
Secure Ideas will not be presenting at DEF CON this year - ssclafani
http://blog.secureideas.com/2013/07/secure-ideas-will-not-be-presenting-at.html
======
stfu
Looks like somebody wants to nominate themselves for a government contract.

A statement such as _" We believe the exclusion of the "feds" this year does
the exact opposite at a critical time."_ is just ridiculous. Even more bizarre
is the idea of mentioning openness in the (current) government context.

If there is a positive effect between the openness of the hacker community and
the Feds then why did we end up with the current situation?

The current situation is incredibly bad so I absolutely support the decision
by DEF CON. Even if there is only one single occasion where people stop
talking/avoiding a person who is working to close with government agencies
this is a success.

People who work for these agencies will always hide behind some "greater good"
narrative and avoid taking personal responsibility. My hope is that by getting
personally shunned by their former peer group it might help them realize that
this is not longer just business-as-usual.

Government loves to really up the public with the us vs them rhetoric so they
definitely deserve a dose of their own medicine.

~~~
jgross206
> Looks like somebody wants to nominate themselves for a government contract.

Interesting how when the news media baselessly questions the motives of
whistleblowers it's a "smear campaign." When someone on HN does it to someone
who's vaguely pro-NSA it's the top comment.

~~~
bpatrianakos
He's not even vaguely pro-NSA. He's pro-openness. The fact that this is the
top comment is sad and its a testament to knee-jerk reactions in echo chambers
around the world. There's a difference between the government as an entity and
individuals who are employed by them. Feds attending DEF CON aren't really
Feds, their security guys like everyone else there. Depending on the context
one could be a fed first and other things second but at DEF CON that's not the
case and barring a certain group of people turns it into a situation where
you're labelled based on what you don't have in common with other attendees
rather than being welcomed because of what everyone at the even shares.

~~~
bandushrew
"Feds attending DEF CON aren't really Feds"

I guarantee you that this is not something the Feds themselves believe.

What makes you think it is true?

~~~
bpatrianakos
I'm talking about our identities here. I do some charity work on the board of
a non profit. When I give talks and attend events with others in that
particular field I am an advocate for a cause like everyone else there, not a
developer. To take it even further I'll add some details.

The charity is involved with educating the public about the recent heroin
epidemic that's been hitting the country pretty badly. Now lets suppose that
NIDA or the DEA was involved with a scandal having to do with letting dealers
off the hook or fudging some study. And lets suppose the prevention and
treatment community, in response to this, announced that no Feds are allowed
to attend our annual event (which is real) where we always invite speakers who
work in the area of prevention, treatment, and law enforcement. That would not
be the right thing to do. Those Feds who normally come to our events have a
genuine concern for the cause and offer valuable insights. By not inviting
them the organization may make a strong political statement but its really not
doing anything except allowing a small group of people to pat themselves on
the back and say "yeah, we showed them". Meanwhile all of our attendees and
guests are missing out on valuable insights they may have otherwise gotten had
the organization not taken this route.

There are betters ways of making political statements. DEF CON themselves
could have tried to do something to address the NSA leaks issue at the event
without barring a group of people who most likely don't even consider
themselves as Feds when they're in the context of a security convention.

~~~
bandushrew
My problem is that The Feds are spying on me. If they want to be a part of the
solution to that problem, great - they can stop.

------
mindcrime
As a symbolic statement by DEF CON, I like the "no feds" thing. Pragmatically,
it probably won't much _much_ difference, since any Feds who want to attend
can probably attend and just not identify themselves as feds. OK, yeah, Keith
Alexander might be spotted, but the average run-of-the-mill FBI or NSA geek
probably isn't all that recognizable unless they wear their official ID or
something.

BUT... looking at it from the "keep your friends close, and your enemies
closer" perspective, I'm not sure this is a Good Thing. The feds are going to
do what they're going to do, regardless of what DEF CON does. Might as well
invite them in, pick their brains, and learn as much as possible to help
counter their shady machinations.

~~~
rmrfrmrf
My major problem with the PRISM debacle was less that the NSA stores and
analyzes Internet traffic (although it's perfectly reasonable to be upset
about it) and more that they were doing it secretively (mixed with some
disgust at how much money, energy, and time must be wasted storing and sifting
through unfathomable amounts of data).

With that in mind, it's kind of counterintuitive to close the door to
conversation when silence was the issue in the first place. It almost seems
like a melodramatic romance ("I just need to be alone right now."), which
portrays the DEF CON organizers as reactionary and immature.

I also think it creates unnecessary hostility when you disinvite a group of
people that everyone seems to know will attend anyway. In fact, it just
creates _more_ secrecy.

~~~
chris_mahan
I think the NSA and friends are underestimating the amount of anger out there,
and that the Congresscritters will probably try for a reduction of the NSA's
budget to punish them for lying to them. The future of the organization might
not be in jeopardy (although from the way congressmen seem peeved, it might)
but there will definitely be cutbacks across the entire surveillance business.

~~~
a3n
"Congresscritters will probably try for a reduction of the NSA's budget"

Not if the leadership and seniors have anything to do with it. Boehner called
Snowden a traitor; he doesn't _want_ to be told what Snowden knows. And
Feinstein has defended the programs.

Wyden and Udall are in the minority. Everyone else on the Senate Intelligence
Committee heard what those two heard, and there were no words of discontent or
reform beyond what those two said. Indeed, most of you probably know their
names only because of their faint opposition. They've been speaking as much as
they dare for years, which means the rest of the committee has known for
years. And yet, nothing.

~~~
chris_mahan
Congressmen have to be re-elected, and they have to show to their constituents
that they have done _something_ to protect their privacy... There will be
change.

~~~
a3n
Congress at large has the worst approval ratings in years, possibly ever. And
yet we keep on mostly re-electing the individuals that make up the body, while
in the same breath complaining about Congress.

------
samstave
I don't agree with the statement that Secure Ideas makes; they are opting out
because DEFCON is supposed to be an open collaboration place, but if the very
netsec community doesn't have the balls to stand up to the extreme over-reach
of the NSA, then we are farked.

Yes, most of us have known for years the extent of the spying the NSA/USG does
-- and I believe it's time to take back some individual sovereignty -- the NSA
has all but dissolved this.

For me, this is not a political issue, its a human rights issue. I have no
respect for the NSA and its apologists, period.

~~~
mpyne
> I have no respect for the NSA and its apologists, period.

Do you lack respect for those people, or their arguments?

~~~
samstave
I have no respect for the NSA and those who work there who perpetrate this
surveillance state. So those ___people_ __who have built this.

~~~
stfu
Exactly the right point!

This needs to be personal - especially because we are not talking about some
exploited minimal wage earners who have no other options.

But instead about professionals who have made the intentional choice to
dedicate 8h+ a day to organizations that set out to destroy privacy and
private communication across the world.

------
pseudometa
Don't worry about the Fed's absence at DEF Con, they never attended for the
content. They only wanted the meta data.

------
clicks
Here's hoping that the free time slots are now filled with talks that discuss
ways to escape the surveillance state. Particularly how systems for the use of
masses could be erected.

~~~
malandrew
Exactly. Democratizing defenses for the average person needs to become the
norm. Every person in the world has the right to be free from government
surveillance, both domestic and foreign.

------
pyrocat
"We do not want to make this a "political" move"

Bullshit, that's exactly what it is.

~~~
fleitz
Exactly, if it was non-political they'd just call up DEFCON and withdraw their
talk.

------
stephengillie
Hey, look: Secure Ideas managed to advertise themselves through a blog post
and save money by not presenting, all in one move!

What a stellar synergy of marketing and management!

------
wyck
DEC CON is trying to retain some aspects of the community it cares about in
order to prevent it from completely evolving into a pentagon pony show.

You missed the point completely, your post is a contradiction and way off
base.

~~~
autodidakto
Had to scroll too far down to find this comment. Defcon's argument, which
Secure Ideas didn't seem to get, was:

P1) This is a place for those who believe in openness, sharing, and mutual
gain.

P2) Feds have been hiding the fact that they've been screwing us all along.

Conclusion: This isn't a place for Feds.

The blog posts states: "...but rather a continuation of openness that this
event has always encouraged." But this is exactly why the Feds aren't allowed.

------
thrush
this is so awesome by Secure Ideas, and also an awful move by DEF CON. one of
the largest problems with current state of technology is that what the fed is
doing is possible. hopefully there will be a lot of talk about how to shift
towards more secure services such as mesh nets and polymorphic encryption. the
feds would have been good resources to talk to, and it's extremely hard to
find an opportunity to have the kind of necessary talks outside of conventions
like DEF CON.

~~~
mullingitover
> one of the largest problems with current state of technology is that what
> the fed is doing is possible.

I think you meant 'legal' but you accidentally wrote 'possible' instead. Mesh
nets and polymorphic encryption don't stand a chance against a supoena and the
threat of a lengthy imprisonment/huge fine for noncompliance.

~~~
thrush
I said what I meant. And I think you're implying that the government doesn't
use the same backdoors and web surveillance strategies that all black hats
(anyone really) has the ability to deploy.

~~~
keppy
The stark difference being that no hacker has the ability to deploy a standing
army, a secret police force, or secret courts for issuing secret warrants.

------
revelation
Uhm.. the feds do not _share_ or _collaborate_. They will prosecute any of
their own who do _give back_. In fact, Keith Alexander came there last year to
_lie_ to your face.

~~~
throwawayDC21
Sure they do, I've had constructive conversations, advice and even patches
submitted by feds (yes, I checked them thoroughly!).

In my experience, vendors leech off the community more than the feds do.

------
chadillac83
Hopefully their talk will be replaced with a Q&A session with NSA reps.

~~~
Buge
That's the problem though. DEF CON doesn't want the NSA to come.

------
antitrust
I think they make a really good point, which is that true neutrality is
something beneficial for the whole community.

Besides, DEFCON's statement was symbolic. If the NSA is watching us constantly
anyway, they're going to be hacking us and us hacking them even if we and/or
they are not at the conference.

------
dobbsbob
Even if the "feds" aren't officially invited to run a booth and take
applications, they're gonna show up anyways probably three weeks before the
event to install facial recognition cameras and audio recording bugs in all
the hotel rooms (;

~~~
malandrew
I'm sure that they don't need to. They just ask the casinos and other places
to give them all the footage after the fact.

Wouldn't you want to hold a conference like this in a place where all
surveillance equipment were not standard so you can spot them as anomalies in
the surroundings?

I would imagine that every single person that has attended is on the list of
people whose communications are stored indefinitely.

------
malandrew
By closing themselves to the US "feds" community, do they open themselves up
to the larger international black hat community?

I would imagine that any foreign black hat would have reservations about going
to DEFCON.

In fact, the DEFCON community probably benefits from diversifying globally by
being held in other countries.

I don't know anything about DEFCON, but how diversified is the audience that
attends? Historically, have the overwhelming majority of non-fed attendees
been US citizens? I would imagine that both Germany and Israel are well
represented in the community.

If so, how do they attend without risking being put on a no-entry list at the
border?

------
downandout
Anyone can attend DEF CON, including feds that leave their badges in their
wallets. That being the case, this statement was made for the benefit of
exactly one audience: government procurement departments.

------
nookiemonster
Drama.exe

There's this thing called sequestration going on that's disrupting the budgets
of all the federal agencies.

The feds are cutting budget for ridiculous things like the blue angels.

But they're totally going to be maintaining the budget for hacker cons in Las
Vegas.

This is all about street cred for defcon & nothing to do with "taking a
break." Jeff Moss is too sophisticated to be throwing away all those
relationships. This is a stunt circle jerk.

~~~
jff
After the GSA stunt a few years ago, you bet conference budgets have been cut.
Departments are given a set budget for each conference--if I remember right,
the DOE allocates $100k max per conference. Sounds like a lot, but then you
see what happened to last year's Supercomputing conference. That's a weeklong
conference traditionally attended by many of the DOE's large supercomputing
community. $100k does not send many people to a week-long conference. This was
enough to cause very notable effects on the conference as a whole; outlets
such as The Register even commented on it. I've heard rumors that some
companies may not be going this year because without the DOE there, it's just
not as valuable for HPC vendors.

------
techjournalist
I wonder how many others (if any) will follow your lead.

~~~
jsnk
I think some who have direct or indirect ties to NSA or other government
organizations will probably feel the pressure to opt out for DEFCON that
increasingly have become anti-government.

~~~
platypii
good riddance

------
abalone
They make a good point: DEF CON has not given "concrete" reason for why they
banned the feds. They merely allude to "recent revelations".

I am not necessarily opposed to the idea of banning people for bad behavior,
but DEF CON should spell out a concrete policy, apply it to everyone, and be
specific about the offending actions.

------
wavesounds
Is Defcon worried about fights breaking out or something? You know the 'feds'
are going to be there anyway. At least if they were in the open then everyone
could give them a piece of their minds and maybe convince some of them to quit
their jobs or at least give more consideration to the other perspective.

------
rdl
Wow, I got my talk down to "you or one other talk" and wasn't accepted (I did
apply late). Tempted to see if they'll let me replace Secure Ideas. I have no
problem with the "feds, please stay home" policy.

------
blueprint
If they didn't 'want to make this a "political" move', why exactly did they
write a public blog entry about it expounding their point of view?

------
Grabber
They just have casino & hotel surveillance run facial recognition on everyone
anyways.

------
gcb0
summary: they will not present, but they will.

------
amerika
Pure pretense. They're using the NSA debacle as an excuse to pander to the
trend and headline-whore.

