Last week my colleague (and fellow @drones operator) Trevor and I had the opportunity to present at the HOPE9 conference at the Hotel Pennsylvania in New York. It was an amazing conference and I was really honored to get to speak there.
Our presentation was titled “Pwn the Drones: A Survey of UAV Hacks and Exploits,” and covered three major points:
Drones are already in widespread use, and that is set to expand dramatically over the next few years.
They do not have the best safety record, and have been compromised in attacks on their ground networks, GPS modules, data transmission, and in kinetic attacks on the aircraft itself. Related systems, such as the control satellites, have also been exploited.
Drones have also been used to deliver payloads in other unusual hacks and exploits, by activists, artists, law enforcement agents, and others.
I’ve already cleaned up the talk once to give a shorter version at dorkbot sf. It’s so important that information about the capabilities of — and weaknesses in — this drone technology gets more widely understood as these get deployed, so I’m happy to do what I can to help that endeavor.
I can’t believe six months has already passed, but I realized the other day that I’ve been running Iron Blogger SF for half a year now. A lot has happened: we’ve added a bunch of members and lost a few, too. We’ve had great meetups, gotten to know each other a bit better, and with a convention of the Global Iron Blogger Council this month,1 we’ve even expanded the rules to establish reciprocity for members of different global chapters. Very nice.
I’m really proud of some successes we’ve had. To the extent that more people are writing blog posts more often, that’s huge for me. I know that my volume has gone up significantly since starting, and even when there are lulls of a few weeks here and there, my numbers are up across the board. There’s also been some cross-pollination and introductions that may not have happened otherwise, and I’m happy to have pushed those further.
As our little chapter of Iron Blogger keeps chugging along, I would like to develop some aspects further. I’d really like to see more interaction between Iron Bloggers on their blogs, in things like comment sections and response posts. We’ve experimented with blogging on a common theme in a given week, and it actually works pretty well. And it’s come up before, but I’m really interested in encouraging more diversity within our network in terms of both participants and content. Some of these issues just require that I put in a bit more work each week, and I’m more than happy to do that.
After six months, I remain convinced. I think the Iron Blogger model is a really great one, and it’s good to be running a chapter.
Two articles that crossed my desk today described the difference between the two kinds of hackers. Howard Rheingold offered this distinction in his memoir of the WELL:
(when “hacking” meant creative programming rather than online breaking and entering)
the Mark Zuckerberg variety, not the identity thieves
Obviously both of these descriptions are simplistic, and maybe necessarily so, given the requirements of the overall pieces. But the New York Times distinction is just silly: the only “good” hacker is a capitalist hacker, I guess. Rheingold for his part may simply be acknowledging an evolving and warped perspective perpetuated by the media. As my colleague Molly Sauter explained in a piece about the hacker as a modern folk devil,
The hackers who dominate news coverage and popular culture — malicious, adolescent techno-wizards, willing and able to do great harm to innocent civilians and society at large — don’t exist.
The playful curiosity that actually defines a “hacker” to me seems to be a hard thing to understand for many people, and the polysemy of the word doesn’t help.
I’m not much for drawing, but I’m working on a set of minimalist representations of San Francisco icons for a project right now. I’ll post more about that project later. For now, here’s my rough take on the Golden Gate Bridge.
My written one-to-one communication patterns can be grouped into three major categories: longform, synchronous shortform, and asynchronous shortform. For the most part I use email, IMs, and SMS, respectively, for those purposes.
Each of those technologies has its own end-to-end encryption protocol. ((In some cases, more than one. I’m just listing the ones I use.)) Email has the venerable OpenPGP protocol and the GnuPG suite of programs; IM has OTR for Off-the-Record Messaging on Pidgin and Adium on the desktop, andGibberbot and ChatSecure on mobile; and SMS has TextSecure, a free software Android SMS application that does encryption locally and over the wire.
My TextSecure fingreprint, as a QR code generated by the application.
There’s a small but growing cadre of my friends with whom I’ve exchanged keys on all three protocols.1 They’re the crypto triple threats. I want to build that list out further: if I’m having an end-to-end conversation with you, I’d like it to be encrypted end-to-end.
Some of these keys are harder than others to exchange. Email encryption is notoriously difficult to get right, while OTR is much simpler to start working with. TextSecure is a great example of the rare good QR code use case.
These are communication tools, so they’re especially affected by Metcalfe’s Law. That makes it even more important to get people to join the triple threat club. It also means that for each of these protocols, there are lots of people who want to help you figure it out. I’m one of those people. Let’s talk!
Seriously, it’s growing. I added maiki to the club just tonight. ↩
