Sophos Cloud Optix
The founder of the DEF CON hacker conference has announced that members of the U.S. federal government will not be welcome to attend this year’s event.
DEF CON is one of the world’s largest hacker conferences and has been running for 21 years. Until now the conference has always welcomed the participation of federal government employees.
This unusual step has been taken by DEF CON’s founder on behalf of the hacker community and is a response to the recent exposure of the NSA’s omnipresent online spying operation commonly known as PRISM.
The announcement was made by conference founder Jeff Moss (AKA The Dark Tangent) on Wednesday in a short post on the DEF CON website:
For over two decades DEF CON has been an open nexus of hacker culture, a place where seasoned pros, hackers, academics, and feds can meet, share ideas and party on neutral territory. Our community operates in the spirit of openness, verified trust, and mutual respect.
When it comes to sharing and socializing with feds, recent revelations have made many in the community uncomfortable about this relationship. Therefore, I think it would be best for everyone involved if the feds call a "time-out" and not attend DEF CON this year.
This will give everybody time to think about how we got here, and what comes next.
However, not everyone in the hacker community that Moss is speaking for agrees with him.
Security researchers Kevin Johnson and James Jardine have responded to DEF CON’s stance by canceling their planned talk.
[we] do not feel that this should be about anti/pro government, but rather a continuation of openness that this event has always encouraged. We both have much respect for DEF CON and the entire organization and security community. It is with this respect that we are pulling our talk from the DEF CON 21 lineup.
Although Johnson clearly sees DEF CON’s move as anti-government, Moss has been clear that he isn’t drawing battle lines with his announcement. In a recent interview he explained to Reuters he is trying to diffuse a heated situation and give his conference attendees some space to come to terms with Edward Snowden’s seismic revelations.
The community is digesting things that the Feds have had a decade to understand and come to terms with ... a little bit of time and distance can be a healthy thing, especially when emotions are running high.
He backs this up by stating that although federal government employees have been asked to stay away this year, DEF CON will not be checking ID badges or kicking people out.
So what, if anything, does DEF CON’s stance actually achieve and are they right to tell federal government employees to stay away this year?
Wouldn’t DEF CON be a more useful conference by remaining neutral like Johnson suggests and, with no plans to enforce his ban, is Moss’s stance anything more than an empty gesture anyway?
Presumably those members of the federal government with the moral compass and skills required to engage in, and keep secret, projects like PRISM will have no difficulty attending DEF CON in spite of the message to stay away.
(In fact it seems that the U.S.’s secret squirrel types might even prefer to attend in disguise. Moss revealed to Reuters that he invited members of the U.S. federal government the very first time DEF CON was held; his invitees politely declined and then attended incognito.)
Personally I think, as objectionable as it is, no one can be surprised by the revelation that their government’s security service is spying on them and lying about doing it.
DEF CON is not a public service so Moss is free to invite or turn away whomever he likes, but if U.S. federal government employees were previously welcome to attend DEF CON in spite of (amongst other things) Carnivore, Stellar Wind, warrantless wiretapping and endless rumblings about Echelon, then surely the Rubicon was crossed long ago.
So what do you think?
This is surprising and silly, especially at such a late date. I pretty much agree with your article.
While I believe there is far too much government surveillance, given how many govt sites are being hacked, they need all the tips they can get from the young guns.
The Feds will be there no matter what they say, so it is a moot point. Asking for a time out, is just a simple gesture expressing the dissatisfaction with the current state of affairs, that's all.
I agree that it is a moot point, but it shows as you say their dissatisfaction. However we both know that they will send in a spy because they will be afraid they are missing something.
There's going to be a lot of anger and anti-Fed talk at Def Con this year no matter what happens. Wouldn't those that are most vocal about speaking up about such issues actually prefer to have an audience sprinkled with Feds to hear them?
"Our community operates in the spirit of openness, verified trust, and mutual respect."
The feds are operating in a manner contrary to the spirit of the community. Letting them into DEF CON is like letting the wolf in the hen-house.
Moss' decision to politely request feds to stay away is a move in the right direction. It's a request, not a demand. He's asking them to respect the other attendees and the spirit of the conference.
How can a person be open about ideas when they distrust the guy standing next to them, knowing he doesn't share the same openness?
My opinion is the feds presence at DEF CON will destroy it. Attendance will decrease year after year until there is little left.
Your last sentence doesn't make a ton of sense. Feds have been at every DEF CON since its inception and its attendance/popularity has only increased over time.
When you say you can't trust the feds, who are you talking about? Does that include the janitor who sweeps the halls at the federal courthouse? The decision makers who authorized and ordered the analysis of telephone records are not the ones who would be attending this function. "The feds" is too broad a category to paint with that brush or to exclude from the conference.
So openness and trust would include Sabu and Anonymous??
This poll is biased. Of course, it's their RIGHT to invite who ever they want, but they should not take the cowardly route of uninviting anyone. The 'YES DEF CON has the right' is NOT the opposite of 'NO DEF CON should be neutral'. Both answers are correct. Clearly, those who put the poll together were looking for a YES bias. Or else, they have no iodea how to put together fair, meaningful polls
Hi pSchuler,
When I put the poll together I imagined 'right' to be interpreted as 'correct' rather than 'is allowed by custom or law'. Thanks for pointing out the ambiguity.
Saying that I was *clearly* looking for a yes bias is a bit of an overreach given the sparse information you had to go on. You were much closer to the truth with "have no idea how to put together a fair, meaningful poll" ; )
M.
I've had this same argument/passionate discussion with some white hats i work with, and we have both taken different stances on the Snowden case and its revelations.
Being that these are some of my friends that we have very different views, i can imagine that there would be a number of heated discussions at DEF CON.
As the whole PRISM revelations are still a hot topic, it would be very difficult to promote openness, and i don't think DEF CON's stance was anti or pro government.
Moss's posture is simply one to diffuse tensions. if the feds attend incognito, there is no enforcement, and they would still be able to come and go as they please.
if anything, i think this move is more designed to make it less awkward for feds if people do start asking questions about PRISM.
I could see this as a reasonable request if the government was taking what they learned at DEF CON and using it to violate Americans' privacy, but that's not what's going on. PRISM does not involve hacking at all, just secret forced cooperation. The government is a big place, and the people not involved in spying shouldn't be lumped in with the ones who are.
I'm afraid that as a European anyone involved in US government at this moment could be potential spy. Maybe Snowdon was not right to divulge secrets, but I sure as hell don't want any government to spy on me (and I really don't have anything to hide. I don't post anything on the internet that cannot be read by the world at large.)
I don't know why the US government thinks it is their right. If Russia or any other country (dare I mention the K word?) was doing it, they would be up in arms about it. What's the difference?
Don't think this is possible. How would you know? Well I guess if your ID badge says NSA or Homeland Security. Public event, how would you exclude anyone? Call the cops? I think I see a problem.
None the less, as a SYMBOLIC act, I guess I approve.
I believe it is their right as well. But we all know it is purely symbolic, just like you say. The Feds will attend anyway, but at least the organizer has gone on record saying that he, as a community representative, is upset about how they are abusing their power.
This is a PR move and a good one.
Dialogue is right always. DefCon is an opportunity for 'hackers' to understand not only what other hackers are thinking/doing but also for them to understand how it may affect others who are not classed as hackers or how they can help/hinder computer and internet users by their actions and those of 'official bodies' such as government agencies.
In general, hacking can be considered an illegal act if it is done without the approval of a Court of Law, no matter who is conducting the 'hacking'. If it is done with the requisite approval, then it is perhaps not hacking but surveillance – which is also a can of worms.
People 'hack' for a reason, usually to gain information they perhaps should not have or that they should not see, according the the information owner. Hackers and governments hack, often without legal authority, and affect users other than the one(s) targetted.
So it is essential that dialogue continues openly, to improve understanding and to help protect people and their privacy.
All federal employees are bad guys because the NSA engaged in a court-authorized data analysis scheme. So some IT guy from the Forest Service is prevented from attending. Sounds like bigotry to me.
By the way, the guy from the Forest Service will be kept away because he would reveal his government affiliation. The guys they really want to keep away will be there anyway.
Why Not keep them out?
Re "moral compass" and Federal government employees, isn't that at an
OXYMORON, akin to the Moron we are stuck with in the White House who is behind all this BIG BROTHER nonsense?
Def Con wll have to still enage in its' annual SPOT THE FEDS contest anyway.
Or, they wouldn't attend anyway because of sequestration…
I support the organizers on deciding who they allow and don’t allow to their private organization.
However with that said, its a bit silly and childish. This is the grown up world.
Your last paragraph says it all. its a bit childish and naive of them to do this, but completely their right.
If the feds want to be there, they'll be there. Now they'll just be undercover, which imo should be the point. Spot the fed just got more fun.
As a retired Law Enforcement Officer, I wouldn't trust them either. I woul d have never asked them without a written document stating that no information will be used to prosecute anyone there or have been or will be. Not that it would hold up, but it migh show mental position of the Feds…
As it has been pointed out, the feds have always been there, even before they were invited and had there own panels and did career fairs at defcon they were attending in secret. By not inviting them this year its not like they wont covertly show up, its solely a political message that the defcon community does not support this illegal surveillance system the government has set up. Yes it may be "legal" now but its constininality is so questionable that its absurd.
The government passed a law to allow a secret court to issue secret warrant that allow secret programs to collect data on everyone and everything in secret, how does that not sound shady? Defcon is right to not invite the institutions that are the key players in this.
Did all the other countries they are spying on pass a law saying it is ok for the US to spy on them?
I suppose the KKK and Nazis ban Blacks and Jews from attending their conferences, so hey, what’s the problem here?
If all these governments dept’s continue like this
the whole Internet will become parasitic.
Who am I to state this ?
I live and work on the WEB since we build it in 1985.
We have warned and warned… big bizz came first !!
You built the World Wide Web in 1985? That must be why your username is Timelord.
M.
You want proof of this ?
I didn’t built it alone , it was an whole big international team.
Take a good look here : [ed: link removed]
This was the first setup straight out of the military.
just a few pages , I don’t have ‘TIME’
the nick , who knows 😉
My Logo is important , it’s all registered at that year.
I am proving something with this for the future.
Washington surveys. Beijing and Hanoi survey. What's the difference? A lot. One is to protect the people against terrorists, the other protects the dictators against the people, by catching and torturing brave dissidents who advocate democracy.
I wish Johnson and Jardine stayed and used their talk to raise a debate on this matter.
Isn't it Jeff Moss n not James Moss ?
Oh dear, yes it is. I have corrected the article.
So it's a Don't Ask, Don't Tell kinda things?
I have to correct a portion of this article. I do not see the post by Jeff as anti-government.
Hi Kevin,
If you'd care to elaborate your position I would be happy to amend the article. I understand that both you and Moss have been taking considered and respectful positions on complex issues and I was trying to accurately (but briefly) summarise them.
As I read it you counterpointed DEF CON being anti/pro government as the opposite of DEF CON being neutral and went on to characterize the decision to ask the "feds" to stay away as the opposite of neutral.
Forgive me as I am on the fringe on the "hacker" community. But as that community is perceived, officially going on record with a "we're not allowing you in" statement raises even more red flags if there were any previous red flags. If they are neutral, then why worry about some feds you feel may or may not have a connection to a spy on you program? Isn't your hacker conference supposed to be letting the good guys get the jump on the bad guys spying? So why try to trip up someone fighting the same fight as you?
The content of these conferences is often made public after the fact anyway (blogs, webcasts etc.) so while I believe that the "feds" should participate and learn from industry experts at such events, I think the current level of animosity in the community may cause disruption or otherwise detract from the event and ultimately drive a more voracious rift in what should be a vital relationship for both sides.