DEF CON Safe Mode Platform Discussion

privacy concerns with discord seem to be... *shrug*?

4 years ago
https://www.reddit.com/r/discordapp/...ensing_clause/


From their privacy policy @ https://discord.com/privacy


So a) at least they claim that data is not sold, and b) obviously they must comply with federal regulations - which means the service could be compelled to fork over identifying data by the US, but this should be expected of literally any such service.

I don't think we have to be reasonable concerned about discord re:privacy, but then again i'm not planning to talk about 0-days or totalitarian regimes in a discord server. I think it's reasonable to say "it's an open service, assume it's heavily monitored, don't be a sheep" as a disclaimer and the privacy issue is a non-issue.

Discord cannot be used without an account

Guest Access: NO

Discord works with a temp username, its a setting set in the invite you create for the server

+100 for Twitch - great software, super solid, allows for monetization.

I don't believe Twitch allows simulcast on Youtube, but we may be able to negotiate/allow third party coverage by vloggers.

I believe IRC and Discord should both be in play for text, so Riot could be a good choice.

For an immersive experience, I might actually be able to pull together a full-fledged MMOG with embedded video streams and some cool holographic captures of speakers.

came here to voice support for Twitch or YouTube as the main broadcast media.

whatever platform is used (seems like Twitch is winning on popular support here?) i'd very much hope to see one sort of "reception hall, general commentary" channel going almost at all times, with some notable folk serving as hosts, discussing things that are going on, what's a hot topic coming up next, etc. that kind of channel can be the place many users "return" to after watching something for a while, and they can get ideas as to what else to check out next.

for discussion... i'm massively a fan of Slack over Discord, but i may be in the minority there. Discord is fine if you're trying to bolt-on a lot of additional functionality beyond simply talking. But Slack excels at a *clean* and simple interface. There are bots and other tools that can augment Slack to great effect (with MasksForDocs, for example, we have all kinds of awesome triggers and bot actions integrated with it) but its main focus is on being a simple and straightforward chat, and that's what makes it great and easier to use for the masses.

The Villages have been looking at social, presentation, and broadcast platforms, and several organizers have helped run other virtual conferences we've learned lessons from. While there isn't a consensus around a single way that works well, we have learned several things that are worth sharing. Some of these have been mentioned above. Happy to go into more detail on these if/where it's needed.

• It's probably worth distinguishing social/community platforms (like Slack and Discord) from presentation platforms (like Zoom and Webex). Social/community platforms tend to suck for presenting and vice-versa. However, there are lots of native or third-party integrations.
• Some of the presentation platforms (like Discord and Go To Webinar) may support multiple simultaneous broadcast platforms. There are benefits and drawbacks to having a single broadcast channel versus putting content where people are comfortable going.
• Most platforms have different options for meetings versus webinars. For instance, Zoom Webinar is a lot more capable for our purposes than Zoom Meetings.
• Some platforms (StreamYard, for instance), give some broadcast TV level capabilities. For instance, dropping in text overlays and zooming into subsets of speaker views (for instance, focus on a pair of speakers who are talking, while putting all others off camera and on mute), and will pull in questions from YouTube so you can pop them up as a screen overlay.
• Some platforms (Zencastr, though it's audio only) remotely capture high-fidelity feeds from each side so connectivity issues don't affect a recording.
• Video mixing software packages (Open Broadcast Studio, vMix) seem to have some really cool capabilities, though they introduce an additional point of failure. For instance, some of them seem to be able to take separate remote video feeds, add professional quality overlays and screen positioning, and stream directly to broadcast channels.
• While I like the experience of watching talks in VR, not everyone does and not everyone has the equipment. Some platforms, like AltVR, have the ability to stream YouTube in VR, so it can be an option. For instance, DEF CON Groups can set up rooms and create a group activity.
• Some VR options, like Mozilla Hubs, have an in-browser option, while other VR platforms, like AltVR are only available on headsets or on Windows.
• It's rumored that Zoom for Healthcare allows you to run a server on-premesis or in your own cloud environment.
• Interactive technical content like CTFs will all have different requirements. Car Hacking Village has built some tools for gating access to physical devices with webcam to show what's happening, serial interface, and limiting the number of people testing at once. Biohacking Village is building site-to-site VPNs from a cloud infrastructure to give access to different physical devices, and will have to limit the number of people using those connections at one time.

Anyone have experience running a Riot server? How does it compare to Discord? We are testing Discord now and plan to try something else next and Riot looked promising.

(Background: Chinese newbie living in Mainland China)

Would like to provide some ideas about "See in China" column.

As @darktangent said, most services familiar to you guys (like Youtube, Twitch, Discord and the internal version of Zoom) are blocked by GFW, which means inaccessible to Chinese users.

There do have some Chinese local providers/softwares for streaming or online meeting, including:

- Tencent Meeting: Free. Can support up to 500 people if you ask help from the support team. I knew someone who might help. However it always need a client software (or, "Miniapp" supported by WeChat), which might be disappointing.

- (Chinese version of) Zoom: Could be free. Not connected with Internal version of Zoom. Might need registration as a Chinese company.

- Bilibili Live, Douyu Live: Both are streaming-only platform (like Youtube Live). Chatting support is weak (only damaku is supported).

However, due to legal and political limitations, I strongly recommend you not considering the support in Mainland China as an item of your SLA, mainly due to following reasons:

1. Most people willing to join (or have heard little about) DEF CON will be also familiar with bypass the blocking of GFW, which is called Fan Qiang (翻墙) in Chinese, or, "F**k the GFW". Those people would nearly have no problem using Zoom, Youtube, Twitter, Discord or anything else.

2. For those don't know how to Fan Qiang, it would be difficult if the streaming server is located in non-Mainland area. The backbone bandwidth from China itself is not really big, and limited by the capacity of GFW, and sometimes GFW & ISP would intentionally throw some packets (to sell their high reliable MPLS VPN), so accessing oversea servers directly is already difficult enough. And if you want to put you server in China, you need to Bei An (or, register) piles of stuff including domain name and server addresses to the government. Besides, you need additional ICP license to perform broadcasting on the Internet.

3. And most importantly, medias, including network steaming, is censored in China. Even send an meme could lead to your account being banned, and I believe you have no time to check every slides being used in the DEF CON.

But I do think there is an alternate solution:

For streaming, find some volunteers in China, and ask them if they want to open streaming accounts in China websites and forward your stream.

For meeting and chatting...no. I have no idea.

---

Additional recommendations: Do NOT treat the network in China as a part of the Internet. Due to the GFW (which means both political, culture, language and other complex reasons), there is some de-facto isolation between network in and out of mainland China. Lots of software is unable to run well in both areas. Most softwares are designed only possible to run in only one area.

Thank you s1lv3r for that. It matches with my experience. We have been having planning calls with friends in China and hear about the same, that the live streaming part is hardest. Our partner is interested in streaming something, it is just a question of how and what.

For all the social if people can't direct connect to discord.gg (You can but it was really slow so GFW must be throttling) then it will be up to them to find a way. It's too bad because building hacker community is hard enough without the added challenges.

personally i think discords your best bet though it will be my first defcon so i dont really understand the dynamics of the con goers, the panels or the con itself really so grain of salt and all

I think we to need to consider that some attendees won't be able to or won't be willing to juggle multiple application or be willing to create multiple accounts to attend. I think this might be a barrier to many. It would be nice to have one integrated platform but I don't know if there is a single, inexpensive/free, solution.

Dark Tangent

I have run multiple Riot/Matrix servers and they are much MUCH better than just plain IRC. Multiple channels that can be end to end encrypted, can be bridged to other media, etc. Better than discord as discord has a bad track record with privacy and they will immediately shutdown our discord server if someone slightly steps foot out of line, even if they are trolling.

For BROADCAST though, it would be better to stick with twitch or youtube: the infrastructure for thousands of viewers is already in place.


JRWR and I have a matrix server built for the defconmeshnet, which is also encrypted, and can be scaled.


Another thing about matrix/riot is you can create "communities", which would allow villages a distinction.

Might be over the top for DEFCON but this platform looks pretty cool, will service attendees, vendors etc all under the one platform. Also used by big Players like IBM etc. https://www.vfairs.com/features/

Yes! There's more documentation than what I sent you previously. I grabbed that while on my phone.

I'm jumping into this late... if there is a late under the circumstance... but noting apps like HackerTracker, is it conceivable to build something fast enough with needed features/streaming platforms API'ed into it?
I've been wanting to dive into something similar as a personal project... but historically (and unfortunately) I've been more of an integrator than a coder.
It seems to me that within a mobile or vr (steam/oculus) environment (in unity for instance), a YT/Discord/Riot stream could be embedded on "stage". Any unity programmers here? I haven't looked into vfairs... and will... but that seems similar to what I'm imagining.