Lie, Cheat, and Steal Your Way To Burning Man

Image: Simon Davison/Flickr (Creative Commons)

Image: Simon Davison/Flickr (Creative Commons)

“Usually people are hacking to steal things…these people were hacking just to get a chance to spend $400 to get a ticket”

89.3 KPCC radio did an interview with Brian Doherty, author of This Is Burning Man, about the ticket scandal. Listen here.

The media blitz has continued, with MixMag, NY Daily News, Las Vegas Sun, the Bold Italic, NBC Bay Area, the SF Chronicle, the San Jose Mercury News, and hundreds more.

It’s amazing how this narrative is so quickly being spun by BMOrg’s PR machine to “Silicon Valley techies hacked Burning Man and stole tickets from everyone else”, and away from “the ticketing system was not First In First Out and all you had to do to buy tickets was go through Ticketfly’s web site and ignore the queue”. Once again, the Burners get the blame – just for exercising Radical Self Reliance. And BMOrg, rather than accepting responsibility for the unique system they’ve designed and the problems it caused for tens of thousands of their most loyal customers, gets to play the innocent victim.

Despite the story going global, BMOrg haven’t even looked at the report from Ticketfly yet. From SFGate:

While Burning Man organizers confirmed they had been hacked — and that the suspected parties would be stripped of their tickets — they said they needed to see the report from Ticketfly to get into the details. Whether actual hackers posted their exploits on social media was unclear.

“We may have more information later, but Ticketfly is taking the lead on figuring out what happened,” Burning Man spokesman Jim Graham said Monday. “We don’t want to say anything that is incorrect.”

BMOrg confirmed they had been hacked? Not Ticketfly? Hmmm….

I was in at 12:00:56 and didn’t get tickets. Some were there at 12:00:02 and didn’t get them. Others logged in at 12:10 and later and bought tickets. THAT is the biggest problem, and is nothing to do with hackers.

Let’s take a condensed look at the ticket problems, as reported by Burners:

  1. People wrote scripts to connect to the link at exactly 12:00:00
  2. People looked at the source code of BMOrg’s web page and found what the URL would be for the link to the waiting room; entering this URL in their browser meant they didn’t have to wait until the button turned green to get in the queue
  3. Bots were for sale for $750 that automatically bought tickets from Ticketfly
  4. People logged in after the “Pause” and got straight through
  5. People logged directly into Ticketfly, chose Burning Man, and entered their code
  6. People on mobile devices on Verizon got straight through

[if you’re aware of any others, please share]

According to BMOrg, echoed through the world’s media:

200 Burners used sophisticated software hacking techniques to place themselves at the front of the queue

The comments to the WIRED article (and at Burners.Me) have been quite dismissive of the use of the word “hacking” in this story.

None of the numbered examples I listed require any hacking, or any code to be written, although #1 and #2 do require some very basic technical knowledge. So do all these methods get a pass, and there was another hack that we don’t know about? Or is BMOrg trumping up #2 as the scapegoat for all their ticket woes – before they’ve even received the report from Ticketfly? Is this whole story they’re telling simply based on speculation on Reddit“We found these 200 people in the queue before 12:00:00, they must all be hackers”.

Even if there were more techniques used to circumvent the system, including hacking directly into the servers involved…it does not change the appalling delay between the last ticket being sold, and the 60,000 unlucky Burners in the queue being notified that they were only waiting to make a donation. For that one, they can’t blame hackers.

Meanwhile, tickets are now being offered for $1 million each on Stubhub. No word how many Mistresses of Merriment come with a million dollar ticket…


32 comments on “Lie, Cheat, and Steal Your Way To Burning Man

  1. Pingback: How to Get Tickets to Burning Man and LA’s Regional Burn + How to Report Scalpers | art predator

  2. The real smoke and mirrors is the fact that the Burning Man has out grown the playa. 400 tickets is a drop in the bucket compared to 40,000 people who still want tickets and won’t be able to get them and go to Burning Man due to a 70,000 cap on attendance. Finding a place for Burning Man that will allow all to attend and be radically included should be the real uproar from the community, not bitching and moaning about a few tickets that got sold in an unfair manner.

    • Not gonna happen. Aside from making money on the properties they have bought up near BRC, the BOrg loves all this drama and attention. If they didn’t, they would have a far simpler ticketing scheme. No, they are pigs happily rolling in their own excrement. Reminds me of the story about when the various parts of the body had a fight as to who was more important. Punch line: the asshole won.

      • My point is not if the BOrg will ever have that conversation or not. My point is that all the angst, dialog, whining, and moaning about ticketing systems, hackers, and scalping does not address the issue that the Burning Man community should be having. Sure fix the ticketing system. Make it far. Stop the hackers, and scalpers. What have we accomplished? Maybe 1000 tickets back into the pool. And this will appease the 39,000 burners still left in the cold without a ticket to go home?

        As a community, we are having the wrong conversations. Our angst about not getting a ticket is pointed in the wrong direction. If the community would focus attention on the fact that BRC needs a location that can accommodate 140,000 of us, 250,0000 of us, half of million participants of Black Rock City!!!!, then maybe, just maybe the BOrg will follow that conversation as well.

        • I agree with finding a new, larger venue, which would make it like the god ‘ole days. I have suggested that for years, shopping the event for a location that wants the economic stimulus instead of taking it for granted. But can you cite any precedents where the BOrg has responded to “the Burning Man community?” Look at the stupid, self-serving replies they have made to past complaints of less consequence.

          The BOrg is disjoint from the Burning Man community, and moreover, the whole premise of the event. AS you suggest, why cannot a city that is “created each year from nothing” be created wherever it is best that year? No, the BOrg is a calcified organization that relies on doing the same as last time, since that worked before, utterly ignoring the burners. They are taking the burner contributions for granted, assuming that they will always make the event happen regardless of the gauntlet that is put before them to even get tickets.

          The Burning Man community needs to realize that the BOrg offers absolutely nothing to the event that cannot be created anywhere by anyone, as some of the other burns have shown. Look at where Figment ( has taken the idea! Many art installations in many cities reaching FAR more people, giving far more impact on the general population.

          And calling the successful spinoffs “regionals” is an insult. They do a much better job dealing with sold-out ticketing, and taking the burn concept to new areas, with relative complete transparency to their financials.

          Time to take our show where it fits, and it does not fit in the NV burn. Trust me, it’s better elsewhere. That’s where you will find me and my theme camp.

          • The irony of the BOrg not having that conversation or entertaining the idea of finding a spot that allows for future participant growth of BRC is the potential revenue lost for not being able to sell tickets to ALL participants who wish to go home. Ticket sales at $400.00 a head for all 140,000 burners want to attend this year would be $56 million! Imagine a city of 500,000! That would be $200 million a year in ticket sales alone! Greed is short sighted and detrimental to its own growth.

          • Ironically enough, their primary motivation is NOT greed; it was in my first comment: they love the attention – the narcissistic supplies. That is the only explanation for their strange manipulative behavior. Otherwise, they can do the math like you can.

            Most all of the other successful burns are over-subscribed. PDF runs twice a year and sells out just as rapidly, but without the angst. It’s FIFO, and people move on.

            And look at the disrespect they show the artists, with the horrible contracts and measly support. No, the BOrg relish all this attention, and more the control they get to have over the lives of other people – people they are jealous of as those who are the real event. Tickets, permits and port-a-potties do not a burn make.

          • Imagine what they could get done if they put as much effort into finding a venue for 500,000 as they do in creating, maintaining and defending their ticket gauntlet. And the interesting thing about the burn city (BC, it would not longer be “BRC”), is that it scales well, because the burners create it – more burners, more city. Change the attiitude, and you would get volunteers to help layout the larger streets – it’s not as if major city planning is needed. Or, it might provide a proving ground for new, creative approaches to city planning and experimenting.

            Difference is, the new mega-venue removes all their sellout controls and attention, and makes more of the people they are jealous of. Their reasoning is simple, sick but simple, once you see it.

          • One day, (ex-)Burners such as those that contribute/comment to this blog will get to co-create experimental communities together; free of the iron-fisted BMOrg, BLM, and LEOs. The fact that we express ourselves here is a a testament to interest in ideas and ideals for which we share a passion.

            Some sold-out BM tickets listed on the “Open Market” for $1M. Ticket face-value prices are also rising, which is obviously pissing off a lot of heads. So, while a higher ticket cap and their legitimate sales could potentially mean more legitimate ticket revenue, we’d have to know WHO is scalping tickets before we could say for certain that raising the ticket cap would lead to more BMorg profits than the current scarcity-based business model (and potential kickbacks from Boardmember-run Commodification Camps, who theoretically have unlimited tickets and profits). Selling people an exclusive ticket is one thing; selling them an exclusive experience order of magnitude above face-value, that includes exclusive tickets to an already sold-out event, is functionally equivalent to printing money.

          • Yup on the printing money. Easier than making space for more tickets, and more elbowing with Davos-wannabees.

            As for the road infrastucture to the chosen burn site, that is part of your search criteria. I would bet that some communities might find a way to improve their access to their site. For BRC, they have it backwards: the burn is a given, why need to make access better? In fact, the fly-in panache is part of the $17K E-ticket, why make access easy for everyone? 😉

            And have fun: announce the next venue at each burn. Would be very cool.

    • Maybe the blacktop can’t handle more Burners, but the Black Rock Desert physically could. If BM outgrows its location, it will be more due to the congestion and erosion of its access roads and ability of Playa Restoration to de-MOOP the site in time for its closing BLM inspection.

    • MILLIONS; probably tens of millions of dollars have been spent on BM tickets; that doesn’t count the hundreds of millions; maybe Billions of dollars that have been spent on rentals and other shit to make BRC a temporary city. If you haven’t priced out a private island or even just some god-forsaken desert shithole of land, I highly suggest it. It’s not that much per person when enough people chip in. The amount of money spent on one year of BM could buy a permanent paradise and plenty of infrastructure to support it. No room for everyone all at once? Who cares- it’ll always be there, so people could rotate through. How do people get there? We buy vehicles. Wanna stay longer? OK, join a farming team, a well-drilling team, or build buildings. No skills? No prob- we’ll teach ya! Are you dope with a brush or a guitar, but can’t swing a hammer to save yer life? Fine- you can decorate the place and keep the tunes flowin’! Now imagine this scenario in the hands of smart, creative, community-minded, AWESOME Burners with the resources to pull it off. This will all happen, and the people who fucked everyone else over can apply for special positions like peeling potatoes with a rubber band, or mopping up the orgy dome with their eyebrows.

  3. People also bought tickets, logged out, logged in with new ticket fly account /promo code and also bypassed line. This worked for unlimited accounts all in the same browser, until tix sold out. The ticketfly scalper bots easily would have exploited this

  4. Might you have viewed the next article of utter PR rubbish, penned by Assoc. Prof. Mittendorf, of Ohio State University, within the Chronicle of Philanthropy of Burning Man Becomes Unlikely Leader in Financial Transparency? Assoc. Prof. Mittendorf misses numerous items of much importance

    a) The important financials, of the owned subsidiary corporation, Black Rock City LLC, dba Burning Man, the Burning Man event, are hidden from donors of art, labour, cash, and stock. The 990 form of 2013, of the Project, does not include the financials of the BRC LLC.

    b) Prof. Mittendorf misses of that Burning Man is a crowd sourced event, much information is owed towards the awesome Burners whom provide the entertainment, the EDM sound camps, the Esplanade camps, the mutant vehicle owners, the artists, and the numerous volunteers, none of whom are paid from the $31.5 million of ticket sales for their labours.

    c) Prof. Mittendorf misses of the numerous millions, hidden from donors, paid towards the pockets of the six prior owners of the BRC LLC, prior of their honourable donation of the BRC LLC to the Burning Man Project. There is $4 million missing from their accounting, within the Afterburn Reports, of each year of 2010, 2011, 2012, and 2013, a sum of $16 million. Might any person desire to dispute of this, please state of the rationale of why the payroll raised from $2.8 million within 2009, to $7.2 million within 2010, with solely 30 employees, and contractors and consultants upon other lines within the ledger, and temporary labourers paid little cash. Where is the missing $4 million of cash, within the payroll line upon the ledger, might the cash not have been directed towards the pockets of the six prior owners of the BRC LLC in the manner of salaries and benefits paid towards them?

    d) The payments for the Burning Man(TM) name and trademarks, owned by Decommodification LLC, of which, it is owned by the six prior owners of the BRC LLC. There is a contract, hidden from donors, stating the amount of cash to be paid to them, within 2018. In addendum, what is the deduction upon tax levies that is to be permitted towards them, within 2018, upon this?

    e) Images of the art at Burning Man is owned, in parts, by the BRC LLC and Decommodification LLC. The photographers pay a licence fee upon publication of the images, zero dollars of the cash of the licence fees, is paid towards the awesome artists. Whom takes the cash towards their pockets, the BRC LLC, or Decommodification LLC? Whom is taking cash from movies in the manner of Spark A Burning Man Story, and what occurs with this within 2018?

    f) The information stated with the 990 form of the project might have been stated near to one year prior of when the information was finally released within January 2015.

    g) Larry, within his role of Chief Philosophical Officer of the Project, evaluates, and proposes towards the Project board, many ventures, some ventures of which might be joint ventures. The conflicts of interests are stated towards the Project board, but the conflicts of interests are hidden from donors.

    h) An audit was completed, within the prior month, upon the financials of the Burning Man Project, and upon the BRC LLC, upon the years of 2013 and 2014, thus the financials are signed by the auditors, in addendum to being signed by the Burning Man Project. The Project board is of the power to vote to publish the detailed 2014 income statement and 2014 balance sheet, of both the Project, and of the BRC LLC subsidiary corporation, at the present time, in place of hiding the financials, from donors, for near to yet another year upon the release of the 990 form of 2014 within January 2016. Burning Man requires this transparency of all regionals, to publish their ledgers of when the ledgers are signed, it is most hypocritical of the BMOrg to hide this information from donors for near to yet another year.

    i) Prof. Mittendorf compares of Burning Man, a crowd source event, of many changes within the ownership structure within the prior brace of years, to the big Red Cross, and other organisations, whom have operated for numerous years, his comparison is utter rubbish.

    j) Prof. Mittendorf misses of the outage, of the Burner community, upon his statement of ‘ … has also played out in astounding ways, such as billionaires spending their fortunes to create elaborate tents featuring top chefs and sleek models being paid to provide entertainment.’

    j) Prof. Mittendorf misses of how little cash is paid, from the $31.5 million of ticket sales, towards the crowd whom sources the Burning Man event. My belief is of the BMOrg owes transparency, and cash, in support of their efforts and labours. Of the $390, or $450, or $800 of the cash paid towards each ticket, solely

    – EDM sound camps – $0 in addendum, they must buy their own tickets. It might be most fair might the BMOrg gift several thousand free tickets, towards them, towards the camps whom provide entertainment, and towards mutant vehicle owners, in support of their efforts and labours.
    – Esplanade camps, and other camps whom provide entertainment – $0 in addendum, they must buy their own tickets
    – Mutant Vehicle owners – $0 in addendum, they must buy their own tickets
    – Artists – $13 within 2014, lower within 2015. Art grants are for solely near to one third of their costs, $0 for labour, and are solely for a small number of artists whom sign a most horrible hidden contract
    – DPW labourers, whom construct the city – near to $10, many are not paid
    – Gate labourers – near to $3 for food, their tickets, might they have laboured for numerous hours the prior year, are not counted within the paid population cap of near to 70,000 of Black Rock City, thus are not paid from ticket sales.
    – BRC Rangers – near to $3 for food, their tickets, might they have laboured for numerous hours the prior year, are not counted within the paid population cap of near to 70,000 of Black Rock City

    My belief is of Prof. Mittendorf must retract his rubbish PR article upon transparency in due of his utter cluelessness upon these matters.

      • Nomad, I liked your statement of ‘What is the next PR release going to say?’. I am curious whom penned the PR release with him? Most professors are not utterly clueless in such a manner. I might remember other PR rubbish penned by a different academic person within association of Ohio State University, they might have been of the academics camping near to First Camp near to Media Mecca.

        burnersxxx, might you desire to utilize the comment within a post upon this matter, or utilize it as a template, please do so. Much obliged.

        • With a little rewrite for those that don’t know BRC from BMA, you should post this in the comments on the article web site.

  5. Truthfully, is anyone surprised at the BOrg response?

    Let’s get a head of the curve on these things, people! We need to post drafts of what we expect the BOrg Propaganda Relations machine to churn out, and see how close we can get. Consider it as part of the Burn Tickets 4.0 online game.

    What is the next PR release going to say?….

    • “No, we are not going to tell people which tickets were canceled. That will be the punishment for the hack (sic).”

      …Which really means, we are not too sure on this, don;t want to do the work, and don’t want to have to defend our arbitrary and always-under-informed-self-serving decisions. Besides, that’s just more tickets for us to play with. 🙂

  6. Exactly my thoughts. BMorg fucked up big time, and they are not taking responsibility for their actions. I would say that Tickeyfly has some blame in this too for making their BM page so easily accessible. Still, the ease at which some people were able to find the backdoor to the ticket purchase page is absurd. Somehow I doubt that BMorg will officially acknowledge their mistake, especially because it sounds like they can’t even tell how many people cut the line.

    • It would be perfectly valid for BMORG to blame Ticketfly entirely for providing a laughably insecure system. It would be wise of BMORG to let those 200 people keep their tickets and come out with a statement either firing Ticketfly or ensuring that these technical loopholes will be addressed in 2016. It’s lame for BMORG to claim that the ticketing system was hacked, particularly given their tech savvy audience.

      That said, there isn’t much more to be done with regards to ticket sales as long as demand is what it is, and as long tickets aren’t tied to an ID. I think the sale went pretty smoothly, and was no less hectic or uncertain than any online ticket buying experience I’ve had for an event that sells out quickly. It’s a given that there is no purely FIFO system when there’s as much server demand in the first minute of the Burning Man sale. So, if there are no easily exploitable loopholes next year, would that be cool with you guys?

      • Yeah, plug the loopholes, and:
        1. Get rid of the profiles;
        2. Get rid of the invitation-only sales;
        3. Disclose all Directed Sales, at least after the ticketing;
        4. Disclose all premium/$800 tickets not sold to individuals (more than 2 tickets);
        5. Disclose all STEP transactions and numbers;
        6. Disclose all other ticket distributions;
        7. Independent auditing of (3.) through (6.); and,
        8. Be nice;
        …would be a good start.

  7. Some people got to the end of the line, got to the purchase page, entered all their info and then got an error message. Someone posted about this on the burning man blog to which Will Chase responded that she should send an email to ticket support describing her situation.

    • Following the rules? That’s old-school, BBB. Sure, that’s how I got my tickets, but that was before the sellout. Now we are into the commodified defaultified Burn Tickets online game! New rules if you want to get a ticket.

      The best hack was (4.), log in on playa time – i.e., a few minutes late – and get right in.

    • Yes, not cheating if there are easy back doors. Or easily visible code. I didn’t even know about Ticketfly. I was surprised that I was re-directed there and had to create an account prior to purchase. If one can right click and view code on a web page, that is no security at all. That information should be hidden. As to getting tickets directly on Ticketfly, that is the fault of BM. (and also having code easily visible)

      There is a fine line between exploiting holes in code versus simple reading of visible links.

  8. I have a nice long list of emails between myself and the org requesting they check into my queue ID because it seemed like there was problems. First email was sent well before tickets sold old. Today they finally responded to my repeated requests for a straight answer of whether or not they would actually check for problems with my queue ID with “No.” Happy to forward the whole thing to you, just make sure to block out my person information if you use it for screenshots. Their “ticket support team” is a joke. My latest request for them is to explain why they bother to provide us with queue IDs if they have no intention of looking into problems with the process. We’ll see how many times I need to resend that email before they respond. If they respond at all.

Leave a Reply