FYI.

This story is over 5 years old.

Tech

What I Learned from Edward Snowden at the Hacker Conference

Whatever Snowden’s origins and affiliations, he was not coming to his audience as a peer. He was coming as a prophet, and the gospel was liberty and anonymity and privacy and security.
Image: Imran Hafiz

It was 1 PM last Saturday and Edward Snowden was about to be televised.

His audience was the crowd at the Hackers On Planet Earth conference, a group of people no one would ever mistake for attendees at a political convention. Amid the sea of black clothing were many unconventional fashion statements: purple bandanas and balloon pants, and tartan kilts, and white robes, and green hair. The only man in sight in a suit and tie was also toting around a pair of payphones of murky provenance. Even the federal agents present had found a way to blend into the crowd of EFF merchandise and white dude dreadlocks.

Advertisement

But politics were in the air, as surely as the powerful 10 gigabits of wireless microwave internet that had been hacked together by the organizers.

In the elevator up to the penthouse floor of the Hotel Pennsylvania, a small TV played the latest news of the Malaysian Airlines plane downed over Ukraine. One attendee said, "How about the news that Edward Snowden is about to address a hacker conference?"

His implication was clear: wait until the conservative dingbats who call Snowden a traitor find out that now he's talking to a bunch of people with the power to do it again, and other things too.

Snowden himself was more moderate. At one point, Snowden admitted, he had been taken aback when Glenn Greenwald called him "a radical." Alongside remarks by the Pentagon Papers whistleblower Daniel Ellsberg, Snowden spoke of the imperative of designing better surveillance-safe software, and making encryption more ubiquitous. He spoke of a need to create more non-attributable communications, which would allow people to access the internet without being legible to surveillance technology, and so make whistleblowing and investigative reporting less risky.

Snowden's conversation with Daniel Ellsberg. A transcript is available here

Taking advantage of his computer-literate audience, Snowden's language was more nuts-and-bolts in style than in other more mainstream media appearances. He made references to Github and StackExchange and even addressed the individuals in the audience who had been sent by the NSA. Computer metaphors were wired through his sentences, which focused on the ways that hackers could help code methods for challenging the surveillance state.

"But when we look at it comprehensively… the government has developed an exploit chain that provides the root password to our Constitution. They've escaped the sandbox of our democracy and they're basically using it to change our Bill of Rights without us seeing it. We go, 'What does the Bill of Rights say?' and the rootkit is telling us the Fourth Amendment is still there. But in reality it's gone. Something completely different is happening behind the scenes, and we can't allow that."

Advertisement

The audience responded in kind. When Snowden made a joke about LOLcats or referred to the copy machine used by Pentagon Papers whistleblower Daniel Ellsberg as "not…a killer app," the crowd roared.

Still, whatever Snowden's origins and affiliations, he was not coming to his audience as a peer. He was coming as a prophet. The gospel was liberty and anonymity and privacy and security. When he wrapped up his comments, he characteristically tried to distance the issues from his own identity, placing emphasis instead on the broken systems he exposed.

"Whether I'm a good guy, whether I'm a bad guy, whether I'm a hero, whether I'm a traitor—none of that matters," he said. "Criticize me. Hate me. But think about what matters in the issues. Right? Think about the world you want to live in. Then be a part of building that."

A fellow reporter later referred to this as Snowden's 'Jesus moment.' And indeed, like an otherworldly entity, once the Google Hangout window snapped closed, Snowden was gone. He was back in his monastic life in Moscow, with his ramen noodles and sunglasses, his conviction that he had done the right thing, and his continued purpose as the face of a global movement.

Everyone else was still left on earth, exchanging handshakes and chatter and further discussion.

And people were hungry. The talk, which was supposed to last from 1-3 PM had gone until 4 PM. Afterwards, people scattered amongst the paltry Penn Station food options. The first reaction to the talk I heard was in one such deli, half a block away. A woman wearing a conference badge was telling her male companion not to feel too bad about what they were buying from that gross salad bar because, "Edward Snowden says 'no regrets.'"

Advertisement

Back at the conference, when I asked the two volunteer security guys hanging out by the elevator what they had thought, they said they hadn't actually watched it. "It'll be on YouTube," one said. "My feet hurt," said another.

In the elevator, an Australian woman remarked that, "He's amazingly well-polished these days," and referred to him speaking in "soundbites," but in the end, she said that his speech had been "inspiring." Others in the elevator nodded in agreement, that it had been inspiring.

There was no argument there. Among hacker conferences, HOPE, now 20 years old, is known for its political bent, and Edward Snowden is perhaps the most famous political icon in the history of hacking. These were Snowden's people. They loved him. The conference reported a giant spike in Internet traffic around the time of the Snowden talk, much of that attributed to a livestream feeding around 10,000 viewers around the world.

But oddly, people weren't talking about Snowden as much as it seemed like they would. Much of this, of course, was because everyone already knew what Snowden would have to say.

But I knew the topic of surveillance was a big one among the hacker community. Just the day before I had witnessed a yelling match about the topic of private companies' control over our data. But for a moment, in the wake of Snowden's talk, it seemed there wasn't much more to be said.

#

"I'm not a fan of Edward Snowden," Steve Rambam, a private investigator who works in finding lost people and fugitives, told the crowd at a panel that evening. "But if you're worried about the federal government… they outsource their privacy invasion to private companies."

Advertisement

He showed slide after slide of the privacy invasions practiced by private companies like Google ("Google does whatever the hell it wants. It is an avaricious, rapacious, capitalist company of the kind that hasn't existed since the beginning of the railroad.") and Facebook ("Facebook doesn't like you. Facebook doesn't care about you. Facebook has contempt for you.").

"If you're upset about NSA metadata," Rambam said, "you should be insane about Google, Facebook, and Twitter." He kept emphasizing that most of the data about each of us in the world is there because we have volunteered it.

In his lecture, titled "You've Lost Privacy, Now They're Taking Anonymity (aka Whistleblowing is Dead – Get Over It)", he spoke in vivid numbers and geographies. He said that every time I crossed nearby Bryant Park, I would be photographed 150 times, and that only five percent of my face was necessary to enable facial recognition software. Such software would be able to instantly summon up a profile that would include all the available information about me, released voluntarily on social networks or collected involuntarily by big data.

In a moment, anyone with access to the right technology could know my name, where I had been, with whom I associated, my age, my political affiliation, my tastes in movies and music and television and sports, my sexual orientation, my buying habits, my financial situation, and where I would probably go next.

Advertisement

I had hoped that my three days at the conference would get me closer to figuring out for myself how to parse government and corporate surveillance, but i felt as confused as ever. Was it just a question about how I felt about who got to see this information? Would people decide whether they were comfortable with government surveillance the same way they decided how they felt about gun control or abortion? That seemed so unscientific and unsatisfying, and I was determined to get to the bottom of the debate.

#

Things were simpler. Photo by the author

On Sunday, the final day of the conference, I accidentally left my backpack on a chair in the lobby, and when I returned three minutes later, it was gone. The disgruntled hotel security guard was not at all sympathetic about this breach: "Why would you leave your bag unattended?"

I spent a dark 10 minutes thinking about just how bad it could be if my wallet and phone came into the possession of the wrong person at this conference. I was just about to start flipping out in earnest when a German artist who had come to the conference to do research for a documentary theater piece tapped me on the shoulder and handed me my bag, which she had picked up as soon as she saw me leave it.

"This isn't a good place to lose something," she told me. "There could be NSA here."

"Yeah," I said, falling back into the debate I wanted to be done with. "Or, like, hackers." I'd already wrapped my credit card in aluminum foil after a colleague told me that he knew someone whose entire checking account had been drained on Friday after he had accessed it on the public WiFi. I wasn't very worried about the government. I assumed that even with the Obama administration's aggressive stance toward journalists, the NSA had bigger fish to fry.

Advertisement

But then over lunch, I was not so sure. Sitting at a long table with a number of panelists discussing the problems they have had with the IRS, I began to indulge my paranoia. What if I ended up on some list because I was at this conference?

"The IRS can really screw you if they decide to," someone said.

The man next to me turned out to be a reporter and referred to the anti-corruption stories that he hoped to be able to pursue between now and "whenever I disappear or get hit by a bus."

In his book on Snowden, No Place to Hide, Glenn Greenwald has written, "The true measure of a society's freedom is how it treats its dissidents and other marginalized groups, not how it treats good loyalists."

That was all nice and theoretical until I realized how easily it might actually concern me. I began to feel restless. But how could I be a dissident? "I'm a patriot!" I wanted to shout. I've volunteered in every presidential election since I was eighteen. I love baseball and watermelon and the Fourth of July. The constitution makes me emotional! Nothing stirs my heart like a good marching band rendition of "Grand Old Flag"! Surely the government, if it were surveilling us, could see that I was only there as an interested citizen, a member of the press, reporting in the name of the Bill of Rights, with fairness and balance.

Right?

#

No longer embedded and reclaiming my equilibrium, I came back to the hotel. In the elevator on the way up, I struck up a conversation with a young woman who, asked about the conference, said only that it was "exciting." When I asked her about Snowden, she said she wasn't very interested in politics. When I pressed her, she reluctantly explained the situation from her position, which she was comfortable describing only in general terms, as "a wireless network researcher."

Advertisement

"The government needs to have the ability to [do what they're doing] because information is a very important battlefield," she said. The danger is that, "there aren't good boundaries about who has access to the information, once it's gathered."

The reason she's frustrated by Snowden, or at least by his impact on society, she said, is because when the issue of cybersecurity is politicized, "it's not helpful to anybody because it scares people who don't understand why it's relevant, and it makes people on both sides of the issue dig in their heels."

She warned that so long as people don't understand the issue, they won't start doing anything about it until there's already been "serious damage." She referred repeatedly to the "battle [she's] fighting every day," to keep those networks secure.

"I don't think these NSA guys are malicious," she said. "But not enough people realize what's at stake—the people it's being done to or the people it's being done by."

She cited recent examples of information gathered by government for purposes of national security being used by law enforcement. "The cops don't need to know that level of information."

"Once the information has been gathered," she said, "it can be used against our citizens [by unscrupulous police officers], or, if we're attacked, it can be used by our enemies."

"Intention doesn't matter," she said. It was all about the sheer possibility of abuse, thanks to the systems in place.

Advertisement

I was speaking to a scientist. And suddenly, it all came together—the needles I'd been chasing through the haystack of the conference and narrowly missing this whole time. I had been trying to figure out whom I trusted with my information. But that was the wrong question.

The politics about this debate may be about trust, but science is not about trust. Some people trust the US government. Some people trust tech companies. Some people trust the Iranian Cyber Army. Some trust no one. Trust is irrelevant. What this wireless networks researcher was telling me was that so long as information is being captured and stored in the unregulated way it's being captured and stored now, with such little oversight and such little transparency, even if that information is in the hands of people you trust completely, it is still hackable by people you don't trust at all.

#

The closing talk focused on the conference's network itself. Photo: Jordan Keenan

In the closing ceremony of the event, there was no summation of Edward Snowden's talk, no ideological "think like a hacker" tidbit to walk away with. Instead, the people who had designed the conference's robust computer network got up to explain how they had done it—making an agreement with a network provider, running fiber through the hotel, setting up microwave antennas.

Even at the peak of the livecast, said one HOPE engineer, as Snowden was earning whistles and cheers, the conference was using only 1.5 gigabytes of an available 10 gigabytes. He almost sounded disappointed. The network had massive capability, but attendees never used it to its fullest. And, he noted with incredulity, even though this was a conference about security, only around thirty percent of conference-goers opted for the secure, password-protected connection to the Internet over the easier-to-access open one.

At one point, to underline the outsider ingenuity that had allowed the whole thing to go off without a hitch, he showed a photograph of a fan. It was just a regular big square one from a hardware store, but it came in handy during Snowden's talk to cool down the overloaded servers.

It occurred to me that describing the construction of the network was, perhaps, a fitting way to end, after all: here was a hack that had nothing to do with politics. Rising seas don't know what they flood, viruses don't know who contracts them, and networks don't care who builds them, cools them down, or hacks them.

Read more:

On the First Day of HOPE, Plenty to Fear

 Death and the NSA: Motherboard Meets Bruce Schneier 

Def Con, Day One: Can I Use Your Wi-Fi Please?

Without Def Con, the Feds Have a Hacker Recruitment Problem