lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <480406A4.60102@cems.umn.edu>
Date: Mon, 14 Apr 2008 20:36:36 -0500
From: Michael Bann <mbann@...s.umn.edu>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: DEF CON 16 Retro Announcement! Back to Bang!

Let me get this strait... You just ranted about how security conferences 
like this are out-of-date and nobody cares about them. Then you said you 
want them to be shutdown. Are you really that bored or are you fading 
out of the spotlight so you want to keep your name in the 
full-disclosure eye?

Either way, that's pretty lame. Let the kids make mistakes. It's cyber 
Darwin.

n3td3v wrote:
> On Sun, Apr 13, 2008 at 4:23 AM,  <Valdis.Kletnieks@...edu> wrote:
>   
>> On Sat, 12 Apr 2008 17:06:28 BST, n3td3v said:
>>
>>  > Any criminal hackers who go are just stupid and don't realise what
>>  > they are actually attending.
>>  >
>>  > The U.S Security Services will have hidden cameras and befrienders in
>>  > place to grab as much information out of people as possible.
>>  >
>>  > These conferences have just turned into a 'human honeypot' for the
>>  > intelligence services.
>>
>>  *JUST*??!? Or did you just fall out of the tree?
>>
>>  There's been enough feds at Def Con that they've had a yearly 'Spot the Fed'
>>  contest since (probably) you were still in diapers.
>>     
>
> In this day and age when cyber terrorism is a concern for the
> intelligence services, a security conference which openly has "meet
> the fed" or "spot the fed" becomes increasingly outdated and
> irrelevant.
>
> If the concept of Def Con really worked, wouldn't MI6 and the CIA have
> an islamist terrorist version, which invited real world terrorists to
> come show off their suicide bomber skills or tell about their cyber
> terrorist techniques---that had a "meet the CIA" competition, would
> the bin laden's of the world come? Try it and find out.
>
> No, they wouldn't---and what i'm saying is---back in the day Def Con
> used to be in date and relevant, but in this day, there are new
> threats emerging, which we have never seen before.
>
> Can we care about a conference that openly admits to federal
> surveillance? It sounds more like a conference for the lower spectrum
> of the security community than any real threat vector that anyone
> needs to care about.
>
> So, because a real world terrorist clone of Def Con wouldn't work, the
> same goes for Def Con "human honeypot"ing of ---cyber terrorists, who
> are today the direct threat to corporations and government, not the
> once before believed bedroom hacker of which Def Con originally was
> formed from.
>
> Threats are changing--- Def Con was setup when the bedroom hacker was
> seen as the threat, that is no longer, folks see Def Con as the stupid
> bedroom hacker conference that used to be relevant that nobody cares
> about anymore.
>
> See http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061450.html
> to see how the bedroom hacker is no longer the threat and that the new
> threat to the internet is world government's and its intelligence
> services.
>
> The way Def Con works is, the organizers think because they openly
> admit there are feds at their conference that there is no need for any
> further discussion relating to the admission.
>
> It also apprently means the folks attending have given up their civil
> liberties and human rights because they are attending the conference.
>
> To be honest, does everyone who attends Def Con know there is a "spot
> the fed" competition and, what the implications of what a government
> led surveillance operation might mean to their lives post-conference?
>
> A lot of the folks attending Def Con are adolescents and think of a
> "spot the fed" as a funny at the time of execution of the event, but
> they might not be fully aware of what the feds are actually doing and
> how it intrudes into their lives.
>
> To underline, the parents of the adolescents might not realise their
> child has put their home IP address onto a federal watch-list---and
> the  adolescents might not realise how much their human rights and
> liberties have been given up by entering into such a 'human honeypot'
> to which the terms and conditions of such a human honeypot isn't
> publically defined.
>
> And---we know whatever "fed" is placed into the "spot the fed" arena
> won't be a top line undercover secret service fed, and there is no
> need to say that fed means "undercover surveillance officer", but to
> the adolescent they might think fed always means dark undercover
> surveillance--- when really "fed" accounts for anyone in government
> who deals in cyber security---like my friend who worked on the U.S
> Navy for six years, he wasn't an undercover cop, but he could of been
> defined a fed.
>
> So does "spot the fed" as an admission really give the government free
> legal way to do any operations they want at Def Con, ---think again..
> in this day and age it is no longer fun and games and there are real
> people aiming at civil liberties and human right violations.
>
> This also underlines security conferences as a whole as having an
> irrelevant need in the security community---and only serves now as an
> advertising platform in the security industry who wish to setup trade
> stalls to promote a product or company.
>
> Security conferences no longer have the meaning they used to, and
> thats why i'm calling for Def Con to be shutdown.
>
> n3td3v
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>   

-- 
CEMS IT Office
185 Amundson Hall
(612)-626-0712
https://www.cems.umn.edu/dept/itoffice/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ