Profile picture
Jason Danner @jpdanner
, 263 tweets, 164 min read Read on Twitter
"If you're sitting in the front row beware your eyebrows. Apparently they're not 'pyrotechnics' they're 'flame-fans'"
@Metlstorm

#Kiwicon
Interpretive dancing from @Metlstorm

#Kiwicon
Now its @mjg59 talking about what fun you can have with electric scooters!

#Kiwicon
"One of the things I leaned from @kiwicon is to not make videos of doing crimes"

#Kiwicon @mjg59
"Does anyone here work for Lime? You HAVE to tell me, it's the law."

#Kiwicon @mjg59
"IoT devices are just terrible. I can talk about other things, I just don't"

#Kiwicon @mjg59
How do you make a *good* escooter?

#Kiwicon @mjg59
But a good scooter needs to be able to be stood on.

#Kiwicon @mjg59
Escooters are big business!

How? Why?

I'm not a VC. I don't understand money.

#Kiwicon @mjg59
All the manufacturing is now complicated.

#Kiwicon @mjg59
Scooter fires are bad.

Very very not good.

#Kiwicon @mjg59
How do I APK to get your neato scooter app?

Something with class files and magic.

#Kiwicon @mjg59
Jadx is fucking black magic.

I'm a biologist. I don't know why they keep letting me on stage.

#Kiwicon @mjg59
So what's the point?

Do crimes.

(Don't do crimes)

@mjg59 would like to reinforce that he never does crimes. OH no. Definitely not.

#Kiwicon @mjg59
Definitely not crime-ing. But... What if we Man in the Middle it?

Hard way?

Easy way?

#Kiwicon @mjg59
What do you call a scooter app in Paris?

#Kiwicon @mjg59
By watching where scooters disappear & reappear we can see where people are moving around.

#Kiwicon @mjg59
Can we track Lime scooters via API?

Perhaps!

Oh no! They added rate limiting.

#Kiwicon @mjg59
Limes everywhere! About 250k of them deployed. You watch them in transit from the factory.

#Kiwicon @mjg59
What could possibly go wrong?

#Kiwicon @mjg59
You start tracking where people are working and going. There are lots of these in DC...

But... You came here for mad hacks

#Kiwicon @mjg59
What if we bought awful scooters online and made a terrible app?

Then you invented Spin and just sold for $200 mil

#Kiwicon @mjg59
If you send this code to any Spin scooter it will unlock, but not inform the server.

Don't do that. It's probably illegal.

#Kiwicon @mjg59
What is the moral?

Capitalism is bad.

Or maybe it's good.

#Kiwicon @mjg59
Now listening to Jon from FireEye talking about VMProtect Clones

#Kiwicon
What is VMProtect?

It does lots of things. Packer, mutator, many things.

#Kiwicon
Stack based virtual machine?

#Kiwicon
Oooh! Pretty lights & pictures!

#Kiwicon
Background?

I have no idea what any of this means.

#Kiwicon
Jon's favourite movie is back to the future.

#Kiwicon
Do the VMing and the coding.

#Kiwicon
Also disassemble things?

#Kiwicon
Remember to optimise your dissemblers, folks.

#Kiwicon
I spy a @gnat

#Kiwicon
Target the program. Yes. Good. Good.

#Kiwicon
Cloning is hard.

#Kiwicon
Key Takeaways:

#Kiwicon
Jeebus. That handle, Jon @2130706433

#Kiwicon
Break time!

#Kiwicon
These seem normal.
#Kiwicon
Why can't I haz @kiwicon?!
#Kiwicon
Its @attacus_au up next.

Fuck yeah!

#Kiwicon
WTF happened to this poor llama?!

I blame @bogan.

#Kiwicon
"Apathy and Arsenic: a Victoria Era lesson on fighting the surveillance state"

#Kiwicon @attacus_au
And @Metlstorm struts back onto the stage.

#Kiwicon
You might remember @attacus_au from that talk where she ranks about history. Or privacy. Or both.

#Kiwicon @attacus_au
We're talking about Arsenic. Very cheap waste product.

Super poisonous. But in makeup! Colour pigments! And rat poison.

#Kiwicon @attacus_au
And arsenic in wallpaper!

People would go to the seaside to feel better. And they did. Because no arsenic!

#Kiwicon @attacus_au
Arsenic was known as "inheritance powder" - tasteless! You could bake it into a cake or stir it into tea!

#Kiwicon @attacus_au
Privacy is a bit like arsenic - we all agree it's important to deal with the issue, but they're so ubiquitous that it's hard to care.

#Kiwicon @attacus_au
Privacy & arsenic also impact different people differently. So you might care less if you feel it does affect you. But others may have a different reaction.

#Kiwicon @attacus_au
Oooh! Sneaky hacker emails pretending to email you from your own address. Look at that internet content you've been looking at!

Sextortion emails with real passwords from old data dumps.

Trying to scam folks out of money.

They've gotten nearly $1mil NZD!

#Kiwicon @attacus_au
Wait, Office365 has been sending spelling/grammer check string back to HQ?
😠

#Kiwicon @attacus_au
"Peak Indifference" = when the most people give the least fucks

#Kiwicon @attacus_au
We've hit the peak indifference for privacy - we're talking more about it.

Greater sentiment of mistrust or distrust of how data is being used.

#Kiwicon @attacus_au
How do we keep up with the momentum of people caring about privacy?

We need more awareness to drive resistance to the problem.

#Kiwicon @attacus_au
How did they handle this with arsenic?

They developed a test for arsenic. Now producers had to clean up their act because people could find out they were putting arsenic in their products!

#Kiwicon @attacus_au
England, to this day, hasn't actually banned the use of arsenic in wallpaper.

But other countries did. And the public wanted non arsenic products. So they moved on.

#Kiwicon @attacus_au
The creation affordable of arsenic-free alternatives meant that market forces basically pushed arsenic out of the market. Soon you couldn't buy arsenic wallpaper or pigments even if you wanted.

#Kiwicon @attacus_au
We're pressuring companies in a thousand ways to enable privacy. What are we missing?

Time. We need to keep pushing and keep moving forward.

#Kiwicon @attacus_au
What we need to keep doing?

#Kiwicon @attacus_au
We need to keep enabling accessible alternatives.

Not everyone needs to be a leader.

#Kiwicon @attacus_au
Push back against the power structures in order to elicit change.

Keep the pressure on.

#Kiwicon @attacus_au
Don't be afraid to care.

Optimism isn't cool, but we need it so bad! We need that energy and drive to keep moving forward.

#Kiwicon @attacus_au
Thanks @attacus_au!

Awesome talk!

#Kiwicon
Now we're learning about hacking Ethereum smart contracts in the most lazy way possible.

#Kiwicon
WTF are smart contracts?

#Kiwicon
This couldn't be exploited right? RIGHT?

#Kiwicon
Is it theft? Or is it just using the features of the contract.

#Kiwicon
Something something. Now I have all your money.

#Kiwicon
All code is easy to fuck up.

When you put code in control of millions of dollars it REALLY matters when it fucks up.

#Kiwicon
How do we combat this?

#Kiwicon
How do I haxor the Ethereum?

Keep in mind, I'm very lazy.

#Kiwicon
Symbolic execution?

Blah blah blah blah blah. Wikipedia.

#Kiwicon
More symbolic execution

#Kiwicon
A definition of theft.

Amazingly it's the same definition for profit!

#Kiwicon
Practicalities. Finally! A use for math!

#Kiwicon
Z3: the one good thing to come out of Microsoft.

#Kiwicon
So he built Moriarty. A VM for breaking Smart Contracts.

#Kiwicon
Prizes! Prizes! Prizes!

#Kiwicon
Live demo time!

Looking at $2 billion in Smart Contracts. 😱

#Kiwicon
Exploit synthesis

Maximise prizes & automate.

#Kiwicon
Something changed on the screen. Then everyone clapped.

No idea why. I don't know maths.

#Kiwicon
This is going well.

#Kiwicon
Moriarty optimisation.

Moar fidelities.

#Kiwicon
And... Now the computer died.

#Kiwicon
Interesting talk. But these drunk stories are fuckin awful.

#Kiwicon
Now its @syngularity0!

He's bad at computer but good at accidentally meeting Bill Murray.

#Kiwicon
Now talking about why you should work with Red Teams with @syngularity0

#Kiwicon
A slide for the normal folks in the audience.

#Kiwicon
🎶 Its a circle of... Red Teaming! 🎶

#Kiwicon @syngularity0
Story time.

Its all fake. Probably.

#Kiwicon @syngularity0
You should all make LinkedIn profiles!

They make attackers' lives super easy!

#Kiwicon @syngularity0
Now what?

Train yourself to think like a red team so you can figure out how to counter them.

#Kiwicon @syngularity0
"You're probably thinking I'm a terrible person. And I am. But you're stuck here with me!"

#Kiwicon @syngularity0
Thanks @syngularity0!

#Kiwicon
Thanks @Metlstorm @kiwicon for acknowledging the issues.

Looking forward to a resolution.

#Kiwicon
Full @kiwicon 2038 Day 1 opening drama!

Enjoy #Kiwicon!
This beer is 👌

Good job @Northendbrewing!

#Kiwicon
#Kiwicon peeps!

This is what I look like! (although you probably already know)

Feel free to say hi if you see me around. I love Twitter peeps.
Now up, Boyd talking about lessons from game consoles and the coming security apocalypse.

#Kiwicon
How is our threat model different with game consoles than normal devices?

With normal devices we're defending the user from an attacker.

In game consoles the attackers usually ARE the users!

#Kiwicon
Why would you want to attack your own game console?

To make it do shit they didn't intend.

#Kiwicon
If you don't have physical security, you can't trust any local storage.

#Kiwicon
You can't trust remote drives.

#Kiwicon
Or... You can glitch the registers, caches, memory...

#Kiwicon
For XBox One they were a bit wiser about building it securely.

But... What about the drivers?

#Kiwicon
Which leads us to the coming security apocalypse.

#Kiwicon
So... We can't trust basically any hardware.

#Kiwicon
The way we currently build software isn't viable for the coming apocalypse.

#Kiwicon
How do we fix this?

Become really familiar with FPGAs. Need security co-processors that handle all secure data/computations.

Also PUFs - physical unvunerable functions

#Kiwicon
Wow, now talking about how manufacturing transistors has measurable quantum effects and you can use that an additional input to verify physical integrity.

#Kiwicon
How do we protect from the software side?

Micro-kernel designs

Isolate as much as possible

#Kiwicon
Boyd just moved to New Zealand!

They chose this place because he thinks NZ is the best place to build systems for a global market.

He wants to move from gaming consoles to solving problems for IT.

#Kiwicon
Thanks Boyd!

#Kiwicon
Now @mubix is talking about living w/o the land attacking AD with Linux

#Kiwicon
Awww!
#Kiwicon @mubix
What is living on the land?

Powershell!

#Kiwicon @mubix
But Powershell is all logged now! Bad for attackers.

#Kiwicon @mubix
What happens if you don't have a domain joined machine?

#Kiwicon @mubix
So @mubix was scripting ldap stuff and then...

@Metlstorm shows up. Implies @kiwicon lives!

Maybe he should submit a talk on his tooling!

#Kiwicon @mubix
But somebody already built a similar tool called ADRecon, but in Powershell.

#Kiwicon @mubix
Maybe it's not the end of the world...

#Kiwicon @mubix
*Begin angry hacking*

#Kiwicon @mubix
What is LDAP?

#Kiwicon @mubix
LDAP vs Active Directory
😂😂😂😂

#Kiwicon @mubix
What about Active Directory?

#Kiwicon @mubix
Simple LDAP for AD

#Kiwicon @mubix
This is all making @mubix old.

#Kiwicon @mubix
What kinda info can you pull?

Sweet jeebus! SOO much!

#Kiwicon @mubix
Basically no info on how to parse this data.

#Kiwicon @mubix
Time to give up?

#Kiwicon @mubix
What can you edit with LDAP?

#Kiwicon @mubix
What if we make every computer on the domain a domain controller.

And... It broke everything. Nobody can log in. 😑

#Kiwicon @mubix
What are we setting here?

Encrypted_Text_Password_Allowed

Saves encrypted passwords in AD. Where you can grab & decrypt them!

#Kiwicon @mubix
Here is how you set that attribute.

#Kiwicon @mubix
Other things to edit:

The social attacks are particularly good.

Phone to auto intercept SMS 2FA.

Managers - set yourself as a manager for that user to get automated reports about them integrated systems

#Kiwicon @mubix
LDAP-WAT - the windows attack toolkit that @mubix is building

#Kiwicon @mubix
Now entering... The Watican!

#Kiwicon @mubix
LDAP-WAT functions:

#Kiwicon @mubix
A gesticulating @mubix
#Kiwicon
Oh, we're haxoring now!

#Kiwicon @mubix
This is where things get interesting...

#Kiwicon @mubix
If you add a computer to the domain using LDAP you can specify a bunch of attributes. Including... That its a domain controller!

You can do this with any domain user account.

😱

#Kiwicon @mubix
This is going well.

#Kiwicon @mubix
Now... @mubix has to kill us all.

Well. This is awkward.

#Kiwicon
Thanks @mubix!

You're awesome!

#Kiwicon
Now @libNex & @claudiocontin are talking about Ghosts in the Browser: Backdooring the Service Workers

#Kiwicon
What is a service worker?

#Kiwicon @libNex @claudiocontin
Let's register a malicious service worker in browser

#Kiwicon @libNex @claudiocontin
What does this service worker get us?

#Kiwicon @libNex @claudiocontin
This is also the way I dress when hacking.

#Kiwicon @libNex @claudiocontin
Exploiting XSS with service worker

#Kiwicon @libNex @claudiocontin
We can also use Fetch events

#Kiwicon @libNex @claudiocontin
How to mitigate:

#Kiwicon @libNex @claudiocontin
Service Workers outlive XSS

#Kiwicon @libNex @claudiocontin
They made a browser extension to block malicious service workers!

#Kiwicon @libNex @claudiocontin
Thanks folks!

#Kiwicon @libNex @claudiocontin
So apparently this next talk will have some upsetting content around non-consensual sex. I'll be trying to exercise discretion but it can be tough while quickly tweeting.

I'll add the tag #TW to my tweets on this talk so folks can mute that hashtag

#Kiwicon @Zemmiph0bia
Who is @Zemmiph0bia?

#Kiwicon @Zemmiph0bia #TW
We all love or hate technology. But we all want to make it better.

#Kiwicon @Zemmiph0bia #TW
First attempt to regulate porn on the intenet.

Got overturned

#Kiwicon @Zemmiph0bia #TW
And...

#Kiwicon @Zemmiph0bia #TW
Until this. The Fight Online Sex Trafficking Act. Because they're using it to also prosecute & shut down tools used by consenting sex workers.

#Kiwicon @Zemmiph0bia #TW
Since its implementation, homicides of sex workers is up over 17%

#Kiwicon @Zemmiph0bia #TW
Love it.

#Kiwicon @Zemmiph0bia #TW
So they're building Switter - a safe place for consenting sex workers

#Kiwicon @Zemmiph0bia #TW
So @Cloudflare shut down their account.

WTF CloudFlare?

#Kiwicon @Zemmiph0bia #TW
I want to believe that we can be better.

We have to be better.

We built this shit. We have to fix it.

#Kiwicon @Zemmiph0bia #TW
Fucking excellent @Zemmiph0bia.

Thank you.

#Kiwicon
Next up: DHCP is hard with Felix

#Kiwicon
YAS Pyro!
@kiwicon #Kiwicon
🔥🔥🔥🔥🔥
#Kiwicon @kiwicon
Also. Here's the @kiwicon schedule remote peeps
#Kiwicon
So @Metlstorm is just touched we enjoy his mixed tape

#Kiwicon
Now Felix from Google is going to tell us why DHCP is hard

#Kiwicon
This will be a story of 5 bugs

#Kiwicon
What is DHCP?

A really old protocol for assigning IP addresses.

#Kiwicon
Why is DHCP an interesting target?

#Kiwicon
DHCP is all about options.

#Kiwicon
So. Many. Options.

#Kiwicon
Let's look at some code and bugs!

Looks in the DHCP packet, removes the option length, then does some other stuff that leads to memory corruption.

#Kiwicon
What can we find with more widely used implementations?

Lets look at ISC DHCP

#Kiwicon
Parsing the option buffer.

How does this affect the rev count?

What about the option length?

#Kiwicon
How do we attack this?

We've got a few options:

#Kiwicon
Let's take a look at the architecture.

#Kiwicon
We have a "pretty print option" that makes things human readable

Maybe the XXX comment means some developer already thought this was a bad idea

#Kiwicon
And... Here is the real architecture

#Kiwicon
Someone tried to solve this problem. Uhhh. Not well.

#Kiwicon
I'm enjoying the gesticulating.

#Kiwicon
Uuuuuuuuhhhhhh. 😬

#Kiwicon
You can use this to own every Red Hat system for the last 5 years.

Awesome.

#Kiwicon
But now we've replaced network manager with networkd

#Kiwicon
So now we're bug free right? RIGHT? 👀

#Kiwicon
But nobody uses DHCPv6 right? RIGHT? 👀

#Kiwicon
DHCP looks easy but is actually super hard. Nobody looks at it so there are lots of bugs left.

Nobody uses DHCPv6 but everyone supports it. 🙄

#Kiwicon
Thanks Felix!

#Kiwicon
Now @LittleJoeTables @IAmMandatory are getting buzzed with buzzwords in the cloud.

#Kiwicon
They both have high school diplomas. Well done?

#Kiwicon @IAmMandatory @LittleJoeTables
Let's get some VC funding!

Firs buy some escooters... Wait soz. Wrong talk. @mjg59

#Kiwicon @IAmMandatory @LittleJoeTables
I guess we could use Burp Intruder

#Kiwicon @IAmMandatory @LittleJoeTables
But... It's not web scale...

#Kiwicon @IAmMandatory @LittleJoeTables
Let's scale this beast up with lambdas!

#Kiwicon @IAmMandatory @LittleJoeTables
Oh dear.

#Kiwicon @IAmMandatory @LittleJoeTables
This is going well.

#Kiwicon @IAmMandatory @LittleJoeTables
Slightly stressful. Hitting limits?

#Kiwicon @IAmMandatory @LittleJoeTables
Infinitely scalable with money, yay capitalism!

Github report available

#Kiwicon @IAmMandatory @LittleJoeTables
Now, rainbow tables

Basically a table of pre reversed password hashes

#Kiwicon @IAmMandatory @LittleJoeTables
Where can we store a big rainbow table?

Just a few hundred million rows.

SQL?

MongoDB - snapchat for databases?

Nah, well use Big Query. Its... "Web Scale"

#Kiwicon @IAmMandatory @LittleJoeTables
Sweet baby cheeses!

Amazingly cheap and FAST.

#Kiwicon @IAmMandatory @LittleJoeTables
They've optimised this and plugged it all together with the lambdas into: "Big Rainbow" 🌈

#Kiwicon @IAmMandatory @LittleJoeTables
You can grab it all here for... Uh... "Research"

#Kiwicon @IAmMandatory @LittleJoeTables
But... What if we need a lot of auto scaling GPU power?

#Kiwicon @IAmMandatory @LittleJoeTables
We don't want traditional GPU clusters

#Kiwicon @IAmMandatory @LittleJoeTables
😂

#Kiwicon @IAmMandatory @LittleJoeTables
What services will we use?

#Kiwicon @IAmMandatory @LittleJoeTables
This. This is what you want to config the spot instances.

#Kiwicon @IAmMandatory @LittleJoeTables
Using Hash Cat as the GPU cracker.

#Kiwicon @IAmMandatory @LittleJoeTables
Architecture of the GPU cluster.

#Kiwicon @IAmMandatory @LittleJoeTables
Code isn't public yet, but is coming soon!

#Kiwicon @IAmMandatory @LittleJoeTables
And... Untwister. Another tool!

#Kiwicon @IAmMandatory @LittleJoeTables
We can also distribute this across an autoscale group again. Incredibly fast.

#Kiwicon @IAmMandatory @LittleJoeTables
Code will be available here:

#Kiwicon @IAmMandatory @LittleJoeTables
Yay, @xkcdComic!

#Kiwicon @IAmMandatory @LittleJoeTables
Thanks @0xkitty for the slide design!

#Kiwicon @IAmMandatory @LittleJoeTables
Now its "The Bruce"

#Kiwicon
Its @Metlstorm introducing Bruce Schneier
#Kiwicon
We're not just working with internet security these days. Everything has a computer. We need to worry about everything.

#Kiwicon
You can't limit the functionality of computerised systems. They're infinitely extensible.

When you install malware on a system you're just adding features

#Kiwicon
There are new vulnerabilities in interconnects.

As we connect things here things become vulnerable there.

#Kiwicon
Hackers stole a Vegas Casio's high roller database got hacked.

They got in via the internet connected fish tank. 😱

#Kiwicon
We're improving security every year, but complexity is increasing faster.

Its outrunning us.

#Kiwicon
Attacks are getting easier better faster.

Attackers adapt and get smarter.

This is where we get arms races.

Expertise flows down hill. Today's NSA exploits are tomorrow's normal attacks.

#Kiwicon
Bruce is not impressed with the promiscuity of cell networks.

#Kiwicon
Bruce isn't as worried about the hacks that impact privacy (although it's important). But technology is so critical now. What about attacks that actually threaten life and property.

#Kiwicon
Some of our long-standing security paradigm are failing

- Patching - we have teams of people who are agile about fixing issues we know will exist.

This does exist for embedded systems. A lot of these devices have no means of patching, or anyone issuing patches.

#Kiwicon
So we patch embedded systems by replacing it.

How often do you replace your car?
Your refrigerator?
Your thermostat?

We have no idea how to secure 30 year old software.

#Kiwicon
You might have a DVR ay home that's part of a botnet.

You don't know, and you probably don't care.

#Kiwicon
Second thing failing is authentication.

Passwords are terrible. And almost all backup authentication is much worse than the primary authentication.

We'll see the rise of thing to thing authentication. They will authenticate to each other without people involved.

#Kiwicon
If I have 100 IoT devices in my orbit that's 10,000 authentications.

You're not going to manually set up 10k authentication.

It works now for 10-25 things.

Doesn't work at scale.

#Kiwicon
Supply chain is a disaster.

Its always been a disaster but it's becoming impossible to ignore.

#kiwicon
Should we trust the technology made by other countries?

Kaspersky and Huawei are just the tip of the iceberg.

Who is making the chips? Who is writing the firmware?

#Kiwicon
We have to trust the distribution methods.

We have to trust the update mechanism.

We have to trust the shipping mechanism.

How do we validate this stuff?

#Kiwicon
Jeebus. This is going to a dark dark place.

#Kiwicon
Bruce thinks China putting a backdoors chip on server boards is probably fake. BUT IT'S IMPOSSIBLE TO KNOW.

You can't trust anybody, but we have to trust everybody.

#Kiwicon
We've been ok with an unregulated tech space because it didn't matter. Now it does.

Bruce thinks this is a policy problem. We need to use law to subvert tech.

#Kiwicon
Bruce has been reading a book called: "Click Here to Kill Everybody"

Goes over well in airports.

#Kiwicon
Defence has to matter.

We all use the same stuff.

Either everyone gets security or nobody gets security.

Wr can't have security, but deny it to our adversaries. We're all too interrelated now.

#Kiwicon
As we are building systems that are more critical. It's IMPERATIVE that we make them secure.

#Kiwicon
We need to build for resilience. Defence in depth, compartmentalisation, etc.

Can we have a things monitoring other things.

#Kiwicon
Computers are already moving into areas that are highly regulated

We NEED sensible policy. The risks are too great and the stakes are too high

Your choice is no longer between gov intervention or no intervention. It's between smart gov intervention or dumb intervention
#Kiwicon
Economics doesn't favour security. It fails insecurity.

Equifax learned: skip security, hope nothing bad happens, if it does then weather the storm & continue on.

We need regulation to add real cost if you don't take security seriously. Otherwise why would it change?

#Kiwicon
States are leading the way for regulating security & tech in the USA. The federal gov is doing nothing.

The EU is looking this way.

#Kiwicon
If you buy a car in Mexico it'll be tuned differently than the US.

Software isn't that way. Tends to be write once, sell everywhere.

So if one jurisdiction forces security, it'll be rolled to everyone

#Kiwicon
There is no economic incentive for security now. So we need to force it.

#Kiwicon
We need to get involved in policy. Currently technologists and policy makers are talking past each other. Policy makers don't have any idea how technology works.

We NEED to get involved. We have knowledge & expertise that NEEDS to be reflected in policy.

#Kiwicon
Our knowledge has broad applications on the problems we'll face in the future.

Global warming, the future of work, automation, these all have massive tech components

#Kiwicon
How much of our lives should be governed by technology and under what rules? We NEED to be leading those decisions.

#Kiwicon
Fucking hell. Intense talk by Bruce.

Tried to capture as much as I could. Hope the themes came through!

#Kiwicon
Now @Metlstorm is apologising for the exorbitant price of the @kiwicon beer.

#Kiwicon
Ending @kiwicon day 1 with MOAR FIRE

#Kiwicon
🔥🔥🔥🔥🔥
#Kiwicon
Here's @kiwicon Day 1 closing!

So much love for the speakers & crue.

See ya tomorrow!



#Kiwicon
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Jason Danner
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related hashtags

#Kiwicon #TW

More from @jpdanner see all

Profile picture
Ready for #Kiwicon Day 2!

This will be an interesting angle... I blame @rafaelmagu

@kiwicon
I have JUST discovered that the #Kiwicon screens are rear projection.

@kiwicon
Now @Metlstorm is (finally) thanking the sponsors.

Starting with @InternetNZ!

#Kiwicon
Read 370 tweets
Profile picture
Its nearly #purplecon time with @kanocarra!
Front row with some of the #purplecon krew.

Almost showtime!

@pikelet @hipsterjazzbo
Some ace haikus.

And a @mangopdf
#purplecon
Read 128 tweets
Profile picture
Around the public sphere there is growing hostility towards voices of dissent.

We need a more participatory environment that listens to & empowers all views - Marianne

#Nethui
How do we co-design the future in a scalable way?

How do we co-design better processes that allow everyone to participate in government & public service? - Pia

#Nethui
What do we do about the ubiquity of big corporate presence in the education system & the lack of other products?

It is incumbent on the schools that students get a variety of choice.

We need to focus on the skill, not the product.

#Nethui
Read 77 tweets

Related threads

Profile picture
#SundayMorningReading
#TooGoodNotToShare

I attended a #Party, recently, with a gathering of about 300 people and sat in the front row.

A Lady started distributing #snacks from the back row and unfortunately, it didn't get to us sitting in the front row.
Another Lady started handing out #Drinks, from the front row. But, by then, I had already moved to the Back row and, so, the drink didn't get to me.

I was irritated and stood up to leave.
But, then, I saw three ladies each with A Big Bowl of vegetable Manchurian dry. This time, I tried to be Wise by sitting in the Middle row. One of the Ladies started the sharing from the Front, and the second Lady started distributing from the back.
Read 5 tweets
Profile picture
Here is a #CourtroomChronicle with a difference.

We live on a plot. Frogs abound. They live under the bath. In the pond. Under the kitchen counter. We live with them and they live alongside us.

It all went swimmingly until....
There I sat in opposed motion court, one Wednesday. It'd been a full roll and the room was hot because we can't use the aircon as it interferes with the recording device. I was sitting in the front row, large box shaped briefcase at my feet. There was a young advocate next to me.
Now my relationship with young advocates and attorneys was good. I was experienced in mag court work, could quote the rules verbatim and I helped where they needed it. They liked me. I liked them. We were a happy mutually appreciative group.

All was well.

Or was it?
Read 16 tweets
Profile picture
Cuddly Uncle Bob, everybody.
Actually you know what, I've got some time, let's dig in a little here. The Heinlein quote in there 'don the red robe of the venerated elder' is almost a platonic example of everything that's trying to murder genre fiction in it's sleep.
It implies that age equals perfection. It implies that once you have creative tenure, you're able to just coast on your laurels forever, wandering the halls of conventions, telling performatively rambling stories and not applauding while sitting on the front row at the Hugos.
Read 12 tweets
Profile picture
Cursed -Jikook Spooktober au where Jungkook gets hurt easily and Jimin, his over protective boyfriend, gets revenge by placing curses on those who hurt him but one of the curses rebounds onto Jimin and he has to keep it a secret from his bunny
TW: mention of death and possession and possibly blood depending on how the storyline goes. CONTINUE READING AT YOUR OWN RISK!
BEFORE THE STORY STARTS: there will be polls scattered throughout the story. Most will have a good choice and a bad one and others may be simple things like who the next character you want is.
Read 198 tweets
Profile picture
1. diGenova discusses Grand Jury taking testimony on Strzok, Page, McCabe & others (Comey) involved in coup vs @POTUS. James Baker turned State's evidence & fully cooperating w/IG & Fed Grand Jury. Comey knows he's screwed.

Another "Future proves past".
2. Anon incorrectly noted 10 min delta btwn Q drop & DJT tweet. Was looking at wrong tweet. @realDonaldTrump 1st tweet in 4 hrs came less than 1 min (28 sec to be exact) after Q drop (re: Baker). Happens often. Shows connectivity/coordination btwn DJT & Q.
3. Anon replied to previous Q drop (re: DJT tweeting in coordination w/Q drops) by posting analytics graphic showing correlation in quantity of @realDonaldTrump tweets vs Q drops.
Read 27 tweets
Profile picture
what’s wrong with secretary kim?

taekook au where jungkook always teases about firing his all too perfect secretary, taehyung but was bewildered when the other actually hands him a resignation letter.
Jungkook stared at the enclosed envelope sitting on his desk, his lips pursed tightly and his arms crossed over his chest as he let his chair carry the weight of his body. His dress shoes clicked on the floor as he tapped his foot, the sharp tap echoing through the office.
The frustration builds up each time he listens to the clock hand ticking away the seconds.

It has been a day. The realization hits him hard and suddenly Jungkook stopped tapping his feet on the ground.

It has been a whole entire day since Secretary Kim quit.
Read 219 tweets

Trending hashtags

#hurt #benefit #hurdygurdy #Activate #sleeper #ConfirmKavanaugh #starcrawler #NationalSelfieDay #dulcimercore #Beware #FLAG #Readers #NoDamsel #resist #SundayThoughts #Trust #Teslastoreupdate #REMARKABLE #BillOfRights #Antitrust #Drinks #Advertising #organreframed #VoteBlue2019 #MOAB

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!