Ten years after the sellout, Black Hat is solidly corporate and that’s fine
DEF CON is hopefully never going to change
Analysis When Jeff Moss sold the Black Hat security conference to CMP a decade ago for around $13m (£8.3m), he faced a barrage of abuse from some members of the hacker community as a sellout. They were a little bit right, and a lot wrong, as this year's cons have shown.
Black Hat was always supposed to be a little bit corporate anyway. Moss held the first DEF CON in 1993 as an impromptu party and coding session for hackers he'd been conversing with online (and occasionally offline) for years. Four years later he set up Black Hat, and was frank that it was to pay the bills, but the conference has its uses.
DEF CON, however, seems always likely to stick to its hacker roots. While there were certainly more corporate types circulating the villages and tracks at the show, there's no way that its users are going to allow it to lose its soul.
These days the two shows might run concurrently, but have very different paths. To put it another way: if you want to find out things that aren't in the user manual, go to Black Hat, but if you want to play with the source code, head to DEF CON.
The long sell that pays for the party
It's incredibly rare to meet any one who stays for the full Black Hat and DEF CON; nine 12-hour days and 16-hour nights leave most of us dribbling with exhaustion.
It used to be possible to do both, but since the sellout, Black Hat has expanded its scope and now the first four days are taken up with training sessions that cover the hacking techniques that have become popular over the last few years. It's useful stuff for IT security folk at the server coalface, but a bit yesterday's jam.
Day four also has the invite-only CISO summit, held in more salubrious surroundings (this year in the Four Seasons enclave) and from which press are barred. An attendee at this year's event described it as "TED talks with a security focus and a fuck of a lot of drunken networking."
This year's CISO summit saw more established security researchers like Dan Kaminsky – the man who could have broken DNS but fixed it instead – give talks, along with corporate CSOs, various government types, and speakers who fell into the lightweight-but-glib mold, like former ICANN boss Rod Beckstrom.
Days five and six are the Black Hat briefings, which used to be about the very latest hacking techniques but in recent years have become increasingly self-promoting and promoted. 2015 wasn't bad however, and while some of the more interesting talks had been leaked weeks before, some stood out – Chris Domas' Intel memory sinkhole was a notable example.
Each day's briefings include nine sessions every hour, from 0900 to 1800, so prior planning is essential. Jeff Moss still has the most influence on the keynote speaker however, and this year he picked a doozy – Jennifer Granick, director of civil liberties at the Stanford Center for Internet and Society.