HOPE_16 Opening Ceremonies
It all starts Friday morning. Join us as we make sure everything works before another HOPE is unleashed on everyone.
Friday 1045 Marillac Auditorium
Activism, Hactivism, and the Law
Alex Muentz
Protest has become more important and more dangerous in the U.S. It's harder to know where the line is between safe, lawful protest and actions that can get you sanctioned, arrested, or deported. Alex will discuss how to assess the risks you face in online and in-person protests, ranging from pickets to dropping docs.
Friday 1600 Marillac Auditorium
Aging Cyber Safely
Laura Sang Hee Scherling, Josefina Piddo
This presentation asks how we can better care for our older adults and improve cybersecurity awareness training and policies with their needs in mind. American adults over the age of 60 filed over 100,000 cybercrime-related complaints to the FBI in 2023 and experienced losses amounting to $3.2 billion. Older adults are the most vulnerable to cybercrime, and studies have found they feel ashamed to disclose having been victims. Although important initiatives exist, such as AllState's training sessions on cyber safety and AARP's free fraud helpline, there's a noticeable shortage in relevant resources. This research examines emerging cybersecurity awareness resources and policies supporting older adults, drawing from interviews with FINRA and the Identity Theft Resource Center (ITRC). It also presents findings from the cybersecurity awareness initiative founded by the presenters: the Cyber Care Institute, recently introduced to four organizations and over 100 students in New York City.
Saturday 1200 Little Theatre
AI Is Undermining Our Privacy. What Can We Do About It?
Robert Stribley
We've been grappling with evolving issues around online privacy for years now, but the recent burst in use of AI or LLMs (large language models) has quickly introduced new and sometimes alarming privacy concerns for both users and those creating AI experiences to consider. This talk will take a look at six specific areas where AI is undermining privacy and discuss what, if anything, we can do about them.
The six areas to be discussed are: lack of transparency with data sharing, accidental exposure of personal data, reversing data anonymization, deceptive design patterns, AI listening in everywhere, and malicious misuse of AI.
To end on a constructive note, eight guidelines that designers and developers can follow to ensure they're focusing on privacy when working with AI will be discussed.
Sunday 1700 Little Theatre
Aphantasia: A Personal Reflection
Dr. Earl Brown
Imagine a mind without mental images, where "picture this" has no meaning. Aphantasia - the inability to form mental images - is a little-known, rare condition that affects around one to four percent of the population. In this presentation, Earl will talk about aphantasia and how it has impacted his professional life as a pathologist and a teacher with more than 35 years of experience. He will explore its impact - both good and bad - on everyday experiences such as chess, piano, drawing, reading, memory, and learning, finally speculating on how aphantasia may affect creativity and the hacker mindset.
Friday 1800 Tobin 201/202
The ARTS Open Framework
Sabar Dasgupta
Over the past several decades, the scientific process has relied more and more on computational analysis of data to produce digital artifacts. Fields like molecular biology, neuroscience, linguistics, and astrophysics, to name a few, have been revolutionized by this trend to the point that computational workflows are ubiquitous. Although most of these workflows are very similar at a high level - collecting data, analyzing it with code, and publishing the resulting figures - implementation details differ widely.
While there exist standards such as the FAIR Guiding Principles for organizing and sharing data, there are not widely adopted standards for reliably regenerating analyses from said data, especially across compute environments. This talk presents an open framework for archived, reproducible, and transparent science (ARTS) that aims to do exactly this - by packaging data, code, and figures in containers and uploading it to a persistent, trusted, and accessible archive.
Sunday 1500 Little Theatre
Ask the EFF
William Budington, Lena Cohen, Cara Gagliano, José Martinez
This year, the Electronic Frontier Foundation (EFF) will be returning to HOPE for a special "Ask the EFF" panel to address some of the pressing questions the hacker community has in these troubled times. Panelists will provide updates on current EFF work, including the ongoing case against the "Department" of Government Oversight, educating the public on their digital rights, organizing communities to resist ongoing government surveillance, and more. The panel will then turn it over to attendees to pose questions and receive insights on how users can protect their civil liberties online during an increasingly volatile political and world situation.
Saturday 1200 Marillac Auditorium
(2 hours!)
ATM Hacking: Past and Present
Roman Pushkin
This talk explores the evolution of ATM hacking, from classic physical attacks to modern software exploits, using two real-world case studies. Roman will demonstrate how cybercriminals bypass security measures and why banks often stay silent. Attendees will see a live demo of a custom "flusher device" built for a tabletop coin dispenser (reverse-engineered from eBay), highlighting vulnerabilities in cash-handling systems.
Sunday 1300 Tobin 201/202
Back to Basics: Building Resilient Cyber Defenses for Multiple Use Cases
Yael Grauer
In spite of novel cybersecurity threats, digital security advice has remained largely unchanged in recent years. In fact, a lot of advice in response to high-profile attacks doesn't actually address risks people are most likely to face. This talk will analyze several high-profile digital security concerns, whether viral advice to address it would have been effective, and what steps could be taken - both before and after the issue arises. You will hear of lessons learned from years of auditing and updating Security Planner, a digital security guide that provides customized plans based on responses to a few survey questions. The presentation will further delve into ways to segment digital security advice so that it's personalized to the individual, their devices, their technical capabilities, and the type of risks they're likely to face.
Saturday 1600 Little Theatre
Bitcoin Poker: Satoshi's Lost Game and Its Decentralized Revival
Mattias Bergstrom
Bitcoin v0.1.5, the last version personally coded by Satoshi Nakamoto, contains curious references to poker buried in its source code. While never officially documented, these fragments suggest that Bitcoin's original design may have envisioned more than just money; it may have included decentralized, trustless gaming. This talk will explore the historical and technical significance of these lost poker references, analyzing: What was Satoshi's intent? Was this an abandoned feature, an experiment, or an overlooked function of Bitcoin's game-theoretic design? How was poker referenced in early Bitcoin?
There will be a deep dive into the code archaeology of v0.1.5 and why poker may have been included. The presentation will also include the introduction of Bitcoin Poker, a modern Rust-based reimagining of trustless, peer-to-peer poker, demonstrating how we can host fully decentralized poker games without a centralized server, use multi-signature escrows for provably fair betting and payouts, ensure post-quantum security for long-term cryptographic safety, and implement a sidechain execution model to handle high-frequency transactions without bloating the main chain.
Sunday 1200 Little Theatre
Bitpart: 5-In-1 Platform for Activism Over Signal
Josh King
Signal is one of the most critical tools we have for secure communication amongst activists, journalists, and human rights defenders. As of 2024, Signal has over 70 million active users and over 220 million downloads, with no signs of slowing down. With the global rise of the far-right and corresponding attacks on human rights, the ability to securely organize via Signal against these forces is more important than ever.
To that end, Throneless Tech has embarked on an in-depth research project that resulted in the creation of Bitpart: a Rust-based software platform that allows for the creation of dynamic organizing tools on top of Signal. Depending on the end-users' tech capacity, Bitpart can be run on organizers' own self-hosted servers or through Throneless-hosted servers. The project builds on experience gained from past Signal chatbot projects, and new research conducted with targeted groups such as current organizers, activists, and journalists around the world.
In this session Josh King, developer of Bitpart, will demonstrate how the platform is being used to create bots that activists can use as secure, anonymous tiplines, digital helpdesks, broadcast lists, a tool to distribute eSIMs, and a tool to share VPN download codes. Participants will come away with an understanding of how Signal can be utilized in novel ways, how to think through the threat model and risk assessment for creating secure tools for activists, and how Bitpart can be expanded upon and applied to their own communities.
Friday 2000 Little Theatre
Both Sides of the Wire: Surveillance, Whistleblowing, and Building a Cyber Peace Movement
John Kiriakou
As a former CIA officer who exposed the agency's torture program, John Kiriakou paid the price with his freedom. In addition to disclosing wrongdoing, he understands surveillance from the inside. This talk brings together that firsthand knowledge with a challenge to the hacker community: we must pursue a cybersecurity model rooted in cooperation, transparency, and peace rather than conflict.
This talk will explain how today's digital ecosystems - including both software and hardware - are vulnerable not only to technical compromise but also to political manipulation. The threats we face are not just from malicious actors or hostile governments, but from within our own systems. Co-opted code, opaque procurement processes, and surveillance-by-design continue to erode public trust. It is time to reclaim the hacker ethos and direct it toward a global cyber peace movement. Here you will learn why hackers, technologists, and civil society must lead this effort, and how the only sustainable security is one built collaboratively, with integrity and purpose.
Saturday 1600 Marillac Auditorium
Bridging the Decentralized Gap: Shared Hacker Values, Cypherpunk Roots, and the Future of Blockchains
Alexander Urbelis, Phil Daian, Harry Halpin
This panel will delve into the deep-rooted connections between hacker and cypherpunk culture and the evolution of Ethereum and blockchain technology, tracing their shared emphasis on decentralization, privacy, and open-source principles. By revisiting the historical context of the 1990s Crypto Wars and projects like PGP and Tor, the discussion will highlight how these early movements laid the groundwork for the vision of a trustless, user-sovereign Internet. The panel also will aim to debunk common misconceptions that associate blockchains solely with scams or speculation, showcasing real-world applications such as the Ethereum Name Service and privacy-preserving technologies, while emphasizing the ecosystem's pivot towards public goods and accessibility. Ultimately, the conversation will underscore the enduring, collaborative vision of both hacker and blockchain communities - advancing censorship resistance, user empowerment, financial privacy, and a decentralized digital future.
Saturday 2000 Little Theatre
Build a Tech Community in Your Neighborhood, One Hackathon at a Time
William Hutson
This talk chronicles the journey of creating a vibrant tech community through short, accessible two-hour mini-hackathons that lower barriers to participation. The speaker shares their experience of building Flushing Tech's successful bi-weekly hackathon program, and provides a practical roadmap for you to try this at home in your own neighborhood. Leave with actionable guidelines for starting similar initiatives that emphasize the importance of creating an inclusive environment that welcomes participants of all skill levels while maintaining enough technical focus to drive meaningful project development. This talk is ideal for community organizers, tech enthusiasts, and anyone interested in fostering grassroots innovation in their local area.
Saturday 1100 Tobin 201/202
Bureaucracy Hacking - Creating Organizational Exploit Chains for Good
Adam L. Hesch
At their core, all bureaucracies are, fundamentally, information systems, containing the ability to store information, compute information, and share information over a network. This means they all can be hacked. In this funny, enriching, and ultimately inspirational talk, the concept of "bureaucracy hacking" will be discussed as a way to make a difference in any organization of any size, even (perhaps most especially) when you feel like "just a cog in the machine." The talk will be suitable for a novice audience of any background, with high level references to traditional information security, hacking, and of course social engineering principles. What will make it unique and interesting will be particular emphasis on the exploitation of the emergent and unique properties of bureaucracies. It will be most actionable by young, idealistic entrants into the workforce. And, it may yet inspire the younger versions of ourselves inside each of us that our (warranted) cynicism has led us to ignore or forget (at our peril). Stories will come from the speaker's (and others') experiences at organizations like Meta, the U.S. Department of Defense, the U.S. Navy, and others. It is intended as a rebuttal to, and toolkit for, countering "Pournelle's iron law of bureaucracy."
Sunday 1000 Marillac Auditorium
Claw Back Your Data From Big Tech With Cyd
Micah Lee, redshiftzero
Tech platforms can't be trusted. Oligarchs and billionaires want you to keep giving your data to their Big Tech companies for free so they can sell it and manipulate you into believing nonsense. In this talk, the Lockdown Systems collective will introduce Cyd, their open source desktop app that makes it easy for people to reclaim control over their data from Big Tech. Giving users actual control over their data is challenging when dealing with hostile, enshittified tech platforms like X and Facebook. Cyd bypasses all of that though by putting the user in the driver's seat: it runs on the user's own computer, from their own IP address, and it works by automating a web browser on their behalf - and sometimes relying on APIs, when they're available, free, and don't suck. It doesn't share any access to your accounts or your data with the Lockdown Systems collective. Attendees will learn how Cyd works under the hood, how you can use it, and how you can contribute to building tools that challenge the dominance of Big Tech.
Friday 1700 Marillac Auditorium
Communication and Movement in Internet Shutdown Protests: Rethinking Mesh Messaging
Cora Rowena Ruiz
2024 was the worst year for Internet shutdowns ever recorded, with nearly 296 documented events across 54 countries. Frequently imposed during protests and times of unrest, shutdowns are commonly used as a tactic to suppress dissent and restrict communication. Mesh messaging is widely hailed as a potential workaround, yet these tools are generally considered unreliable, untrusted, and ultimately go unused. Mesh systems depend heavily on the spatial relationships between nodes, but existing research on how people move and communicate in protest settings is sparse. This talk explores a holistic approach to mesh tool design, grounded in qualitative firsthand experiences to build effective blackout-resistant mesh tools.
Saturday 2000 Tobin 201/202
Computational Techniques for Making Karaoke Harder
Jamie Brew
Robot Karaoke is a live comedy show that swaps lyrics with fragments of text drawn from a catalog of esoteric datasets (quora questions, web banner ads, tax forms, and more) to create and sing never-before-sung karaoke songs. This talk covers how the data is sourced, how the songs are phonetically annotated, and how the show is run and the core software (the Weird Algorithm) developed. The presentation will end with a demo of the future of karaoke.
Saturday 2100 Little Theatre
The Computer Underground Scene - Past, Present, and Future
Netspooky (Phrack / HCC), TMZ ( Phrack / tmp.Out), Skyper (THC / ex-Phrack), John Threat (Masters of Deception), Bill Budington (Electronic Frontier Foundation)
This is a brainstorming session together with the audience. The panel will talk and unravel a bit about the past and present, and try to find a shared vision of where we are or should be heading.
Sunday 1300 Marillac Auditorium
(2 hours!)
Counter-Surveillance as Activism: Using Cameras Against State Violence in Israel/Palestine
Aman Abhishek
Palestinian, Israeli, and international anti-occupation activists in Israel/Palestine have been using cameras to deter and document violence from Israeli security forces and settlers for around two decades. Human rights organizations first started distributing cameras in the mid-2000s to facilitate documentation, and today, essentially every anti-occupation activist in the West Bank and Jerusalem carries some combination of video cameras, smartphones, and body cameras to deter and document state-settler violence. The activists also take it upon themselves to take the videos to journalists, human rights organizations, courts, and elsewhere; recently, this activism was the focus of the Oscar-winning documentary No Other Land. This talk will describe how activists organize, what happens to the footage, how this activism changed after October 7th, and what this all means for thinking about counter-surveillance as a strategic response to state violence.
Sunday 1200 Marillac Auditorium
Cracking Enigma: A Chronology of Cryptographic Breakthroughs
Brais Macknik-Conde
The Enigma machine was a sophisticated encryption device used by Nazi Germany during World War II. Its mechanical design utilized three rotors that scrambled plaintext into complex ciphertext, with additional layers of security from unique internal settings. However, inherent weaknesses and poor operational procedures left it vulnerable to cryptanalysis. The first successful attacks on Enigma were conducted by Polish mathematicians in the early 1930s. By exploiting repeating message indicators and rotor cycle patterns, they deduced rotor wirings and constructed replica Enigma machines. Their breakthroughs enabled systematic decryption until German countermeasures in 1938 forced new approaches. Alan Turing and his team at Bletchley Park refined these methods, pioneering statistical techniques and mechanical computation to accelerate decryption. Techniques such as Banburismus and the Good-Turing estimation method were created under Turing's leadership. The development of the Bombe machine allowed rapid elimination of incorrect rotor settings, enabling the Allies to decipher vast amounts of enemy communication. This presentation will focus on history and cryptography, examining how breaking Enigma provided critical intelligence that shaped Allied strategies and shortened the war by an estimated two years, saving millions of lives in one of humankind's most significant intelligence operations.
Saturday 1800 Tobin 201/202
CRXaminer - Deep Dive Into Chrome Extensions (Plus Tool)
Mark El-Khoury
You spend your time configuring HTTP headers and hardening your containers. Meanwhile your CFO just downloaded a Chrome extension to make the font in Gmail Comic Sans. What are Chrome extensions, exactly? This talk will dive into details, including format, contents, static analysis with custom rules, threat modeling (when does this even matter?), and some of the unique challenges of building a security scanner. A tool will be demoed that has just been released for this: CRXaminer (crxaminer.tech). You will learn how you can immediately start using it.
Friday 1400 Tobin 201/202
Dark Web Digger: Modular Scraping for Dark Web Intel
Samantha Stortz, Dominick Foti
Dark web forums are a major resource for the hacking community and play a large role in the spread of information, data leaks, tools, services, and related transactions. While it is common for users to keep similar usernames and identifiers across different forums to maintain their credibility, these users often need to create or change accounts. The prototype presented here looks to tie anonymized accounts to the same user, as they will likely have similar language usage, post content, tools, tactics, and procedures (TTPs). The presenters developed a modular web scraper that can extract data from forums and store said data for analysis. They explore opportunities to leverage machine learning techniques to automate and enhance the process of cyber threat intelligence (CTI) analysis in the future. This includes using natural language processing (NLP) to digitally fingerprint users based on speech patterns, trend detection between users and forums, and even a chatbot to assist the tool's users in finding specific information. The project provides analysts with a wholistic view of how users interact on these forums, making it more functional and versatile.
Friday 1100 Marillac Auditorium
Data Autonomy: Counter-Surveillance Strategies for Civil Society
Marlon Kautz
The surveillance apparatus in the West is going critical, and civil society is not prepared for the fallout. Political leadership is explicitly targeting NGOs and social movements using surveillance capabilities that have been perfected over the past decade. This talk will evaluate the merits and limitations of different counter-surveillance approaches from the vantage point of grassroots organizers, and go beyond the stock advice of "use Signal and a VPN" to offer proposals for defeating state surveillance through technical infrastructure development and political organizing.
Friday 2100 Little Theatre
Design for Neurodiversity: Creating Neuro-Inclusive Spaces
Dorothy Howard
This talk will explore the concept of neurodiversity and its implications for designing events and spaces with neurodivergent people's diverse needs in mind. The neurodiversity paradigm promotes embracing neurological differences, emerging from the autistic rights and disability justice movements of the 1990s. Accessibility guides and resources rarely focus on neuro-inclusive design. The presentation will highlight strategies for creating neuro-inclusive environments informed by research in education, including examples such as low-sensory rooms in libraries and conferences. Attendees will be encouraged to reflect on how neuro-inclusive design can benefit the communities they engage with.
Saturday 1400 Tobin 201/202
DIY Police Scanner With SDRs and Open Source Software
nop
Police accountability requires transparency, but access to relevant information is frequently hindered by collaborators in government or the police themselves. Fortunately there is one source of info we can take into our own hands: their radios. Police in the United States largely use the digital, trunked radio system "Project 25." We can listen in to this using spare computers, a few Software Defined Radios (SDRs), and open source software. Even better, we can go far beyond what very simple broadcastify-style dispatch streams offer, like having our own archives of radio traffic. Based on an actual system that sees real-world use, this talk will cover how to set up your very own DIY police scanner. Ansible playbooks and supporting scripts to streamline the process will be released, and practical tips and lessons for real-world applications of such a system will be covered.
Saturday 1900 Marillac Auditorium
Eco-Hacking Desire: The Intersection of Pornography, Sex, and Environmental Impact
Jasmin Hagendorfer
This talk explores the intersection of desire and sustainability, examining how even our most intimate moments leave an environmental footprint. The concept of sexecology, coined by Annie Sprinkle and Beth Stephens, bridges environmentalism and sexuality in creative ways. From solar-powered vibrators to eco-friendly sex toys, the session delves into the often overlooked world of green sex tech and eco-erotic practices.
Key questions explored will include:
What are the true environmental costs of online pornography?
How sustainable is our streaming culture and AI technologies?
Can DIY pleasure practices be a form of political activism?
What role does ethical pornography play in envisioning a better future?
The discussion will also cover energy consumption, server loads, and the hidden costs behind virtual acts of desire. The focus is not to shame desire, but to empower it with awareness, curiosity, and hacker ethics. The speaker, a feminist activist and artist, aims to foster a dialogue about how digital intimacy can become more visible, accountable, and hackable. This talk invites the hacker community and beyond to collaborate in rethinking the infrastructures behind online pleasure and to explore ways of making the environmental impact of these systems more transparent.
Friday 1900 Little Theatre
Esolangs as a Hacker Folk Art
Daniel Temkin
The most important computational art is happening far from museums, immersive art "experiences," and the smoldering ruins of NFT platforms. Esolangs, like demos and code golf, are hacker folk art, born entirely outside the art world, yet beginning to get wider attention as more digital artists and poets contribute to the form. This should not be a surprise with the critical work it has done to explore our relationship with technology, the politics of computing, the aesthetics of code, among many other subjects. This talk will present esolangs, not as a loose collection of language associated by algorithmic complexity, but a social history of how each language influenced the next, drawing from ten years of interviews for the blog esoteric.codes. It will look at esolangs as more than technical wizardry and consider aesthetics for this form that often pretends to eschew aesthetics entirely.
Friday 2000 Tobin 201/202
Expanding the BioArtBot Color Palette - A Beginner's guide to Lab Automation and Biosafety
Danny Chan
bioartbot.org/ is a project for encouraging curiosity in microbiology and lab automation through creative expression. It is an open source project built on a pipetting robot that draws user submitted pixel art by placing colored bacteria on agar. Using the story of the BioArtBot development as a guide, this talk will provide a basic overview of the technologies (hardware, software, and wetware) implemented in the BioArtBot. It will describe how lab automation is used in biotech companies, how it might be used by amateur/community investigators, and how the BioArtBot is an interesting framework to contribute to if you are looking to skill-up in lab automation. It will also describe how the living pigments for this project were created and sourced, how you might create/source your own, and the amazing diversity of living chemical refineries that are bacteria. So if you're interested in robots and bacteria, come find out how we can command our tireless inorganic creations to deposit aesthetically pleasing arrangements of the ancient form-factor of all life.
Saturday 2100 Tobin 201/202
Exploiting Emergent Property-Based Vulnerabilities in Large Language Models
David Kuszmar
As AI technology expands across both benign and malicious applications, our understanding of the attack surface must evolve to account for emergent properties in complex systems. In large language models, these emergent behaviors create novel classes of vulnerabilities that are not only unpatched, but largely unrecognized. By systematically manipulating the model's limited perception of reality, attackers can induce cascading failures that go far beyond traditional filter bypasses, exposing fundamental weaknesses in the internal logic and contextual binding of these systems. This session will unpack how these vulnerabilities work, walk through real examples, and explore the far-reaching implications for AI security, governance, and safety.
Sunday 1400 Tobin 201/202
The Five Pillars for Rewriting History and Culture
Alexander J. Urbelis, Daniel Nowak, Roel Schouwenberg
From printing press to blockchain, technological advances reshape historical narratives across five pillars: finance, governance, faith, communications, and consciousness. Influential entities employ sophisticated cyber and information solutions to manipulate resources and power. Governments, corporations, and NGOs manage narratives, shaping opinion and obscuring truths as they manage perception. Religious groups use digital platforms to spread doctrine, blurring traditional faith boundaries. Social media and emerging technologies amplify disinformation worldwide. These operations exploit cognitive vulnerabilities, reshaping collective memory and fueling evolving consciousness. This talk will examine how technology-driven psychological operations can unmake historical canons, normalizing new realities and marginalizing dissent. The presenters will highlight ethical dilemmas and stress the urgent need for transparency, critical awareness, and decentralization across all pillars. Lastly, they will offer recommendations for how the individual can remain resilient in the face of these existential threats and multifaceted Manichean devils.
Friday 1200 Marillac Auditorium
The Free Software Movement: Where It Came From, What It Means to Me, and What It Could Mean to You
Craig Topham
This talk is the journey of Craig's discovery of the free software movement and how it solved his need to find a position in the fight for a better tomorrow. The hope is to inspire others to share this viewpoint of free software and to see how it is a critical factor for civilization if we want to avoid the nightmare dystopia which awaits us all if the free software movement fails.
Saturday 1600 Tobin 201/202
From Activism to Hacktivism: Resisting Digital Repression
Gabrielle Joni Verreault, Elina Castillo-Jimnez, Jane Eklund, Ken Mayers (Moderator)
This panel discussion will offer insights into the challenges faced by human rights defenders and hacktivists in today's context of intensified digital repression, including surveillance, censorship, and cyberwarfare. The three panelists will report from the frontlines, sharing their technical expertise and experiences living among activists and supporting them in their work in different countries. Topics will include hacktivism in Ukraine, disrupting surveillance in Serbia and Thailand, and tech and reproductive rights in the USA and worldwide. Each panelist will briefly share their stories and insights, and then the discussion between them and the audience will be opened.
Saturday 2100 Marillac Auditorium
The Future of Email Is Open
Dejan Štrbac, William Lessard
Email is one of our most essential tools, yet it's controlled by a handful of corporations that scan, monetize, and gate-keep our communication. In this talk, the presenters will introduce OpenEmail, a ground-up re-imagining of async communication built on a radically simple, open protocol. Designed for privacy, integrity, and interoperability, OpenEmail combines end-to-end encryption; decentralized delivery; and a public, extensible architecture to give users true ownership of their communication, and developers the freedom to build on top of an open social protocol. They will explore how a spam-free, surveillance-free inbox, where messages are trustworthy by design, can reclaim the Internet as a space for open, human connection, free from Big Tech. More than just a talk, this is a call to arms: to take back control of our communication and build a digital future that serves people, not profit.
Saturday 1900 Little Theatre
Getting Out of DOGE: A Discussion With a Former DOGE Engineer
Adam Klasfeld, Sahil Lavingia
The whole world has been watching as the "Department of Government Efficiency" (DOGE), the partnership between Elon Musk and the Trump administration, has worked to fulfill its pledge to reduce waste, fraud, and abuse in the federal government. Despite promises to the contrary, there has been very little transparency about DOGE or its operations - until now.
Join Adam Klasfeld, a former MSNBC legal contributor and founder of All Rise News, as he interviews Sahil Lavingia, a former DOGE engineer. This discussion aims to reveal what DOGE is really doing behind the scenes and offer the public a unique chance to ask direct questions to someone who was there.
Friday 1400 Marillac Auditorium
Hackers Got Talent
Jason Scott & Friends
It just wouldn't be HOPE without another installment of "Hackers Got Talent." This is an opportunity for hackers from all around the planet to show off their talents in this cheeky display of hacker (and totally non-hacker) skills. Just sign up at InfoDesk and the talent you decide to share is entirely up to you. (Seriously, anything you're good at is a talent.) Hacker archivist Jason Scott will again be on hand to keep everything moving. Judging will be done by a combination of panelists and audience members. First place wins a valuable prize! Second place... we'll see.
Saturday 2200 Marillac Auditorium
(2 hours!)
Danacea Vo
"How can my hacking skills become a force for advancing social justice?" Those who ponder this question often know what they're up against - oppression, inequality, enshitification.... But the path toward building meaningful change can feel unclear or overwhelming. This talk draws from years of experience working alongside activists, human rights defenders, and digital organizers, and offers a practical framework for lasting, meaningful change. You'll gain social impact strategies that will help you align your technical skills with the movements and communities you care about. If you've ever felt the call to do more - with purpose, with clarity, with community - this is your invitation.
Saturday 1900 Tobin 201/202
Hacking Search: Kagi's Revolt Against the Ad-Tech Machine
Vladimir Prelovac
You know the drill: search for official travel info, get an overcharging third-party site. Look for a hotel, get a misleading aggregator. "Free" search costs you time, money, and trust. Kagi is the revolt - a paid, obsessively user-centric search engine architected to serve you, not the advertisers. This session reveals how Kagi sidesteps the surveillance model, leveraging diverse sources and AI tools (under your control) to deliver clean, customizable results. Founder Vlad Prelovac will detail the tech choices enabling genuine user agency (blocking SEO garbage, elevating trusted sources via filters), the challenge of building viable alternatives outside the ad-tech ecosystem, and the fight to restore user agency against data-hoarding monopolies. If you're tired of being the product on the web, join the resistance.
Saturday 1300 Little Theatre
Hacking the Future at Tesla Science Center
Michael Caprio, Jeffrey Velez, Ed Wilson
The year 2026 marks the 170th birthday of Nikola Tesla and will also be the year that the grounds of his Wardenclyffe laboratory will at last open to the public. Learn about the latest goings-on from Tesla Science Center at Wardenclyffe detailing their visitor center renovation and opening; development of their amateur radio station and radio club; expansion of their public and educational programming with space science courses, events, and hackathons; a future hackerspace; and more exciting projects!
Sunday 1100 Marillac Auditorium
Hacking the Tech-Industrial Complex: Learning to See Invisible Systems
Seth Godin
The author of more than 20 international bestsellers gives us an inside view of the systems that drive our culture. Every dominant system works to maintain itself, and we can find strategies and stories that push to make things better.
Saturday 1100 Marillac Auditorium
Hack the Violin Part 2: The Advanced Stuff - This Time There's AI
Andrew Morican, Ebmbat
This is a follow-on from "Hack the Violin: A Hacker's Approach to Learning, Playing, and Teaching the Violin" from Hope XV.
This will be a look at technology, most notably AI and hacking the violin. You will learn what's out there and what the presenters were able to achieve with their own AI project regarding practicing and engagement. You will also learn about AI with live performance and creation, as well as AI and string sampling - and see how sampling may be altering the stringscape.
Friday 1300 Little Theatre
Hardware Hacking Meets Art: How Movie Special Effects Are Made
Davis DeWitt
Step into the world of movie magic with Davis DeWitt, a filmmaker, inventor, and former Mythbuster and learn how combining hardware hacking with art creates objects that do more than function: they evoke emotion and tell stories. From blowing up cars to building robots with personality, this talk will explore why it's important to tackle projects that blur the lines between disciplines.
Friday 1900 Marillac Auditorium
HOPE_16 Badge - No Badge, No Problem
Victoria Joh, Vinicius Fortuna
Electronic badges have become a focal point of hacking conferences and key to growing the immersive conference experience! This talk will provide a brief history of electronic conference badges, as well as discuss the good, the badge, and the ugly from the speakers' attempt at a new and improved production run this year. Sadly, while there will not be a new production of the improved HOPE badge in time for the con to be shared with HOPE_16 attendees, this will still be a lively discussion of everyone's favorite badges from past hacking conferences. The design and production challenges that inevitably cropped up will be discussed in detail. The struggle to produce a working badge aligning both funding and functionality is real. This year has been no exception, with various uncertainties such as tariffs and geopolitical norms at play. Despite the challenges, many lessons have been learned. This is an opportunity to plan for a future run, share experiences with others, and get more interested individuals to join the team and get involved.
Saturday 1400 Little Theatre
How a Handful of Location Data Brokers Actively Track Millions, and How to Stop Them
Bill Budington, Lena Cohen
In the past year, a number of investigations have revealed the outsized role of a few select companies in gathering, storing, and selling the location data of millions of devices - and by extension people - worldwide. These companies largely use technologies which power the online advertising industry in order to collect and disseminate this data. To make matters worse, this data has been both provided to private investigators on the mere assurance that they plan to work with law enforcement, and has been subject to data breaches which put the privacy of millions at risk. This talk will elaborate on the technologies, data flows, and industry players which comprise this complicated ecosystem. Most importantly, it will cover some basic steps you can perform to protect yourself against the wide array of location privacy harms your device subjects you to. The presenters will show tools and techniques they've developed to allow users to take back ownership of our devices, rather than our devices owning us.
Friday 1500 Marillac Auditorium
How I Used and Abused LLMs to Get Top 250 on HTB
Rambo Anderson-You
This talk explores an experiment in giving AI system-wide access to compete on Hack The Box (HTB). The talk details the development of a semiautonomous workflow for capture the flag (CTF) competitions, involving jailbreaks, LLM switching, and hardware. Through iterative diagrams, the talk traces how the workflow evolved as the AI improved at capturing flags. This presentation considers how this CTF solving AI slop might extend to real world scenarios like penetration testing, red teaming, and bug bounty hunting.
Sunday 1500 Tobin 201/202
How Law Enforcement Agencies Compromise Entire Encrypted Chat Platforms
Joseph Cox
Law enforcement agencies compromising entire encrypted communication platforms to read peoples' messages is no longer an outlier. It is the new normal. That includes the FBI taking a tech startup called Anom and inserting its own backdoor, French authorities pushing a malicious update to tens of thousands of EncroChat devices, European cops hacking another company called Sky, or any of the increasing number of related cases. In this talk, Joseph Cox, co-founder of 404 Media and author of Dark Wire will detail police tactics, pulling from his nearly ten years of covering the encrypted phone industry.
Saturday 1400 Marillac Auditorium
How to Be Positively Transgressive: Hacking Culture for Good
Johannes Grenzfurthner (monochrom)
In an era where transgression has been co-opted by reactionary forces, how can we reclaim subversion as a tool for positive change? Historically, countercultures, hackers, and artists have used disruption to challenge power structures, expose hypocrisy, and expand the boundaries of what is possible. Yet today, the same methods - culture jamming, media pranks, and ideological infiltration - are increasingly wielded by ultra-right movements to erode democratic values and spread reactionary narratives.
This talk will explore how we can re-hack the hacker mindset: How can we use transgressivity in ways that are constructive rather than destructive? How do we subvert without merely burning things down? Can we retool the aesthetics and tactics of countercultural rebellion to push society forward instead of backward?
Through historical examples, personal experiences, and a healthy dose of mischievous strategy, this talk will try to outline actionable ways to engage in cultural hacking that disrupt oppressive systems while reinforcing community, inclusivity, and progressive values. Because giving up on the tools of subversion means surrendering the battlefield. And that, phreaky phriends, is not an option.
Sunday 1500 Marillac Auditorium
Human Augmentation: Hacking Human Perception and Performance With Technology: Benefits and Dangers
Lucas Potter, Xavier Palmer, Vivekanand Pandey Vimal
Human augmentation is the idea of using technology to hack, alter, and enhance human perception and performance. Imagine being able to enhance your ability to navigate by sensing the flow of magnetic fields like a pigeon. Many industries are starting to explore human augmentation, such as space (enhancing astronauts), medical (rehabilitation), entertainment (greater immersion), military (greater performance), among others. In the first presentation, Dr. Vimal will begin by providing an overview of psychology and neuroscience research on the topics of human augmentation. Then he will share his own NASA-funded research on using sensory augmentation as a countermeasure for spatial disorientation. What dangers could arise from building a bridge between human and sensory augmentation devices that have the capability of altering human perception? This question will connect to the second presentation of the panel, where Dr. Palmer and Dr. Potter will explore how human augmentation connects to security through biocybersecurity followed by Q&A.
Friday 1600 Little Theatre
ICEBlock and the Age of Digital Activism
Joshua Aaron
Learn how ICEBlock has empowered over a million users nationwide to report immigration and customs enforcement activities anonymously, despite government pushback. Discover how you can use your tech skills to drive change and advocate for causes you believe in. Plus, stick around for a Q&A session where you can interact directly with the creator!
This talk will be remote due to the targeting of the speaker by the current administration.
Sunday 1600 Marillac Auditorium
(2 hours!)
Into the Fediverse
Evan Prodromou
One third of Americans say that social media has negatively impacted their mental health. Almost two thirds say that social media has been bad for democracy. But the majority of us still use social media on a daily basis. We clearly need better social media - enabling user choice or even platforms built and run by the users. The Fediverse is a coalition of social networking platforms that connect together, letting users interact across platforms while maintaining their independence. Evan is one of the authors of the ActivityPub standard that drives the Fediverse. He will discuss how the Fediverse went from a dream to a reality, and how individuals and communities can start exercising control over their own social platforms.
Friday 1400 Little Theatre
Invisible Ink of Compression
XlogicX
When you pop the hood of RFC 1951 (DEFLATE), there lies an interesting playground that would be otherwise unseen in the context of compression use cases. This talk will address many aspects of the ubiquitous DEFLATE compression, none of which involve compressing data! "Designer Compression" scenarios will be explored, such as blocks of DEFLATE data that can be fully ASCII printable, contain no data, buffer underflow access of nulls, and even apply forms of recursion. We will also see forensic data extraction from compressed fragments, employ difficult to detect watermarking, demo a covert channel PoC (deflate in http), and forever-cookies. The presentation style will take a high-level first pass and then dig into the technical details with the time left.
Saturday 1500 Tobin 201/202
Itinerant Signal Institute (Rite of Spring)
Amelia Marzec
"Itinerant Signal Institute" is a project that leverages open source technology to examine and communicate about land use. As we move into an era of potentially increasing climate migration, the project aims to create a network of sensors that test environmental toxins. It examines the effect of local emissions on global climate change, using small devices that test the air and soil. That information is then shared via a portal. Imagery for the project will include ritual costumes that mark the changing of seasons. The project began with visits to polluted locations in New York City, including Governors Island (a former military base) and Newtown Creek (one of the most toxic waterways), and working with the Urban Soils Institute to collect information for the project.
Friday 1500 Tobin 201/202
Leading and Survival When TSHTF - A Lighthearted Look at the End of the World
George Sandford
There's a moment when you realize that yes, everything may actually be on fire. As individuals, we can collapse, or we can take action to at least increase the odds of a positive outcome. As leaders (managers, parents, friends), we have to hold it together, fight to create safe spaces, keep our teams motivated, and somehow find time for self-care - without letting an active adversary turn us into the human equivalent of burnt toast.
This talk will explore the art of leading in the midst of chaos, drawing on a punk ethos, irreverent humor, and a sprinkling of practical advice. You'll see how to preserve diversity and inclusion when everything feels like it's falling apart, how to support your team without losing your mind, and why it's okay to cry in the shower (just not every day).
Saturday 1800 Little Theatre
Media, Vibe Coding, and the Long Tail
Lydia Laurenson
What is even happening in the media now? There's a resurgence of paper magazines, and now they reach a long tail of subscribers due to the powers of the Internet. At the same time, social media platforms are downgrading in complexity and Signal chats have somehow become the new social media conversation. Everything old is new again, and it's all combining and recombining with weird emergent politics and independent vibe coders. This will be a discussion of the future of media, especially as seen within alternative cultures and the weird Internet.
Friday 1300 Tobin 201/202
Meshtastic Attacktastic
Dave "Heal" Schwartzberg
In emergencies or off-grid scenarios, Meshtastic shines, but it can crumple when adversaries go off-script. Meshtastic is an open-source platform that allows for long-range, off-grid communication through LoRa-based mesh networks. While offering powerful tools for decentralized communication, particularly in remote areas or during emergencies, Meshtastic also introduces a set of security risks that could be exploited by adversaries. This talk explores the potential vulnerabilities within Meshtastic networks, focusing on attack vectors such as physical attacks, privacy leaks, key management, and jamming. Additionally, the effectiveness of the platform's encryption and authentication mechanisms will be analyzed, offering insights into how these systems can be compromised and how users can fend off attackers.
This session will include a technical breakdown of known vulnerabilities and present both simulated and real-world examples of attacks on Meshtastic networks. Attendees will gain a deeper understanding of how to defend against these threats, hardening their mesh networks against malicious actors. Whether you're a hobbyist experimenting with off-grid communications or a security professional assessing decentralized systems, this presentation will equip you with the tools and knowledge to secure your Meshtastic devices.
Friday 1900 Tobin 201/202
New Journalism: Reimagining Information Networks From the Ground Up
Patrick Boehler
This presentation explores how communities are developing resilient information-sharing systems that outperform traditional journalism. Drawing from research on independent journalism in China, Patrick will examine how these organic networks function as advanced social technologies that challenge conventional understanding of information distribution. The talk invites the HOPE community to reimagine information infrastructure that can withstand authoritarian control, resist corporate manipulation, and genuinely serve community needs through collaborative problem-solving and the application of security expertise in distributed systems.
Sunday 1300 Little Theatre
Not Your Private Army: On the Trail of Cyber Ops
Emma Best
During the past two decades, hacktivist spaces have been infiltrated and co-opted by hostile interests, ranging from state actors to political and corporate entities and entitled oligarchs. This talk examines how these outside parties have attempted to build private cyber armies and task forces through the recruitment and exploitation of gray and black hat hackers. Special focus is given to the "Anonymous" brand, Western state actors, and the 2022 Russian invasion of Ukraine.
Saturday 1500 Marillac Auditorium
NymVPN: The First Real-World Decentralized Noise-Generating Mixnet for Anonymity
Harry Halpin
Nym is the first decentralized noise-generating mixnet to provision real-world network anonymity to Internet users even against nation-state adversaries. The aim here is to supersede existing VPNs in order to fight increasingly more powerful authoritarianism and surveillance. Unlike traditional centralized VPNs that can be de-anonymized by a global passive adversary - like the NSA - based on their traffic patterns, Nym adds noise ("cover traffic") to existing Internet communications. Similar to Tor, Nym routes each packet separately over a decentralized network of servers, but unlike Tor, mixes traffic and adds noise at each hop. After being introduced at HOPE five years ago, NymVPN has now shipped. NymVPN is an easy to use app for all major operating systems that makes using the Nym network as easy as using a traditional VPN for ordinary people, with both a "fast" and "anonymous" mode. The "fast" mode features speeds comparable to centralized VPNs using the same decentralized network as the mixnet, but without mixing. Via the SDK, the Nym mixnet remains free to use by hackers to build the next generation of privacy infrastructure.
Sunday 1400 Little Theatre
Off-Grid Data Running in Oppressive Regimes: The Pirate Box Project (and Sneakernet!)
LambdaCalculus
In today's political climate in the U.S., the Internet as we know it is in danger of becoming heavily monitored, privatized, and censored. Information may only be what the corporations and government want you to see, and it may become difficult for marginalized and poor communities to have access to free information and education that the Internet provides. But by building an off-grid, mesh networked system known as the Pirate Box, it'll become a pivotal way of being the data runner your community needs. The Pirate Box is a form of Sneakernet, and this talk will give you a brief overview of both, as well as strategic tools and ways to make a Pirate Box of your own, along with projects in the spirit of the Pirate Box.
Friday 2100 Tobin 201/202
Offworld Voyage: Can Training for Mars Exploration Also Address Human Adaptation to Climate Biodevastation on Earth?
Scott Beibin, Elizabeth Jane Cole
This talk will present the design philosophy behind Offworld Voyage, a decentralized science initiative that develops ecologically sustainable training habitats for use in simulated Mars surface exploration missions - while also solving for adaptation to extreme climate change on Earth. The Offworld Voyage M.A.R.S. Tesseract Space Analog Simulation Habitats were designed with a zero waste ethos for minimal environmental impact by inventor Scott Beibin and Michael Flood. The modular and portable structures of the habitats include: a bio-dome for cultivating organic vegan plant-based and fungi-based nutrition sources, autonomous power production, advanced waste reclamation, a science laboratory for experimentation and research, a space medicine bay, a fabrication lab for prototyping and repair, facilities for fitness and creativity as well as a kitchen and living quarters.
Mission immersions incorporate a vision of the future when space has become accessible to all through the use of emerging ecologically sustainable appropriate technologies enabled by new types of egalitarian economic structures and coordination methods. Crew activities include EVA explorations in pressurized space suits outfitted with bio-sensors, 3D printed construction using regolith, utilization of open source communications tools, cooperative governance exercises and the practice of mutual aid and consensus decision-making in mission planning, problem-solving and self-sufficiency challenges in the face of extreme resource scarcity, simulated time-delayed communications, and experiments to analyze the effects of isolation on astronauts during offworld missions.
The inaugural mission for the M.A.R.S. Tesseract habitats will occur in a remote desert location in late 2025. It will include the founders of the project, Scott Beibin and Elizabeth Jane Cole, who are both alumni of the Mars Desert Research Station (Mission 286) and core committee members of The Journal for Space Analog Research.
Future plans for the project include the development of pressurized facilities and closed loop systems, as well as development of public goods including hardware and software for Space Analog Research and S.T.E.A.M-based educational programs.
Saturday 1000 Little Theatre
Packets Over Any Wire: Alternative Networking Mediums for Hackers
Haxedalot
Why limit yourself to Ethernet and Wi-Fi when every wire in your house can carry packets? This talk explores alternative physical networking technologies that exist but are often overlooked. From powerline networking (HomePlug AV/AV2) to MoCA over coaxial cables, the talk will dive into how these systems work, their encryption and security models, known exploits, and the inherent risks of non-switched cable mediums. Real-world applications, including whole-home audio and video distribution, network segmentation strategies, and the unexpected advantages of leveraging existing infrastructure will also be explored. You'll see how HDMI matrices, IP-based video distribution, and networked audio solutions like SonosNet can integrate seamlessly over alternative backbones. Segmentation techniques to isolate security cameras will also be covered. Expect deep technical insights, practical lessons from years of experimentation, and a fresh perspective on what's possible when you stop thinking of cables as just power or TV lines - and start treating them as network highways. Whether you're looking to expand connectivity in a complex environment or just want to push the limits of home networking, this talk will leave you with new tools, techniques, and ideas to explore.
Friday 1700 Tobin 201/202
Phrack Magazine #72 - 40th Anniversary Release Party
Netspooky, TMZ
Celebrate 40 years of legendary hacking with Phrack Magazine! Netspooky and TMZ will be dropping a special hardcopy release of their magazine, packed with cutting-edge research, underground insights, and tributes to decades of digital rebellion. Don't miss this milestone issue - crafted by the hackers for the hackers. Free, of course, as always. Grab your copy, meet the crew, and honor the zine that defined an era.
The talk will explain a bit about Phrack's history, how it all started, and where it's going - the vision of the new editorial staff and how Phrack is changing. You will get a rare insight into what it takes to run an underground hacking magazine. You'll learn what it's like to work with the many authors, reading and fixing articles, dealing with obscure submissions, and what it takes to get your article accepted and become an author in Phrack.
For the first time ever, a "secret challenge" has been included in the hardcopy magazine for you to find and to solve. The prize for the winner will be revealed at the talk.
Saturday 1700 Marillac Auditorium
Piracy Is the Past, Present, and Future of Streaming
Abigail De Kosnik, Benjamin De Kosnik
Official ratings of TV viewership and box office revenues for films never tell the whole story of how people access popular media texts and instead promote platforms or corporations. Many millions around the world consume media through unofficial channels, especially peer-to-peer (P2P) file-sharing networks. In this session, you will be introduced to alpha60, an ongoing research project with six years of TV and film distribution data that reveals trends and oddities in global media desire. The speakers will present data on the quantity, timing, and location of downloads for major television series and films, offering data on unofficial global audienceship and speculating on new insights about cultural circulation, transnational belonging, and fandom.
Saturday 1700 Tobin 201/202
Planning a Project That Has No Budget
Travis Southard
Projects are notoriously hard for developers to manage even with project managers, budget limits, and deadlines. Often in hacking and civic tech, we are our own PMs, funders, and timekeepers, which means projects can simultaneously have no budget and unlimited budget. Since a community is not paying for a particular feature, they have no "I think we've reached where we want to stop spending" moment, so when is something done? It doesn't cost our coworkers to ask for more features, so when are they asking too much? Travis will talk about his experiences as a professional nonprofit legal aid developer and as a volunteer project lead to explore what's helped him when working with nebulous conditions around specific requirements.
Sunday 1600 Tobin 201/202
The Political and AI Singularity Are Inevitable - Or Are They?
Roel Schouwenberg
America's transition from a literary society to one shaped by social media and AI has revolutionized how we communicate, process information, and engage politically. AI's conversational nature deepens this shift, influencing culture and cognition. This talk will explore these new realities and provide insights into how to navigate them.
Sunday 1600 Little Theatre
The Present and Future of Online Discourse
Harper Reed
Today's technologies greatly empower individuals and groups, while simultaneously creating tremendous risks to freedom and privacy. How can major forces like big tech, artificial intelligence, and political governance be guided towards pro-social outcomes? What can individuals do? Is there hope for social media to heal divisions, rather than amplify discord? These and other topics will be addressed during this lively and far-ranging presentation.
Friday 1300 Marillac Auditorium
Print, Build, Fly, Heal: 3D-Printed Autonomous Planes for Medical Delivery in Rural Mexico
Dana Gretton, Jaguar Kristeller
This talk focuses on a project with medical students in Alamos, Sonora, Mexico to develop affordable delivery drones that can get urgent medical supplies to remote communities. What currently takes days to reach by mule through mountainous terrain can hopefully be accomplished in minutes by air. This talk chronicles the evolution from off-the-shelf hobby planes to locally-built, 3D-printed aircraft capable of autonomous waypoint missions. The speakers will discuss the technical choices behind their current $1000 prototype (and how they plan to cut costs in half), alongside the organizational structure they're developing to sustain this work. Recently, they established "club guilas" with local medical students - one of whom has completed pilot training for the test aircraft. The biggest challenges faced aren't the technical ones, but rather organizational sustainability: how to transition from a project driven by visiting engineers to one owned and operated by local communities. Plans will be shared for creating a federated network of university clubs, and the blueprint for a lean nonprofit structure to support them.
Sunday 1100 Little Theatre
PrivacySafe and 3NWeb: Engineering User-Centric Digital Sovereignty
Mikalai Birukou
We want to control the technology we use, and we want to trust it. At the same time, we expect it to be convenient. 3NWeb is a groundbreaking framework that gives users full control over their digital interactions across devices, while preserving privacy and independence from centralized systems. Grounded in core principles like the principle of least authority (PoLA) and web-style federation, 3NWeb reimagines how services should operate in a user-first Internet. This presentation includes a demo of PrivacySafe, a client-side 3NWeb platform that is real, downloadable, and ready to use today. Its careful implementation raises meaningful questions from a range of perspectives: users, organizational administrators, application developers, and service providers. The session will address practical considerations and continue with in-depth conversations in the hallway track.
Friday 1200 Tobin 201/202
PrivacyTests.org: Web Browser Leak Testing
Arthur Edelstein
PrivacyTests.org is an open source privacy audit of popular web browsers. The project subjects web browsers to automated leak tests and regularly publishes the browsers' test results head-to-head on a website and on social media. The goal of PrivacyTests is to encourage all web browsers to mend their ways and comprehensively protect everyone's privacy. By thoroughly exposing the leaks in web browsers, the website helps users choose a more private browser, and thereby puts pressure on browser makers to fix their privacy leaks. In his talk, Arthur will give some details about the project's approach to testing and presenting test results, and show how browser privacy has evolved over the past four years.
Friday 1600 Tobin 201/202
Quantum Computing and AppSec: Preparing for the Post-Quantum Threat
Sheshananda Reddy Kandula
Quantum computing is poised to disrupt modern cybersecurity. With the potential to break widely used encryption algorithms, such as RSA and ECC, quantum threats pose a significant risk to web applications, APIs, and secure communications. This talk provides an introduction to quantum computing for application security professionals, outlines the threats to current AppSec practices, and explores how organizations can begin transitioning to post-quantum cryptography (PQC). Attendees will leave with an understanding of the timeline, tools, and strategies required to prepare for the post-quantum world.
Sunday 1000 Little Theatre
The Quantum Curtain
Ed Ryan
High technology has taken on a new meaning. As AI technologies grow increasingly creepy and quantum computing catches major headlines, the U.S. government is scrambling to cover its posterior. Recognizing that these technologies pose a significant security risk, the U.S. Bureau of Industry and Security has imposed export controls on AI and quantum computing technologies in an attempt to limit their spread. This talk will discuss the history of export restrictions, touching on cryptography and the Playstation 2, before moving on to explain the new restrictions and their implications for those working in impacted fields. The idea of a "deemed export," which limits who is even allowed to learn about certain technologies, will be addressed.
Friday 2000 Marillac Auditorium
QWK Packets and the Muffled Spark
Jason Scott
A deep dive into the QWK packet - a revolutionary addition to the Bulletin Board Experience of the 1980s - and the ramifications of what it represents in a very changed world.
Friday 1800 Marillac Auditorium
RDP Spray and Pray: Research on Modern RDP Attacks From Spray to Exploit
Tess Mishoe
RDP has been around the block for a while. Since 1998, admins shudder at the mere mention of port 3389. It's anything but old-hat, though - even today, there are a lot of active attack methods and adaptations for the modern world. This talk will be going through the world of RDP attacks from the perspective of an attacker, a defender, and us - the researchers and engineers. Some mass RDP attack data will be showcased, along with how to identify, label, and further prevent these attacks in the future.
Sunday 1000 Tobin 201/202
A Red Team Exercise 2025, 15 Years Later
Tom Brennan, Vladislav Gostomelsky, Logan Klein
This presentation is about red, blue and purple teams, along with the rest of the rainbow. Dig in for a fun and interactive presentation where the panel threat models and then attacks people, process, and technology. Bring your creative thinking and defensive skills and try to stop the... hackers.
Friday 1700 Little Theatre
rim: Reclaiming Personal Data Sovereignty in the Age of Wearables
Dana Gretton, Jaguar Kristeller
As we approach a future where body-worn devices capture increasingly intimate biometrics, the question of who controls that data has never been more urgent. This talk introduces rim, a techno-social vision and set of protocols challenging the standard model of cloud-based data extraction by building tangible, person-to-person systems for storing and sharing potentially intimate live data streams, innovating at the edge of taboo to expand human connection while preserving privacy and autonomy. There will be a demonstration of early prototypes of wearable devices implementing an "SD-core" aesthetic and detailing the technical underpinnings of protocol concepts including data "dissolution" and "crystallization" with erasure coding and intermittent connection tolerance. Beyond technical implementation, the presenters will discuss how this paradigm shift creates space for entirely new forms of human-to-human connection at the boundary of what's technically possible and socially acceptable.
Saturday 1100 Little Theatre
The Shape of the Legal Battlefield for InfoSec Professionals at Work
Ken Vedaa
It is no secret that sometimes there can be tension between InfoSec professionals and the organizations that they work for. Security professionals spend their days (and sometimes nights and weekends as well) buried in the dirty laundry that others pretend does not exist. These tensions can bubble up in unexpected ways. As an InfoSec professional, what are the common legal concerns that you need to be aware of at work? How do these challenges change over time? What should you keep in mind when considering a new job?
Sunday 1200 Tobin 201/202
A Sleuth's Stories on Detecting and Revealing Large-Scale Research Fraud
Mu Yang
In this talk, the speaker will share how they stumbled into this work by accident and what it's like to operate as a scientific sleuth within academia. The bulk of the presentation will focus on real-world cases of research fraud and misconduct, spanning fields from neurodegenerative diseases to chemistry, physics, and materials science. The talk will, through these examples, explore: the techniques and tools used to detect irregularities; how issues are reported to journals and publishers; the distinction between honest mistakes and deliberate manipulation; the collateral damage caused by misconduct, including its impact on public trust in science. The final section will examine the social and economic drivers of research fraud - and outline the systemic changes needed, globally, to break this cycle and restore integrity in science.
Friday 1200 Little Theatre
Small Budget, Big Protection: Cyber Defense for SMBs
Robert Wagner
Small businesses often face significant challenges in defending their organizations with limited budgets. This talk will provide valuable insights into budget-friendly approaches to long-standing cybersecurity issues, helping small and medium-sized businesses (SMBs) improve their security posture without excessive costs. Attendees will learn how to navigate the delicate balance between driving digital innovation and managing the risks of cyber threats and data breaches. Obstacles that prevent smaller companies from accessing affordable security resources will be explored along with practical solutions to overcome these hurdles.
Many smaller organizations make the mistake of focusing solely on technology to solve their security problems, neglecting crucial aspects like people and processes. This talk will emphasize the importance of a holistic approach to cybersecurity, sharing strategies that larger companies have learned over decades. By understanding and implementing these strategies, SMBs can avoid common pitfalls and effectively raise their security standards. Attendees will leave with actionable tips on improving their cybersecurity practices within a limited budget, ultimately enhancing their overall defense capabilities.
Friday 1500 Little Theatre
Solving My Identity Crisis
Dr. Phill Hallam-Baker
Traditionally, Internet accounts are controlled by the service providing them. There is no 'number portability' for email addresses. Switching costs discourage service changes. Recently, Bluesky has disrupted this model and 32 million users now use account names based on the Internet identity infrastructure, DNS - names that users can register and control directly through DNS handle providers.
This presentation will describe three standards proposals extending this approach. @nywhere extends the authentication approach to allow DNS handle accounts to be used at any Internet resource, not just those running ATprotocol. @nyone combines the DNS handle approach with JSContact to provide account portability and secure exchange of credentials for end-to-end secure communication. @nything allows network connected devices to become true Internet things with an Internet DNS name, WebPKI credentials, and using @nywhere and @nyone to support access control.
Saturday 1800 Marillac Auditorium
Spooky Action at a Discount: DIY Meshtastic Nodes
Kody Kinzie
To anyone interested in off-grid communication at a low cost, Meshtastic allows even beginners to communicate with (or control) devices from miles away. Thanks to applications in emergency communication, sensor monitoring, and censor-proof encrypted chat, Meshtastic is exploding in popularity even as the cost for making nodes is going down. This talk will cover the basics of Meshtastic, setting up and customizing nodes, plus outlining the tips and tricks to building affordable custom Meshtastic nodes, learned from building custom Nibble Meshtastic nodes for the conference. Attacks against Meshtastic and issues observed in the wild will also be covered. Expect to learn about LoRa, Meshtastic node and antenna options, how to deploy nodes for specific applications, attacks against Meshtastic, and how to join larger mesh networks in your local area!
Friday 1100 Little Theatre
StickTock.com: An Open-Source Alternative in the Age of Digital Protectionism
Sean O'Brien
The threatened U.S. ban on TikTok represents a turning point in global digital policy, reflecting the rise of "data tariffs" - restrictions on the movement of information modeled after traditional trade barriers. While concerns over privacy and national security have fueled the decision, the move also aligns with economic protectionism that benefits domestic tech giants. The fallout from this policy shift could further fragment the global Internet, leading to retaliatory restrictions against American firms and diminishing access to diverse digital platforms worldwide.
In response, privacy advocates and open-source developers have taken action. StickTock.com is a free and open-source frontend for TikTok, designed to allow users to access and share TikTok content without invasive tracking, advertisements, or the need for a proprietary app. Built by the team at PrivacySafe, StickTock.com is hosted in Iceland - a jurisdiction with strong commitments to Internet freedom and privacy. Their mission is to demonstrate that digital independence and free speech can thrive in the face of restrictive policies.
This talk will delve into the development of StickTock.com as a case study in open-source innovation as a means of circumventing censorship and preserving privacy. The challenges of building privacy-first digital alternatives, the broader implications of government-imposed digital barriers, and the future of decentralized platforms will be explored. In an era where the free flow of information is increasingly under threat, open-source solutions offer a critical pathway toward digital resilience and user autonomy.
Saturday 1000 Marillac Auditorium
The Struggle for Connection in a Fragmented World: Rebuilding Third Spaces
Jack Gangi
Third spaces - those vital, informal gathering places between home and work - have long been central to hacker culture, but they're vanishing. This talk will explore why third spaces matter more than ever for connection, creativity, and counterculture, and how we can rebuild them in a world increasingly fragmented by gentrification, digital monopolies, and social isolation. From hackerspaces to IRC to local meetups, Jack will trace our roots and offer ideas for rekindling authentic community, both online and off.
Sunday 1700 Tobin 201/202
Systems of Dehumanization: The Digital Frontlines of the War Against Bodily Autonomy
Daly Barnett
This presentation covers the years of security research and surveillance investigations that Daly (a senior staff technologist at the Electronic Frontier Foundation) has done on the various threats facing movements for bodily autonomy. She covers the bad Internet bills that made sex work more dangerous, the ongoing struggle for abortion access in America, and the persecution of trans people across all spectrums of life. These issue-spaces are deeply connected, and the digital threats they face are uniquely dangerous. Come to learn about these threat models, as well as the cross-movement strategies being built for collective liberation against an authoritarian surveillance state.
Saturday 1500 Little Theatre
Things You Wish You Knew About Software Testing
Dan Nagle
Everybody agrees that software testing is important, but how does one actually go about accomplishing this efficiently? Here is a presentation about testing that has actual examples, immediate tools that can be used, and some really interesting and unexpected ways that code can break. This is a fast moving presentation discussing techniques in a way that both coders and non-coders can learn.
Saturday 1000 Tobin 201/202
Tips on Living Life in Interesting Times
Mitch Altman
What motivates us to do what we do? How do we find meaning in doing it? What makes us choose what we choose? Can we do better? What is important? Can we thrive and feel excellent, regardless of particular outcomes? These questions may now be more pressing than ever in our most interesting of times.
Throughout our lives we tend to go with the flow of what is happening, making choices by default. Where do those choices come from? In the face of the rapidly changing and challenging times that we live in, personal and political, social and economic, can we find motivation to do what we do? Can we actually improve anything? Can we find and maintain enthusiasm to move forward into the unknown and feel good about our choices, regardless of outcome? Mitch will draw from lessons learned (and re-learned), doing his best to face the challenges while often haphazardly wandering through his 68 years on the planet. This talk will attempt to address these existential, important questions that we all face (whether consciously or not).
Friday 2100 Marillac Auditorium
Top Ten: Democratic Open Source Software Defined Radio and Amateur Radio Applications That Matter Today
Steve Bossert
A major benefit of the widely used open source Git platform is every project is voted on by its followers, making selection easy for what is the most popular and worth paying attention to. This presentation focuses on the top voted applications focused around software defined radio, as well as amateur "ham" radio. Time only permits the top ten to be covered. This is a great way to showcase how diverse these two crossover topic areas have become in recent years. Some projects are purely software-based while others are a mix of open source hardware plus software. High level coverage of these amazing projects will be included, but will be explored in more depth as part of a separate hands-on workshop during HOPE_16, making this presentation a must attend for anyone interested in radio-related topics!
Saturday 1200 Tobin 201/202
The Trials and Tribulations of Building Your Own Phone
Wesley Appler (aka lamemakes)
Over the last two decades digital surveillance has become baked into our daily lives. Your current and past location, who you're in contact with, habits/interests, sensor data, and a trove of other personal information is constantly being sent to third parties by the smartphone that is nearly always carried on us. What would it look like if we reconsidered the mobile phone entirely, putting extra emphasis on privacy and intentional disconnection via open source hardware and software? This talk will follow Wesley's journey to do just that, starting at the conception of the idea, getting acquainted with mobile networks/operators, obtaining proprietary datasheets, designing hardware, failed/successful prototypes, the current state of the project (along with demos), and how any interested parties can get involved.
Sunday 1100 Tobin 201/202
Turning Leaks Into Leads With OCCRP Aleph
Ezana Ceman, Klil Eden
You've got a leak, a name, or a suspicious company. What's your next move? In a world where corruption thrives in the shadows, the Organized Crime and Corruption Reporting Project (OCCRP) provides the infrastructure to bring truth to light. At the core is Aleph, a powerful data platform built to help investigators follow the money and uncover complex networks across diverse sources. Bring your own data or explore the presenters' - the OCCRP data team collects and curates four billion records from nearly 200 countries, ranging from corporate registries and sanctions lists to court filings and leaked documents. This session will walk through how Aleph powers live investigations, transforming raw, chaotic data into structured insights that expose the actors and assets behind fraud and abuse of power. Designed by journalists, researchers, and developers on the frontlines, Aleph is more than a tool - it's a global community working together to uncover the truth. What will you find?
Friday 1800 Little Theatre
Unearthing Air
Todd Whitney
Breathing polluted air is an unfortunately common human experience. Yet even as particulate matter settles in our lungs and occupies our minds more than ever, most of us lack the words and abilities to create better breathing environments.
This talk will invite the HOPE community to develop personal and proactive approaches to the air we breathe by bringing it down to earth. Air is invisible, but very material and personal. This talk demonstrates hacking opportunities in the tools we traditionally use to sense, measure, and make air make sense. The presenter will dive into communication tools like the air quality index, open source sensors, and the emerging ethics of community air quality monitoring. Importantly, everyone will come away with fresh frameworks and tools they can use to begin designing their personal pollution priorities.
Saturday 1300 Tobin 201/202
When the Lawman Comes Calling - Government Data Demands and Online Platforms
Fred Jennings
Drawing on over a decade of experience, this talk will first introduce the statutes, rules, and concepts governing law enforcement requests for user data, ranging from basic subpoenas to secret FISA search warrants. From that foundation, the discussion will cover practical steps that web services and individual users can take to reduce their legal attack surface, minimize their risks, and maximize their protection from invasive data disclosures.
Saturday 2000 Marillac Auditorium
Zodiac Killer Marketing: How I Used Codes, Cyphers and Nefarious Means to Launch a Covert Food Business
Chef Adam Sobel
During the pandemic, Adam launched Galactic MegaStallion, a new vegan food business, but decided traditional marketing was boring and morally icky. Instead, he created an elaborate system of codes, cyphers, a mysterious hotline, and strategically (and illegally) placed billboards that led curious people to find his food through coordinates. This presentation will cover how and why he developed this unconventional marketing approach, and how breaking traditional marketing rules and business conventions actually built a delighted customer base.
Saturday 1700 Little Theatre
HOPE_16 Closing Ceremonies
Nothing lasts forever and that even applies to HOPE (the conference, not the concept). We will reminisce about what happened this weekend as if it was a decade ago. And we can guarantee there will be many fun stories to share. If you're really lucky, you'll get to help us clean up!
Sunday 1800 Marillac Auditorium
