Today begins the newest edition of four-yearly Dutch summer camping conferences for and by hackers: SHA2017. Since there is an overlap between topics and participants within the RIPE community, this is an invitation to the talks and workshops that might interest you.
is an international nonprofit outdoor hackers camp / conference / festival in The Netherlands taking place from 4 to 8 August 2017. Knowledge sharing, technological advancement, experimentation, connecting with your hacker peers and, of course, hacking are some of the core values of this event.
SHA is the successor of a string of similar events happening every four years. Personally, I have been at all of them since 1997: HIP, HAL, WTH, HAR and OHM. This year marks the 20th anniversary of my participation in the Dutch hackers community, and 18 years since I started work for the RIPE NCC. There is a surprisingly large overlap between the RIPE community and the hackers community as you will see from the topics covered, as well from previous RIPE Labs articles here and here.
In this article, I want to invite you to participate, by watching realtime streaming of the lectures or:
- by watching the recordings
- by contacting presenters to join them in their work
- or to invite them to the next RIPE community events
You can see the detailed programme of the lectures and workshops here, and the list of all the speakers here, as well as self-organised sessions that were not curated by the "content team", but are nevertheless very interesting.
Here are my recommendations, divided into topics as they are organised in the RIPE community.
Diversity Task Force
Since there is an ongoing effort in the RIPE community to increase gender diversity, here are some workshops that might help us in that direction:
"The consequences of prejudice and intolerance shouldn't just be the responsibility of those most harmed. Those best-suited to combat patriarchy and oppression aren't those who bear the consequences, but those who receive the advantages. This is a workshop for people for privileged groups to learn strategies and practice techniques to counter oppression, with the goal of making the hacker community a more welcoming place for all."
- Challenging stereotypes and ingrained social behavior
- Misogyny cover-ups and false equivalency
- Why an organization does not have many women
- The perniciousness of default. "
Check out the other workshops by these authors!
Measurements, Analysis & Tools (MAT) Working Group
- Lecture on 7 August, 21:25, by Aaron Zauner (azet) : Internet-wide measurements: past, present and future
"Towards a holistic picture of the Internet's infrastructure and it's activity: it's time to merge scanning efforts and take a step back to critically analyze our current scanning strategies, their longevity and reflect on the data they yield."
- Lecture on 8 August at 14:30, by the RIPE NCC's Emile Aben: Hackserspaces Jedi
In addition to using the RIPE Atlas probes to measure and visualize the traceroute paths between hackerspaces, this will also be the world premiere of the new "home page" for the IXP-Country-Jedi project:
Open Source Working Group
"FLOSS, NGOs, Activists, Journalists, and the Pareto Principle
FLOSS seems to be a natural choice for NGOs and not formalized entities (groups of activists, etc) -- evading vendor lock-in, harder to place a back-door, community support, and no licensing costs. And yet many NGOs continue to use closed-source software, even in areas where FLOSS tools are available and considered stable. Reasons are many; one of them can be tracked to papercuts -- small, annoying quirks and imperfections making FLOSS awkward, hard, or impossible to use in a given setting. ...
This creates a peculiar gap between the tech-savvy users advocating FLOSS use based on its virtues and the regular software users who just want to get their jobs done. ...
Having managed software and hardware in different activist, journalistic, and NGO settings, the speakers would like to offer their perspective on the importance of these underappreciated small bugs, and how much both the FLOSS community on one hand, and NGOs, activists, and journalists on the other, are missing out because of them. "
Cooperation Working Group
There are too many lectures that are relevant for the Cooperation Working Group to mention!! It's a tough choice, so I will mention the one by my friend ;-)
"Standards bodies, infrastructure providers, internet governance organizations and operators are getting more attention nowadays, but how are these institutions impacting human rights? In this talk we'll introduce you to the slippery acronym world of the IETF, ICANN, IEEE, ITU, 3GPP, RFCs, IXPs, RIRs and we promise you won't be bored!
We'll try to uncover parts that are crucial for what is (im)possible on the Internet, but that normally stay hidden. As a bonus we'll show you what you can do! "
Anti-Abuse Working Group
There are seven talks with "IoT" in the title, 16 talks with "secur[e,ity,]" in the title, and some are even about both! It's very difficult to make a choice, so here are many:
- Lecture on 5 August, at 12:20, by Kalyan Dikshit : Smart Home Security with Tor
- Lecture on 5 August, at 15:00, by Ramiro Pareja : Automotive microcontrollers. Safety != Security
- Lecture on 7 August, at 10:00, by Melanie Rieback : Adventures in Spearphishing: The Good, The Bad, and The Ugly
- Lecture on 8 August, at 15:00, by Tal Melamed: Hack-a-BLE
"Although IoT is already embedded in our everyday lives, our security and privacy are sometime left behind for comfort and other reasons, despite the serious impact that IoT vulnerabilities may have on our digital and physical security.
Bluetooth Low Energy (BLE), also known as Bluetooth Smart is the most popular protocol used for interfacing IoT and smart devices. Broadly used in the healthcare, fitness, security, and home-entertainment industries, nowadays we encounter BLE in almost every aspect of our lives (e.g. in wearables, sensors, medical devices, security products, etc.).
In this lecture I will survey key security issues in the BLE protocol, as well as presenting a possible architecture for BLE Man-in-the-Middle (MitM) attack together with the related necessary equipment. In addition, will introduce some of the available tools and how they can be used to perform penetration-testing on BLE applications and will discuss possible mitigations to secure them."
Quantum, Ethics and Other Plenary Topics
Again, at SHA2017, a familiar topic from the RIPE 74: Quantum Internet:
"The goal of Quantum Internet project at TU Delft is to build an optically-connected network of many (small) quantum computers. Such a network enables the exchange of quantum bits between any of the connected quantum processors in order to solve problems that are intractable classically.
In this talk, Stephanie will invite fellow hackers to join in testing the prototypes, and join in the future building of Quantum Internet. Currently, Dutch test-bed is the leading edge of the developments in the world, but in the future this could be brought to the actual prduction network - with your help."
... second one being -- shameless self-promotion -- lecture on 7 August, 16:45, by yours truly about "Internet Measurements' Ethical Dilemmas and RIPE Atlas" .
Lectures and workshops are only one part of this event. The rest is as important, if not even more: enjoying camping in the nature, re-connecting with the forest and the lake, meeting new friends, enjoying campfire and the sauna, swimming and yoga, dancing and being charmed by the "blinkenlights", and creating new communities that will continue organising similar festivals in the future. See you at CCC Camp 2019, and the next Dutch camp in 2021!
SHA2017 was awesome!
Below you can see some reports:
- Collection of memories: https://wiki.sha2017.org/w/Memories
- (In English) HackADay writeup https://hackaday.com/2017/08/25/shacamp-2017-a-personal-review/
- (In Dutch) Bits of Freedom blog post https://bof.nl/2017/08/11/dit-zijn-de-talks-die-je-niet-mocht-missen-op-sha/
- (in German) Heise.de https://www.heise.de/newsticker/meldung/Was-war-Was-wird-Von-der-achten-Kunst-Hacken-3733574.html
As a part of report, here is the material about my talk:
- Description: "Internet Measurements' Ethical Dilemmas and RIPE Atlas"
- Video https://www.youtube.com/watch?v=IDfkQo0DOYo
- Slides https://program.sha2017.org/system/event_attachments/attachments/000/000/106/original/sha2017-ethics-ripe-atlas-v2.key & https://program.sha2017.org/system/event_attachments/attachments/000/000/107/original/PDF-sha2017-ethics-ripe-atlas-v2.pdf