Janice Paulson, my wife, and I attend quite a few hacker conventions every year. We run BSidesDE, are semi-officially listed on the organizer’s council for BSidesDC, attend BSidesLV and Defcon, work Derbycon and Shmoocon, and probably go to another 2-3 conferences a year besides these. At Derbycon, in Louisville, KY, I met up with some friends of mine. OK, about 2,500 friends of mine. Derbycon is a hacker conference run by Dave Kennedy, Erin Kennedy, Martin Bos, etc. TrustedSec employees and friends put a lot of effort into the conference. Part of that conference is 2-day training time, where high-quality paid training is performed. One of the trainers, Carlos Perez, is a master of post-exploitation, and his training is highly valued. Jose L. Quinones Borrero, the primary organizer of BSidesPR in Puerto Rico, wass also at Derbycon.
Carlos and Jose are both Puerto Rican natives and fantastic guys. Both of their wives told them to attend the conference, and to have a good time. They’ve weathered hurricanes before, and it wouldn’t be too bad. They were wrong.
The 2017 hurricane season has been vicious. This year, the natural disasters kept coming. Between Hurricane Harvey, that destroyed significant sections of Texas, Irma that wiped out the Keys, and Maria and Jose, Puerto Rico got slammed multiple times. The island is currently without centralized power, coherent communication capabilities, and distribution of oil, gas, propane, and other fuel is extremely limited. All cell phone service is down or spotty at best. The internet is almost universally down. Looting is taking place, and families and entire neighborhoods are fearful.
At Derbycon, I found Carlos talking to his wife, and she was scared. Propane, to run their generator, was getting harder to find and more expensive to buy. He asked if anyone had any way to get some radios so he could keep in touch with his wife when he went to get propane or groceries. I realized we had thousands of people at the conference, and we could do better than that.
I started talking to people. Joel Palmtag (@mycroft) used to work for SpaceX. He’s helped figure out equipment power needs, along with mass, cubic, and ancillary equipment before. And for voyages with no intermediary ports of call! You know, space travel! He and Janice immediately started figuring out which radios, flashlights, equipment, power strips, etc., you name it, they looked at it! Johnny Long, from Hackers for Charity, offered any help they could give. They’re a 501(c)3, so any funds donated are tax-deductible. Johnny has also connected with ITDRC, the Information Technology Disaster Recovery Center. They’re going to take volunteers and fast-track them through, to get help to Puerto Rico as fast as possible. They're also looking at ways to make this happen for future disasters.
Sam Kinch, also from HFC, offered to put a "Rachel" in the supplies. It’s a "school in a box" with a wireless access point, battery, and hard drive, holding a complete copy of Wikipedia, Khan Academy, and 20 other educational resources that kids can access on their tablets, Chromebooks, or laptops. Without any internet connection, children in refugee camps and disaster-struck areas can have some semblance of normality and attend school.
Dave Cox, of Phantom Rescue, offered to help find plane space to air freight supplies. They’re an anti-human trafficking organization, and they’re out there to help people in desperate need.
And then it was time to go big.
I approached Dave Kennedy, of Derbycon, and asked for a donation to help Carlos, Jose, and their families. They donated big! Heidi and Bruce Potter of Shmoocon also donated big, to help the families, the town, and the entire island. Hushcon, BSidesRaleigh, Nolacon, and I’m proud to say, my own conference BSidesDE, donated as well. Private individuals donated thousands of dollars! And then I got yelled at! Banasidhe, of BSidesLV, was upset with me that I didn’t ask her. I told her we had originally thought $5k was a stretch goal!! And we reached it, so I didn’t think to ask her! BSidesLV donated too. And we auctioned off an Eddie the Y3ti original piece of art, along with a full set of Derbycon Badges, including a Black Badge. Tazz and Dave Cox put up $6500 for that set.
My community, my friends, my beautiful people, have already put up close to $15,000 at last count for Puerto Rico recovery.
Johnny and Dave are working hard on sending pallets of supplies to a plane to get them to Carlos and Jose for when they get home. Joel and Janice have planned out, with Rick Farina’s help, how to re-activate an entire town’s communication, how to supply power to police, fire, EMS, and school building for radios, flashlights, USB power supplies, cell phones, and other emergency equipment. There will be school for the children of Puerto Rico. There will be a town which will be able to protect itself when the police can get effectively a neighborhood watch vectoring them to looters.
I’ve got to run to buy some duffel bags, to pack the 50-90 radios Carlos and Jose are checking with the airplane flying them home.
I’ve got to wipe my eyes so I can drive.
I’m so proud. We, the security community, are good at this. Disaster Recovery? We talk about it all the time. But you know, in the real world, we’re pretty good at this stuff.
Please consider donating to the Puerto Rico Relief Fund through Hackers for Charity.