Tuesday, February 13, 2018

RadCon 7b Schedule

Heading to RadCon this weekend. Looking forward to geeking out about all my favorite topics with fellow nerds in front of rooms full of people.

I hope to see you there!

Radcon Feb 16-18, 2018

Understanding the Fairies of Mythology
Using folklore and mythology, this panel will help you understand the most interesting characters in fairy tales, and the fairies themselves.
Fri 3:15-4:15p – Rm 2209
With: Kaye Thornbrugh, Tammy Tripp, Ty Hulse

Self-care for the HSP
What is a highly sensitive person (HSP), and what are the gifts and challenges of being HSP? How can one design a life that works with the gifts while staying balanced and healthy?
Fri 5:45-6:45p – Rm 2203
With: Jeanette Bennett, Judy Johnson, Tamra Excell

Consent, Coercion, and Everything In-between
Does playful coercion violate consent? When has the bridge between playful and abusive been crossed? We will discuss the importance of communication, and how without it even the happiest of situations can turn into a psychological mess.
Fri 9:30-10:30p – Rm 2209
With: Amanda Baldwin, Bruce Kenoyer II, Craig Jackson, Kevin Wiley, Tamra Excell

Writing Mind Control
Your villain runs a creepy cult. Your protagonist chooses to remain in an abusive relationship. Your antagonist is a manipulative con artist. A side character is a cult exit counselor. What can transform an intelligent skeptic into a Koolaid-drinker? No magic, truth serums, hypnotic chants, or hand-waving required. Learn the real science behind cults, cons, and coercion for writing realistic mind control.
Sat 9:00a-10:00a – Rm 2203
With: Frog Jones, Jaleta Clegg

Integrating Regional Settings into your work
SF and fantasy aren't tied to a region, right? We all know that fantasy is faux European and SF is...well, out in space, right? Actually, not so much. How to apply the region and setting you know and love to your science fiction and fantasy writing and have fun doing it.
Sat 11:30a-12:30p – Rm 2207
With: Esther Jones, Frances Pauli, Frog Jones, Joyce Reynolds-Ward

Empaths, Synesthetes, & Other Super Powers
What does science tell us about empathic abilities, synesthesia, and other multi-sensory ways of perceiving - and interacting with - the world? Explore the benefits and challenges experienced by people with these “super powers”. Be ready to share. Excellent opportunity for writers crafting a character with one or more of these traits.
Sat 2:00-3:00p – Rm 2203
With: Jaleta Clegg, John Alexander, Joyce Reynolds-Ward, Tamra Excell

Creativity Gadgets: The Most Useful Technologies for Writers
Technology is distracting – the bane of the modern writer's existence. Yet technologies also give us a wealth of tools that great writers of the past would have killed their favorite character for. From idea generators to Scrivener, from Panlexicon to productivity apps. From story dice, to Pinterest, to Wikipedia, to streaming music services, to distraction blockers, to name databases, to tablets and smart phones. And finally, once the story is finished, tools can help you sell stories! How can modern technology, both electronic and analog, help writers generate new ideas, stay productive, and streamline the writing process for maximum quality and productivity? Bring a notepad (or your iPad) to jot down the dozens of new gadgets, apps, and websites to try!
Sat 3:15-4:15p – Rm 2203
With: Adriane Ceallaigh, Crissy Moss, Jeanette Bennett, Scott James Magner

Writing, Fiction, and the Mind
Panels frequently address the "hows" of writing, but what about the "whys"? What is it about story that keeps people coming back for more? It turns out, narratives aren't just frivolous and fun. Come learn what every writer should on why we crave narrative and how it helps us function.
Sat 9:30-10:30p – Rm 2205
With: Manny Frishberg, Frog Jones, Rhiannon Louve, Sanan Kolva

The Science of Believing
Lots of people believe in things that are, or aren't, real. Not everyone can be right, but everyone thinks they are. As humans, we cling to our convictions as if they were life preservers. Why do we believe things, even when those things are strange or unpopular? And why is it so hard to face being wrong? Science has studied these questions and come up with interesting answers. Come learn about cognitive dissonance theory, cognitive biases, the levers of influence, and mental shortcuts that leave all of us ready to defend our beliefs, sometimes even to the death.
Sun 2:00-3:00p – Rm 2309
With: G. David Nordley, John Alexander, Joyce Reynolds-Ward, Judy Johnson

I'll be signing and selling books in the Authors Alley on Sunday at 12pm. (Location TBD.)

Friday, September 2, 2016

The Complete Skr1pt Kiddie Guide to Elite Hacker Games

The learning curve for information security (aka hacking) can be pretty steep. In addition to understanding tools, exploits, coding, and attack vectors, there's also absorbing the subversive thinking it takes to be a hacker. Nature vs. Nurture: Perhaps people are born with these traits, or perhaps they can be taught. I'd argue that if you're curious enough to try to learn, you've got the proper nature. Now it's time to nurture.

Example of old school hacking,
From the true-to-life 1983 documentary, Hackerman.
Back in the day, we had to learn these concepts by word of mouth, by finding a mentor or have hacker friends, or by brute-force figuring it all out our own damned selves. Moreover, computer equipment was expensive, so experimentation was prohibitive for most of us. To learn, we had to crack live systems which were someone else's property, which was both unethical and illegal.

Today, in this magical virtual world built by us old school hackers, we have the luxury not only of wikis, videos, training programs (some at actual colleges!), cheap hardware, and virtual machines to learn on, but we also have a fine collection of hacker games.

There are three categories of hacker games:
  1. Technical games involve the practice of actual coding or cryptanalysis.
  2. Hacker logic games which teach hacker thinking processes, but the interface and skill bears little resemblance to real-life hacking. 
  3. Hacker-motif games full of green-on-black facades, but with little relation to real hacking.
This list includes games in the first two categories, that is, games of substance that teach something about real hacking.

Click to embiggen.
(Remember to say "Enhance!")
And a quick note about what I mean by "hacking". I define hacking as "any attempt to subvert the designed purpose for a technology, to use it in a way that was not originally intended." This stereotypically include infosec, that is, breaking and entering computers and networks (and defending against said breaking and entering), but it also includes all manner of opening things up, figuring out how they work, and changing them. If you've ever soldered tiny cargo bays to your quadcopter so you can glitterbomb tourists in downtown Seattle*, you're a hacker.

* No confirmed sightings have been reported, however, if someone were to happen to create such a thing, I am completely not responsible.

I've not played all of these, so my description and categorization of them might be off. A listing with a checkmark means I've played it for at least 5 hours.

And listing of the game does not mean I vouch for it.

One last point: If you want to get the full value from these games, don't resort to walkthroughs! Googling how to do something is useful, because you're learning a skill and applying it to a new problem. But looking up the answer in the back of the book teaches you nothing. If you're "stuck", you should spend at least a few days pondering it  then and only then should you go looking for a hint. And I said *hint*, not walkthrough. Looking up the answer should be a last resort.

Lower Tech, Hacking Themed Games:

Look like a hacker, without all the mess!
(Seriously, he's wearing a TIE?!)
Most of these require download and install, for various platforms, including Windows, Linux, Android, and iOS. Some are web-based.
  • ✔ Digital: A Love Story 
    Story-based adventure game that simulates a 1988 computer environment. Solved through email and dialing into BBSes. Loved this game.
  • ✔ Uplink 
     Simulated hacking environment, which simplifies hacking tools but retains the logic. Awesome game.
  • ✔ The Secret World 
    An MMORPG that requires a hacker brain. Set in a dark version of the modern world of conspiracies, werewolves, and Lovecraftian bliss, it's a regular MMO in many ways: You have a character, get gear, and level up. But to get through the story, you have to solve actual puzzles, including cracking passwords on real (staged) websites. There's Morse Code in the early game that you have to transcribe in order to progress. (Which is harder than it seems if you don't know Morse Code.) As with Telehack, if you want to really learn the hacker mentality, you should solve all puzzles yourself (even if you're stumped) rather than fall back to the wikis and walkthroughs.
  • ✔ Hacker Evolution 
    A story-based game which, like Digital: A Love Story, immerses you by placing you at a simulated computer console. The story unfolds as you receive emails and take on hacking tasks. Again, the tech is simplified, but you still have to explore and think like a hacker.
  • HackNet 
    The description says it's a "terminal-based hacking simulator."
  • Hacker Experience 
    Virtual simulated hackable world.
  • Hacker Project 
    Story-driven hacking simulator. Web-based.
  • Slavehack 
    Web-based hacking simulator.
  • Hacker Forever 
    Text-based browser and mobile multiplayer hacking simulator.
  • Secret Republic 
    Multiplayer hacking simulator.
  • Mainlining 
    This adventure-style hacker sim does not yet exist, and is still in Kickstarter. Consider supporting it! Hat Tip: @virtuity
  • Geek Typer 
    Totally not even a game. But that doesn't matter. Fake it till you make it. Type like a geek!

Technical Hacking Games:

Typical scene from DEFCON. Learn the skillz to be legit.
Most of these technical games are web-based and require no installs. Most are free.

Bonus Category: Advanced

It's not stupid. It's advaaaanced!
These aren't technically games, but rather, hacking testbeds that you can set up on your own system and challenge yourself to complete them all.
  • SQLi-Labs 65 SQL Injection Labs 
    Mess around with SQL Injection to learn how Little Bobby Tables got his Master's Degree.
  • Metasploitable VMs 
    Metasploit is a hacker tool that assembles an impressive number of scanners and exploits into one powerful machine. Metasploitables are downloadable virtual machines with known vulnerabilities, so you can practice using Metasploit without breaking any laws. The idea is you grab a VM of something like Backtrack or Kali Linux (which come pre-installed with Metasploit and other tools), and a Metasploitable, and pit the two machines against each other, all while learning both offense and defense. I've been thinking about doing this and live streaming my learning process on Twitch, but this is a project I will likely never get around to.

Want More? So do I.

If these aren't enough, there's a bunch more on this link which I haven't sorted yet: http://hiddenspider.net/links/hacker-games

And once, maybe 15 years ago, I stumbled upon a game where you have to solve various elements hidden within the static HTML, and other 4th-wall breaking puzzles, to advance. I think of it often, and I wish I could remember the name of it so I could find it again! If it still exists. If you know of this game, please tell me in the comments.

I'm highly interested in finding more, especially those teaching real technical skills. Please let me know in the comments, and I'll add them to the list.

Labels: , , , , , ,

Monday, March 7, 2016

2015 Accomplishments, 2016 Goals

It's a little late for the traditional writer's New Year post, listing my prior accomplishments and this year's goals, but I figure this way I'm at an advantage. Because I've already accomplished some things this year!

In truth, these posts are more for my own sake than yours. They help me look back and see that I'm actually getting things done, even when in the moment I feel like a miserable failure.

What did I do in 2015? I survived. And for me, for this year, that is quite an accomplishment. 2015 goes on record as being one of the worst years of my life. I left my two life-partners under extremely painful conditions, put myself in the hospital to prevent my suicide, lost my means of support, moved twice in two months, considered my limited career options, and began my recovery from the brand new case of Complex-PTSD that I developed over 7 years in a trauma-inducing environment.

This has left me with an unimaginable level of anxiety, depression, and cognitive impairments which make work extra difficult and discouraging. But I'm recovering, even if slower than I'd like.

So I survived. A great big check off the list!

That said, I didn’t let myself off the hook too much. Even though I didn't accomplish as much as I wanted to (see last year's post), in some ways I accomplished more. And I crossed some significant goals off my list.
  • Sold one short story, Theogenesis Gimmick, which just came out in the Truth Beyond Paradox anthology, which you can purchase at the link.
  • Another of my previously published stories (Meltdown in Freezer Three) became SFWA qualifying (one more till Active Member!)
  • Wrote two posts that were published on the SFWA blog.
  • Had fun speaking on Radcon 6C panels.
  • I was a Norwescon panelist for the first time! Huge bucket list accomplishment.
  • Presented at Sunstone Symposium for the first time. An amazing experience that I would like to repeat.
  • Presented at an International Cultic Studies Association (ICSA) conference on Helping Former Members and Their Families in Santa Fe.
  • My talk was selected to present at the big ICSA conference in Dallas next summer.
  • Created a number of video podcasts analyzing LDS Conference talks, with Jonathan Streeter.
  • In spite of the financial challenges getting there, I helped launch the first year of the DEFCON Biohacking Village, and committed to running their CFP Review in 2016.
  • Attended Rainforest Writer's Retreat.
  • Wrote a large number of Recovering Agency blog posts, including in-depth conference talk analyses
  • Participated heavily in the outrage against the LDS LGBT Exclusion Policy, and helped comfort (and allowed myself to be comforted) those who were impacted by this decision.
  • Moved to a wonderful new house.
  • Learned an unbelievable amount about life and grew in ways that's really difficult to quantify.
  • Had a number of significant spiritual experiences which are difficult to quantify or even explain.
In short, I have no idea how I did all of that, given where I've been. Even though I'm an atheist and a skeptic, I did feel my feet being guided often this year, like I was being placed in the right spaces at the right times, and carried through rough patches that I wasn't sure I could navigate. For this, I am grateful to The Universe for the wonders I've been shown.

Now to 2016!

The future is so uncertain. And because of that uncertainty, these goals are more squishy (less specific) than I prefer. But it's important to write these things down. It helps make them true.

  • Keep surviving (because some days it’s still hard!)
  • Continue trauma recovery and be happy with where I'm at.
  • Release the Recovering Agency audiobook.
  • Submit more stories, publish more fiction.
  • Write more fiction.
  • Make more income.
  • Successfully run the CFP for the DEFCON Biohacking Village.
  • Speak at Sunstone Symposium on multiple topics.
  • Speak at ICSA Dallas (already accepted!)
  • Panels at NWC and Radcon (already did Radcon!)
  • More blog posts and mind control analysis of LDS Conference Talks.
  • More writing for the SFWA blog.
  • Complete my first paid speaking gig (already accepted!)
  • Publish a few more short ebooks using material I've already written.
  • More guest posts. Stretch goal: maybe even a big one on a well-known and possibly paying blog, like HuffPo, MarySue, Jezebel. Bonus points if it pays!
  • Stretch goal: Write and/or publish a new book, either fiction or nonfiction.

Tuesday, January 26, 2016

Radcon 7 and Norwescon 39 Panel Schedule

It's con season again! I'm so excited to announce my panel schedule for Radcon 7 (Pasco, WA) and Norwescon 39 (Sea-Tac, WA March 24-27). These are some really awesome topics at two of my most favorite cons. I hope to see you there!

Radcon Feb 12-14, 2016

The Science of Believing
Lots of people believe in things that are, or aren't, real. Not everyone can be right, but everyone thinks they are. As humans, we cling to our convictions as if they were life preservers. Why do we believe things, even when those things are strange or unpopular? And why is it so hard to face being wrong? Science has studied these questions and come up with interesting answers. Come learn about cognitive dissonance theory, cognitive biases, the levers of influence, and mental shortcuts that leave all of us ready to defend our beliefs, sometimes even to the death.
Fri 1:45-2:45p – Rm 2205 
With: Peter Jones, Rory Miller

Empaths, Synesthetes, & Other Super Powers
What does science tell us about empathic abilities, synesthesia, and other multi-sensory ways of perceiving - and interacting with - the world? Explore the benefits and challenges experienced by people with these "super powers". Be ready to share. Excellent opportunity for writers crafting a character with one or more of these traits.
Fri 5:30-6:30p – Rm 2201
With: Alma Alexander, John Alexander, Joyce Reynolds-Ward, Tamra Excell

Polyamory Revival
Polyamory is returning to mainstream consciousness with hit shows like "Polyamory: Married and Dating" on Showtime and feature stories in major news outlets. Learn how polyamory is from times of old, how agriculture and property ownership changed family dynamics, and how certain polyamory models are especially empowering for women. Enjoy the discussion, and walk away with suggested readings to further your knowledge on this fascinating subject.
Fri 8:00-9:00p – Rm 2201
With: Amanda Baldwin, Bruce Kenoyer II, Craig Jackson, Kevin Wiley, Tamra Excell

50 Shades of Consent
With the success of books like 50 Shades of Grey, more people than ever are reading about BDSM. But when writing about it, what are some misunderstandings or common errors to avoid? How can writers present it in ways that are safe, sane, and consensual?
Fri 9:15-10:15p – Rm 2201
With: Amanda Baldwin, Craig Jackson, Peter Jones, Rhiannon Louve

Mind Control
Your villain runs a creepy cult. Your protagonist chooses to remain in an abusive relationship. Your antagonist is a manipulative con artist. A side character is a cult exit counselor. What can transform an intelligent skeptic into a Koolaid-drinker? No magic, truth serums, hypnotic chants, or hand-waving required. Learn the real science behind cults, cons, and coercion for writing realistic mind control.
Sat 11:15-12:15a – Rm 2201
With: Peter Jones, Rory Miller

Reading: TBA (Theogenesis Gimmick?)
Sat 12:30-1p – Rm 2211

Surviving the Post-Apocalypse with Disabilities
Survive a post-apocalyptic world with disabilities, both mental and physical, visible and invisible. How do you find food when you have difficulty walking? How do you defend yourself against mutants and rogues while managing PTSD triggers? What will you do without ready access to medications that stave off chronic pain, heart disease, depression, or attention difficulties? Might some disabilities actually become hidden strengths in a world where society has been turned upside down? The panelists are personally experienced with disabilities and will discuss their plans to stay alive through whatever may come. Bring your survival instinct and prepare to prevail.
Sat 5:30-6:30p – Rm 2205
With: Bill Holden, Eytan Kollin, John McDonald

Diversity in Fiction
Our world, and our fandom, is expanding. How is a simple SF/F author to keep up? Come talk with a panel of authors who know a thing or two about inclusive writing. Find out how to go about, why to go about it, and when to go about it (Hint: The answer is now!).
Sun 10:00-11:00am – Rm 2203
With: Alma Alexander, J Tullos Hennig, Kaye Thornbrugh, Peter Jones

Geek Boys vs. the Feminists: An Empathetic Look at Gender in the Geek Community
Through the 70s, 80s, and 90s, geeks banded together against an oppressive world that mistreated them and refused to understand them. They created acceptance and friends where previously they had only experienced bullying and ostracism. Now those geeks feel oppressed by a new threat: feminism. Except, the threat isn't new. And it isn't a threat. Male geeks and feminist geeks have more in common than we have different. Let's discuss the intersectionality of the geek cause with the feminist cause, and why inclusion, not busty body armor, should be the common interest that holds the geek community together.
Sun 12:30-1:30p – Rm 2201
With: J Tullos Hennig, Tim Martin

The Psychology of hackers and gamers; a male/female perspective
With the advent of Gamergate and the press a portion of the gaming community has garnered, people are looking at the anti-social aspect of gaming and of hacking. What are these issues, which are real and which are myths? Come join us for what promises to be a lively discussion.
Sun 1:45-2:45p – Rm 2207
With: L James, Meg James, Peter Jones, Tim Martin

Norwescon March 24-27, 2016

The Future of Accessibility
As much as we might want a future where every injury can be healed, chances are there will always be some things beyond our ability to fix, and situations where tried-and-true will remain the best course. So how might one navigate micro gravity with a leg cast? Would a paraplegic still use a wheelchair, or would exo-skeletons or bionic legs be standard practice? Could robots replace service animals? Let's talk.
Thur 9:00-10:00p – Cascade 3&4
With: Pat MacEwen (M), Sar Surmick, Dr. Ricky

Invisibile Disabilities
Not every disability is apparent at a glance, nor is anyone's personal health anyone else's business. From mental illness to chronic disease to a variety of syndromes and impairments too lengthy to list, we'll discuss the difficulties of living with chronic health conditions, the stigmas associated, what progress has (or hasn't) been made in reforming public perception, and strategies on getting other people to mind their own blasted business.
Fri 12:00-1:00p – Cascade 10
With: Gregory Gadow (M), Cheryce Clayton, Michael 'Tinker' Pearce

Magic Rumble
Join our pros as they each are given a magical system and debate which would reign supreme.
Fri 5:00-6:00p – Cascade 3&4
With: Grant T. Riddell (M), Peter Orullian, Logan L. Masterson

Creativity & Disabilities
Whether your problems are physical or psychological, there's no denying that being creative and creating art is difficult to almost impossible when a disability stands in your way. Come learn how different artists and writers work with, past, or through their personal disabilities and limitations to create their art.
Fri 6:00-7:00p – Cascade 10
With: Kevin Mathews (M), Liv Rainey-Smith, Mark Chapman, Spencer Ellsworth

Consensual Non-Monogamy 101
What is consensual non-monogamy? Is it polyamory or swinging or polygamy or relationship anarchy? Why would anyone want more than one partner? What important advice is there for starting out? How do you do you minimize hurt feelings? Can you? How do more conservative family members react to these plural relationships? Should you, shouldn't you? What are the pros and cons?
Fri 7:00-8:00p – Evergreen 1&2
With: Sar Surmick (M), Sheye Anne Blaze, Wednesday Phoenix, Burton Gamble

A Culture By Any Other Name
Many alien cultures bear a strikingly humanized feel to them. Yet, does creating alien cultures too foreign in design make them too hard to be relatable? The pitfalls, pros, and cons of alien cultures is discussed.
Sat 12:00-1:00p – Cascade 10
With: Jason Bourget (M), Caroline M. Yoachim, Kim Ritchie, Lawrence M. Schoen

Reading: Theogenesis Gimmick (forthcoming in the Truth in Paradox anthology by Onyx Path)
A young woman finds out what happens when you click one of those "One Weird Trick!" ads and finds herself awakened to a puzzling world filled with gods and magic.
Sat 1:00-1:30p – Cascade 1

Sex & Gender Fluidity
We are used to thinking about people in binary terms, but reality is nowhere near that simple. Join our panelists as they discuss what we know -- and do not know -- about the biology of sex and gender.
Sat 8:00-9:00p – Cascade 5&6
With: Sar Surmick (M), Amber Clark, Wednesday Phoenix, Gregory Gadow

A Thousand Words
Literature may be the art of beautiful words, but sometimes great writing comes from--or cooperates with--great images. Come hear how writers use drawings, photographs, and maps for inspiration, worldbuilding, character development, and more.
Sun 11:00-12:00a – Evergreen 3&4
With: Brenda Carre (M), Nina Post, Gregory A. Wilson

The Human Element: PTSD in Science Fiction
Be it the rigors of space travel or the weight of destroying an entire species, protagonists in science fiction take those fights home with them. Join our panelists as they discuss the nature of post-traumatic stress disorder in science fiction.
Sun 3:00-4:00p – Cascade 5&6
James C. Glass (M), Sar Surmick, Robert J. Sawyer

Labels: , , , , , , , ,

Tuesday, August 18, 2015

DEFCON 23: Putting the Confidence in "Con"

I left DEFCON last year wondering how I could give back. This year, I realized that I've always been giving back.

I almost skipped DEFCON 23. I lost my means of support in May and my savings is running out. The wise thing would have been to stay home. But I justified how I should throw caution to the wind and find the means to go, and I'm so glad I did. DEFCON never disappoints.

Highlights of my DC23 experience: 
  • Brought my own phonograph so I could listen to the badge
  • Helped run the first-year Biohacking Village
  • Socialized and made new friends and contacts
  • Networked and pursued job opportunities (this is how I justified the expense)
  • Enjoyed Queercon 12 events and Queercon's sweet badge
  • Attended the Telephreak party

But the real highlight wasn't any single event; it was something I carried within me through the series of mind-blowing events that made up DEFCON. It really is all about "what you bring to the party." This is such a huge ridiculous lifecoachy cliché… but you don't really grok these tidbits of wisdom until you've experienced certain angles of life and succeeded at taking the right kinds of risks.

For the last few years, I've been developing social confidence. These are skills I've been trying to learn my whole life, but confidence cannot be taught. It can only be learned. There is no secret recipe, and describing my path to this point would fill it's own blog post. But I can distill the core of what I've learned into simple phrase:

You have something to give.

Once you grok this concept, not just on the surface, but on a deep level, it becomes easily to have faith in your strengths and talents. Then the social confidence just follows. 

I've come a long way since my first DEFCON in the Riv eight years ago (technically the linked write-up is from my second DEFCON), from my "I'm not worthy to be here!" outlook to the spunk and swagger I have today. 

I couldn't talk myself out of the fear of being a poser. I had to learn by doing.

One way to convince yourself that you have something to give is to start giving. Take a leap of faith and do things, make stuff, help people. Don't be down on yourself about how you're not smart enough or your efforts aren't good enough. You'd be amazed at how little you have to do or know to get involved. It's a lot of work to do all the cool things that happen in the world, and as I learned, even contributing a couple of hours of menial labor is far more than most people contribute, and even small gestures will make you stand out and open up new opportunities for learning, growth, and connection.

My big project this year, which took very little time or effort, was helping put on the first Biohacking Village

Similar to computer hacking, "biohacking" is subverting biology to do something other than what was originally "intended." Which is a pretty broad umbrella that includes implantables, biomolecular computing, bioinformatics, gene hacking, nootropics, transhumanism, medical device hacking, sense hacking, neurodiversity, bioethics, and lots more. 

And a "village" at DEFCON is an area set aside for a focused topic, where attendees can hear talks and get hands on. Other villages include the Lockpicking Village, Tamper Evident Village, Social Engineering Village, Hardware Hacking Village, etc.

Example village: Car hacking!
(Near Biohacking Village)
Why is biohacking important and why does it belong at DEFCON? Because biohacking is now where the Homebrew Computer Club was in 1975. Right now the future Steve Jobs and Bill Gates of the biotech world are sitting in their garages splicing genes to make bioluminescent e. coli. They are designing injectable RFID chips. They are building prosthetics with 3D printers. They are trying to clone dinosaurs. In 10, 20, or 30 years, this question will sound as ignorant as, "What's the point in building an Altair 8800? It doesn't even do anything." (Historical fact: It didn't even do anything.)

Biohacking belongs at DEFCON for three reasons:
  1. The intersection of computer tech and biotech is pretty vast. And that intersection will grow. 
  2. Securing biotech ought to be a huge concern to hackers of all kinds. 
  3. There are of course other cons dedicated to biohacking, like Body Hax Con. But they're brand new. We've learned a lot about technology ethics in the last 40 years. Youngsters who are starting biotech exclusively from the biology side really need our guidance so they don't accidentally destroy all of mankind with their magical wizard powers.

Awkward Diagram
Note: It's not just "computer hacking"
DEFCON is traditionally about all kinds of hacking on electrons.
I myself am not a biohacker (unless you count the work I've done to reverse engineer mind control). I just have a strong interest in what is going on in the field. But that's my point – don't disqualify yourself because you haven't done the thing or don't know the stuff. You still have something to give. 

Even with my lack of experience, I contributed by giving input on the BHV mailing list over the year, and at DEFCON, and I stood at the booth for a few hours answering low-level questions for the hundreds of people that stopped by. I don't have to grow human ears on mice or give myself nightvision to contribute much-needed efforts towards bringing people together and getting DEFCON attendees excited about biohacking. 

Presence can earn some pretty sweet cred. Fangirl or fanboy enthusiasm can itself be a superpower. 

The village was a huge success. We just had the one small booth in the contest room, a handful of demos, and nine talks. Oh, and a pretty sweet logo! WTF on that amazing logo?? It was enough to get the word out and get tons of people introduced to and excited about this grand new thing called biohacking.

One of the most frequently asked questions I got at the booth was, "What about implants?" We had one speaker, Alex Smith, who performed an RFID implant right at our table. I caught it on video:

And as an example of where tech meets bio, Scott Novich had his vibrovest there. It takes sound input and converts it to tactile sensations along the torso, with the primary purpose of helping deaf people sense sound kinetically. But it could be put to many other sense-hacking uses, for instance, it could transform other information, like direction, weather patterns, or wifi signal strength, into a tactile sense. Our brains are extremely robust and can wire to understand any sense we give it, so we're just dipping our toes into the ocean of potential with these kinds of devices.

We've got huge plans for the village for next year, including the possibility of creating a living badge. I'll be even more involved, heading up the CFP process to select speakers for talks, demos, and labs. (Just so you know who to buy beer for. (Just kidding bribery is bad kids! (Plus I don't like beer, but I do like Chartreuse…))) I'm really excited.

Stay safe, kids!
I missed all but three talks. In the beginning, I caught one on hiring in infosec, and two biohacking talks at the end.  (All Biohacking Village talks will be available on video in the near future.) This was somewhat due to the massive crowding on the Paris side of the venue, and somewhat due to a conscious decision to watch the talks online later so I could spend more time doing what can only be done at DEFCON: Socializing.

Since I avoided the Paris-side, I missed seeing a lot of familiar faces, which, in addition to the new venue, made it kind of weirdly not-DEFCON. But I have no regrets. 
My complete review of the new venue:
Paris came equipped with these sweet internet telephones!

Troubleshooting The Broken Meritocracy

In my writeup last year, I promised I'd do a separate writeup of the problems that occurred during the Diversity Panel at DC22. I still have the notes for this post, and I even had a very long and productive email conversation with Priest, who was involved in that panel. Because of the huge upheavals in my life this year, I never got around to writing it, which is too bad, because it's probably too late now. That ship has perhaps sailed. However, the entire experience was illustrative of many of the dynamics in our community, of how well-meaning attempts to help women and minorities to feel welcome and safe can backfire, and some of the reasons why. Priest was really cool about everything, open to listening, and sincerely concerned. I think our community has much to learn from all aspects of the experience. 

I may still do that writeup, even though at this point, the whole thing might be moot. 

My own personal experience of being a woman at DEFCON this year was awesome. Much improved. I personally had no issues. I felt treated well and respected for my intelligence. I never once felt like I had to prove that I belonged there, even to total strangers I had just met at parties. I never felt mansplained to. Flirtation occurred, but in the right venues (parties) and with an air of respect and equal footing, and not to the exclusion of interest in my actual intelligence. A few men expressed concern and awareness of the difficulties I might be facing, saying things like, "I hope you've been treated okay at this con." 

Education campaigns and social justice activism clearly seem to be helping. 

Equality, at long last!
Huge kudos to Dark Tangent, and to specific Goons I've spoken with who have expressed concern and willingness to change DEFCON for the better. (I would name them but I'm not sure they want to be named.) I've said all along that, unlike certain other cons *cough*PAX*cough* DEFCON has handled the various controversies incredibly well: Rather than making public shows of issues and getting defensive, they've been receptive to complaints and even proactively reached out for feedback. All conversations about the incidents occur in private, and then the following year, those incidents do not recur. No public drama, no firestorms, no hurtful pseudo-apologies. 

That said, this was just my own experience, my perception of a general trend towards improvement, and that doesn't necessarily mean everything is fixed. If you did have an issue, I encourage you to reach out to DEFCON Goons privately and let them know. They really will handle it well. If they are ignorant of why a thing is an issue, they will listen. It may take some patience in explaining it to them, but they honestly and legit want to know how to improve. And reach out to me personally if you're uncertain. I'm not a goon, but I'll encourage and support you and give you advice. I know how scary it can be.

At least through my little lens, it feels like DEFCON culture is improving in how it treats women, and hopefully in how it treats other marginalized classes. Way to go and more of this!


I did have one quibble however on the social justice front: just one more little way our community can improve. This is a cultural issue, involving a word I heard over and over, coming from a wide variety of really nice and smart people. I winced each time I heard it, but I didn't have the courage to argue with anyone. (The "You're too sensitive!" backlash does have a cost, which I am sometimes unwilling to pay.) I realize it's a bit passive aggressive to mention it here without saying it to people's faces, especially since I personally know some of the people who used it, but I'm a big chicken IRL. So here goes: 

This word is "retarded" or variants thereof. I know it's a cool edgy way to talk about how unintelligent something or someone is, but those who use it do not understand its history or realize that the person they're talking to (me) falls into a class that is, to this day, marginalized, bullied, and institutionally abused through the use of this word. I have Asperger's, which is a type of autism. And before you say, "Well, we don't mean that kind of autism!"... just stop. You're digging your hole deeper. You're smart. Go educate yourself. If you don't, you basically sound like this guy, only about autism rather than computers. I've got some links in this paragraph, and you know how google works. Or ask me. (I don't want to make this post too long explaining on this rant.) There are lots of sources of why this word is hurtful. And FYI? Yes, I do feel hurt when I hear this word, and no, I'm not being too sensitive. And no, my request is not censorship.

Ancient history, at this point,
according to the Washington Post.
We're not 14 anymore and this isn't IRC. We can prove our intelligence by the words we say and the things we do, not by using slurs to put others down. We've ended the flippant use of the word "gay" at DEFCON as a pejorative. Now can we stop saying the "R" word? 


DEFCON Badge, Badge, Badge, Badge MUSHROOM MUSHROOM!

I didn't get very involved in the badge challenge this year. I did, however, bring a record player. I'd seen on Twitter Wednesday that the badge was a record (yes, a record), and my housemate happened to have a portable USB-compatible phonograph, so I brought it on my Thursday morning flight. This made a wonderful icebreaker for me on the first day. (After that, no one cared.) Using my phonograph, I was able to upload the audio to YouTube for your convenience, so you can listen right now. (Side B's track was a recording of the ever-hot DualCore singing Hack All the Things)

It's just like streaming.. only.. more groovy.
A brief mention of the ultra-hot über badge this year.  Rather than re-describe it, I'll link to someone else's description. I grew up in Richland, WA, with a chem engineer dad who worked for a government contractor, and I worked as an intern on the Hanford Nuclear Reservation, and my favorite con (DEFCON is my second) is RadCon, so all this radiation stuff is basically comfort food for me. 

Photo credit: Japan Times
Because I fail at taking pix when I'm chatting with LoST.
Warm, so warm.

I fiddled with the badge challenge as I had time Thursday, but I really didn't want to go too far down the rabbit trail, because I needed to focus on being social. Solving things and chatting confidently with people about a wide range of topics takes a different spline set, so I resisted the call.

I'm pretty sure this has something to do with the badge challenge.
But if you'd like to see the solution, here is a write up. And another. (There was a wiki but it appears to have been deleted.) 

Queue the Flava Flave jokes.
A lot of people complained about the unwieldiness of this year's badge, but I enjoyed hacking the lanyard, and eventually eschewing the lanyard altogether. I also enjoyed seeing other people's badge hacks. And counterfeit badges were hilarious, like the guy with a paper plate with "HUMAN" written on it. Kids these days don't know what old tech looks like, and this record gave them some exposure to the ancient roots of the hacking community...

The famed "gauntlet hack"
(spotted at barcon)

...Like the Telephreak Badge

Q: How do you tell a phreak?
A: By all the telepwns!
I think at this point, I can officially qualify as a DEFCON Badge Fangirl (is there a badge for that?)

Last year I scored a sweet Telephreak pager, 

...and then wrote about it, which means this year I scored a l33t Telephreak press badge. This orange piece of plastic has little plastic coins in denominations of 25, 10, and 5, and a working rotary dial. To those kids who didn't know what a "record" was, you might also love to learn that this badge is fashioned after an archaic device we once called a "payphone," into which one placed quarters so we could "call someone who cares," as the flamers put it. Now get off my lawn.

This plastic replica represents a significant piece of hacker history, so if you want to be truly l33t, go google Captain Crunch with your advanced "search engine."

Authentic voice-only "phone"
used by nomads in prehistoric times.
It would be truly sweet if someone could hack this badge into a working phone, but I settled for my own little badge hack. The manufacturer's plan for the coin drawer was a literal gaping hole, through which the coins would simply fall out under the force of gravity. Hard to make money from a payphone with that design! Ever one to defy "laws" like "gravity," I violated the EULA and improved on the original by adding a door using found materials. I even added an authentic easy-to-pick tubular lock, just like a real payphone! (And just about as secure!)

"Press" *69
Sadly, this did not protect my coins well enough, because both dimes got shaken out in the flight home, and they seem to be lost forever. Lessons learned.

The Telephreak pager also operated this year, and for some reason, the battery seemed to have more life over last year, even though, to my knowledge, I received no firmware updates. Not really sure what was up with that insane magic! 

(Faces digitally blurred to protect the "innocent.")
Telephreak party was pretty sweet, as usual. I listened to a couple of lightning talks, but mostly I wanted to talk to people, and talk I did. I met new people, reacquainted myself with people I already knew, and even got a little emotional support from someone I'd met last year. (Thanks, man!) The Telephreak party is a great environment for me, because I want just enough alcohol to make me socially fluid, and I want relatively quiet rooms packed with cool, intelligent, talkative people who want to listen to me rant on esoteric topics. Telephreak provides all of this in a swanky environment that makes me feel like I paid a million bucks to be there.

Queercon 12

Thanks to the larger DEFCON venue, Queercon made it's way back onsite, with a constant presence during the whole con. In addition to their kickin' Friday night pool party with the bright lights and body-throbbing music we've come to expect, they had a suite in the Jubilee tower, for packed afternoon mixer parties, and a Saturday night low-key sit-and-chat party. The rest of the time, the suite was open as a safe space to relax and chill out for a little peace and quiet. They provided free coffee and breakfast munchies daily. 

I kind of wish there'd been more women and gender non-binaries like myself there, but I've got no problem with hanging out with cis gay men. They're so adorbs. I took refuge in there a couple of times when I needed an introvert's recharge, and I enjoyed the parties as well.

They also had a few talks in the suite, though I only attended one. Which brings us to the Queercon badge… 

Badges? We don't need no stinkin...
Ok yeah, this joke is too old.
…did I mention I'm a badge fangirl?

So first, I had a badge reserved for me because of my writeup last year. Honestly, one of the reasons I decided to splurge and go to DEFCON against the wishes of the financial advisor who lives in my brain was the personal invite from both Queercon and Telephreak prior to the con, and their mutual expressed disappointment that I could not make it. Never underestimate how small gestures of inclusion can make people feel appreciated and important, and again, never underestimate the value of your contributions, however small, to help build community. These actions and reactions create a virtuous cycle that uplifts everyone involved.

"Press" any key to continue.
As long as it's L, G, B, T, Q, A, I, or +!
At any case, I had a personal invite to the Queercon kickoff party Thursday night. I arrived at their offsite location at Palms Place, to discover I was not only on the invite list, but as a VIP! Flattered and honored. The kickoff party was a great way to spend my first night at DEFCON, with good drinks, friends, and conversations with new folk in a beautiful setting. 

Pix. Cos it happened.
And the badge. Oh this badge. Last year's QC badge astounded as a feat of modern engineering, but this year's topped even that! 

As you can see, it is an egg-shaped pair of circuit boards, separated by spacers, with a living digital creature dancing on a 0.96" OLED display. If that's not colorful enough for you, there are five multicolored LEDs around the inside, to generate eye-dazzling effects at various times.

How is babby formed?
The creature on the badge starts out as a "baby," an adorable blob that dances and plays. (The baby grows up after a rumored 12-hours.) Three buttons allow you to cycle through the functions, which include, "Play," "Set Name," and "ASL?"

Also works in "upside down" mode,
shown here.*
(*image not to scale)
The badge communicates with other badges via a RF chip which is an improvement on last year's IR interface. Line-of-sight interactions were difficult previously, and in contrast, this badge picked up easily on the presence of other badges. 

In the spirit of "badge sex" featured in previous badges, the "Play" function sets off all nearby badges, forcing them to also "play," causing their lights to blink and their character to dance around. Babies could not play with adults, thus preventing any interactions of questionable legality.

By day two, all of our badges had grown up. Each badge had been programmed with six different heads, torsos, and feet, which could be combined in 80 different character designs. Mine was a octo-robo-bear, with lovely wonderful tentacles for feet. They couldn't have picked a better character to give me. 

The Über Badges (there were 13), were black and had their own unique characters not built from the parts of other monsters.

We could "befriend" one another, which involved clicking "Befriend" at the same time another person did so. We discovered through trial and error that friending could only happen one-on-one.. You could non-consensually play with a large group of people, but the more intimate function of friending was rather mononormative.
The devilish plans
of the mononormative agenda.
The "ASL?" feature allowed you to look at your stats: How many other badges had you seen, how many übers? How many people had you befriended? Who were your faves (which badges did you hang out with the most?) And which achievements had you unlocked? 

Yes, there were achievements, for things like attending specific events, making a certain number of friends, and sleeping with your Fave. (This achievement involves putting your badge into sleep mode at the same time as your fave, in proximity of your fave, and leaving it in sleep mode for 30 minutes. There was some debate at the badge talk about whether 30 minutes is long enough… as the only vocal woman present, I disagreed. A half-hour is definitely not long enough.)

Some of the features were a little buggy, and I didn't get credit for a few things, like for all the über badges I saw, or for going to the badge talk. Since I'm an achievement completionist, it bugs me a little bit (get it, bugs?) but that's my own psychosis, so I'll deal with it. Probably through medications and therapy.

Cables and wires and stuff.
They hold in the magic "smoke."
See how the display has come loose?
The fix is described below.
(Hint: Glue)
One achievement I missed due to my own failure, so I deserve it. Two of each character-combo existed, leading to the achievements "Find your twin" and "Befriend your twin." I apparently was in the same room with my twin at one of the packed mixers, but I did not seek them out.

The badge came in a sweet box with l33t stickers and a lanyard and a pin. (I used the pin to hack my DEFCON badge to make it a wearable technology.) Total cost of the badge, including the swag that went with the badge, but not including labor to design and build it, was over $100 per badge. There were 175 badges created, but one was destroyed beyond repair, so only 174 are in circulation. 

It is QC's intent to keep badges scarce because clearly they understand psychology, that the rarity of a thing builds interest. This is a true fact of mind control and persuasion of the masses. So good social hack, guys! :D

Another feature is the "flag" which makes all the lights go all rainbow. There are a number of big gay flags, including bi, trans, ally, leather, and bear. I had a hard time choosing between bi and trans, but it turns out they're almost the same colorset. How very convenient for me.

The badge does have a cheat mode, and here is the secret: 
  1. Go to "Set Name," and choose it.
  2. Hold down the left button until the lights blink and it says, "Enter a cheat code, you wascally wabbit."
  3. Whatever you do, do not hold down the middle button instead of the left button. It turns on one of the green LEDs and locks up the device and summons a demon. (The demon is invisible.)
  4. Enter the cheat code.
  5. Hold down the middle button until pretty lights flash. If red lights flash, you have entered an invalid cheat code. (This also unsummons the demon.)

Cheat codes include: 
  • "R2L" and "L2R" - mirrors and unmirrors the screen
  • "SMILE" and "FROWN" - makes you happy / sad
  • "BABY" and "MOMMA" - turns you into a baby / enables "grow up"
  • "BANNER" - enables flags and removes flag cooldown starting with the next use
  • "FFS" - enables flags
  • "BANDW" and "WANDB" - inverts the screen colors
  • "TITULAR" - enables title selection. Go to the ASL screen, and you should be able to choose from your unlocked titles.
  • "WOOF" and "MEOW" - enables/disables "puppy mode"

If you have one of these badges, protip: The display can come loose. Just glue it down. You will also want to add some dollups of glue to the corners (as shown) to prevent these from catching, breaking, and damaging the screen itself.

Glue that shit down.

Queercon 12 Pool Party
Still the best party at DEFCON
Overall, I've got to hand it to Queercon. When I first started coming to DEFCON eight years ago, "gay" was still a common pejorative in the hacker/geek community, and homophobia still ran rampant. Queercon established the LGBT presence within the hacker community as a cool crowd that people wanted to be associated with in a positive way. Moreover, they created a space that was safe, not just for LGBT folks, but allies and others. Rather than directly confront the homophobia, the QC folks stepped in and changed the stigma. This is an effective persuasion strategy, one which I think other marginalized groups ought to emulate. 

Couldn't have said it better myself.

Social Justice Hacker Slacker

I say the above with some hypocrisy, because people like Tarah Wheeler Van Vlack and others have been making similar efforts for women at DEFCON, and I've not participated with my fullest efforts. Yeah, I'm a total slacker. In my defense, I've got my other causes I'm championing. 

Infosec Unlocked had a party, which I did attend, and there was also a "W" Hacker Women's Party, which alas, I missed due to my personal failings at being able to comprehend physical space and the relentless passage of time.

I at least support these efforts in spirit. If anyone says that X class of people should stop complaining and actually do something, please know that X class of people probably are already making various efforts. Just because someone is complaining doesn't mean they aren't also building something and effecting change hands-on. Complaining has its place, as does doing. Thumbs up for all of that. And keep in mind that the ability to not have to worry about these sorts of issues, so you can spend time on lots of other fun projects, is itself a privilege.

Anyway, if Queercon can do it, so are we!

Other Parties

A quick shout out to the 303 Party, which was awesome. Great food, loud music, strong drinks, and opportunities for conversation. We can always count on DC303 to make a party happen.
The DC303 party jumped the shark!
(And the shark twerked back.)
And a shout out to barcon, the con that moves to casino bars after all the parties have died a drunken death. 

And to the DC949 guys, who, in a stroke of brilliance, decided that rather than throw a party, they should just take the party with them onto the con floor! They're the ones with the brightly-colored LED biohazard backpacks plus magic music-making speaker things. At some point late Friday night, long after the parties, when barcon had begun to grow stale, I found myself dancing behind them, through the streets of Paris, as they led con-goers with their spell, like rats or children following the Pied Piper through Hamelin. 

Artist's depiction of the DC949 "party"
We ended up in some room, after which, I believe someone stole and returned an electric scooter, the sun came up, and incidents occurred. Not necessarily in that order.

Abandoned barcon area over at the Rio. Ah, memories.
Uh, I don't remember how I got to the Rio,
but this pic is on my phone, so.
Speaking of music, the DEFCON 23 Soundtrack is as cool as ever, but this year even more cool than ever because it is conveniently on Spotify! No more will you have to place the round plastic disk (no, not a record silly; a "CD") into a "player" you no longer own! Now, through the magic of streaming, you can listen to DEFCON wherever and whenever you please. This is an activity I am presently doing, while simultaneously writing this post. It's a DEFCON miracle. (Nevertheless, please donate to the EFF – they are keeping your hacker ass free! FREEDOM!)

If you prefer Pandora, you are flat out of luck, because, what are you still doing on Pandora, grampa??

The End is the Beginning is the End

The true hacker spirit is DIY geekery. To harp on the theme of my previous DEFCON write-ups, get involved! Do stuff! L33tness isn't granted only on the ordained by the Gods of Über, and it isn't even a state of mind. It's a gumption to go out there and do something. This attitude merely requires a little bit of confidence and a dash of bravery. It does not require mythical mad skills that only "other" people have. You can acquire the mad skills, or *surprise!* you may already have the certain mad skills that you are currently undervaluing because those things seem so easy to you.

That's my new insight this year: I thought I wasn't involved in DEFCON. But I was! All these years, I've been doing the thing that comes naturally – doing the easy thing that's fun for me to do, so I discounted my own contributions.

The spirit of turkey is within us all.
Other people apparently have found my DEFCON write-ups useful. Writing isn't hacking. Not by any stretch of the imagination. But it's something I'm good at. I let my enthusiasm shine through a comfortable medium. 

After doing write-ups each year, more and more people noticed, which opened doors to new opportunities, which enabled me to learn new skills and participate in other ways.

So here's my advice this time around:

Do what comes easy, what you love, keep doing it even if it might not seem cool or seem like it matters. If it's easy for you, it may be tempting to think it's easy for others, and therefore not valuable.

But that's bullcrud! If it's easy for you, that means it's probably fun, and it means you're talented and skilled at it. The thing you're good at might actually be really difficult for others, or you might do it in a way no one's ever thought of doing it before. In a DIY culture, that contribution will probably be worth something to someone eventually. Solder and coding are all the rage right now, but there's a place at DEFCON for all types. Lockpicking wasn't always a thing. Hardware hacking wasn't always a thing. There wasn't always a place for artists. So what's your thing? Can you tie it in to hacking and make it a thing? 

So long, and thanks for all these t-shirts.
That is the key advantage of hacker culture. The outside world sees little value in your efforts and weird hobbies. But at DEFCON, we're all huge nerds with obsessions for activities that mainstreamers see as meaningless. There's a good chance that someone will appreciate your passion for what it is.

And you will eventually (not right away) be noticed and appreciated. It will unlock doors into friendships and new connections, more opportunities, more chances for conversations and fun, and exposure to learning new things.

This advice applies not just at DEFCON, but to other communities, too. Over time, as you experience more positive feedback for what you've done, it can, eventually, build your confidence and defeat your Impostor Syndrome.

So start out with the easy stuff. Follow your passion and your curiosity. Experiment, don't be afraid to fail, and by blundering around, you will find your niche.

And most of all, realize that you, too, have something to give. Let's see what you've got.

Labels: , , , , , , , , , , , ,