I went with a group of five friends, meeting three more when we got to New York, but our adventure started before we even left DC. We were ticketed on a train to NY-Penn at 8:30 pm on Thursday. So we all planned on meeting at Union Station between 7:45 and 8pm. I was metroing with two others, and we got out of the metro, called the two we were meeting at the station, and I headed over to the ticket machine to pick up the tickets. I got our tickets, but then we noticed that the police had the gate area blocked off. We were eventually (over the course of about an hour and a half) evacuated to across the street from the station – leaving the “courtyard” empty as well. We weren’t originally told what was going on, then someone mentioned that there might be a bomb but seriously, no one wanted to go outside in the muggy heat. We attempted to entertain ourselves outside for a while (we were going to a hacker conference and had quite a bit of tech toys between us – including a police scanner, 2m radio, 2 DS Lites, cameras, cell phones and laptops), but eventually asked a police officer how much longer he thought it would be and we headed to the Capitol City Brewery for dinner and drinks. The humorous part is that one of my friends was planning on wearing a Bomb squad: If you see me running, try to catch up T-shirt. We finally made it onto the train at 11:30pm.

I was really disappointed in some of the speakers this year. Several were missing for various reasons (including Kevin Mitnick, who was “medically indisposed in Columbia” according to the announcement at the con). The quantum cryptography talk was cancelled, which was one of the big ones I wanted to see. I also hit up the “Proactively Secure Programming Techniques” by J. Salvatore Testa II, but I was really disappointed. The talk could be summed up by saying don’t use direct memory access languages, but if you have to use strn* and strl* functions. I was also disappointed with the “Password Cracking and Time-Memory Tradeoff” talk. This was given by Jason R. Davis of MD5lookup.com and was basically a talk about why you might want a terabyte sized database of all the MD5 hashes possible. Wasn’t this taught in school? I also hit up the Lockpicking talk which is always popular, and learning why having a post office box could be a bad idea.

There were a few talks that I wanted to get to but circumstances didn’t allow me to, including “Breaking Down the Web of Trust” and “Basics of Forensic Recovery”. I later heard that I probably wouldn’t have learned anything in them, but it still would have been neat to go.

The ones that were worth it were really good: “Wireless Security Flaws”, “Coupon Hacking”, and “Social Engineering”. Social Engineering is always fun. This year, Emmanuel Goldstein managed to get a woman with an unlisted address to give it to him by posing as a caller from the “Do Not Call” registry. He almost got a McDonald’s to turn of their A/C for a while (the victim said he’d try, and Emmanuel hung up after that).

If you ever have the opportunity to make it to a HOPE conference, I suggest you take it. It can be a lot of fun with a lot of learning.

This entry was posted on Tuesday, July 25th, 2006 at 3:06 pm by Laura Raderman and is filed under general. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.