Feeds

Security bods boycott DEF CON over closed door for feds

'Hey, if you're just here for interest, don't consider yourself a Fed!'

Maximizing your infrastructure through virtualization

At least one group of researchers is pulling out of DEF CON in protest at the decision to tell federal agents to stay away from the annual hacking convention.

Jeff Moss, the US government security advisor who founded the DEF CON and BlackHat, urged federal agents to stay away from DEF CON in Vegas next month. G-Men were unwelcome because of the recent revelations about wholesale surveillance on US citizens by the NSA, Moss (AKA @TheDarkTangent) said in a post on the official DEF CON website.

"When it comes to sharing and socializing with feds, recent revelations have made many in the community uncomfortable about this relationship," Moss said. "Therefore, I think it would be best for everyone involved if the feds call a 'time-out' and not attend DEF CON this year."

It's unclear how effective the request will be. Several people in the security community have questioned Moss's stance, given he's served on the US government's Homeland Security Advisory Council since 2009 and is chief security officer for internet overlord ICANN. Others dismiss the G-men exclusion request as showboating.

"Of course I think the whole ban the Feds at Defcon thing is just controversy to get media attention and more mainstream exposure :-)," said convicted hacker turned security consultant Kevin Mitnick, in a Twitter update.

Federal agents have been welcomed at DEF CON from the genesis of the long-running conference, with the main conditions being that they be open about their status and willing to put up with a certain amount of mickey taking from other attendees. Some security researchers such as Robert Graham of Errata Security, reckon the stay-away request is a sensible move towards defusing potential antagonism at this year's show.

However other security researchers argue that dialogue between hackers, security and representatives of federal agencies has become even more important in the wake of PRISM-gate. Turning DEFCON into a closed shop that excludes federal agents, or at least forces them to operate in stealth mode, is counterproductive - according to Secure Ideas. The security consultancy was due to present research into attacking SharePoint at DEF CON but has cancelled its own plans to appear at the show in response to the exclusion-of-federales request, as a blog post by Secure Ideas explains.

We do not want to make this a "political" move, and we do not make this decision based on their motivations. The issue we are struggling with, and the basis of our decision, is that we feel strongly that DEF CON has always presented a neutral ground that encouraged open communication among the community, despite the industry background and diversity of motives to attend. We believe the exclusion of the "feds" this year does the exact opposite at a critical time.

Instead of unveiling its research at DEF CON Secure Idea will present an updated version of its SharePoint talk (and release tools) at another as-yet-unconfirmed conference. ®

Bootnote

DEF CON organisers have posted a clarification update to its original post saying they're not banning anyone from attending, criticising the press for suggesting otherwise. Federal agents can still come to DEF CON on condition that this is to satisfy their personal interest in computer security, the post states.

"There is a lot of tension in the community right now and he was asking politely for feds to consider not attending this year," the post explains.

"If you are on your own dime pursuing your own personal interests in hacking and not assigned to be there working your federal Intel job, then don't consider yourself a Fed! We want motivated people to attend!"

Top three mobile application threats

More from The Register

next story
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.