Defcon founder's message to feds fair to some, hypocritical to others

Dis-invitation is interesting because last year Defcon opened with General Keith Alexander, director of the National Security Agency

Defcon founder Jeff Moss' request to government agencies asking them not to attend next month's annual Defcon hacker conference has evoked a mixed response from the security community.

Many see it as little more than a symbolic gesture meant to convey the hacker community's discomfort over recent revelations of government surveillance activities by fugitive document-leaker Edward Snowden.

Others though see it as somewhat hypocritical move by an organization that has for long prided itself on giving a platform for all members of the security community to exchange ideas and share information freely.

Two researchers from the network security-consulting firm Secure Ideas on Thursday announced that they would not present at Defcon as scheduled, to protest Moss' actions.

Moss launched Defcon 21 years ago and has overseen its growth into one of the industry's largest hacker conferences. On Wednesday, he published a blog post in which he asked government agencies to "call a time-out" from the conference.

"For over two decades Defcon has been an open nexus of hacker culture, a place where seasoned pros, hackers, academics, and feds can meet, share ideas and party on neutral territory. Our community operates in the spirit of openness, verified trust, and mutual respect," he wrote.

"When it comes to sharing and socializing with feds, recent revelations have made many in the community uncomfortable about this relationship," he said in asking them not to attend Defcon this year.

The dis-invitation is interesting because it was only last year that Defcon had opened with a keynote from General Keith Alexander, director of the National Security Agency, the entity at the center of the surveillance controversy.

"Jeff Moss's post was a statement, not an order, but it was an important one," said Michael Sutton, a vice president of security research with Zscaler.

Moss is well respected within both the black hat and white hat communities and has strong government connections in his role as an advisor to the U.S. Department of Homeland Security (DHS), Sutton noted.

"His statement illustrates the deep disappointment of the Defcon community, who feel that they were blatantly lied to in light of the PRISIM scandal," he said referring to Alexander's denials last year when asked at the conference if the NSA was spying on U.S. citizens.

"Jeff is standing up for the community by saying 'you disrespected us in our own house -- we'd prefer you not visit this year'," Sutton said.

For many at Defcon, Edward Snowden's recent revelations of widespread NSA surveillance activities are likely to have only reinforced their suspicion of all things government, said Richard Stiennon, principal at IT-Harvest.

With Defcon, there's always been a bit of the "young generation versus the Man," Stiennon noted. In recent years, NSA and other three-letter government agencies have been recruiting from Defcon ranks, leading to a gradual thawing in relations between the two communities, he said. Even so, members of the Defcon community have only shown a "wary willingness" to interact with government types at best.

That willingness likely has been tested by the Snowden affair, Stiennon noted. "A group of security professionals who are aligned to doing things and creating things that are protective of security and privacy and going to find themselves at odds with the NSA. So it may be best for both sides to cool off a bit," Stiennon noted.

Lawrence Pingree, an analyst at Gartner cautioned against making too much of Moss' statement. From a publicity standpoint, it makes a certain amount of sense to ask federal agencies not to attend Defcon, considering the sentiments that have been aroused by Snowden's revelations, he said.

In reality, it is unlikely that Moss will want to, or will even be able to stop government security types from attending the event if they really want to, he said.

In the end Moss is just sending a gentle reminder to the government that they are likely to be less than welcome among those at Defcon considering recent revelations about PRISM, said Robert Hansen, a white hat hacker and director of product management at WhiteHat Security.

"I don't believe that anyone who works directly with the staff at Defcon really hates feds," said Robert Hansen, a white hat hacker and director of product management at WhiteHat Security. "What they hate are that the free and open Internet has been taken from them in some sense and that theft is embodied in some sense by the people who are tasked with fulfilling often secret laws."

"The only issue I see with Jeff's announcement is that a lot of the most important, die-hard, freedom advocates work in or work directly with the military industrial complex, and it's unfair to paint them as the enemy of hackers," Hansen noted. "Though Jeff has never said that directly, and I don't believe he feels that way, I worry that people less familiar with the situation would mis-represent his words."

Others though see Moss' stance as needlessly politicizing the annual hacker fest.

In a blog post, James Jardine and Kevin Johnson, two researchers from Secure Ideas, announced they would not present at Defcon this year citing Moss' statement about not wanting the government at the show, as the reason.

"The basis of our decision, is that we feel strongly that Defcon has always presented a neutral ground that encouraged open communication among the community, despite the industry background and diversity of motives to attend," the blog noted. "We believe the exclusion of the 'fed' this year does the exact opposite at a critical time."

Ira Winkler, president of the Information Systems Security Association, and a Computerworld columnist said that Moss was being unfair in asking the federal government not to attend Defcon.

Much of Defcon's popularity has stemmed from the effort put into making it completely neutral venue for the information security community. By asking the government to stay away, Defcon has lost some of that neutrality, he said.

The surveillance activities revealed by Snowden, and that Moss alluded to in his statement, have all been found to be completely legitimate and vetted by all three branches of the government. So rather than try and exclude government agencies, it would have been better to use Defcon as an opportunity to get more answers on the surveillance practices, he said.

"It would be better to have a legitimate discussion on the issue," Winkler said. "Why is it legal, why is it constitutional. Stopping a group of people from attending goes against the spirit of what Defcon is supposed to be," he said.

Defcon has always thrived on presenting controversial security topics and has gone out of the way to make it possible for people to do so, Winkler noted.

"Why is the government being singled out when no group has been singled out and prevented from speaking," he said.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is

See more by Jaikumar Vijayan on

Read more about cybercrime and hacking in Computerworld's Cybercrime and Hacking Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags Cybercrime and HackingDefconsecuritynsaprivacy

More about GartnerNational Security AgencyNSATopiczScaler

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jaikumar Vijayan

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place