Forgot your password?
typodupeerror
Government Security

Researchers Now Pulling Out of DEF CON In Response To Anti-Fed Position 204

Posted by timothy
from the at-least-the-tsa-gives-free-massages dept.
darthcamaro writes "Earlier today it, Slashdot had a story about DEF CON's position on not allowing U.S. Federal agents to attend the annual hacking conference. We're now starting to see the backlash from the hacker community itself with at least two well respected hackers pulling out of the DEF CON speaking sessions so far: "'The issue we are struggling with, and the basis of our decision, is that we feel strongly that DEF CON has always presented a neutral ground that encouraged open communication among the community, despite the industry background and diversity of motives to attend,' security researcher Kevin Johnson wrote. 'We believe the exclusion of the "feds" this year does the exact opposite at a critical time.'" Meanwhile, Black Hat welcomes Federal attendees; this year's conference will feature as a speaker former NSA head Keith Alexander.
This discussion has been archived. No new comments can be posted.

Researchers Now Pulling Out of DEF CON In Response To Anti-Fed Position

Comments Filter:
  • Good luck (Score:2, Insightful)

    Door, arse, etc.

    • These are probably the same researchers that have been crying "no security is better than a false sense of security" for years now in a devious (and successful) attempt to keep our communications channels completely unencrypted, by default. Lucky OTR (Off the Record) didnt to listen to such mal-aligned researcher advice so now we have a widely deployed chat encryption method...
  • Neutral vs. naive (Score:5, Insightful)

    by MrEricSir (398214) on Thursday July 11, 2013 @07:05PM (#44256263) Homepage

    It's one thing to be neutral towards those who are vaguely threatening, but it's simply naive to be neutral towards those who are actively undermining you.

    • by Anonymous Coward

      It's one thing to be neutral towards those who are vaguely threatening, but it's simply naive to be neutral towards those who are actively undermining you.

      Uh, couldn't the law enforcement and intelligence communities have said that every year about a lot of hackers at DEF CON?

    • by Darinbob (1142669)

      However, "Feds" covers a lot of ground. The spying is from the NSA. What about the FBI who have legitimate interest in cyber security as well as information to give?

  • by techsoldaten (309296) on Thursday July 11, 2013 @07:07PM (#44256283) Journal

    I can't speak for the people who have chosen not to participate or their reasons for doing so.

    I am sure it will be a loss for the event, but not as much as the one that comes from the lack of a public dialogue about the government's actions and activities tracking internet traffic.

    Saying that Defcon fosters an open community where there are no sides is a little misleading. The government has it's own reasons for showing up and they are not all related to sharing ideas, learning and having a good time. It's just the other people who really lack an agenda.

    I know people who are not going to Blackhat because the NSA is giving the keynote. What kind of strange alternate future is it we live in where this even happens?

    • by gl4ss (559668)

      it's only fitting that NSA is giving keynote at Blackhat since they're the biggest blackhat hacking organization around... source: everyone outside USA.

    • by drinkypoo (153816)

      I know people who are not going to Blackhat because the NSA is giving the keynote

      Those people are dumb. If they are worth noticing the NSA has probably noticed them already. Meanwhile this gives the opportunity to see NSA PR being flacked firsthand, and compare it to what we now know they are doing. It will provide a valuable rosetta stone for future communications from the NSA so that we have a good idea of the scope of their actual operations based on what claims they make.

  • >> "we feel strongly that DEF CON has always presented a neutral ground that encouraged open communication among the community,"

    Whoever thinks the feds will at any time play fair is a fool. Those who actively violate the rights of the people should not be welcome anywhere.

  • by Jane Q. Public (1010737) on Thursday July 11, 2013 @07:14PM (#44256357)
    They didn't "exclude" the Feds. They simply warned them that given the current atmosphere, it might not be wise for them to attend.

    There's a pretty damned big difference.
    • by bsDaemon (87307)

      It's not like they could really enforce a "ban" on feds anyway. Any jackass with $100 can get a badge if they want to stand in line long enough, and not every "legit" hacker has tattoos, piercings and a techno fetish, otherwise 'spot the fed' wouldn't be any fun anyway.

  • by Anonymous Coward

    I wouldn't be at all surprised if these two were contractors for the fed.

    They can get bent if this is their attitude toward willful violation of my civil rights. I'm not interested in the opinions of people who lend ANY support to the ingrates who knowingly and willfully violate our rights for a day job.

  • I read this story on a site yesturday, it wasn't that they weren't allowed to, they were Asked not attend this year which they still could, due to the whole NSA spying issue that came up recently.
  • Safety issue! (Score:5, Insightful)

    by Omega Hacker (6676) <omega@nOSpAM.omegacs.net> on Thursday July 11, 2013 @07:26PM (#44256463)

    I honestly think there's a significant aspect to the move to "ban" Feds that people are overlooking: safety and liability. DEFCON gets a bit rowdy at the best of time, in the current climate re: PRISM, Snowden, etc. I seriously think the move will save a few bloody noses, possibly broken bones, and likely lawsuits and criminal charges stemming from the same. The conference also shields itself from the associated liability. A lot of people, especially in the hacker/DEFCON community, are *seriously* pissed at the US gov't right now, and that's gonna cause a lot more friction than normal.

    • In other words, the non Fed attendees can't be trusted to act like adults, so the con is warning the Feds not to attend. That really engenders trust in the hacker community. Good move!

      • by tlhIngan (30335)

        In other words, the non Fed attendees can't be trusted to act like adults, so the con is warning the Feds not to attend. That really engenders trust in the hacker community. Good move!

        Even worse, it would be reported as hackers acting like 12-year-old jackasses thus tarring every "hacker" as a 12-year-old immature idiot. Or a great way to prejudice anyone caught "hacking".

        Like Schwartz or Snowden.

    • by haus (129916) on Thursday July 11, 2013 @10:43PM (#44257841) Homepage Journal

      Perhaps you have not spent much time at these gatherings, but the amount of crossover between the them and the bone breakers is rather limited. It is more likely that additional mean spirited T-shirts will be created AND displayed.

  • It just occurred to me, one of the researchers pulling out was slated to give a presentation on how to hack sharepoint.

    While it would be an enormous loss for the community not to have the opportunity to learn more about the specific ways this guy attacks M$'s premium CMS ... ... how much effort would it really take for a bunch of Defcon attendees to put together a session with equally useful information about hacking sharepoint to replace it?

  • While registering to the conference, have attendees fill in a form with the two questions "Are you a government employee, and if so in what quality" and "Are you a journalist, and if so, in what newspaper(s) do you publish?" The people that you want to attend will be happy to have a name tag saying "Government employee, University of so and so". The people who feel the need to hide their affiliation are probably the ones you want to be escorted by security.
    • by cbhacking (979169)

      Media badges are already present and required; sneaking by without one is grounds for scathing public humiliation and a (possibly literal, physical) boot out the nearest door.

      "Fed" badges are unlikely to go anywhere, though. The reason that the media badges are meaningful is because they are something you can track; by their very nature, media personalities (even just faceless authors in a magazine) are people whose jobs are public. The feds... not so much. They are people whose job invites and often requir

  • Perhaps the organizer wish to avoid apolitical and protest maelstrom that could appear? Preferring to keep the conference at least somewhat apolitical?
  • by bdwebb (985489) on Thursday July 11, 2013 @08:28PM (#44256987)

    We do not want to make this a "political" move, and we do not make this decision based on their motivations. The issue we are struggling with, and the basis of our decision, is that we feel strongly that DEF CON has always presented a neutral ground that encouraged open communication among the community, despite the industry background and diversity of motives to attend. We believe the exclusion of the "feds" this year does the exact opposite at a critical time.

    James and I do not feel that this should be about anti/pro government, but rather a continuation of openness that this event has always encouraged. We both have much respect for DEF CON and the entire organization and security community.

    The specific inclusion of the federal government was never the intent of DefCon. The intent was to provide a neutral ground for people working in the security industry or on the fringes of the industry to be able to come together and discuss ideas, problems, and solutions. The Feds began coming, not to participate in the DefCon community but hoping to catch hackers or to recruit them. Obviously there may be some federal employees who attend for the same reasons we do, but DefCon prizes anonymity and those who would legitimately be attending obviously could not and would not be excluded.

    For your team to purposely pull your talk from DefCon because they have asked that the feds not attend this year is absolutely silly. If your purpose is openness and community, it seems rather fishy that the organizers simply asking that the 'Feds' don't attend (i.e. the guys trying to track hackers) would incite you to pull your talk. I think it is completely disingenuous to say that this is not a political move because the community will still be there - you just aren't targeting the community anymore with your talks and your target audience may not be present...at least that's the way you make it seem.

    • by RedLeg (22564)

      For your team to purposely pull your talk from DefCon because they have asked that the feds not attend this year is absolutely silly. If your purpose is openness and community, it seems rather fishy that the organizers simply asking that the 'Feds' don't attend (i.e. the guys trying to track hackers) would incite you to pull your talk. I think it is completely disingenuous to say that this is not a political move because the community will still be there - you just aren't targeting the community anymore wit

      • by bdwebb (985489)
        I don't disagree with you in that publicity is also a major motive for both DT and for Mr. Johnson's team. My point was, though, that it is still silly to say that they their reason for pulling out is that they believe the con is about openness and community and that the request for Federal agents not to attend violates that in some way. The entire point of the con is to provide an open forum for whoever registers to come and be able to hear talks from security researchers and hackers alike about penetrat
  • et tu? (Score:5, Insightful)

    by PopeRatzo (965947) on Thursday July 11, 2013 @08:34PM (#44257017) Homepage Journal

    This is how you find out who's snitching to the feds.

    I can well understand why anyone in the non-corporate, civilian security community would have absolutely lost any shred of trust they had in the feds.

    Those guys in DEFCON know who Aaron Schwartz is. They probably know people like Edward Snowden. They know that the federal government could bring their whole world crashing down in a heartbeat, without anything like constitutional rights.

    I bet there are some feds who are sad about missing the parties, and about missing all the intel. But seriously, if any of them were decent people, they'd be blowing whistles, too.

    Anybody who's working for the federal government in cybersecurity needs to make a decision about their future. Are they OK with being part of a police state? I know jobs are scarce, but if the day ever comes where push comes to shove, understanding of why they chose to continue to be part of this American StaziTM is going to be even more scarce.

    • The only ones who backed out of the conference (as far as I can tell) were going to talk about hacking Sharepoint. While I'm sure that's useful in some situations, it sounds like an extremely boring talk.

      Maybe the real reason they backed out is because no one was going to their talk anyway.
      • by PCM2 (4486)

        The only ones who backed out of the conference (as far as I can tell) were going to talk about hacking Sharepoint. While I'm sure that's useful in some situations, it sounds like an extremely boring talk.

        And kinda entry-level. I'm just generalizing here, but based on my own interactions with SharePoint, I strongly suspect that nobody ever sat around, racking their brains about how to hack a SharePoint site.

  • It's just 2 people from the same company who decided they didn't like DEF CON's stance this year and wrote a blog post saying they wouldn't attend. This means nothing. If me and a buddy decide we don't like Coke anymore that doesn't warrant a headline saying "People now giving up on Coke in response to [whatever]".
  • give back the name! (Score:4, Interesting)

    by stenvar (2789879) on Thursday July 11, 2013 @08:58PM (#44257165)

    The people making up DEF CON hijacked the term "hacker" for their security-related work. Give it back to the people who actually deserve it: smart, clever engineering types.

  • I claim the first "Spot the fed" siting. i.e. Kevin Johnson

    Enjoy your security contracts. Your grandchildren will thank you for the police state you helped create.

  • Anyone consider DEFCON just might not want the hassle of an official government presence b/c of the trouble it might stir up with attendees???

    Jeez, if any of you dorks ever threw a party, you'd know the big variable is who will show up and what they will do.

    Having an **official** presence from these gov't IT types would definitely tax security...just look at the comments on this thread. If I was organizing this, I definitely consider the same, given that it's a...you know...'hacker' convention and all.

    It's

Scientists will study your brain to learn more about your distant cousin, Man.

Working...