Feeds

Security bods boycott DEF CON over closed door for feds

'Hey, if you're just here for interest, don't consider yourself a Fed!'

Beginner's guide to SSL certificates

At least one group of researchers is pulling out of DEF CON in protest at the decision to tell federal agents to stay away from the annual hacking convention.

Jeff Moss, the US government security advisor who founded the DEF CON and BlackHat, urged federal agents to stay away from DEF CON in Vegas next month. G-Men were unwelcome because of the recent revelations about wholesale surveillance on US citizens by the NSA, Moss (AKA @TheDarkTangent) said in a post on the official DEF CON website.

"When it comes to sharing and socializing with feds, recent revelations have made many in the community uncomfortable about this relationship," Moss said. "Therefore, I think it would be best for everyone involved if the feds call a 'time-out' and not attend DEF CON this year."

It's unclear how effective the request will be. Several people in the security community have questioned Moss's stance, given he's served on the US government's Homeland Security Advisory Council since 2009 and is chief security officer for internet overlord ICANN. Others dismiss the G-men exclusion request as showboating.

"Of course I think the whole ban the Feds at Defcon thing is just controversy to get media attention and more mainstream exposure :-)," said convicted hacker turned security consultant Kevin Mitnick, in a Twitter update.

Federal agents have been welcomed at DEF CON from the genesis of the long-running conference, with the main conditions being that they be open about their status and willing to put up with a certain amount of mickey taking from other attendees. Some security researchers such as Robert Graham of Errata Security, reckon the stay-away request is a sensible move towards defusing potential antagonism at this year's show.

However other security researchers argue that dialogue between hackers, security and representatives of federal agencies has become even more important in the wake of PRISM-gate. Turning DEFCON into a closed shop that excludes federal agents, or at least forces them to operate in stealth mode, is counterproductive - according to Secure Ideas. The security consultancy was due to present research into attacking SharePoint at DEF CON but has cancelled its own plans to appear at the show in response to the exclusion-of-federales request, as a blog post by Secure Ideas explains.

We do not want to make this a "political" move, and we do not make this decision based on their motivations. The issue we are struggling with, and the basis of our decision, is that we feel strongly that DEF CON has always presented a neutral ground that encouraged open communication among the community, despite the industry background and diversity of motives to attend. We believe the exclusion of the "feds" this year does the exact opposite at a critical time.

Instead of unveiling its research at DEF CON Secure Idea will present an updated version of its SharePoint talk (and release tools) at another as-yet-unconfirmed conference. ®

Bootnote

DEF CON organisers have posted a clarification update to its original post saying they're not banning anyone from attending, criticising the press for suggesting otherwise. Federal agents can still come to DEF CON on condition that this is to satisfy their personal interest in computer security, the post states.

"There is a lot of tension in the community right now and he was asking politely for feds to consider not attending this year," the post explains.

"If you are on your own dime pursuing your own personal interests in hacking and not assigned to be there working your federal Intel job, then don't consider yourself a Fed! We want motivated people to attend!"

Security for virtualized datacentres

More from The Register

next story
Spies, avert eyes! Tim Berners-Lee demands a UK digital bill of rights
Lobbies tetchy MPs 'to end indiscriminate online surveillance'
How the FLAC do I tell MP3s from lossless audio?
Can you hear the difference? Can anyone?
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
4chan outraged by Emma Watson nudie photo leak SCAM
In the immortal words of Shaggy, it wasn't me us ... amirite?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.