Tuesday, July 29, 2008
The space I saw yesterday would be perfect being that it's in the Old Port near the Javanet coffee shop and the Fuji Japanese restaurant. The entrance had an attractive lobby and an elevator and the office had a huge common area with a skylight and big kitchenette surrounded by 4 offices, 3 of which look out on Exchange street. A patent attorney and I both want separate offices for our companies and Hacker Space wants a locking office for their expensive and/or difficult to operate machinery. That would leave one office to be sublet. If the owner of the building is okay with 3 on the lease and will take what we can afford, it would be a perfect location for Hacker Space, my company, and my friend's patent law firm.
We're having a Hacker Space info. meeting in conjunction with the 2600.com meeting at the Maine Mall this Friday evening, so we'll see if we have enough people interested in founding the project.
Thursday, July 24, 2008
Last HOPE conference (Hackers on Planet Earth) in NYC 2008
Part 7 (Sunday)
July 20, 2008:
After spending the previous evening lounging in a 2nd floor hammock drinking Club-Mate for a while and learning how to pick my Masters combination lock when I forget the combination (usually [dumbly] at the gym after showering and wearing just a towel), I made it to Sunday’s 10 AM “A Decade Under the DMCA,” and was so pleased the speaker put in a few plugs for ChillingEffects.org. I wrote a lot of the patent section’s FAQs under my maiden name, Tiffany Strauchs.
Alas…departure day. : ( We all knew this day would come. We waited a year for this conference and then it went by so fast. Another HOPE blogger said that it was the best weekend of his life.
As for me, I was hoping that I’d be able to attend Def Con in a couple of weeks, but due to the fact that this trip kind-of broke my travel budget, I’m not going to Def Con this year unless I win the lottery. I’ll have to forgo meeting up with my west coast hacker friends and I won’t be able to defend my 2nd place title in Coffee Wars. With the Freaky Bean’s French Roast, “Professor Rad,” (that’s my hacker handle!) almost won, but narrowly took 2nd place. I was hoping Foofus would be able to tip the scale in my favor for 1st, but my persuasion didn’t work.
I went to a couple of other talks on Sunday but couldn’t stay until the closing ceremonies because driving back to Maine is at least a 6 hour endeavor. We packed up our computer gear, our new conference acquisitions such as an RFID blocking passport wallet, the requisite black 2600 conference t-shirt, and (literally) packed our 3rd row passenger into the SUV.
With the 97 degree heat beating down upon us and the radiant heat from the pavement, if I closed my eyes, it felt the same as leaving Def Con in Vegas during mid-day. Other weary conference attendees were dragging their Pelican cases toward Penn. Station or taking pictures of the 2600 Bell van (picture from 6 years ago) parked outside of Hotel Penn.
After exiting the Lincoln tunnel and looking in awe at one of the most spectacular views of NYC, I reminded myself that although this may be The Last HOPE, there always is The Next HOPE and I’ll be back.
In my opinion, Kevin’s punishment didn’t fit the crime. Hearing about Kevin and BernieS’s legal cases inspired me to go to law school. If more people with a background or interest in computers got involved in defense or prosecution of hacking crime cases, I think the system would be fairer for computer crimes and legal/law enforcement blunders like Kevin’s time in the hole and BernieS’ physical abuse in federal prison wouldn’t happen [as much] anymore. Also, finding technologically competent criminal defense attorneys and expert witnesses should be easier to do; hence, I hope to start a non-profit group to further that endeavor.
I’ve also been curious about where a special international cyber crimes court could exist. Without fail, my computer science students and someone at a presentation will always ask if a special court exists, and subsequently, why it doesn’t. The only venue I can imagine where something that specialized could potentially exist is with the International Criminal Court (ICC) at The Hague. It is only a court of the last resort (meaning the really bad stuff like genocide and other crimes against humanity) and the US won’t recognize that court, but perhaps they will in the future considering that many cyber crimes have international originations and target, some with serious implications.
Last HOPE conference (Hackers on Planet Earth) in NYC 2008
Part 5 (Saturday)
I arrived an hour before my talk because I wanted to see John Threat’s Hackateer premier which was right before my presentation. Meeting one of the MOD guys was like meeting a character out of an action/adventure movie—I’d read so much about them, but instead of their capers being fictional, this was the real thing. I was also hoping to meet Mark Abene, aka Phiber Optik, but it was nice to see him onscreen. I remember reading about these guys when I was messing around with my brother’s BBS in the 1980s and wondering if they would ever log onto ours (they didn’t—as far as I know). But I studied these guys’ legal cases in law school in Ron Weiker’s awesome cyber law class at Franklin Pierce Law Center so it was interesting to actually meet them.
My presentation started at 8 PM with me fumbling to find a power cord to plug in my computer because the year-old battery has only 10 min. of life in it. It was a good thing that I couldn’t see past the second row because of the blinding lights because seeing the filled room would have probably been shocking. And coming after John Threat was a difficult act to follow. Somehow, I pulled 6 months of academic research together into a 50 minute presentation titled, “RFID and REAL ID Act: Privacy and Legal Implications.”
Part 4 (Saturday)
After not a lot of sleep and with my own presentation looming later that day, I somehow made it to the conference at 10 AM for “Technical Surveillance Countermeasures (TSCM)—A Brief Primer on the Arcane Art and Science of Electronics Surveillance and Bug Detection.” As my hacker/lawyer Mainer friend aptly said, “He looks like a nice guy and reminds me of my Grandpa—but without the bomb stuff.” Marty Kaiser told us about some business deal with the FBI or CIA (I cannot remember which) that didn’t go well and the gov. destroyed his reputation causing him tens of years in court and something like $75,000. in legal fees. He also showed us some old bug detection devices and reminded me why my old metal detector in the shed shouldn’t be discarded because it can find bugs like the newer ones cannot. Interesting should I ever need that.
“A Convergence of Communities,” was given by my father, John J. Strauchs, former case officer (that means covert agent) for the CIA. Married to my mother who was a hippie in the 70s (afro, headbands—the whole thing!) and former leader of her college’s Student’s for a Democratic Society (SDS), I’m a mix of the two perspectives. My father’s presentation was critical of how Homeland Security is spending our tax dollars. He believes that we’re bankrupting our economy with often expensive, and not always necessary, security that isn’t intelligently planned and implemented. Intelligence, in his opinion, is the only way to prevent terrorist attacks but some attacks on certain infrastructures, such as mass transportation, are inevitable. However, it is possible to mitigate the risks—and subsequent fatalities should an attack succeed--by making wiser choices regarding high-risk terrorist targets through prioritizing using triage.
His abbreviation for TSA (thousands standing around) is appropriate, especially when I have to deal with my husband getting stopped every darn time we go through security because he has an olive complexion that TSA incorrectly assumes makes him Arab or when security demanded that my son, only 1 year old at the time, crawl through the metal detectors alone because he might be hiding something; he crawled through and then stopped in the middle of it thus creating a huge back-up into Dulles airport—that’s my boy! That probably wasn’t smart allocation of TSA’s resources.
Steven Levy, a prolific writer and public speaker, talked about his inspirations for the book Hackers. He began by mentioning an article from the 1980s in Psychology Today as being his chief inspiration. One of my friends, Kaja Perina, is currently the Editor in Chief of Psychology Today. I got on my cell and told her she’d better get down here to cover the conference because her magazine was just mentioned as being the inspiration for the book which helped spawn the hacker culture! She was there by the end of the day and was kindly given a press pass for the conference.
After Levy’s presentation, I went into seclusion back at the hotel to give my presentation a last review before my 8 PM time slot. I missed some talks I wanted to see, but I had to practice. I’ve spoken to large groups before and even been in front of an event featuring U.S. Congress, but presenting to my peers—and some pretty smart peers—was a daunting task. I had to meet some high bars for this talk.
The Last HOPE conference (Hackers on Planet Earth) in NYC 2008
Part 3 (Friday)
Last that day, another notable presentation included “Hacking the Mind, Hacking the Body: Pleasure.” I went to it because the title piqued my curiosity and I demanded my husband go with me, but before the presentation started, he slipped out to go get some Jolt and, according to his story, there were so many people in the room when he returned that he couldn’t get back in because the room was beyond max. capacity. So, in turn, he left me surrounded shoulder-to-shoulder in a room containing 99.9% hacker guys in which a woman was discussing some tech about cyber sex and a lot of things I had never before heard of. I had the pleasure of sitting behind two hulking Federal agents (it was so obvious—who is teaching you guys to “blend in” with the natives?!) who, in their tight golf shirts and ironed khaki shorts, were giggling like kids. Every time the presenter said something about anatomy or someone from the audience asked a question, they’d double over laughing and make critical comments about computer geeks.
Did you guys know that you had an entertained audience behind you who found your antics hilarious? At least your packing heat requirement was not fulfilled with an American-touristy fanny pack as you did in previous years, but if you’re the new face of the FBI, we’re lost. I can see it now on the FBI’s Employment page: “Now hiring tough-guy goons for the anti-cyber crimes squad. Must [not] be able to blend in with the tech crowd, must be able to bench press over 300 lbs., wear tight t-shirts to show off your top-rate physique, and have a history in high school of bullying geeks and, subsequently, were snowed by those same geeks in college math and science classes who refused to tutor you.”
If the FBI is as keen on recruiting the smart people at hacker conferences like Def Con and HOPE as they say they are, they are not projecting the most positive image of what it’s like to work for the anti-cyber crimes squad.
And then, after midnight and some lounging in the hammocks listening to techno music on the 2nd floor, I went to sleep unsoundly amidst the not-comforting-to-a-Mainer city noises.
Part 2 (Friday)
On Friday, I went to see a fellow techie lawyer’s presentation, “Botnet Research, Mitigation and the Law.” You always know when a lawyer is speaking with the, “Don’t take this as legal advice,” spiel. It was great how Alex Muentz truly is technical and, at the same, time gets the legal stuff right, too. I didn’t get to talk to him much at the conference beside a brief discussion regarding how some lawyers (especially those in big firms) shy away from hiring techie lawyers, but I saw him fly past me later during the con. on one of the Segways that he had taken off the Segway race track.
Robert Steele with “Earth Intelligence Network: World Brain as Earth Game,” has it right when he says that bureaucratic organizations that lock up most of their information are making it difficult to improve society and security through secrecy. I liked his analogy to the open/free software and hardware movement, but you will either love or hate his presentation style. His in-your-face kind of approach and occasional profanity is one of a kind.
“From a Black Hat to a Black Suit: How to Climb the Corporate Security Ladder without Losing Your Soul,” was hilarious. In addition to the fact that this IT security professional was begging more women to go into IT, he was a likable presenter and made a good point about keeping any arrogant sysop and black hat tendencies at home. The suit, in some IT departments, will be your new uniform.
One of the most interesting technical presentations of the whole conference was today: “Advanced Memory Forensics: Releasing Cold Boot Utilities.” This team from Princeton’s CS dept. proved that if you think your key is gone and not retrievable from DRAM when you pull the plug or leave your computer in sleep mode, think again. I’m going to check out his code.
One of the most informative, “How Do I Pwn Thee? Let me Count the Ways,” was about how average Bob could be “owned” with his unsecured wireless devices. Even Bob’s wife was theoretically owned by an unsecured wireless sex toy accessible with phone text messages. With that, Renderman brought up an interesting criminal law question: “Is that rape or just bad encryption?” Never before had I heard those terms in the same sentence, but aside from the sniggering in the audience, it was a novel question. I won’t describe the details of the presentation, but go to 2600.com’s site and listen to the audio file.
“Hacker Space Design Patterns,” has inspired a few of us in the Portland, Maine area to look into downtown commercial rental space to set up a hacker space. A hacker space, usually as part of a monthly membership, is part inventor’s lab and part techno hang-out. It’s a place where techie hackers can congregate and, most certainly (part of the culture), drink highly caffeinated beverages while tinkering with electronics and software/hardware projects using expensive tools and equipment whose cost is split among the group . On the drive back to Maine after the conference, we discussed working on a 3-D printer and what type of investment, equipment and legal agreements (two of us are lawyers, so legal stuff comes up immediately—can’t help it) we’d need to start the space.
Part 1 (Friday)
July 18, 2008:
After driving for 7 hours to NYC from Southern Maine in a 16 mpg SUV packed with people, food (we’re cheap), and computer gear, we finally arrived in NYC late Thursday night. We didn’t stay at the Hotel Pennsylvania this time because the rooms were an outrageous $450./night when I got around to booking, but stayed at the Affinia Manhattan which was one block away. At $350./night with 2 bathrooms, a living room, a separate bedroom and, most importantly, a full kitchen, that hotel is now my favorite in NYC. Although it was right next to a police dept. and fire station with sirens going at all hours which added poignant staccato to the perpetual taxi horns, it seasoned our noisy NYC experience.
In accordance with true computer hacker form, the conference (thankfully) didn’t start until 10 AM every day and went past midnight. Arriving at the conference on Friday morning was, for us, like going to a family reunion. Seeing friends from all over the world and being surrounded with like-minded and similarly-attired computer geeks instantly made me feel comfortable. Sometimes the media portrays computer hacker conference like it’s a meeting of criminals getting together to take down civilized society, but in actuality, the cracker contingent is negligible; in fact, at HOPE and Def Con, if the conference attendees or organizers find out that script kiddies are messing with the hotel’s or conference’s stuff, they counter-attack or just throw them out.
Most of the attendees whom I’ve met at these conferences are the smartest people I know. They generally are not socially inept and, on the contrary, people just walk up to me and say, “Hi, my name is…(insert cool hacker handle here).” And I don’t think they are so friendly just because I’m a girl hacker.
Ok, so maybe it’s part of it, but that’s cool because there is nothing more awesome than a mysterious guy with a hacker handle like “Obsidian” with black spiky hair, wearing all black, carrying some totally cool technological device (that he built!), and with an IQ that could sear through any encryption and, some women might say, their better sensibilities. HOPE and Def Con conference are like hacker girl heaven—THOUSANDS of brilliant men are there with very little competition. C’mon girls…these guys are HOT. You’re missing out if you write off these sexy-in-a-geeky-way guys because, if you’re lucky like I am, you’ll marry one and never lack the type of cool tech discussions and attraction that rivals the thrill you get from watching a great action adventure/spy movie or snowboarding, fast, down a mountain--they are fast and furious.
Besides the “coming home” feeling most hackers have at this conference, there is not another type of conference I attend (certainly not legal topic ones) in which I’m riveted to my seat. Getting me to willingly sit in a non-ergonomic chair for days at a time is something that only a good hacker conference can do. I find myself skipping meals and forgetting to answer my cell so I can go to presentations uninterrupted from mid-day until midnight—the presentations were so great this year.
Welcome to my blog on technology and law. I endeavor to share my opinions regarding technology-related legislation, legal cases, and public policy as it relates to academic research and how these issues affect my business and, in general, the computer industry. However, the typical disclaimer applies here: no one may rely on these postings as legal advice and I encourage readers to consult an attorney for advice on any particular issue.
With that said, I believe that my legal and scientific background provides me with a relatively unique perspective on how law—especially intellectual property—affect technological research and companies. Although I am of the opinion that intellectual property filings can assist inventors and entrepreneurs in giving them time to establish companies based on their inventions or to conduct further innovative research, I believe that the current way in which intellectual property is taught in law schools and practiced by attorneys was not quite what our founding fathers had in mind when granting, for example, limited monopolies for patent filings or limited copyright protection.
The patent system is in dire need of an overhaul and should have more protection for individual inventors and small companies rather than for big corporations. I have seen too many fantastic tech start-ups go out of business because of large corporations practicing offensive patent litigation. As a result, I support defensive patenting for individual inventors and small companies, but the USPTO has new rules looming on the horizon that will make it much more costly for small companies and individual inventors to file multiple patent claims thus benefiting large companies in the race to file.
In addition, I find super-broad and non-novel claim drafting—especially in the software industry—to be stifling to innovation. I do not support over-broad, non-novel, and industry-stifling patents that are used as industry weapons to destroy competition rather than to foster innovation.
Another relevant project on which I am currently working is a legal clinic/externship for law and computer science students. I spend a good amount of time in the hacker community, and while I do not condone malicious hacking, I think that traditional criminal law has not kept pace with technology. More research into criminology and education of both the computer hacker and the legal communities will lessen the divide between them. Giving computer professionals a better understanding of criminal law and the legal community a better understanding of computer science and technology will provide more just and effective prosecution or defense of those accused of computer crimes. A long term goal is for the clinic to assist in creating technology and privacy legislation.
One of my primary interests in the computer hacker community is studying patterns of cyber crimes and computer security. When studying security, I also spend time assessing whether particular security measures improve safety in a way that does not severely infringe privacy and constitutional liberties.
Lastly, I am a proponent of free and open source software. As a computer scientist, I like to get into source code for my computer applications and alter them to suit my needs, but that is usually not possible using proprietary operating systems, software and hardware. While in business school, I spent a lot of time studying how to make companies profitable that choose to offer their software/hardware with free or open source licensing and I hope to bring some of those ideas to this forum.