[HOPE_16] Talks

We are processing a whole lot of talks and we have room for more! Below are the latest selections from our accepted submissions-- more on the way!

Both Sides of the Wire: Surveillance, Whistleblowing, and Building a Cyber Peace Movement

John Kiriakou

As a former CIA officer who exposed the agency’s torture program, John Kiriakou paid the price with his freedom. In addition to disclosing wrongdoing, he understands surveillance from the inside. This talk brings together that firsthand knowledge with a challenge to the hacker community: we must pursue a cybersecurity model rooted in cooperation, transparency, and peace rather than conflict.

This talk will explain how today’s digital ecosystems - including both software and hardware - are vulnerable not only to technical compromise but also to political manipulation. The threats we face are not just from malicious actors or hostile governments, but from within our own systems. Co-opted code, opaque procurement processes, and surveillance-by-design continue to erode public trust. It is time to reclaim the hacker ethos and direct it toward a global cyber peace movement. Here you will learn why hackers, technologists, and civil society must lead this effort, and how the only sustainable security is one built collaboratively, with integrity and purpose.

Getting Out of DOGE: A Discussion With a Former DOGE Engineer

Sahil Lavingia

The whole world has been watching as the "Department of Government Efficiency" (DOGE), the partnership between Elon Musk and the Trump administration, has worked to fulfill its pledge to reduce waste, fraud, and abuse in the federal government. Despite promises to the contrary, there has been very little transparency about DOGE or its operations-- until now.

Join Sahil Lavingia, a former DOGE engineer, as he guides us through what DOGE is actually doing, explores the kinds of technology being used, and suggests ways we can improve systems in general. With both a background as a software engineer and rare insight from having actually worked for DOGE, Lavingia will help shed light on topics either previously unknown or filtered through the media.

To quote Livingia's NPR interview: "I personally was pretty surprised, actually, at how efficient the government was."

Hacking for Social Justice

Danacea Vo

“How can my hacking skills become a force for advancing social justice?” Those who ponder this question often know what they’re up against - oppression, inequality, enshitification.... But the path toward building meaningful change can feel unclear or overwhelming. This talk draws from years of experience working alongside activists, human rights defenders, and digital organizers, and offers a practical framework for lasting, meaningful change. You’ll gain social impact strategies that will help you align your technical skills with the movements and communities you care about. If you’ve ever felt the call to do more - with purpose, with clarity, with community - this is your invitation.

Hacking the Tech-Industrial Complex: Learning to See Invisible Systems

Seth Godin

The author of more than 20 international bestsellers gives us an inside view of the systems that drive our culture. Every dominant system works to maintain itself, and we can find strategies and stories that push to make things better.

How Law Enforcement Agencies Compromise Entire Encrypted Chat Platforms

Joseph Cox

Law enforcement agencies compromising entire encrypted communication platforms to read peoples’ messages is no longer an outlier. It is the new normal. That includes the FBI taking a tech startup called Anom and inserting its own backdoor, French authorities pushing a malicious update to tens of thousands of EncroChat devices, European cops hacking another company called Sky, or any of the increasing number of related cases. In this talk, Joseph Cox, co-founder of 404 Media and author of Dark Wire will detail police tactics, pulling from his nearly ten years of covering the encrypted phone industry.

Not Your Private Army: On the Trail of Cyber Ops

Emma Best

During the past two decades, hacktivist spaces have been infiltrated and co-opted by hostile interests, ranging from state actors to political and corporate entities and entitled oligarchs. This talk examines how these outside parties have attempted to build private cyber armies and task forces through the recruitment and exploitation of gray and black hat hackers. Special focus is given to the “Anonymous” brand, Western state actors, and the 2022 Russian invasion of Ukraine.

The Present and Future of Online Discourse

Harper Reed

Today’s technologies greatly empower individuals and groups, while simultaneously creating tremendous risks to freedom and privacy. How can major forces like big tech, artificial intelligence, and political governance be guided towards pro-social outcomes? What can individuals do? Is there hope for social media to heal divisions, rather than amplify discord? These and other topics will be addressed during this lively and far-ranging presentation.

Hacking Search: Kagi’s Revolt Against the Ad-Tech Machine

Vladimir Prelovac

You know the drill: search for official travel info, get an overcharging third-party site. Look for a hotel, get a misleading aggregator. “Free” search costs you time, money, and trust. Kagi is the revolt - a paid, obsessively user-centric search engine architected to serve you, not the advertisers. This session reveals how Kagi sidesteps the surveillance model, leveraging diverse sources and AI tools (under your control) to deliver clean, customizable results. Founder Vlad Prelovac will detail the tech choices enabling genuine user agency (blocking SEO garbage, elevating trusted sources via filters), the challenge of building viable alternatives outside the ad-tech ecosystem, and the fight to restore user agency against data-hoarding monopolies. If you’re tired of being the product on the web, join the resistance.

Hardware Hacking Meets Art: How Movie Special Effects Are Made

Davis DeWitt

Step into the world of movie magic with Davis DeWitt, a filmmaker, inventor, and former Mythbuster and learn how combining hardware hacking with art creates objects that do more than function: they evoke emotion and tell stories. From blowing up cars to building robots with personality, this talk will explore why it’s important to tackle projects that blur the lines between disciplines.

PrivacyTests.org: Web Browser Leak Testing

Arthur Edelstein

PrivacyTests.org is an open-source privacy audit of popular web browsers. The project subjects web browsers to automated leak tests and regularly publishes the browsers’ test results head-to-head on a website and on social media. The goal of PrivacyTests is to encourage all web browsers to mend their ways and comprehensively protect everyone’s privacy. By thoroughly exposing the leaks in web browsers, the website helps users choose a more private browser, and thereby puts pressure on browser makers to fix their privacy leaks. In his talk, Arthur will give some details about the project’s approach to testing and presenting test results, and show how browser privacy has evolved over the past four years.

CRXaminer - Deep Dive Into Chrome Extensions (Plus Tool)

Mark El-Khoury

You spend your time configuring HTTP headers and hardening your containers. Meanwhile your CFO just downloaded a Chrome extension to make the font in Gmail Comic Sans. What are Chrome extensions, exactly? This talk will dive into details, including format, contents, static analysis with custom rules, threat modeling (when does this even matter?), and some of the unique challenges of building a security scanner. A tool will be demoed that has just been released for this: CRXaminer (crxaminer.tech). You will learn how you can immediately start using it.

Design for Neurodiversity: Creating Neuro-Inclusive Spaces

Dorothy Howard

This talk will explore the concept of neurodiversity and its implications for designing events and spaces with neurodivergent people’s diverse needs in mind. The neurodiversity paradigm promotes embracing neurological differences, emerging from the autistic rights and disability justice movements of the 1990s. Accessibility guides and resources rarely focus on neuro-inclusive design. The presentation will highlight strategies for creating neuro-inclusive environments informed by research in education, including examples such as low-sensory rooms in libraries and conferences. Attendees will be encouraged to reflect on how neuro-inclusive design can benefit the communities they engage with.

New Journalism: Reimagining Information Networks From the Ground Up

Patrick Boehler

This presentation explores how communities are developing resilient information-sharing systems that outperform traditional journalism. Drawing from research on independent journalism in China, Patrick will examine how these organic networks function as advanced social technologies that challenge conventional understanding of information distribution. The talk invites the HOPE community to reimagine information infrastructure that can withstand authoritarian control, resist corporate manipulation, and genuinely serve community needs through collaborative problem-solving and the application of security expertise in distributed systems.

The Quantum Curtain

Ed Ryan

High technology has taken on a new meaning. As AI technologies grow increasingly creepy and quantum computing catches major headlines, the U.S. government is scrambling to cover its posterior. Recognizing that these technologies pose a significant security risk, the U.S. Bureau of Industry and Security has imposed export controls on AI and quantum computing technologies in an attempt to limit their spread. This talk will discuss the history of export restrictions, touching on cryptography and the Playstation 2, before moving on to explain the new restrictions and their implications for those working in impacted fields. The idea of a “deemed export,” which limits who is even allowed to learn about certain technologies, will be addressed.

Aphantasia: A Personal Reflection

Dr. Earl Brown

Imagine a mind without mental images, where “picture this” has no meaning. Aphantasia - the inability to form mental images - is a little-known, rare condition that affects around one to four percent of the population. In this presentation, Earl will talk about aphantasia and how it has impacted his professional life as a pathologist and a teacher with more than 35 years of experience. He will explore its impact - both good and bad - on everyday experiences such as chess, piano, drawing, reading, memory, and learning, finally speculating on how aphantasia may affect creativity and the hacker mindset.

Invisible Ink of Compression

XlogicX

When you pop the hood of RFC 1951 (DEFLATE), there lies an interesting playground that would be otherwise unseen in the context of compression use cases. This talk will address many aspects of the ubiquitous DEFLATE compression, none of which involve compressing data! “Designer Compression” scenarios will be explored, such as blocks of DEFLATE data that can be fully ASCII printable, contain no data, buffer underflow access of nulls, and even apply forms of recursion. We will also see forensic data extraction from compressed fragments, employ difficult to detect watermarking, demo a covert channel PoC (deflate in http), and forever-cookies. The presentation style will take a high-level first pass and then dig into the technical details with the time left.

How a Handful of Location Data Brokers Actively Track Millions, and How to Stop Them

Bill Budington, Lena Cohen

In the past year, a number of investigations have revealed the outsized role of a few select companies in gathering, storing, and selling the location data of millions of devices - and by extension people - worldwide. These companies largely use technologies which power the online advertising industry in order to collect and disseminate this data. To make matters worse, this data has been both provided to private investigators on the mere assurance that they plan to work with law enforcement, and has been subject to data breaches which put the privacy of millions at risk. This talk will elaborate on the technologies, data flows, and industry players which comprise this complicated ecosystem. Most importantly, it will cover some basic steps you can perform to protect yourself against the wide array of location privacy harms your device subjects you to. The presenters will show tools and techniques they’ve developed to allow users to take back ownership of our devices, rather than our devices owning us.

The Shape of the Legal Battlefield for InfoSec Professionals at Work

Ken Vedaa

It is no secret that sometimes there can be tension between InfoSec professionals and the organizations that they work for. Security professionals spend their days (and sometimes nights and weekends as well) buried in the dirty laundry that others pretend does not exist. These tensions can bubble up in unexpected ways. As an InfoSec professional, what are the common legal concerns that you need to be aware of at work? How do these challenges change over time? What should you keep in mind when considering a new job?

Activism, Hactivism, and the Law

Alex Muentz

Protest has become more important and more dangerous in the U.S. It’s harder to know where the line is between safe, lawful protest and actions that can get you sanctioned, arrested, or deported. Alex will discuss how to assess the risks you face in online and in-person protests, ranging from pickets to dropping docs.

The Future of Email Is Open

Dejan Štrbac, William Lessard

Email is one of our most essential tools, yet it’s controlled by a handful of corporations that scan, monetize, and gate-keep our communication. In this talk, the presenters will introduce OpenEmail, a ground-up re-imagining of async communication built on a radically simple, open protocol. Designed for privacy, integrity, and interoperability, OpenEmail combines end-to-end encryption; decentralized delivery; and a public, extensible architecture to give users true ownership of their communication, and developers the freedom to build on top of an open social protocol. They will explore how a spam-free, surveillance-free inbox, where messages are trustworthy by design, can reclaim the Internet as a space for open, human connection, free from Big Tech. More than just a talk, this is a call to arms: to take back control of our communication and build a digital future that serves people, not profit.

Build a Tech Community in Your Neighborhood, One Hackathon at a Time

William Hutson

This talk chronicles the journey of creating a vibrant tech community through short, accessible two-hour mini-hackathons that lower barriers to participation. The speaker shares their experience of building Flushing Tech’s successful bi-weekly hackathon program, and provides a practical roadmap for you to try this at home in your own neighborhood. Leave with actionable guidelines for starting similar initiatives that emphasize the importance of creating an inclusive environment that welcomes participants of all skill levels while maintaining enough technical focus to drive meaningful project development. This talk is ideal for community organizers, tech enthusiasts, and anyone interested in fostering grassroots innovation in their local area.

The Five Pillars for Rewriting History and Culture

Alexander J. Urbelis, Daniel Nowak, Roel Schouwenberg

From printing press to blockchain, technological advances reshape historical narratives across five pillars: finance, governance, faith, communications, and consciousness. Influential entities employ sophisticated cyber and information solutions to manipulate resources and power. Governments, corporations, and NGOs manage narratives, shaping opinion and obscuring truths as they manage perception. Religious groups use digital platforms to spread doctrine, blurring traditional faith boundaries. Social media and emerging technologies amplify disinformation worldwide. These operations exploit cognitive vulnerabilities, reshaping collective memory and fueling evolving consciousness. This talk will examine how technology-driven psychological operations can unmake historical canons, normalizing new realities and marginalizing dissent. The presenters will highlight ethical dilemmas and stress the urgent need for transparency, critical awareness, and decentralization across all pillars. Lastly, they will offer recommendations for how the individual can remain resilient in the face of these existential threats and multifaceted Manichean devils.

The Trials and Tribulations of Building Your Own Phone

Wesley Appler (aka lamemakes)

Over the last two decades digital surveillance has become baked into our daily lives. Your current and past location, who you’re in contact with, habits/interests, sensor data, and a trove of other personal information is constantly being sent to third parties by the smartphone that is nearly always carried on us. What would it look like if we reconsidered the mobile phone entirely, putting extra emphasis on privacy and intentional disconnection via open source hardware and software? This talk will follow Wesley’s journey to do just that, starting at the conception of the idea, getting acquainted with mobile networks/operators, obtaining proprietary datasheets, designing hardware, failed/successful prototypes, the current state of the project (along with demos), and how any interested parties can get involved.

Bitpart: 5-In-1 Platform for Activism Over Signal

Josh King

Signal is one of the most critical tools we have for secure communication amongst activists, journalists, and human rights defenders. As of 2024, Signal has over 70 million active users and over 220 million downloads, with no signs of slowing down. With the global rise of the far-right and corresponding attacks on human rights, the ability to securely organize via Signal against these forces is more important than ever.

To that end, Throneless Tech has embarked on an in-depth research project that resulted in the creation of Bitpart: a Rust-based software platform that allows for the creation of dynamic organizing tools on top of Signal. Depending on the end-users’ tech capacity, Bitpart can be run on organizers’ own self-hosted servers or through Throneless-hosted servers. The project builds on experience gained from past Signal chatbot projects, and new research conducted with targeted groups such as current organizers, activists, and journalists around the world.

In this session Josh King, developer of Bitpart, will demonstrate how the platform is being used to create bots that activists can use as secure, anonymous tiplines, digital helpdesks, broadcast lists, a tool to distribute eSIMs, and a tool to share VPN download codes. Participants will come away with an understanding of how Signal can be utilized in novel ways, how to think through the threat model and risk assessment for creating secure tools for activists, and how Bitpart can be expanded upon and applied to their own communities.

Data Autonomy: Counter-Surveillance Strategies for Civil Society

Marlon Kautz

The surveillance apparatus in the West is going critical, and civil society is not prepared for the fallout. Political leadership is explicitly targeting NGOs and social movements using surveillance capabilities that have been perfected over the past decade. This talk will evaluate the merits and limitations of different counter-surveillance approaches from the vantage point of grassroots organizers, and go beyond the stock advice of “use Signal and a VPN” to offer proposals for defeating state surveillance through technical infrastructure development and political organizing.

Hack the Violin Part 2: The Advanced Stuff - This Time There’s AI

Andrew Morican, Ebmbat

This is a follow-on from “Hack the Violin: A Hacker’s Approach to Learning, Playing, and Teaching the Violin” from Hope XV.

This will be a look at technology, most notably AI and hacking the violin. You will learn what’s out there and what the presenters were able to achieve with their own AI project regarding practicing and engagement. You will also learn about AI with live performance and creation, as well as AI and string sampling - and see how sampling may be altering the stringscape.

rim: Reclaiming Personal Data Sovereignty in the Age of Wearables

Dana Gretton, Jaguar Kristeller

As we approach a future where body-worn devices capture increasingly intimate biometrics, the question of who controls that data has never been more urgent. This talk introduces rim, a techno-social vision and set of protocols challenging the standard model of cloud-based data extraction by building tangible, person-to-person systems for storing and sharing potentially intimate live data streams, innovating at the edge of taboo to expand human connection while preserving privacy and autonomy. There will be a demonstration of early prototypes of wearable devices implementing an “SD-core” aesthetic and detailing the technical underpinnings of protocol concepts including data “dissolution” and “crystallization” with erasure coding and intermittent connection tolerance. Beyond technical implementation, the presenters will discuss how this paradigm shift creates space for entirely new forms of human-to-human connection at the boundary of what’s technically possible and socially acceptable.

Print, Build, Fly, Heal: 3D-Printed Autonomous Planes for Medical Delivery in Rural Mexico

Dana Gretton, Jaguar Kristeller

This talk focuses on a project with medical students in Alamos, Sonora, Mexico to develop affordable delivery drones that can get urgent medical supplies to remote communities. What currently takes days to reach by mule through mountainous terrain can hopefully be accomplished in minutes by air. This talk chronicles the evolution from off-the-shelf hobby planes to locally-built, 3D-printed aircraft capable of autonomous waypoint missions. The speakers will discuss the technical choices behind their current $1000 prototype (and how they plan to cut costs in half), alongside the organizational structure they’re developing to sustain this work. Recently, they established “club guilas” with local medical students - one of whom has completed pilot training for the test aircraft. The biggest challenges faced aren’t the technical ones, but rather organizational sustainability: how to transition from a project driven by visiting engineers to one owned and operated by local communities. Plans will be shared for creating a federated network of university clubs, and the blueprint for a lean nonprofit structure to support them.

Expanding the BioArtBot Color Palette - A Beginner’s guide to Lab Automation and Biosafety

Danny Chan

bioartbot.org/ is a project for encouraging curiosity in microbiology and lab automation through creative expression. It is an open source project built on a pipetting robot that draws user submitted pixel art by placing colored bacteria on agar. Using the story of the BioArtBot development as a guide, this talk will provide a basic overview of the technologies (hardware, software, and wetware) implemented in the BioArtBot. It will describe how lab automation is used in biotech companies, how it might be used by amateur/community investigators, and how the BioArtBot is an interesting framework to contribute to if you are looking to skill-up in lab automation. It will also describe how the living pigments for this project were created and sourced, how you might create/source your own, and the amazing diversity of living chemical refineries that are bacteria. So if you’re interested in robots and bacteria, come find out how we can command our tireless inorganic creations to deposit aesthetically pleasing arrangements of the ancient form-factor of all life.

Claw Back Your Data From Big Tech With Cyd

Micah Lee, redshiftzero

Tech platforms can’t be trusted. Oligarchs and billionaires want you to keep giving your data to their Big Tech companies for free so they can sell it and manipulate you into believing nonsense. In this talk, the Lockdown Systems collective will introduce Cyd, their open source desktop app that makes it easy for people to reclaim control over their data from Big Tech. Giving users actual control over their data is challenging when dealing with hostile, enshittified tech platforms like X and Facebook. Cyd bypasses all of that though by putting the user in the driver’s seat: it runs on the user’s own computer, from their own IP address, and it works by automating a web browser on their behalf - and sometimes relying on APIs, when they’re available, free, and don’t suck. It doesn’t share any access to your accounts or your data with the Lockdown Systems collective. Attendees will learn how Cyd works under the hood, how you can use it, and how you can contribute to building tools that challenge the dominance of Big Tech.

Counter-Surveillance as Activism: Using Cameras Against State Violence in Israel/Palestine

Aman Abhishek

Palestinian, Israeli, and international anti-occupation activists in Israel/Palestine have been using cameras to deter and document violence from Israeli security forces and settlers for around two decades. Human rights organizations first started distributing cameras in the mid-2000s to facilitate documentation, and today, essentially every anti-occupation activist in the West Bank and Jerusalem carries some combination of video cameras, smartphones, and body cameras to deter and document state-settler violence. The activists also take it upon themselves to take the videos to journalists, human rights organizations, courts, and elsewhere; recently, this activism was the focus of the Oscar-winning documentary No Other Land. This talk will describe how activists organize, what happens to the footage, how this activism changed after October 7th, and what this all means for thinking about counter-surveillance as a strategic response to state violence.

Shadow Alts: Building a Surveillance-Resistant Web Presence

Iris

How do you get your messaging out to the world when the most extensive surveillance apparatus in human history is bearing down on you? Whether you’re a whistleblower targeted by your government, an activist fed up with playing by the rules, or a journalist stepping on the toes of the world’s most powerful, must we be resigned to having our identities revealed to those who would repress us?

This talk will outline the steps needed to build out a web presence that effectively conceals your identity from the most capable of three-letter agencies. This will include building and hosting websites, running social media, and even taking donations and hosting basic digital infrastructure.

Most importantly, the methods outlined will be as accessible as possible; building your platform should not just be a privilege of those with high technical skill.

DIY Police Scanner With SDRs and Open Source Software

nop

Police accountability requires transparency, but access to relevant information is frequently hindered by collaborators in government or the police themselves. Fortunately there is one source of info we can take into our own hands: their radios. Police in the United States largely use the digital, trunked radio system “Project 25.” We can listen in to this using spare computers, a few Software Defined Radios (SDRs), and open-source software. Even better, we can go far beyond what very simple broadcastify-style dispatch streams offer, like having our own archives of radio traffic. Based on an actual system that sees real-world use, this talk will cover how to set up your very own DIY police scanner. Ansible playbooks and supporting scripts to streamline the process will be released, and practical tips and lessons for real-world applications of such a system will be covered.

Solving My Identity Crisis

Dr. Phill Hallam-Baker

Traditionally, Internet accounts are controlled by the service providing them. There is no ‘number portability’ for email addresses. Switching costs discourage service changes. Recently, Bluesky has disrupted this model and 32 million users now use account names based on the Internet identity infrastructure, DNS - names that users can register and control directly through DNS handle providers.

This presentation will describe three standards proposals extending this approach. @nywhere extends the authentication approach to allow DNS handle accounts to be used at any Internet resource, not just those running ATprotocol. @nyone combines the DNS handle approach with JSContact to provide account portability and secure exchange of credentials for end-to-end secure communication. @nything allows network connected devices to become true Internet things with an Internet DNS name, WebPKI credentials, and using @nywhere and @nyone to support access control.

When the Lawman Comes Calling - Government Data Demands and Online Platforms

Fred Jennings

Drawing on over a decade of experience, this talk will first introduce the statutes, rules, and concepts governing law enforcement requests for user data, ranging from basic subpoenas to secret FISA search warrants. From that foundation, the discussion will cover practical steps that web services and individual users can take to reduce their legal attack surface, minimize their risks, and maximize their protection from invasive data disclosures.

How to Be Positively Transgressive: Hacking Culture for Good

Johannes Grenzfurthner (monochrom)

In an era where transgression has been co-opted by reactionary forces, how can we reclaim subversion as a tool for positive change? Historically, countercultures, hackers, and artists have used disruption to challenge power structures, expose hypocrisy, and expand the boundaries of what is possible. Yet today, the same methods - culture jamming, media pranks, and ideological infiltration - are increasingly wielded by ultra-right movements to erode democratic values and spread reactionary narratives.

This talk will explore how we can re-hack the hacker mindset: How can we use transgressivity in ways that are constructive rather than destructive? How do we subvert without merely burning things down? Can we retool the aesthetics and tactics of countercultural rebellion to push society forward instead of backward?

Through historical examples, personal experiences, and a healthy dose of mischievous strategy, this talk will try to outline actionable ways to engage in cultural hacking that disrupt oppressive systems while reinforcing community, inclusivity, and progressive values. Because giving up on the tools of subversion means surrendering the battlefield. And that, phreaky phriends, is not an option.

Eco-Hacking Desire: The Intersection of Pornography, Sex, and Environmental Impact

Jasmin Hagendorfer

This talk explores the intersection of desire and sustainability, examining how even our most intimate moments leave an environmental footprint. The concept of sexecology, coined by Annie Sprinkle and Beth Stephens, bridges environmentalism and sexuality in creative ways. From solar-powered vibrators to eco-friendly sex toys, the session delves into the often overlooked world of green sex tech and eco-erotic practices.

Key questions explored will include:

- What are the true environmental costs of online pornography?

- How sustainable is our streaming culture and AI technologies?

- Can DIY pleasure practices be a form of political activism?

- What role does ethical pornography play in envisioning a better future?

The discussion will also cover energy consumption, server loads, and the hidden costs behind virtual acts of desire. The focus is not to shame desire, but to empower it with awareness, curiosity, and hacker ethics. The speaker, a feminist activist and artist, aims to foster a dialogue about how digital intimacy can become more visible, accountable, and hackable. This talk invites the hacker community and beyond to collaborate in rethinking the infrastructures behind online pleasure and to explore ways of making the environmental impact of these systems more transparent.

Bureaucracy Hacking - Creating Organizational Exploit Chains for Good

Adam L. Hesch

At their core, all bureaucracies are, fundamentally, information systems, containing the ability to store information, compute information, and share information over a network. This means they all can be hacked. In this funny, enriching, and ultimately inspirational talk, the concept of “bureaucracy hacking” will be discussed as a way to make a difference in any organization of any size, even (perhaps most especially) when you feel like “just a cog in the machine.” The talk will be suitable for a novice audience of any background, with high level references to traditional information security, hacking, and of course social engineering principles. What will make it unique and interesting will be particular emphasis on the exploitation of the emergent and unique properties of bureaucracies. It will be most actionable by young, idealistic entrants into the workforce. And, it may yet inspire the younger versions of ourselves inside each of us that our (warranted) cynicism has led us to ignore or forget (at our peril). Stories will come from the speaker’s (and others’) experiences at organizations like Meta, the U.S. Department of Defense, the U.S. Navy, and others. It is intended as a rebuttal to, and toolkit for, countering “Pournelle’s iron law of bureaucracy.”

Ask the EFF

William Budington, Lena Cohen, Cara Gagliano, José Martinez

This year, the Electronic Frontier Foundation (EFF) will be returning to HOPE for a special “Ask the EFF” panel to address some of the pressing questions the hacker community has in these troubled times. Panelists will provide updates on current EFF work, including the ongoing case against the “Department” of Government Oversight, educating the public on their digital rights, organizing communities to resist ongoing government surveillance, and more. The panel will then turn it over to attendees to pose questions and receive insights on how users can protect their civil liberties online during an increasingly volatile political and world situation.

A Sleuth’s Stories on Detecting and Revealing Large-Scale Research Fraud

Mu Yang

In this talk, the speaker will share how they stumbled into this work by accident and what it’s like to operate as a scientific sleuth within academia. The bulk of the presentation will focus on real-world cases of research fraud and misconduct, spanning fields from neurodegenerative diseases to chemistry, physics, and materials science. The talk will, through these examples, explore: the techniques and tools used to detect irregularities; how issues are reported to journals and publishers; the distinction between honest mistakes and deliberate manipulation; the collateral damage caused by misconduct, including its impact on public trust in science. The final section will examine the social and economic drivers of research fraud - and outline the systemic changes needed, globally, to break this cycle and restore integrity in science.

ATM Hacking: Past and Present

Roman Pushkin

This talk explores the evolution of ATM hacking, from classic physical attacks to modern software exploits, using two real-world case studies. Roman will demonstrate how cybercriminals bypass security measures and why banks often stay silent. Attendees will see a live demo of a custom “flusher device” built for a tabletop coin dispenser (reverse-engineered from eBay), highlighting vulnerabilities in cash-handling systems.