Lie, Cheat, and Steal Your Way To Burning Man

Image: Simon Davison/Flickr (Creative Commons)

Image: Simon Davison/Flickr (Creative Commons)

“Usually people are hacking to steal things…these people were hacking just to get a chance to spend $400 to get a ticket”

89.3 KPCC radio did an interview with Brian Doherty, author of This Is Burning Man, about the ticket scandal. Listen here.

The media blitz has continued, with MixMag, NY Daily News, Las Vegas Sun, the Bold Italic, NBC Bay Area, the SF Chronicle, the San Jose Mercury News, and hundreds more.

It’s amazing how this narrative is so quickly being spun by BMOrg’s PR machine to “Silicon Valley techies hacked Burning Man and stole tickets from everyone else”, and away from “the ticketing system was not First In First Out and all you had to do to buy tickets was go through Ticketfly’s web site and ignore the queue”. Once again, the Burners get the blame – just for exercising Radical Self Reliance. And BMOrg, rather than accepting responsibility for the unique system they’ve designed and the problems it caused for tens of thousands of their most loyal customers, gets to play the innocent victim.

Despite the story going global, BMOrg haven’t even looked at the report from Ticketfly yet. From SFGate:

While Burning Man organizers confirmed they had been hacked — and that the suspected parties would be stripped of their tickets — they said they needed to see the report from Ticketfly to get into the details. Whether actual hackers posted their exploits on social media was unclear.

“We may have more information later, but Ticketfly is taking the lead on figuring out what happened,” Burning Man spokesman Jim Graham said Monday. “We don’t want to say anything that is incorrect.”

BMOrg confirmed they had been hacked? Not Ticketfly? Hmmm….

I was in at 12:00:56 and didn’t get tickets. Some were there at 12:00:02 and didn’t get them. Others logged in at 12:10 and later and bought tickets. THAT is the biggest problem, and is nothing to do with hackers.

Let’s take a condensed look at the ticket problems, as reported by Burners:

  1. People wrote scripts to connect to the link at exactly 12:00:00
  2. People looked at the source code of BMOrg’s web page and found what the URL would be for the link to the waiting room; entering this URL in their browser meant they didn’t have to wait until the button turned green to get in the queue
  3. Bots were for sale for $750 that automatically bought tickets from Ticketfly
  4. People logged in after the “Pause” and got straight through
  5. People logged directly into Ticketfly, chose Burning Man, and entered their code
  6. People on mobile devices on Verizon got straight through

[if you’re aware of any others, please share]

According to BMOrg, echoed through the world’s media:

200 Burners used sophisticated software hacking techniques to place themselves at the front of the queue

The comments to the WIRED article (and at Burners.Me) have been quite dismissive of the use of the word “hacking” in this story.

None of the numbered examples I listed require any hacking, or any code to be written, although #1 and #2 do require some very basic technical knowledge. So do all these methods get a pass, and there was another hack that we don’t know about? Or is BMOrg trumping up #2 as the scapegoat for all their ticket woes – before they’ve even received the report from Ticketfly? Is this whole story they’re telling simply based on speculation on Reddit“We found these 200 people in the queue before 12:00:00, they must all be hackers”.

Even if there were more techniques used to circumvent the system, including hacking directly into the servers involved…it does not change the appalling delay between the last ticket being sold, and the 60,000 unlucky Burners in the queue being notified that they were only waiting to make a donation. For that one, they can’t blame hackers.

Meanwhile, tickets are now being offered for $1 million each on Stubhub. No word how many Mistresses of Merriment come with a million dollar ticket…

 

Burning Man Hacked!

image from WIRED

The news of hackers exploiting a “back door” in BMOrg’s new ticketing system broke last week on Reddit. We covered it last Wednesday in Ticket Hell. Now, the story has been picked up by a broader media audience, with stories in WIRED, Computer World, Paste Magazine, CBS Local, and SFist.

WIRED:

Burning Man has practically gone mainstream. The once-fringe desert camping festival is now cultural fodder for The Simpsons and Taco Bell commercials. Celebrities and CEOs routinely attend. So it’s no surprise that 40,000 Burning Man tickets sold out in less than an hour last Wednesday when they went on sale.

But software engineers in Silicon Valley hacked into the Burning Man ticketing system powered by Ticketfly to cut to the front of the queue. Who needs luck when you have engineering skills and you’re willing to use ‘em for your advantage?

…Several engineers and web developers on a Burning Man Reddit thread speculated that hackers were able to create this backdoor after discovering a few lines of JavaScript code on the ticketing website that gave preeminent access to tickets three minutes before they officially went on sale at noon on Wednesday.

“They left code in the page that allowed you to generate the waiting room URL ahead of time,” said Michael Vacirca, a software engineer at a large defense corporation. “If you knew how to form the URL based on the code segment then you could get in line before everyone else who clicked right at noon.”

Burning Man admits the error and says those hacked tickets will be put back up for grabs during the scheduled last-minute sale in August.

[Read the full story at WIRED]

It’s interesting to watch the corporate spin machine in action. Rather than any sophisticated hacking being required, simply entering your code directly into TicketFly seems to have worked. According to hundreds of Burner comments on the Interwebz, clicking the emailed link ten minutes after noon pretty consistently got Burners in to buy tickets immediately, whereas clicking the link a few seconds after noon led to many Burners being stuck in the queue for 90 minutes with no success.

To me, these are the real issues here: it was definitely not First Come, First Served, and it was trivially easy to bypass the queue – multiple methods were used, and most did not require the ability to write code or hack into systems. The focus on these “200 hacker tickets” is smoke and mirrors around the obvious explosion in the number of tickets being listed on the secondary market. Even BMOrg are now encouraging Burners to get tickets and vehicle passes “on the open market”. With software to automatically buy as many tickets as you want from TicketFly selling for a mere $750 – about the profit margin for a single ticket right now – it seems that there continue to be some serious issues with BMOrg’s ticketing system.

Who would have thought they could make it even worse than the lottery? As BMOrg proved with their Spark movie, perceived ticket scarcity makes a nice story for the media.

WIRED:

The way this year’s sale operated, however, didn’t help to dissipate the resentment. Those interested in purchasing tickets were placed in an online queue as each sale was processed and given a time estimate as to how long they would be kept waiting before they could purchase tickets. The time estimates kept shifting, going from an 24 minute wait, to 46 minutes, back down to 18 minutes, to then “more than an hour,” which might as well have read, “abandon all hope ye who enter here.” At one point, the line was inexplicably “paused” for several minutes, causing another nerve-wracking moment on social media.

This drastic, back-and-forth change in wait times gave those in line the illusion that somehow hackers were cutting in front of them and bumping them out of scoring tickets. Burning Man’s social media team responded by saying that the wait times fluctuated based on how long it took each buyer to complete the purchase. It surely didn’t qualm any anxiety to have used such an unpredictable factor as a counter, instead of a fixed number (“There are 39,999 people in front of you trying to buy tickets”).

See the comments from ZOrg in Emotional Roller Coaster From Hell about why this theory of wait times fluctuating because of some people taking a long time to complete transactions doesn’t add up.

WIRED:

This is not the first time Silicon Valley has been criticized for tampering with Burning Man’s ideals and processes. Last year’s festival garnered unflattering feedback from Burning Man die-hards after venture capitalists, executives and celebrities descended on the desert with air-conditioned camps, personal assistants and other VIP-perks. In recent years, Larry Page, Sergey Brin, Elon Musk, Jeff Bezos and Mark Zuckerberg have all scored tickets to Burning Man.

It seems like now, Silicon Valley is leveraging more than its money to get in front of the line.

[Read the full story at WIRED]

Way to shift the blame to your customers, BMOrg. “Silicon Valley is using its technical might to cheat the system and get Burning Man tickets”: it sure makes a great angle for a story, compared to “some people typed the code into TicketFly”.

Actually it’s BMOrg’s leadership that has been criticized for tampering with Burning Man’s ideals, not Silicon Valley. No-one gives a flying fuck if Zuck brings his P.A., but many Burners do care when some on the Board of Directors are selling $17,000 hotel rooms like it’s some sort of Mega-AirBnB in the desert, and getting an unlimited supply of tickets for their customers and sherpas.

Cancelling 200 tickets will do nothing to fix the problems that occurred in the Directed Group and Individual ticket sales. There is no evidence that it will hurt scalpers, indeed it may even punish some Burners for being radically self-reliant. BMOrg have said they will void these tickets and add them back to the OMG sale – so now there are 1200 tickets left, for 60,000 Burners to attempt to buy in milliseconds on August 5.

Silk Road Move Over, a New Bazaar Is In Town

WIRED magazine has a report on Agora, the new online drug bazaar “marketplace of anything”. It is based on Agorism, a philosophy that a free, stateless society can be achieved via disruptive market means. Forget counter-culture, that meme jumped the shark. It’s time to move on to counter-economics.

From Wikipedia:

Agorism is a libertarian social philosophy that advocates creating a society in which all relations between people are voluntary exchanges by means of counter-economics, thus engaging in a manner with aspects of peaceful revolution. It was first proposed by libertarian philosopher Samuel Edward Konkin III in 1975, with contributions partly by J. Neil Schulman.[1]

Agorists consider themselves market anarchists. While many characterize it as a form of left-libertarianism,[2] others consider it a branch of, or a transition strategy for achieving, anarcho-capitalism. Agorists generally oppose voting for political candidates and political reform. Instead, agorists stress the importance of alternative strategies rather than politics to achieve a free society. Agorists claim that we can achieve a free society more easily and sooner by employing such alternative methods as education, direct action, alternative currencies, entrepreneurship, self sufficiency, and most importantly “counter-economics“.[1] Agorists consider their message to be scientific because science is an appeal to reason, which they believe is only possible in the Agora or free market; they also argue that State backed, regulated and funded science is illegitimate.[3]

From WIRED.com:

For two and a half years, the Dread Pirate Roberts and his Silk Road black market ruled the Dark Web. But last year’s FBI’s takedown of that narcotics smorgasbord opened the underground trade to competitors. Now those sites have a new leader, one that’s bigger than the Silk Road ever was and continues to grow explosively.

camel moneyThe online bazaar for contraband known as “Agora” now has more product listings than any other online black market, according to a report released last week by the Digital Citizens Alliance, a nonprofit focused on internet safety. The analysis counts 16,137 products for sale on the site, which is protected by the anonymity software Tor and accepts only bitcoin. That’s about 200 more listings than Silk Road 2.0, a reincarnation of the original Silk Road launched earlier this year by several of the same administrators. It’s also several thousand more than were offered on the first Silk Road before its seizure in October of last year.

“Just as on the rest of the internet, users on the dark net are very quick to move on to new things and move away from those products and websites that seem stale and old,” says Adam Benson, communications director at Digital Citizens Alliance. “Maybe that time has come for Silk Road.”

…unlike Silk Road, it allows users to sell several categories of weapons, including powerful semi-automatic firearms. The site is still less permissive, however, than markets such as Evolution, which also allows the sale of hacked credit card information and other stolen goods. Agora’s “market rules” ban not only stolen property but also “assassinations or any other services which constitute doing harm to another,” “weapons of mass destruction,” “poisons,” “child pornography” and “live action snuff/hurt/murder audio/video/images.”

Despite those restrictions, Agora’s administrators haven’t displayed any of the political bravado of Dread Pirate Roberts, who frequently posted libertarian manifestos in Silk Road’s user forums and even hosted an online book club around topics in free market economic theory. Silk Road 2.0 similarly proclaims those radical principles; “You are writing history with every item purchased here,” reads a message on the site’s homepage. “Silk Road is not a marketplace. Silk Road is a global revolt. The idea of freedom is immortal.” 

…Instead of political rhetoric, the tactic that set Agora above the rest of the dark web when it launched earlier this year may have been its sense of exclusivity: Users can sign up only with invite codes, although those codes are freely distributed on other market forums and Reddit and can be reused. “It might build some allegiance,” says Digital Citizen’s Alliance’s Benson, “It gives users a sense that they’ve been vetted and that some people have been weeded out” such as law enforcement, fraudsters or less in-the-know users.

Read the full article here.

It’s an interesting counter-balance to Re-code’s report from Burning Man, about finding Camp Bitcoin next to the Orgy Dome [update – it wasn’t anywhere near orgy dome, according to Burner Debra]:

Flipping through my 160-page official Burning Man book of events, I noticed something strange: Camp Bitcoin was hosting a “worthless currency exchange.”

Bitcoin Camp?! Worthless currency exchange? I had some candies in my backpack that could certainly count as currency here.

It was about 4 pm when I left the Burning Man Reddit meetup, where I had been listening to two dozen guys talk “Star Wars” trivia, and had been misted by someone with a pesticide sprayer full of water. The Redditers told me that the bitcoin guys were just a few streets away, in the Anahasana Village, and that they were a bunch of nerds, real geeks.

The Anahasana Village (Burning Man villages are collections of smaller camps that share resources, like a kitchen) is famous for its contact-improv sessions (standing cuddle puddles) and its Orgy Dome (what it sounds like).

It’s not where one might expect to find Camp Bitcoin.

Looking for Camp Bitcoin at the Anahasana Village gate

Cryptocurrency campers lounging around in Camp Bitcoin, which is really Camp Dogecoin

There, about a dozen bitcoin dudes were sitting cross-legged in a circle under some scaffolding, an old orange parachute draped over it for shade. They were talking about all the money they could have made if they had bought various cryptocurrencies at various points..

One bitcoin camper, lean and shirtless Josh Katen, explained to me that this isn’t really the bitcoin camp anymore.

“The Bitcoin leader was arrested right before Burning Man ’cause he was maybe helping the FBI, and … Anyway, we’re the Dogecoin Camp now,” he said.

Another shirtless fellow…said he had a vision, based on Burning Man’s gifting economy. In his vision, cryptocurrency is just the first step toward making a large-scale gift economy.

“Once we learn to monetize everything, we take this gifting economy out to the world,” Keim said. “We can take the Illuminati’s cyber gold and silver, and distribute it evenly. Once we have this, we can live in abundance, rather than scarcity.”

… came to Burning Man to see what a gifting- and abundance-based economy could look like. Money and branding aren’t allowed at Burning Man. Everyone brings or prepares gifts (alcohol, snacks such as pancakes, or little necklaces that say “Burning Man 2014”) that they exchange.

“One of the biggest barriers to the gift economy is debt, the usury. With cryptocurrency we can reengineer abundance rather than scarcity,”

…someone riding past their camp earlier that day had yelled at them — “F—ing bitcoin’s not allowed on the playa,” or something to that effect. The campers had been surprised but not terribly offended…

“I’m the messiah, and money grows on trees,” Keim said.

No, but seriously, what’s the gist?

“I am the messiah,” he repeated, getting on his dust-and-EL-wire-covered bicycle.

Before I could reenter the tent, an extremely attractive couple stopped me and eyed me up and down.

“This is it, right?” asked the man, who was wearing a top hat and genie pants, which for some reason wasn’t even a turn-off anymore. (I’ve been here too long.)

It?

“Tantra tent?” he asked, cocking his head.

No. Not tantra. Bitcoin.

Sounds like Mr Bitcoin messiah might have been tooting his own horn, if you know what I mean. Scarface, if you don’t.

Full story here.

Kudos to Nellie Bowles and Re/Code, your Burning Man coverage this year has been superb.

Control-of-Bitcoin

Money is technically not banned at Burning Man, and Bitcoins certainly aren’t…yet. The principle of “DeCommodification” conveniently stretches to include a lot of things. If you read the fine print of the Principles, they never actually use the word money. They do, however, place a ban on “consumption” – if you want to partake, you must participate.

Everything’s free but nothing’s for sale. Gifting is encouraged, but barter is verboten.  Volunteering (ie free labor) is encouraged, as long as it is on projects that are for the benefit of BMOrg. The systems they’ve built to facilitate all of this are rudimentary, and don’t seem to be much of an Organizational priority. The priorities are more like new ticketing schemes and revenue streams, corporate tax structure, self-promotion, and Big Data: “Burner Profiles” and Census results. The information collected about us continues to become more detailed, as the ticket prices head skywards.

BMOrg claim to be pioneers in the “sharing economy”, yet it’s hard to pinpoint what exactly they do that relates to it. “We don’t sell drinks” is not quite the same as “we’ve figured out new economic models for people to peacefully co-exist”. Rather than being counter-economics, the economics of Burning Man are not dissimilar to those of the Pharaohs. Pharaoh gets the gold while the sherpas do the labor.

Is this all that could ever be? Do we create a radical experiment, year after year, by doing the same old shit in the same old way – just add Virgins?

This is what cellphones looked like in 1986

This is what cellphones looked like in 1986

Burning Man started in the mid-80’s, when Madonna’s new album was “Like a Virgin” and the first gangsta rap song had just been released. Now we are well into the 21st century. In the 90’s we got the Web, in the Naughties we got smart phones and social media, in the Teenies we got Twitter and Uber and NSA spying and Google buying military robot companies.

Larry Harvey was asked about Bitcoin in New York in 2013.

I’m in Dr Kittay’s class at Columbia University called Technology, Religion, and Future. Today, we had an event on Burning Man, where the Burning Man committee including Larry Harvey (Founder of Burning Man) came in to talk about the event with our class. The link is below

http://blog.burningman.com/2013/10/eventshappenings/event-the-founders-speak-burning-man-technology-religion-the-future/

I asked if they would consider accepting Bitcoin as a form of payment. They unanimously said yes! At first Larry was like, hmm never thought about that. Then one guy said, well its not really that stable yet but hell, if it makes people happy lets do it! They all nodded in agreement. Woot! Now they just have to follow up on it by adding the ‘Pay in BTC’ button to the ticket purchase section of their site.

Of course, fast forward a year later and there is not so much as a hint of Bitcoin entering the Burning Man universe, yet alone experimenting with new ideas of liberty like Agorism. Quite what is the vision for this social engineering petri dish over the next century remains to be seen: it’s “coming soon”, like the video of the Founders talk at Columbia. BMOrg are still struggling to mail tickets to people in San Francisco, and are completely unable to mail them to other countries. Meanwhile we have Burnier-Than-Thous bemoaning smart phones, drones, sherpas, dubstep DJs, even the postal service. Will technology innovation in the Default world have to stay there, while Burning Man stagnates, just so that Burnier-Than-Thous can feel they’re doing it better?

Burning-Man-2009-Sphinx-Statue-Pink-girls-woman-women-Desert-Art-Festival-Dust-To-Ashes-photos-pictures-pics-Gerlach-Nevada-NVIs this the future we choose for the experiment of Black Rock City: no more innovation, just more complaining and more douchebags? Rude Man, as I saw it called on Facebook today.

Their Plan for the Playa, it seems, is to force us to accept an ever-increasing range of Default world transactions (all done solely via BMOrg, with the Feds getting a cut too), and an ever-decreasing amount of Gifting. Commerce is banned, so’s barter. Citizens don’t get a say in the city, so there is no political discourse in this civilization – except for the guest speakers the Founders invite in. Burning Man doesn’t care what you believe, as long as it’s the Ten Principles.

Perhaps it is significant that BMOrg are strengthening their ties to the two major political parties, while at the same time trying to dismiss the streak of libertarianism and anarchy that Burning Man originally sprung forth from.

When innovation and creativity are regulated out of existence by bureaucracy, the subversive dissenters, the anarcho-crypto-punks, start looking for remote wildernesses where they can go and create the New New Thing.

“Good riddance!”, cry the Townspeople, when the Sheriffs chase the Cowboys out of town. It matters not to them that the Cowboys started the town, hired the Sheriffs, and invited all the Townspeople in. “Cowboys are bad”, say the Townspeople. “Everyone knows that”.