Defcon founder's message to feds fair to some, hypocritical to others
Dis-invitation is interesting because last year Defcon opened with General Keith Alexander, director of the National Security Agency
Computerworld - Defcon founder Jeff Moss' request to government agencies asking them not to attend next month's annual Defcon hacker conference has evoked a mixed response from the security community.
Many see it as little more than a symbolic gesture meant to convey the hacker community's discomfort over recent revelations of government surveillance activities by fugitive document-leaker Edward Snowden.
Others though see it as somewhat hypocritical move by an organization that has for long prided itself on giving a platform for all members of the security community to exchange ideas and share information freely.
Two researchers from the network security-consulting firm Secure Ideas on Thursday announced that they would not present at Defcon as scheduled, to protest Moss' actions.
Moss launched Defcon 21 years ago and has overseen its growth into one of the industry's largest hacker conferences. On Wednesday, he published a blog post in which he asked government agencies to "call a time-out" from the conference.
"For over two decades Defcon has been an open nexus of hacker culture, a place where seasoned pros, hackers, academics, and feds can meet, share ideas and party on neutral territory. Our community operates in the spirit of openness, verified trust, and mutual respect," he wrote.
"When it comes to sharing and socializing with feds, recent revelations have made many in the community uncomfortable about this relationship," he said in asking them not to attend Defcon this year.
The dis-invitation is interesting because it was only last year that Defcon had opened with a keynote from General Keith Alexander, director of the National Security Agency, the entity at the center of the surveillance controversy.
"Jeff Moss's post was a statement, not an order, but it was an important one," said Michael Sutton, a vice president of security research with Zscaler.
Moss is well respected within both the black hat and white hat communities and has strong government connections in his role as an advisor to the U.S. Department of Homeland Security (DHS), Sutton noted.
"His statement illustrates the deep disappointment of the Defcon community, who feel that they were blatantly lied to in light of the PRISIM scandal," he said referring to Alexander's denials last year when asked at the conference if the NSA was spying on U.S. citizens.
"Jeff is standing up for the community by saying 'you disrespected us in our own house -- we'd prefer you not visit this year'," Sutton said.
For many at Defcon, Edward Snowden's recent revelations of widespread NSA surveillance activities are likely to have only reinforced their suspicion of all things government, said Richard Stiennon, principal at IT-Harvest.
With Defcon, there's always been a bit of the "young generation versus the Man," Stiennon noted. In recent years, NSA and other three-letter government agencies have been recruiting from Defcon ranks, leading to a gradual thawing in relations between the two communities, he said. Even so, members of the Defcon community have only shown a "wary willingness" to interact with government types at best.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to... All Cybercrime and Hacking White Papers | Webcasts