmooCon 2011, where he used the fragile mental condition as the basis of a talk called “A paranoid schizophrenia-based model of data security.”  In that talk, he described working in a psychiatric hospital more than 20 years ago and getting to know Keith, a fellow who usually sat on the park bench strumming his guitar for spare change.

“Sometimes I would take a break from reading microprocessor manuals and listen,” Ray said at the time. “Keith had paranoid schizophrenia. He could explain how the world worked: ‘There is a great international conspiracy…’ he would say. Electromagnetic fields, government satellites, resonant dinner plates, you name it: He had it all figured out.”

Ray noted how Keith couldn’t trust the conflicting information coming from different parts of the brain. He knew he was vulnerable and spent much time and energy thinking about it.

“Does this not also describe our current relationship with data security?” Ray asked. “Our architectures have become so complex that they are inherently susceptible to internal schism, leaving us vulnerable to sudden manipulation by shadowy external forces.”

Ray noted that many of the things Keith predicted have come to pass. For example, including radio transmissions being monitored by satellite and underground markets emerging for the purpose of trading information.

There are many more examples from previous years. But those are the ones that really stand out for me.

Sorry to miss it this year, but I wish those who are there a fabulous, enlightening weekend.

 

ShmooCon logo

Hackers for Charity: Essential Reading

One of the best examples of what makes the information security community special is Hackers for Charity, an engine for good started by hacker Johnny Long several years ago.

Mood music:

Long set up shop in Jinja, a town just east of the Ugandan capital of Kampala. Hackers for Charity brings to bear the skills of hackers worldwide to provide free technical support to cash-strapped local charities and organizations.

Volunteers work to improve Internet connectivity and put technology into the hands of those who would otherwise be left out. The organization also provides those it serves with a wealth of technical training.

One way it raises funds is by selling T-shirts, bracelets, stickers and hand-crafted leather accessories online and at security conferences around the world. The leather crafts are made in Uganda and include iPhone cases, iPad cases, journals, tumblers, coffee mugs, shot glasses and more.

The organization is well known in the security community, and most of what has been written about it has come from Long. But recently, Khalil Sehnaoui, managing partner and founder of Krypton Security, journeyed to Uganda and spent time with Long and his neighbors.

Sehnaoui kept an online diary that delves deep into the soul of Hackers for Charity. It’s a must read for anyone who cares about helping others, as is this post Long wrote about the visit.

Hackers in Uganda