SlideShare una empresa de Scribd logo

Bootstrapping Your Hacktivist Community

Liz Henry
Liz Henry

This document provides guidance on building a hacktivist community while managing risks. It emphasizes starting with lower risk activities like citizen journalism and reporting issues publicly. It stresses the importance of trust, privacy, and security training before taking on higher risks. Members should consider personal risks like location, technical skills, and identities that could make them more vulnerable targets. The goal is to raise awareness and potentially take informed action, not get arrested or endangered. Ongoing education and practice in digital security and privacy are key to operating safely.

1 de 56
Descargar para leer sin conexión
BootstrappingYour Hacktivist Community Kiwicon 6 2012 Liz Henry @lizhenry Wednesday, May 1, 13
I will now tell you how to make a hacktivist community Wednesday, May 1, 13
HAHAHAHA Wednesday, May 1, 13
What is “hacktivism”? • Legal or lower risk hacking: • Reporting, citizen journalism (maybe) • Outing people for something • Protest, petition, policy, law changes • Civil disobedience (maybe) Wednesday, May 1, 13
Wednesday, May 1, 13
Sometimes“hacktivism” looks like this Wednesday, May 1, 13
And “community”? • For community, you need trust Wednesday, May 1, 13
Trust is nice Wednesday, May 1, 13
Lower Risk “hacktivism” • Publicity. Use all possible social capital. • Get consent, protect privacy, personal security, personal data if possible. • Rhizomatic spread. Don’t wait for the boss. • Action plan. Group chat. Collectively edit some documents. Needs list. Schedule. • Report on what is effective.Ask for more. Wednesday, May 1, 13
Emergency power! • Hurricane Sandy • Existing communities, social capital among disabled people online • Incredibly fast mobilization, public call, in- person help from friends of friends of friends, nearly random strangers Wednesday, May 1, 13
Higher risk • Reporting or citizen journalism (maybe) • Infiltration, espionage • Leaking military or other secret info • Messing with governments, huge corporations, organized crime Wednesday, May 1, 13
Who will you piss off? • Professional reputation/status? • Stalkers or other hostile individuals? • Intellectual property, legal, hacking laws • Repressive government, military? • Mexican drug cartel? Russian mafia? • In short, what are you risking? Wednesday, May 1, 13
Example: Editing the Zetas • What’s the threat level if you want to edit some Wikipedia pages about Mexican drug cartels? • Where are you? • Not-Mexico: Make persona, use Tor +VPN • Mexico or near: Maybe that’s not enough Wednesday, May 1, 13
Nuevo Laredo carspotting • Chat rooms to report on dangerous stuff • Green Chevy at corner of 9th and Main every afternoon • Roadblock on the west road out of downtown Wednesday, May 1, 13
sms blogging • blog from burner phones • vojo.co has all-phone setup Wednesday, May 1, 13
Risks, maybe • Someone shoulder surfs you in a cafe and shoots you in the head later • Keylogging, insecure connection • Site you’re on is run by gangsters. Oops! • Or is on phpBB or something scarier • (narcomensajes, torture, murder) Wednesday, May 1, 13
Consider Risk • Are you’re risking your freedom? • Or your life • Or other people’s lives • Make sure it’s what you want to risk • For a good reason! Wednesday, May 1, 13
There are good reasons Wednesday, May 1, 13
Why? • What are your reasons and goals • Publicity? (Then stick to lower risk) • Personal studliness? (Don’t!) • Expose truth? • Freedom fighter? Wednesday, May 1, 13
How to make a hacker community Wednesday, May 1, 13
Don’t! Wednesday, May 1, 13
Or, first... • At least pause • Ethics of encouraging others to do high risk things on some crappy Windows machine with LOIC or whatever.Yeah. • Learn security, anonymity, privacy • Put them into practice • Practice! Wednesday, May 1, 13
Before y’all do this. . . Wednesday, May 1, 13
Totally pause Wednesday, May 1, 13
Wednesday, May 1, 13
Feminist Hackers • Bunch of women hackers talking • Why is there a “false accusers” wiki run by MRAs, but no “rapists” wiki run by rape survivors? Unfair and wrong! • OMG Haxxors! • Retaliation (identity/safety/DDoS) • Defamation, legal threats Wednesday, May 1, 13
Wednesday, May 1, 13
Pick your cool haxxor names! • We thought of some great ones • Most of them were totally contaminated • Anyway, they sounded like roller derby names • And we were telling them to each other, which was dumb, but we realized that about 2 minutes in Wednesday, May 1, 13
• So I can never secretly be “Louise Boat”.This makes me very sad. Wednesday, May 1, 13
Test for leaks Wednesday, May 1, 13
Testing each other • We looked at what info we were leaking by accident, and what we knew or could deduce or find about each other. • Some of us were better at it than others. Wednesday, May 1, 13
We found a lot of leaks Wednesday, May 1, 13
Some hackers are more equal than others • We all had some practice, because we are all women talking in public and thus, present more attack surface • Various factors made some of us more vulnerable than others: queer, trans, people of color, homeless, have kids, domestic violence survivors... • Those factors often encourage more practice in privacy, anonymity, pseudonymity Wednesday, May 1, 13
Check your privilege • If you’re hacking in a high risk way you’re risking everyone around you. • The others in your “hacktivist community” may be at risk merely by being associated with you • Protect your contacts Wednesday, May 1, 13
Learn to attack Wednesday, May 1, 13
Learn to spy Wednesday, May 1, 13
Be a trickster Wednesday, May 1, 13
Be Paranoid Wednesday, May 1, 13
Trust no one Wednesday, May 1, 13
Make personas within personas Wednesday, May 1, 13
Don’t contaminate your personas Wednesday, May 1, 13
Don’t boast Wednesday, May 1, 13
Ops checklist • Safer computer, software (encrypt) • Physical security (for your computer!) • Safer connection (Tor, thenVPN?) • Persona management. • Shut your pie hole! Wednesday, May 1, 13
More leak vectors to consider • Location, time, time zone. Avoid patterns! • Password hygiene • Paying for stuff • clicking links someone sends... (don’t) • Panopticlick (browser fingerprinting) • Tor, thenVPN(s) Wednesday, May 1, 13
Study security, privacy, anonymity guides • EFF guide • Internews, CPJ guides • TOR, crypto.is • Study together • That’s still not good enough Wednesday, May 1, 13
You must be flawless Wednesday, May 1, 13
Consciousness Raising • Bootstrapping new hackers is hard. • Consider your personal identity and what attack surface you present. • This will take some discussion and thought. • You will get a community that is capable of hacking something for some reason someday. Maybe in a crisis. • It’s political consciousness raising Wednesday, May 1, 13
That isn’t very glamorous Wednesday, May 1, 13
But neither is jail Wednesday, May 1, 13
Or the Ecuadorian Embassy Wednesday, May 1, 13
Medium risk hacking • There’s still things to do that probably aren’t super super super risky... Wednesday, May 1, 13
SRS Business • Hollaback. Cell phone pics of street harassment. • Public callouts of public bad behavior, whether pseudonymous or real name • Twitter hashtags, mockery • ShitRedditSays started reporting on public misogyny. “Outing” and “doxxing” of violentacrez ... ie “googling” and “his beer buddy told on him”. Wednesday, May 1, 13
FERT was born • Feminist Emergency Response Team! Wednesday, May 1, 13
Lower risk high risk hacker activity • Neighbor in domestic violence crisis, we found her husband in herYahoo email and her phone • Ex-pat Syrian journalist getting death threats. Looked at email headers, IP and told her it was not obviously a local threat or a threat from within Syria • Palestinian activist convinced site was hacked by Israeli govt. Were able to show them it was just a spambot, php/sql injection • Advised feminist blogger undergoing 4chan raid Wednesday, May 1, 13
“Stay Safe” (or not) Wednesday, May 1, 13
Create possibilities Wednesday, May 1, 13

Recomendados

Reinvent Yourself - Preso for Walnut St Labs SUMY 19-Aug-2014
Reinvent Yourself - Preso for Walnut St Labs SUMY 19-Aug-2014Reinvent Yourself - Preso for Walnut St Labs SUMY 19-Aug-2014
Reinvent Yourself - Preso for Walnut St Labs SUMY 19-Aug-2014Andrew Schwabe
 
Impacts of Leak Sites - Masayuki Hatta (Surugadai University)
Impacts of Leak Sites - Masayuki Hatta (Surugadai University)Impacts of Leak Sites - Masayuki Hatta (Surugadai University)
Impacts of Leak Sites - Masayuki Hatta (Surugadai University)mysociety
 
Comm law ppt invasion of privacy
Comm law ppt invasion of privacyComm law ppt invasion of privacy
Comm law ppt invasion of privacyJulie Price
 
Gawker v. Hulk Hogan v. Peter Thiel
Gawker v. Hulk Hogan v. Peter ThielGawker v. Hulk Hogan v. Peter Thiel
Gawker v. Hulk Hogan v. Peter ThielDan Kennedy
 
Picamp ntk
Picamp ntkPicamp ntk
Picamp ntkPaul Evans
 
Chapter 14 - Privacy - JNL-2105 - Journalism Ethics - Professor Linda Austin ...
Chapter 14 - Privacy - JNL-2105 - Journalism Ethics - Professor Linda Austin ...Chapter 14 - Privacy - JNL-2105 - Journalism Ethics - Professor Linda Austin ...
Chapter 14 - Privacy - JNL-2105 - Journalism Ethics - Professor Linda Austin ...Linda Austin
 
Libel Law
Libel LawLibel Law
Libel LawStudentPressLawCenter
 
People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017Evan Francen
 

Recomendados

Reinvent Yourself - Preso for Walnut St Labs SUMY 19-Aug-2014
Reinvent Yourself - Preso for Walnut St Labs SUMY 19-Aug-2014Reinvent Yourself - Preso for Walnut St Labs SUMY 19-Aug-2014
Reinvent Yourself - Preso for Walnut St Labs SUMY 19-Aug-2014Andrew Schwabe
 
Impacts of Leak Sites - Masayuki Hatta (Surugadai University)
Impacts of Leak Sites - Masayuki Hatta (Surugadai University)Impacts of Leak Sites - Masayuki Hatta (Surugadai University)
Impacts of Leak Sites - Masayuki Hatta (Surugadai University)mysociety
 
Comm law ppt invasion of privacy
Comm law ppt invasion of privacyComm law ppt invasion of privacy
Comm law ppt invasion of privacyJulie Price
 
Gawker v. Hulk Hogan v. Peter Thiel
Gawker v. Hulk Hogan v. Peter ThielGawker v. Hulk Hogan v. Peter Thiel
Gawker v. Hulk Hogan v. Peter ThielDan Kennedy
 
Picamp ntk
Picamp ntkPicamp ntk
Picamp ntkPaul Evans
 
Chapter 14 - Privacy - JNL-2105 - Journalism Ethics - Professor Linda Austin ...
Chapter 14 - Privacy - JNL-2105 - Journalism Ethics - Professor Linda Austin ...Chapter 14 - Privacy - JNL-2105 - Journalism Ethics - Professor Linda Austin ...
Chapter 14 - Privacy - JNL-2105 - Journalism Ethics - Professor Linda Austin ...Linda Austin
 
Libel Law
Libel LawLibel Law
Libel LawStudentPressLawCenter
 
People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017Evan Francen
 
Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015 Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015 Andrew Schwabe
 
Class 11 fall 2016 slides
Class 11 fall 2016 slidesClass 11 fall 2016 slides
Class 11 fall 2016 slidesbmitchslides
 
Web and politics
Web and politicsWeb and politics
Web and politicsWillem Kuypers
 
Plagiarism secondary
Plagiarism secondaryPlagiarism secondary
Plagiarism secondaryHeather Lewis
 
What we can learn from LulzSec
What we can learn from LulzSecWhat we can learn from LulzSec
What we can learn from LulzSecPositive Hack Days
 
Writefor media ucsd_ext_spring12_2
Writefor media ucsd_ext_spring12_2Writefor media ucsd_ext_spring12_2
Writefor media ucsd_ext_spring12_2dml communications
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Cain Ransbottyn
 
Help! I am an Investigative Journalist in 2017
Help! I am an Investigative Journalist in 2017Help! I am an Investigative Journalist in 2017
Help! I am an Investigative Journalist in 2017Gabor Szathmari
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsEric Vanderburg
 
American Privacy: A History of the Right to Privacy in the United States
American Privacy: A History of the Right to Privacy in the United StatesAmerican Privacy: A History of the Right to Privacy in the United States
American Privacy: A History of the Right to Privacy in the United StatesFrederick Lane
 
Plagiarism Lesson 2018
Plagiarism Lesson 2018Plagiarism Lesson 2018
Plagiarism Lesson 2018Elisabeth Palmer Abarbanel
 
Test on BB
Test on BBTest on BB
Test on BBnickstroller
 
OSINT
OSINTOSINT
OSINTApurv Singh Gautam
 
Xavier Johnson Powerpoint
Xavier Johnson PowerpointXavier Johnson Powerpoint
Xavier Johnson Powerpointxavierjohnson
 
Administracion )
Administracion )Administracion )
Administracion )jackebt
 
Code Of Our Own
Code Of Our OwnCode Of Our Own
Code Of Our OwnLiz Henry
 
S I S T E M A D E I N V E N T A R I O P E R M A N E N T E
S I S T E M A D E I N V E N T A R I O P E R M A N E N T ES I S T E M A D E I N V E N T A R I O P E R M A N E N T E
S I S T E M A D E I N V E N T A R I O P E R M A N E N T Ejackebt
 
Fight Spam and Hackers!
Fight Spam and Hackers!Fight Spam and Hackers!
Fight Spam and Hackers!Liz Henry
 
Crowdsourced fact checking
Crowdsourced fact checkingCrowdsourced fact checking
Crowdsourced fact checkingLiz Henry
 
Bad inventions-talk
Bad inventions-talkBad inventions-talk
Bad inventions-talkLiz Henry
 
Awesome bugzilla-tricks-slides2
Awesome bugzilla-tricks-slides2Awesome bugzilla-tricks-slides2
Awesome bugzilla-tricks-slides2Liz Henry
 
Cartilla Part 2
Cartilla Part 2Cartilla Part 2
Cartilla Part 2jackebt
 

Más contenido relacionado

La actualidad más candente

Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015 Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015 Andrew Schwabe
 
Class 11 fall 2016 slides
Class 11 fall 2016 slidesClass 11 fall 2016 slides
Class 11 fall 2016 slidesbmitchslides
 
Plagiarism secondary
Plagiarism secondaryPlagiarism secondary
Plagiarism secondaryHeather Lewis
 
What we can learn from LulzSec
What we can learn from LulzSecWhat we can learn from LulzSec
What we can learn from LulzSecPositive Hack Days
 
Writefor media ucsd_ext_spring12_2
Writefor media ucsd_ext_spring12_2Writefor media ucsd_ext_spring12_2
Writefor media ucsd_ext_spring12_2dml communications
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Cain Ransbottyn
 
Help! I am an Investigative Journalist in 2017
Help! I am an Investigative Journalist in 2017Help! I am an Investigative Journalist in 2017
Help! I am an Investigative Journalist in 2017Gabor Szathmari
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsEric Vanderburg
 
American Privacy: A History of the Right to Privacy in the United States
American Privacy: A History of the Right to Privacy in the United StatesAmerican Privacy: A History of the Right to Privacy in the United States
American Privacy: A History of the Right to Privacy in the United StatesFrederick Lane
 
Xavier Johnson Powerpoint
Xavier Johnson PowerpointXavier Johnson Powerpoint
Xavier Johnson Powerpointxavierjohnson
 

La actualidad más candente (14)

Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015 Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015
 
Class 11 fall 2016 slides
Class 11 fall 2016 slidesClass 11 fall 2016 slides
Class 11 fall 2016 slides
 
Web and politics
Web and politicsWeb and politics
Web and politics
 
Plagiarism secondary
Plagiarism secondaryPlagiarism secondary
Plagiarism secondary
 
What we can learn from LulzSec
What we can learn from LulzSecWhat we can learn from LulzSec
What we can learn from LulzSec
 
Writefor media ucsd_ext_spring12_2
Writefor media ucsd_ext_spring12_2Writefor media ucsd_ext_spring12_2
Writefor media ucsd_ext_spring12_2
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
 
Help! I am an Investigative Journalist in 2017
Help! I am an Investigative Journalist in 2017Help! I am an Investigative Journalist in 2017
Help! I am an Investigative Journalist in 2017
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
American Privacy: A History of the Right to Privacy in the United States
American Privacy: A History of the Right to Privacy in the United StatesAmerican Privacy: A History of the Right to Privacy in the United States
American Privacy: A History of the Right to Privacy in the United States
 
Plagiarism Lesson 2018
Plagiarism Lesson 2018Plagiarism Lesson 2018
Plagiarism Lesson 2018
 
Test on BB
Test on BBTest on BB
Test on BB
 
OSINT
OSINTOSINT
OSINT
 
Xavier Johnson Powerpoint
Xavier Johnson PowerpointXavier Johnson Powerpoint
Xavier Johnson Powerpoint
 

Destacado

Administracion )
Administracion )Administracion )
Administracion )jackebt
 
Code Of Our Own
Code Of Our OwnCode Of Our Own
Code Of Our OwnLiz Henry
 
S I S T E M A D E I N V E N T A R I O P E R M A N E N T E
S I S T E M A D E I N V E N T A R I O P E R M A N E N T ES I S T E M A D E I N V E N T A R I O P E R M A N E N T E
S I S T E M A D E I N V E N T A R I O P E R M A N E N T Ejackebt
 
Fight Spam and Hackers!
Fight Spam and Hackers!Fight Spam and Hackers!
Fight Spam and Hackers!Liz Henry
 
Crowdsourced fact checking
Crowdsourced fact checkingCrowdsourced fact checking
Crowdsourced fact checkingLiz Henry
 
Bad inventions-talk
Bad inventions-talkBad inventions-talk
Bad inventions-talkLiz Henry
 
Awesome bugzilla-tricks-slides2
Awesome bugzilla-tricks-slides2Awesome bugzilla-tricks-slides2
Awesome bugzilla-tricks-slides2Liz Henry
 
Cartilla Part 2
Cartilla Part 2Cartilla Part 2
Cartilla Part 2jackebt
 

Destacado (8)

Administracion )
Administracion )Administracion )
Administracion )
 
Code Of Our Own
Code Of Our OwnCode Of Our Own
Code Of Our Own
 
S I S T E M A D E I N V E N T A R I O P E R M A N E N T E
S I S T E M A D E I N V E N T A R I O P E R M A N E N T ES I S T E M A D E I N V E N T A R I O P E R M A N E N T E
S I S T E M A D E I N V E N T A R I O P E R M A N E N T E
 
Fight Spam and Hackers!
Fight Spam and Hackers!Fight Spam and Hackers!
Fight Spam and Hackers!
 
Crowdsourced fact checking
Crowdsourced fact checkingCrowdsourced fact checking
Crowdsourced fact checking
 
Bad inventions-talk
Bad inventions-talkBad inventions-talk
Bad inventions-talk
 
Awesome bugzilla-tricks-slides2
Awesome bugzilla-tricks-slides2Awesome bugzilla-tricks-slides2
Awesome bugzilla-tricks-slides2
 
Cartilla Part 2
Cartilla Part 2Cartilla Part 2
Cartilla Part 2
 

Similar a Bootstrapping Your Hacktivist Community

Christians and the Internet - Being Aware; Being Equipped; and Being Good Wit...
Christians and the Internet - Being Aware; Being Equipped; and Being Good Wit...Christians and the Internet - Being Aware; Being Equipped; and Being Good Wit...
Christians and the Internet - Being Aware; Being Equipped; and Being Good Wit...Marie Notcheva
 
Joakim Jardenberg's presentation
Joakim Jardenberg's presentationJoakim Jardenberg's presentation
Joakim Jardenberg's presentationdxfswe
 
How to protect black journalists from online abuse #NABJ17
How to protect black journalists from online abuse #NABJ17How to protect black journalists from online abuse #NABJ17
How to protect black journalists from online abuse #NABJ17Wendi C. Thomas
 
Privacy and libraries
Privacy and librariesPrivacy and libraries
Privacy and librariesDorothea Salo
 
Notacon 7 - Hacking The Future Weaponizing The Next Generation
Notacon 7 - Hacking The Future Weaponizing The Next GenerationNotacon 7 - Hacking The Future Weaponizing The Next Generation
Notacon 7 - Hacking The Future Weaponizing The Next GenerationJames Arlen
 
Columbus Startup Weekend 3.1.13 - Hustle Town deck
Columbus Startup Weekend 3.1.13 - Hustle Town deckColumbus Startup Weekend 3.1.13 - Hustle Town deck
Columbus Startup Weekend 3.1.13 - Hustle Town deckDan Rockwell
 
5 Ways To Overcome The Fear And Dread Of Networking
5 Ways To Overcome The Fear And Dread Of Networking5 Ways To Overcome The Fear And Dread Of Networking
5 Ways To Overcome The Fear And Dread Of NetworkingJohn Muscarello
 
Christians and The Internet: Being Aware; Being Equipped; and Being Good Witn...
Christians and The Internet: Being Aware; Being Equipped; and Being Good Witn...Christians and The Internet: Being Aware; Being Equipped; and Being Good Witn...
Christians and The Internet: Being Aware; Being Equipped; and Being Good Witn...Marie Notcheva
 
Citizen (Online / Social) Media Ethics
Citizen (Online / Social) Media EthicsCitizen (Online / Social) Media Ethics
Citizen (Online / Social) Media EthicsICT Watch - Indonesia
 
Using BuddyPress as a Directory - BuddyCamp Minneapolis 2013
Using BuddyPress as a Directory - BuddyCamp Minneapolis 2013Using BuddyPress as a Directory - BuddyCamp Minneapolis 2013
Using BuddyPress as a Directory - BuddyCamp Minneapolis 2013vegasgeek
 
Social Media - The Good, The Bad, and The Ugly
Social Media - The Good, The Bad, and The UglySocial Media - The Good, The Bad, and The Ugly
Social Media - The Good, The Bad, and The UglyDr. Joel Evans
 
Social media presentation
Social media presentationSocial media presentation
Social media presentationLaQuesha Moore
 
Special Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on CybersecuritySpecial Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on CybersecurityMichael Rushanan
 
The Science of Sharing - SXSW 2015
The Science of Sharing - SXSW 2015The Science of Sharing - SXSW 2015
The Science of Sharing - SXSW 2015James LaPorte
 
5B Bullying henry, warren, john, issaih
5B Bullying henry, warren, john, issaih5B Bullying henry, warren, john, issaih
5B Bullying henry, warren, john, issaihktrefz
 
Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Donald E. Hester
 

Similar a Bootstrapping Your Hacktivist Community (20)

Christians and the Internet - Being Aware; Being Equipped; and Being Good Wit...
Christians and the Internet - Being Aware; Being Equipped; and Being Good Wit...Christians and the Internet - Being Aware; Being Equipped; and Being Good Wit...
Christians and the Internet - Being Aware; Being Equipped; and Being Good Wit...
 
Joakim Jardenberg's presentation
Joakim Jardenberg's presentationJoakim Jardenberg's presentation
Joakim Jardenberg's presentation
 
How to protect black journalists from online abuse #NABJ17
How to protect black journalists from online abuse #NABJ17How to protect black journalists from online abuse #NABJ17
How to protect black journalists from online abuse #NABJ17
 
Internet safety
Internet safetyInternet safety
Internet safety
 
Privacy and libraries
Privacy and librariesPrivacy and libraries
Privacy and libraries
 
Notacon 7 - Hacking The Future Weaponizing The Next Generation
Notacon 7 - Hacking The Future Weaponizing The Next GenerationNotacon 7 - Hacking The Future Weaponizing The Next Generation
Notacon 7 - Hacking The Future Weaponizing The Next Generation
 
Columbus Startup Weekend 3.1.13 - Hustle Town deck
Columbus Startup Weekend 3.1.13 - Hustle Town deckColumbus Startup Weekend 3.1.13 - Hustle Town deck
Columbus Startup Weekend 3.1.13 - Hustle Town deck
 
5 Ways To Overcome The Fear And Dread Of Networking
5 Ways To Overcome The Fear And Dread Of Networking5 Ways To Overcome The Fear And Dread Of Networking
5 Ways To Overcome The Fear And Dread Of Networking
 
Christians and The Internet: Being Aware; Being Equipped; and Being Good Witn...
Christians and The Internet: Being Aware; Being Equipped; and Being Good Witn...Christians and The Internet: Being Aware; Being Equipped; and Being Good Witn...
Christians and The Internet: Being Aware; Being Equipped; and Being Good Witn...
 
Bullying by Grady
Bullying by GradyBullying by Grady
Bullying by Grady
 
Citizen (Online / Social) Media Ethics
Citizen (Online / Social) Media EthicsCitizen (Online / Social) Media Ethics
Citizen (Online / Social) Media Ethics
 
Using BuddyPress as a Directory - BuddyCamp Minneapolis 2013
Using BuddyPress as a Directory - BuddyCamp Minneapolis 2013Using BuddyPress as a Directory - BuddyCamp Minneapolis 2013
Using BuddyPress as a Directory - BuddyCamp Minneapolis 2013
 
Social Media - The Good, The Bad, and The Ugly
Social Media - The Good, The Bad, and The UglySocial Media - The Good, The Bad, and The Ugly
Social Media - The Good, The Bad, and The Ugly
 
Social Media - It Can Be Good, Bad, and Ugly
Social Media - It Can Be Good, Bad, and UglySocial Media - It Can Be Good, Bad, and Ugly
Social Media - It Can Be Good, Bad, and Ugly
 
The internet
The internetThe internet
The internet
 
Social media presentation
Social media presentationSocial media presentation
Social media presentation
 
Special Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on CybersecuritySpecial Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on Cybersecurity
 
The Science of Sharing - SXSW 2015
The Science of Sharing - SXSW 2015The Science of Sharing - SXSW 2015
The Science of Sharing - SXSW 2015
 
5B Bullying henry, warren, john, issaih
5B Bullying henry, warren, john, issaih5B Bullying henry, warren, john, issaih
5B Bullying henry, warren, john, issaih
 
Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Cyber Security Awareness October 2014
Cyber Security Awareness October 2014
 

Bootstrapping Your Hacktivist Community

  • 1. BootstrappingYour Hacktivist Community Kiwicon 6 2012 Liz Henry @lizhenry Wednesday, May 1, 13
  • 2. I will now tell you how to make a hacktivist community Wednesday, May 1, 13
  • 4. What is “hacktivism”? • Legal or lower risk hacking: • Reporting, citizen journalism (maybe) • Outing people for something • Protest, petition, policy, law changes • Civil disobedience (maybe) Wednesday, May 1, 13
  • 7. And “community”? • For community, you need trust Wednesday, May 1, 13
  • 9. Lower Risk “hacktivism” • Publicity. Use all possible social capital. • Get consent, protect privacy, personal security, personal data if possible. • Rhizomatic spread. Don’t wait for the boss. • Action plan. Group chat. Collectively edit some documents. Needs list. Schedule. • Report on what is effective.Ask for more. Wednesday, May 1, 13
  • 10. Emergency power! • Hurricane Sandy • Existing communities, social capital among disabled people online • Incredibly fast mobilization, public call, in- person help from friends of friends of friends, nearly random strangers Wednesday, May 1, 13
  • 11. Higher risk • Reporting or citizen journalism (maybe) • Infiltration, espionage • Leaking military or other secret info • Messing with governments, huge corporations, organized crime Wednesday, May 1, 13
  • 12. Who will you piss off? • Professional reputation/status? • Stalkers or other hostile individuals? • Intellectual property, legal, hacking laws • Repressive government, military? • Mexican drug cartel? Russian mafia? • In short, what are you risking? Wednesday, May 1, 13
  • 13. Example: Editing the Zetas • What’s the threat level if you want to edit some Wikipedia pages about Mexican drug cartels? • Where are you? • Not-Mexico: Make persona, use Tor +VPN • Mexico or near: Maybe that’s not enough Wednesday, May 1, 13
  • 14. Nuevo Laredo carspotting • Chat rooms to report on dangerous stuff • Green Chevy at corner of 9th and Main every afternoon • Roadblock on the west road out of downtown Wednesday, May 1, 13
  • 15. sms blogging • blog from burner phones • vojo.co has all-phone setup Wednesday, May 1, 13
  • 16. Risks, maybe • Someone shoulder surfs you in a cafe and shoots you in the head later • Keylogging, insecure connection • Site you’re on is run by gangsters. Oops! • Or is on phpBB or something scarier • (narcomensajes, torture, murder) Wednesday, May 1, 13
  • 17. Consider Risk • Are you’re risking your freedom? • Or your life • Or other people’s lives • Make sure it’s what you want to risk • For a good reason! Wednesday, May 1, 13
  • 18. There are good reasons Wednesday, May 1, 13
  • 19. Why? • What are your reasons and goals • Publicity? (Then stick to lower risk) • Personal studliness? (Don’t!) • Expose truth? • Freedom fighter? Wednesday, May 1, 13
  • 20. How to make a hacker community Wednesday, May 1, 13
  • 22. Or, first... • At least pause • Ethics of encouraging others to do high risk things on some crappy Windows machine with LOIC or whatever.Yeah. • Learn security, anonymity, privacy • Put them into practice • Practice! Wednesday, May 1, 13
  • 23. Before y’all do this. . . Wednesday, May 1, 13
  • 26. Feminist Hackers • Bunch of women hackers talking • Why is there a “false accusers” wiki run by MRAs, but no “rapists” wiki run by rape survivors? Unfair and wrong! • OMG Haxxors! • Retaliation (identity/safety/DDoS) • Defamation, legal threats Wednesday, May 1, 13
  • 28. Pick your cool haxxor names! • We thought of some great ones • Most of them were totally contaminated • Anyway, they sounded like roller derby names • And we were telling them to each other, which was dumb, but we realized that about 2 minutes in Wednesday, May 1, 13
  • 29. • So I can never secretly be “Louise Boat”.This makes me very sad. Wednesday, May 1, 13
  • 31. Testing each other • We looked at what info we were leaking by accident, and what we knew or could deduce or find about each other. • Some of us were better at it than others. Wednesday, May 1, 13
  • 32. We found a lot of leaks Wednesday, May 1, 13
  • 33. Some hackers are more equal than others • We all had some practice, because we are all women talking in public and thus, present more attack surface • Various factors made some of us more vulnerable than others: queer, trans, people of color, homeless, have kids, domestic violence survivors... • Those factors often encourage more practice in privacy, anonymity, pseudonymity Wednesday, May 1, 13
  • 34. Check your privilege • If you’re hacking in a high risk way you’re risking everyone around you. • The others in your “hacktivist community” may be at risk merely by being associated with you • Protect your contacts Wednesday, May 1, 13
  • 43. Ops checklist • Safer computer, software (encrypt) • Physical security (for your computer!) • Safer connection (Tor, thenVPN?) • Persona management. • Shut your pie hole! Wednesday, May 1, 13
  • 44. More leak vectors to consider • Location, time, time zone. Avoid patterns! • Password hygiene • Paying for stuff • clicking links someone sends... (don’t) • Panopticlick (browser fingerprinting) • Tor, thenVPN(s) Wednesday, May 1, 13
  • 45. Study security, privacy, anonymity guides • EFF guide • Internews, CPJ guides • TOR, crypto.is • Study together • That’s still not good enough Wednesday, May 1, 13
  • 46. You must be flawless Wednesday, May 1, 13
  • 47. Consciousness Raising • Bootstrapping new hackers is hard. • Consider your personal identity and what attack surface you present. • This will take some discussion and thought. • You will get a community that is capable of hacking something for some reason someday. Maybe in a crisis. • It’s political consciousness raising Wednesday, May 1, 13
  • 49. But neither is jail Wednesday, May 1, 13
  • 51. Medium risk hacking • There’s still things to do that probably aren’t super super super risky... Wednesday, May 1, 13
  • 52. SRS Business • Hollaback. Cell phone pics of street harassment. • Public callouts of public bad behavior, whether pseudonymous or real name • Twitter hashtags, mockery • ShitRedditSays started reporting on public misogyny. “Outing” and “doxxing” of violentacrez ... ie “googling” and “his beer buddy told on him”. Wednesday, May 1, 13
  • 53. FERT was born • Feminist Emergency Response Team! Wednesday, May 1, 13
  • 54. Lower risk high risk hacker activity • Neighbor in domestic violence crisis, we found her husband in herYahoo email and her phone • Ex-pat Syrian journalist getting death threats. Looked at email headers, IP and told her it was not obviously a local threat or a threat from within Syria • Palestinian activist convinced site was hacked by Israeli govt. Were able to show them it was just a spambot, php/sql injection • Advised feminist blogger undergoing 4chan raid Wednesday, May 1, 13
  • 55. “Stay Safe” (or not) Wednesday, May 1, 13