On the use of aliases at security conventions...

Re: On the use of aliaes at security conventions...

Wait, have you seen l0rd b00ty sl4y3r?? He owes me a beer.

I'd been using my real name for a while since most of the folks around me were people that I'd known for years, my activity was generally irrelevant to work, and honestly.. didn't have anything to warrant privacy/discovery concern.

That said, several conditions changed over the last two years .. not the least of which was I missed a Blackhat/Defcon and coming back was meeting a *lot* of new people. I reverted to my alias at introduction. I've made no particular attempt to separate the alias from my real identity other than contact layer .. so doing anything nefarious would be as awesome as hacking a gibson from my bedroom. Doing anything professional could easily be tied, especially now that video availability is so prevalent. Someone using an alias would surely need to disguise themself at/around the podium.

Blackhat being a totally different bird, Defcon crowd still seems to heavily use aliases in public areas. Calling someone out by name is just not cool in most cases. I noticed many Blackhat attendees maintaining that attitude this last year, moreso than prior years. At Blackhat I made the inverse mistake of mentioning someones alias casually in conversation and was politely noted / downplayed that they preferred to keep those entities separately visible.

Final observation, in broad circles its commonly found that identifying long-known people by their real names on media like Facebook can be a challenge. In local circles, I've discovered the opposite effect; where I will know folks by real name and in irc fall back to 'who the fuck are you??' .. only to discover that the alias ties to someone I've known in person for 1-5 years.

Maybe I'm just getting old...

Re: On the use of aliaes at security conventions...

Other good points on the cost of using aliases/handles, as a cost to recognition and complications on where the use of one or the other might be appropriate or not. With these included as costs to handles/aliases, is the risk of detainment and loss of your "stuff" at borders high enough to counter this additional cost, too?

Re: On the use of aliaes at security conventions...

The issue with Moxie Marlinspike, Jake Appelbaum, or David House isn't a question of using a handle or not, or even attending a hacker event. It's a matter of the government looking into known associates of treason suspect Bradley Manning.

Looking at and questioning known associates is how you develop a criminal case -especially conspiracy cases-, and this is how you look at suspects and their associates.

House is clearly a direct associate of Manning's, having visited him in the brig, and setting up the defense network. Appelbaum, is a "U.S. representative" for WikiLeaks, which has published the formerly secret data stolen by Manning. Marlinspike, knows Appelbaum.

Marlinspike shouldn't be surprised by any of this, he should have only been surprised if it didn't happen.

Re: On the use of aliaes at security conventions...

For the sake of argument, let's assume that the people mentioned in this story were detained, their property confiscated, and returned or not returned because in the weakest sense, they were discussing things in public that were not desired by the US government, or in the worst cases, treason or as some suggest, "accessories to murder." [I'm not saying any choice in this spectrum of possibilities *is* the case for each person in this story, but for the sake of discussion, let us assume the above accurately describes the situation that involves these people so we don't get bogged down in politics of agreeing to a specific cause for this.]

With this assumption, the question still remains: are we at a point where it is in our interest to add a layer of obfuscation to our identity like aliases or handles when speaking at conferences to decrease the risk of being detained or having our stuff confiscated from us? In the weakest sense, some of us work on projects that provide tools which can be used for good or evil. The tools themselves are not evil or good. By announcing your involvement in the work of building a tool, if that tool is used in a way to cause it to later be judged as worthy of investigation by the US Government, then you as a historical contributor, become a person of interest.

Are the costs involved with creating and maintaining an alias when speaking at security conferences or hacking events as an insurance policy against future developments worth it?

Obviously, this is a personal decision for everyone, so i am not expecting anyone to speak for everyone, just for themselves and what they would choose to do, even if they could do it all over again.

Re: On the use of aliaes at security conventions...

To make things easier, I have added a poll. It is multiple-vote, meaning you can vote for as may items as apply to you, and how you vote is public. It should be open for 7 days.

Re: On the use of aliaes at security conventions...

For those unfamiliar: http://www.wired.com/threatlevel/201...border-search/

Re: On the use of aliaes at security conventions...

In the specific story you cited, there is an ongoing case that associates the three individuals, so there is a clear cut reason they'd be tagged to be grabbed at a border crossing. Unless there is some thing I'm missing, it would seem to be pure speculation that there any clear relationship between cons and border searches.

OK. OK. For the sake of argument...

I'd say that there is little reason to fear from the government at the present time, and that in fact, under the present circumstances, they need us hackers more the hackers needs the government. (At least the in narrow terms of this discussion.) It could be argued that one has to look no further than DT's recent appointment to see this.

The thing that bothers me, and that may make for a valid argument as to why handles are needed, is the frivolous lawsuits that improperly used to protect narrow interests and that one of us may be talking about. Cisco's lawsuit and block of Michael Lynn's 2005 talk at BlackHat. Lawsuits like that may be one reason that handles are needed.

Re: On the use of aliaes at security conventions...

I took their interest in Jacob Applebaum as being a result of his speaking in public at conventions on behalf for wikileaks as a reason to further investigate him. If he had not been publicly outspoken about wikileaks, or had chosen to speak out under an alias, would his name have been easily added to a list of people to investigate?

Once they have one person by, "real name," linked to their subject of investigation, they can build a tree of associations, finding people 1 degree away from both people under investigation and investigate them or add them to a list of people to spend more time with, upon entry into the US.

I see the government as a lot like Microsoft... both are very large, and have many people running many different departments. As a result, you can have a policy published from one branch of Microsoft that is very different from another policy published by a different department or group. The US government has similar issues, and if its actions are taken as a whole, would appear to suffer from multiple personality disorder. Each department, group or agency may have different goals and provide very different policies, even if they conflict.

Some other examples:

Dmitry Sklyarov and his presentation at Defcon 9... if he had chosen to appear under an alias, speak under an alias, and then return home, would he have encountered the same problems after he gave his presentation?

Not civil: Police Seize Jason Chen's Computers Gizmondo and the iPhone 4 review on a phone claimed "lost and found" by editor, but claimed "stolen" by Apple. Would use of an alias in the review of this product that was "found" have made life easier for this person?

Arrest results from search, but would a search have happened if an alias was used, which made it difficult to know his real name? iPad hacker arrested on multiple drug charges after FBI search. One of those Goatse Security people involved with the AT&T web-based security issues being exposed.

Console hacker arrested, faces up to ten years in jail. "According to the AP, a 27-year-old CSU student named Matthew Crippen was recently arrested for "modifying Xbox, PlayStation and Wii consoles in violation of the Digital Millennium Copyright Act" and released Monday on $5,000 bond. The dime was dropped on this perp by the Entertainment Software Association, and the raid conducted by Customs agents sometime in May." Hard to use an alias here, but this arrest was related to altering hardware on console games.

Of course, using an alias does not mean they can't find you, and this should also be considered as a cost with using an alias -- it is useless if there is little work required to associate your alias with a real name.

Re: On the use of aliaes at security conventions...

I have long stated that it's a lot easier (at least for me) to remember the huge multitude of new people whom i meet at cons if they introduce themselves using their nickname or handle. I know at least a dozen "Tom"s in the world. I only know one "Lord Nikon" or whatever someone chooses to call themselves.

Nicknames give people a fighting chance to get their own folder within the mixed up files of my gray matter.

On a totally different note, but related to the border crossing incidents: Does anyone know the legal background and basis for how long the CBP can hold your tech at the border if they want to? And, if it is "indefinitely" then could a person claim theft of said hardware on, say, their homeowners' or travelers' insurance and obtain new hardware in such an instance?

Re: On the use of aliaes at security conventions...

Oh god. It's so damned EARLY for me. Still, I have to comment. Apologies ahead of time for lack of human skills.

There are so many people out there with names that sound just like all the other people I know. There's only one Deviant Ollam, one Cotman, one Converge (well, there might be more than one of those, but I only care about the one I know). There's more than one Shrdlu out there, but I don't mind (although I did at first).

I actually have about seven active aliases, and they live in different problem spaces. It allows me to stay sane. When I first started attending Defcon, I certainly didn't share my name IRL with anyone. Now that I'm retired, I don't care as much, but please note that I do still care. I've used shrdlu for so long (since 1980) that it's as much my name as the one I was born with.

As a side note, I do not think of Defcon as a "security convention." Perhaps I never did, but I certainly don't now. I'm not sure what I'd call it; perhaps it lives in its own namespace, unlike anything else there is. I think of USENIX Security as a security convention. YMMV. HTH. HAND.

Re: On the use of aliaes at security conventions...

According to the article below, the current DHS guidelines for searching tech must be conducted within:

• 5 for a search by CBP.
• 30 days for a search by ICE.
• DHS oversight review within 120 days.

The article is undated, but if I recall correctly these rules came about in 2009, due to some seizures that dragged on and on and were unresolved. The ACLU sued over the length of time, and DHS issued the rules in response to the lawsuit. There's no explanation as to why CBP gets 5 days while ICE gets 30 days.

http://www.pcworld.com/businesscente...tml?tk=mod_rel

To tell the truth though, even these guidelines seem excessive to me. I know for a fact that forensic disk duplicating devices such as the Tableau TD1 http://www.tableau.com/index.php?pag...ucts&model=TD1 will copy data at up to 6GB/min. Even a laptop with a 1TB HD can be imaged in under three hours, and the actual device returned to the person involved without anything being disrupted on the original media. The actual forensic search could then be done on the image at any time.

Re: On the use of aliaes at security conventions...

I was at one hacker meeting when some folks were trying to decide a handle. The speaker noted that there are a thousands of people out there with his name, but only one with his handle. It's a way to delineate further. it is also unique enough to remember. Some hacker names are unique enough that you have an instant picture in your mind and forever more will associate the image with the person, this remembering them. The first time I met Renderman I wondered if he worked with dead horses.

Getting folks mixed up is a rarity too. You can tell 8000 people at Defcon to go see Priest and they get it. If you say go to room 103 over half will forget or try another room. Hacker names are radical enough that you get very small amounts of overlap. "Lost" and "Lost Soul" are two names you may ask about but there are not that many in all of defcon. Try that with real names.

Lastly, there are those who have "ruined" their reputation and will always be known by the last handle they kept. They have the chance to eschew their past errors and begin again under a new handle. Also if your boss hates that you have a hacker name you can toss it off and be you, but if he hates that you attend conferences, then you can't very well go changing your real name.

There have been threads here asking folks how they got their handles. Hackajar had a great story, go search for it. It's a bit of a calling card, a way to brag or offer a bit of information about yourself without seeing too forward.

Very few out there can use their real name and be expected to use none other because there is no more descriptive noun for them. The likes of these include Robert Morris, Jeff Moss, Dan Kaminsky and Jonathan James. Some others can go by just their first name like Kevin (Mitnick).

I guess once you can go by just your first name and everyone know you, them you've made it.

Re: On the use of aliaes at security conventions...

I just know everyone by their handle/nickname/whatever and vice versa. I don't think many people know my real name at all.

I kind of find it weird when I go to programming conferences and there are people I know by their IRC nickname or Twitter handle and they introduce themselves with their real name. I'm like "who are you?" then they mention their nickname. OH!

Re: On the use of aliaes at security conventions...

I see it as kind of a multiple circle of associates thing. With certain circles, I know people mostly only by handle, and they know me as such. That's just the way it's been for me for years and I'm set in my ways. I've been "sintax_error" for the better part of 16 years now and I've found that some people just feel awkward calling me by my real name. And the same goes for the other side of the coin. People that have known me by my real name for a few years seem to find it difficult to call me sintax_error.

The whole easier to remember, more descriptive, more unique, etc. certainly applies to an extent. Though being one of the few with some degree of overlap can be a bit of a nuisance at times. Just one example, there have been a few instances where someone hears (or reads) my handle and mistakes me for [Syntax] and I'm sure that if we were sitting close to one another and someone yelled "Hey, Sin" we'd both perk up. Aside from that, my handle isn't so much a separate identity or mask as it is just a way to identify me among the throngs of others who share my real name.

That being said, going by handles makes contact management a hell of a lot simpler. How often are you introduced to someone by their real first and last name in an environment where, let's say you've been drinking moderately to heavily, have been sleep deprived for 2 or more days. What are the odds that you remember their last name a week later? How about the next morning? How about their first name?

There is also the aspect of tradition when it comes to handles. As hokey as it may seem, I think most of us can agree that our handles are so much a part of us that if we ceased using them altogether, it'd be like skipping <insert holiday here> or not acknowledging one's birthday. Some might even go as far as to consider their handle as a badge of honor. Some of us have had our handles for long enough that even if we were to stop going by them, others would likely not stop referring to us as such.