Looks like somebody wants to nominate themselves for a government contract.
A statement such as "We believe the exclusion of the "feds" this year does the exact opposite at a critical time." is just ridiculous. Even more bizarre is the idea of mentioning openness in the (current) government context.
If there is a positive effect between the openness of the hacker community and the Feds then why did we end up with the current situation?
The current situation is incredibly bad so I absolutely support the decision by DEF CON. Even if there is only one single occasion where people stop talking/avoiding a person who is working to close with government agencies this is a success.
People who work for these agencies will always hide behind some "greater good" narrative and avoid taking personal responsibility. My hope is that by getting personally shunned by their former peer group it might help them realize that this is not longer just business-as-usual.
Government loves to really up the public with the us vs them rhetoric so they definitely deserve a dose of their own medicine.
> Looks like somebody wants to nominate themselves for a government contract.
Interesting how when the news media baselessly questions the motives of whistleblowers it's a "smear campaign." When someone on HN does it to someone who's vaguely pro-NSA it's the top comment.
As a symbolic statement by DEF CON, I like the "no feds" thing. Pragmatically, it probably won't much much difference, since any Feds who want to attend can probably attend and just not identify themselves as feds. OK, yeah, Keith Alexander might be spotted, but the average run-of-the-mill FBI or NSA geek probably isn't all that recognizable unless they wear their official ID or something.
BUT... looking at it from the "keep your friends close, and your enemies closer" perspective, I'm not sure this is a Good Thing. The feds are going to do what they're going to do, regardless of what DEF CON does. Might as well invite them in, pick their brains, and learn as much as possible to help counter their shady machinations.
My major problem with the PRISM debacle was less that the NSA stores and analyzes Internet traffic (although it's perfectly reasonable to be upset about it) and more that they were doing it secretively (mixed with some disgust at how much money, energy, and time must be wasted storing and sifting through unfathomable amounts of data).
With that in mind, it's kind of counterintuitive to close the door to conversation when silence was the issue in the first place. It almost seems like a melodramatic romance ("I just need to be alone right now."), which portrays the DEF CON organizers as reactionary and immature.
I also think it creates unnecessary hostility when you disinvite a group of people that everyone seems to know will attend anyway. In fact, it just creates more secrecy.
I don't agree with the statement that Secure Ideas makes; they are opting out because DEFCON is supposed to be an open collaboration place, but if the very netsec community doesn't have the balls to stand up to the extreme over-reach of the NSA, then we are farked.
Yes, most of us have known for years the extent of the spying the NSA/USG does -- and I believe it's time to take back some individual sovereignty -- the NSA has all but dissolved this.
For me, this is not a political issue, its a human rights issue. I have no respect for the NSA and its apologists, period.
> but if the very netsec community doesn't have the balls to stand up to the extreme over-reach of the NSA, then we are farked.
I would agree with this much more if they had previously had a statement suggesting that feds from oppressive foreign regimes were not invited. As a non-US citizen, there is a sentiment of "it was OK when we thought they were just doing it to foreigners" about much of this debate.
However, this isn't about standing up to anyone, it's a PR move by DEF CON.
this is rank hypocrisy. The NSA is simply using what "security researchers" have been talking about at Defcon for years. One lone hacker gets into a telecom's system and he makes a name for himself (or herself). A government agency does it and everyone gets on their sanctimonious high horse when all the NSA is doing is taking hacking to its next logical step, government weaponization of hacking. .
Here's hoping that the free time slots are now filled with talks that discuss ways to escape the surveillance state. Particularly how systems for the use of masses could be erected.
Exactly. Democratizing defenses for the average person needs to become the norm. Every person in the world has the right to be free from government surveillance, both domestic and foreign.
Had to scroll too far down to find this comment. Defcon's argument, which Secure Ideas didn't seem to get, was:
P1) This is a place for those who believe in openness, sharing, and mutual gain.
P2) Feds have been hiding the fact that they've been screwing us all along.
Conclusion: This isn't a place for Feds.
The blog posts states: "...but rather a continuation of openness that this event has always encouraged." But this is exactly why the Feds aren't allowed.
this is so awesome by Secure Ideas, and also an awful move by DEF CON. one of the largest problems with current state of technology is that what the fed is doing is possible. hopefully there will be a lot of talk about how to shift towards more secure services such as mesh nets and polymorphic encryption. the feds would have been good resources to talk to, and it's extremely hard to find an opportunity to have the kind of necessary talks outside of conventions like DEF CON.
> one of the largest problems with current state of technology is that what the fed is doing is possible.
I think you meant 'legal' but you accidentally wrote 'possible' instead. Mesh nets and polymorphic encryption don't stand a chance against a supoena and the threat of a lengthy imprisonment/huge fine for noncompliance.
Uhm.. the feds do not share or collaborate. They will prosecute any of their own who do give back. In fact, Keith Alexander came there last year to lie to your face.
I think they make a really good point, which is that true neutrality is something beneficial for the whole community.
Besides, DEFCON's statement was symbolic. If the NSA is watching us constantly anyway, they're going to be hacking us and us hacking them even if we and/or they are not at the conference.
Even if the "feds" aren't officially invited to run a booth and take applications, they're gonna show up anyways probably three weeks before the event to install facial recognition cameras and audio recording bugs in all the hotel rooms (;
I'm sure that they don't need to. They just ask the casinos and other places to give them all the footage after the fact.
Wouldn't you want to hold a conference like this in a place where all surveillance equipment were not standard so you can spot them as anomalies in the surroundings?
I would imagine that every single person that has attended is on the list of people whose communications are stored indefinitely.
By closing themselves to the US "feds" community, do they open themselves up to the larger international black hat community?
I would imagine that any foreign black hat would have reservations about going to DEFCON.
In fact, the DEFCON community probably benefits from diversifying globally by being held in other countries.
I don't know anything about DEFCON, but how diversified is the audience that attends? Historically, have the overwhelming majority of non-fed attendees been US citizens? I would imagine that both Germany and Israel are well represented in the community.
If so, how do they attend without risking being put on a no-entry list at the border?
Anyone can attend DEF CON, including feds that leave their badges in their wallets. That being the case, this statement was made for the benefit of exactly one audience: government procurement departments.
There's this thing called sequestration going on that's disrupting the budgets of all the federal agencies.
The feds are cutting budget for ridiculous things like the blue angels.
But they're totally going to be maintaining the budget for hacker cons in Las Vegas.
This is all about street cred for defcon & nothing to do with "taking a break." Jeff Moss is too sophisticated to be throwing away all those relationships. This is a stunt circle jerk.
After the GSA stunt a few years ago, you bet conference budgets have been cut. Departments are given a set budget for each conference--if I remember right, the DOE allocates $100k max per conference. Sounds like a lot, but then you see what happened to last year's Supercomputing conference. That's a weeklong conference traditionally attended by many of the DOE's large supercomputing community. $100k does not send many people to a week-long conference. This was enough to cause very notable effects on the conference as a whole; outlets such as The Register even commented on it. I've heard rumors that some companies may not be going this year because without the DOE there, it's just not as valuable for HPC vendors.
I think some who have direct or indirect ties to NSA or other government organizations will probably feel the pressure to opt out for DEFCON that increasingly have become anti-government.
They make a good point: DEF CON has not given "concrete" reason for why they banned the feds. They merely allude to "recent revelations".
I am not necessarily opposed to the idea of banning people for bad behavior, but DEF CON should spell out a concrete policy, apply it to everyone, and be specific about the offending actions.
Is Defcon worried about fights breaking out or something? You know the 'feds' are going to be there anyway. At least if they were in the open then everyone could give them a piece of their minds and maybe convince some of them to quit their jobs or at least give more consideration to the other perspective.
Wow, I got my talk down to "you or one other talk" and wasn't accepted (I did apply late). Tempted to see if they'll let me replace Secure Ideas. I have no problem with the "feds, please stay home" policy.
[+] [-] stfu|12 years ago|reply
A statement such as "We believe the exclusion of the "feds" this year does the exact opposite at a critical time." is just ridiculous. Even more bizarre is the idea of mentioning openness in the (current) government context.
If there is a positive effect between the openness of the hacker community and the Feds then why did we end up with the current situation?
The current situation is incredibly bad so I absolutely support the decision by DEF CON. Even if there is only one single occasion where people stop talking/avoiding a person who is working to close with government agencies this is a success.
People who work for these agencies will always hide behind some "greater good" narrative and avoid taking personal responsibility. My hope is that by getting personally shunned by their former peer group it might help them realize that this is not longer just business-as-usual.
Government loves to really up the public with the us vs them rhetoric so they definitely deserve a dose of their own medicine.
[+] [-] jgross206|12 years ago|reply
Interesting how when the news media baselessly questions the motives of whistleblowers it's a "smear campaign." When someone on HN does it to someone who's vaguely pro-NSA it's the top comment.
[+] [-] ceol|12 years ago|reply
That sounds like it would increase the us-vs-them rhetoric, not decrease it.
[+] [-] mindcrime|12 years ago|reply
BUT... looking at it from the "keep your friends close, and your enemies closer" perspective, I'm not sure this is a Good Thing. The feds are going to do what they're going to do, regardless of what DEF CON does. Might as well invite them in, pick their brains, and learn as much as possible to help counter their shady machinations.
[+] [-] sneak|12 years ago|reply
That said, this serves to highlight both DEF-CON's dissatisfaction with the military/IC as well as that of the general population that attends.
It's a political statement. It won't actually change who attends.
This is a good thing.
[+] [-] toyg|12 years ago|reply
[+] [-] rmrfrmrf|12 years ago|reply
With that in mind, it's kind of counterintuitive to close the door to conversation when silence was the issue in the first place. It almost seems like a melodramatic romance ("I just need to be alone right now."), which portrays the DEF CON organizers as reactionary and immature.
I also think it creates unnecessary hostility when you disinvite a group of people that everyone seems to know will attend anyway. In fact, it just creates more secrecy.
[+] [-] samstave|12 years ago|reply
Yes, most of us have known for years the extent of the spying the NSA/USG does -- and I believe it's time to take back some individual sovereignty -- the NSA has all but dissolved this.
For me, this is not a political issue, its a human rights issue. I have no respect for the NSA and its apologists, period.
[+] [-] throwawayDC21|12 years ago|reply
I would agree with this much more if they had previously had a statement suggesting that feds from oppressive foreign regimes were not invited. As a non-US citizen, there is a sentiment of "it was OK when we thought they were just doing it to foreigners" about much of this debate.
However, this isn't about standing up to anyone, it's a PR move by DEF CON.
[+] [-] mpyne|12 years ago|reply
Do you lack respect for those people, or their arguments?
[+] [-] ropman76|12 years ago|reply
[+] [-] pseudometa|12 years ago|reply
[+] [-] clicks|12 years ago|reply
[+] [-] malandrew|12 years ago|reply
[+] [-] pyrocat|12 years ago|reply
Bullshit, that's exactly what it is.
[+] [-] fleitz|12 years ago|reply
[+] [-] throwawayDC21|12 years ago|reply
[+] [-] stephengillie|12 years ago|reply
What a stellar synergy of marketing and management!
[+] [-] wyck|12 years ago|reply
You missed the point completely, your post is a contradiction and way off base.
[+] [-] autodidakto|12 years ago|reply
P1) This is a place for those who believe in openness, sharing, and mutual gain.
P2) Feds have been hiding the fact that they've been screwing us all along.
Conclusion: This isn't a place for Feds.
The blog posts states: "...but rather a continuation of openness that this event has always encouraged." But this is exactly why the Feds aren't allowed.
[+] [-] thrush|12 years ago|reply
[+] [-] mullingitover|12 years ago|reply
I think you meant 'legal' but you accidentally wrote 'possible' instead. Mesh nets and polymorphic encryption don't stand a chance against a supoena and the threat of a lengthy imprisonment/huge fine for noncompliance.
[+] [-] revelation|12 years ago|reply
[+] [-] throwawayDC21|12 years ago|reply
In my experience, vendors leech off the community more than the feds do.
[+] [-] chadillac83|12 years ago|reply
[+] [-] Buge|12 years ago|reply
[+] [-] antitrust|12 years ago|reply
Besides, DEFCON's statement was symbolic. If the NSA is watching us constantly anyway, they're going to be hacking us and us hacking them even if we and/or they are not at the conference.
[+] [-] dobbsbob|12 years ago|reply
[+] [-] malandrew|12 years ago|reply
Wouldn't you want to hold a conference like this in a place where all surveillance equipment were not standard so you can spot them as anomalies in the surroundings?
I would imagine that every single person that has attended is on the list of people whose communications are stored indefinitely.
[+] [-] malandrew|12 years ago|reply
I would imagine that any foreign black hat would have reservations about going to DEFCON.
In fact, the DEFCON community probably benefits from diversifying globally by being held in other countries.
I don't know anything about DEFCON, but how diversified is the audience that attends? Historically, have the overwhelming majority of non-fed attendees been US citizens? I would imagine that both Germany and Israel are well represented in the community.
If so, how do they attend without risking being put on a no-entry list at the border?
[+] [-] downandout|12 years ago|reply
[+] [-] nookiemonster|12 years ago|reply
There's this thing called sequestration going on that's disrupting the budgets of all the federal agencies.
The feds are cutting budget for ridiculous things like the blue angels.
But they're totally going to be maintaining the budget for hacker cons in Las Vegas.
This is all about street cred for defcon & nothing to do with "taking a break." Jeff Moss is too sophisticated to be throwing away all those relationships. This is a stunt circle jerk.
[+] [-] jff|12 years ago|reply
[+] [-] techjournalist|12 years ago|reply
[+] [-] jsnk|12 years ago|reply
[+] [-] abalone|12 years ago|reply
I am not necessarily opposed to the idea of banning people for bad behavior, but DEF CON should spell out a concrete policy, apply it to everyone, and be specific about the offending actions.
[+] [-] wavesounds|12 years ago|reply
[+] [-] rdl|12 years ago|reply