Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: DEF CON 16 Retro Announcement! Back to Bang!
From: Michael Bann <mbann () cems umn edu>
Date: Mon, 14 Apr 2008 20:36:36 -0500

Let me get this strait... You just ranted about how security conferences 
like this are out-of-date and nobody cares about them. Then you said you 
want them to be shutdown. Are you really that bored or are you fading 
out of the spotlight so you want to keep your name in the 
full-disclosure eye?

Either way, that's pretty lame. Let the kids make mistakes. It's cyber 
Darwin.

n3td3v wrote:
On Sun, Apr 13, 2008 at 4:23 AM,  <Valdis.Kletnieks () vt edu> wrote:
  
On Sat, 12 Apr 2008 17:06:28 BST, n3td3v said:

 > Any criminal hackers who go are just stupid and don't realise what
 > they are actually attending.
 >
 > The U.S Security Services will have hidden cameras and befrienders in
 > place to grab as much information out of people as possible.
 >
 > These conferences have just turned into a 'human honeypot' for the
 > intelligence services.

 *JUST*??!? Or did you just fall out of the tree?

 There's been enough feds at Def Con that they've had a yearly 'Spot the Fed'
 contest since (probably) you were still in diapers.
    

In this day and age when cyber terrorism is a concern for the
intelligence services, a security conference which openly has "meet
the fed" or "spot the fed" becomes increasingly outdated and
irrelevant.

If the concept of Def Con really worked, wouldn't MI6 and the CIA have
an islamist terrorist version, which invited real world terrorists to
come show off their suicide bomber skills or tell about their cyber
terrorist techniques---that had a "meet the CIA" competition, would
the bin laden's of the world come? Try it and find out.

No, they wouldn't---and what i'm saying is---back in the day Def Con
used to be in date and relevant, but in this day, there are new
threats emerging, which we have never seen before.

Can we care about a conference that openly admits to federal
surveillance? It sounds more like a conference for the lower spectrum
of the security community than any real threat vector that anyone
needs to care about.

So, because a real world terrorist clone of Def Con wouldn't work, the
same goes for Def Con "human honeypot"ing of ---cyber terrorists, who
are today the direct threat to corporations and government, not the
once before believed bedroom hacker of which Def Con originally was
formed from.

Threats are changing--- Def Con was setup when the bedroom hacker was
seen as the threat, that is no longer, folks see Def Con as the stupid
bedroom hacker conference that used to be relevant that nobody cares
about anymore.

See http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061450.html
to see how the bedroom hacker is no longer the threat and that the new
threat to the internet is world government's and its intelligence
services.

The way Def Con works is, the organizers think because they openly
admit there are feds at their conference that there is no need for any
further discussion relating to the admission.

It also apprently means the folks attending have given up their civil
liberties and human rights because they are attending the conference.

To be honest, does everyone who attends Def Con know there is a "spot
the fed" competition and, what the implications of what a government
led surveillance operation might mean to their lives post-conference?

A lot of the folks attending Def Con are adolescents and think of a
"spot the fed" as a funny at the time of execution of the event, but
they might not be fully aware of what the feds are actually doing and
how it intrudes into their lives.

To underline, the parents of the adolescents might not realise their
child has put their home IP address onto a federal watch-list---and
the  adolescents might not realise how much their human rights and
liberties have been given up by entering into such a 'human honeypot'
to which the terms and conditions of such a human honeypot isn't
publically defined.

And---we know whatever "fed" is placed into the "spot the fed" arena
won't be a top line undercover secret service fed, and there is no
need to say that fed means "undercover surveillance officer", but to
the adolescent they might think fed always means dark undercover
surveillance--- when really "fed" accounts for anyone in government
who deals in cyber security---like my friend who worked on the U.S
Navy for six years, he wasn't an undercover cop, but he could of been
defined a fed.

So does "spot the fed" as an admission really give the government free
legal way to do any operations they want at Def Con, ---think again..
in this day and age it is no longer fun and games and there are real
people aiming at civil liberties and human right violations.

This also underlines security conferences as a whole as having an
irrelevant need in the security community---and only serves now as an
advertising platform in the security industry who wish to setup trade
stalls to promote a product or company.

Security conferences no longer have the meaning they used to, and
thats why i'm calling for Def Con to be shutdown.

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
  

-- 
CEMS IT Office
185 Amundson Hall
(612)-626-0712
https://www.cems.umn.edu/dept/itoffice/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]