Before, During, and After – 20 Years of DEFCON Follow-Up: Motivation Towards Checks and Balances

Gail Thackeray now turns it over to Dead Addict so that he speaks on more of a motivational side of DEFCON and relations with the law enforcement.

Dead Addict Dead Addict: First of all I’d like to thank Jason Scott; if anyone’s looked on your DVD, there’s a good amount of material, including the issues of Tap from way back scanned and all those came from textfiles.com, so if you like this sort of thing you found on the DVD, visit textfiles.com. The community owes him. He’s our historian, so thanks, Jason Scott.

So, I’d like to talk a little bit about some of the motivations at DEFCON 1 and why we brought people in groups together that hadn’t been brought together before. As far as I know, DEFCON was the first hacker conference to actually invite law enforcement. This was something new. At the time, I’ll be honest, at least for myself it wasn’t to try to get some understanding of the two sides and bring everyone together, or anything like that.

DEFCON 1 participants having fun

DEFCON 1 participants having fun

We knew they were going to come anyway, they actually went to all the hacker conferences, then busted people when they were doing silly, stupid things, so we thought we’d just invite them, and then all the hackers would know: “Hey, the cops are here, let’s have a weekend free from blatant felonies all over the place.” And it worked out: the only arrests that I am aware of that occurred at DEFCON over the years have been alcohol induced, party-related offences for the most part, so you’ve got 15,000 drunk people together and that will happen occasionally.

So, we brought in Gail Thackeray, the most terrifying conversation I ever had, and when I invited her, she was actively prosecuting two or three very good friends of mine, including one of the DEFCON 1 speakers who wisely changed his talk from security related to car repair; it was an awful train wreck of a speech, but he stayed out of jail, so that was probably wise.

Also we invited the press. That was a relatively new thing too – I don’t think hacker conferences had done that in the past years, so that was something new. I had this idea of the checks and balances system, it was sort of what was going through our minds, and it was just me and Jeff planning DEFCON 1.

So the idea was: “Ok, we’ll bring the feds, because they’re coming anyways, we’ll invite them. And then, in case they do anything ridiculous that we think might violate someone’s civil liberties, we’ll bring the press there so they can report on that.” And that hasn’t happened; all these various stakeholders behaved relatively well, except for a single undercover reporter a number of years ago. I blame her employer.

Dead Addict and others at DEFCON 1

Dead Addict and others at DEFCON 1

So we brought the press in, and at the time the press coverage on security issues and hacking issues was abysmal; they were ignorant; the stories in most mainstream publications were truly awful. In addition to that we thought: “Well, bring in the prosecutor, because they’re going to come anyways; bring in the press to cover everything; we should bring some civil liberties lawyers in, in case anything bad happens, so we have lawyers on side.” And while there hasn’t been any law enforcement action over the years, thankfully, at DEFCON, having civil liberty lawyers around has been a wonderful thing for DEFCON speakers, because companies often don’t like it when we reveal the flaws, and they like to keep that a secret. And we’re not very good at keeping those sorts of secrets, which is why we rock.

So the civil liberties folks came, and it turns out that we need protection from the corporations and not from the feds, which was a surprise and I’m thankful they’re here. This year we have the CPSR – originally Computer Professionals for Social Responsibility, and later the EFF came, and this year the ACLU is here, as well as the National Lawyers Guild. So there is a wide variety of civil liberties groups. Years ago one of our DEFCON stickers was cut up and rearranged to FEDCON, because, frankly, there’s a lot of feds here.

A lot of the feds that are here are hackers, just straight up. So that’s ok; that wasn’t necessarily the case when they first started coming, but it’s certainly the case now. And there are a lot of folks that work for the government that are really, truly part of our community. They’re not the other, they are us. And I think that’s helped, I think that’s helped a lot, and instead of viewing the government as the enemy, we just need to infiltrate them and make the government to be what we want.

So, the idea was a whole huge set of checks and balances, and it might have been a silly theory, and it turned out we didn’t actually have to fear law enforcement as much as we thought we did. But also, I think, letting everyone know: “Hey, this is a weekend of partying, have fun and exchange information; and ramping obvious criminal activity and multiple felonies – do that on Tuesday.”

So, the initial motivation was checks and balances. What ended up happening was something better and different than was imagined, and that was a greater understanding of all the various parties, and all of these groups understood the motivations of the others and feared the others less. Now we kind of get along to a very large extent. Also helpful, I think, back 20 years ago there wasn’t serious mafia criminal organized crime making millions and millions of dollars off of cybercrime. And, frankly, the cops have much better things to do than to deal with trespass explorations.

And again, I remember when I could pay $20 a month and quit being a felon – that was awesome, I slapped out those $20 for an ISP the moment I could do that. For those who weren’t there back in the day, it’s kind of an odd idea: “What do you mean you’re a felon to get on the Internet?” Well, there was no .com, there were no ISPs. If you weren’t associated with a university, the only way you were going to get on the Internet was, essentially, break some rules.

The press, I think, is interesting – I’m on the press team, so I’ll talk a little bit about that. They’ve gotten a lot better over the years. Over the years the press presence is growing, and over a hundred different media organizations are at DEFCON, including every major television network. I’ll tell you who’s not allowed though: there is one segment of press that tried to get into DEFCON 1 and has tried over the years to get into DEFCON – local press. So, Las Vegas, anything – I’ve nothing against the Las Vegas press, it’s just generally, as a rule of thumb, local press sucks, so they don’t need to come in and we don’t want an understanding with them. I’m sorry if anyone here is with some local press somewhere, I’m sure you do a good job.

The activists have changed over the years; the nature of activism; EFF is more of a mainstream organization. If you look at what they do, if you look at the contents of their activities, their lobbying, their lawsuits, all of this – it spans a huge wide range of activities. I thank everyone here for supporting them, and I found out yesterday that Gail was a member of the EFF and I liked her even more when I found that out. So, thank you, Gail. And what I really appreciate actually is having people within the government and within the law enforcement who have a deep understanding for the need of civil liberties, and that’s important and I’m really happy about that.

Also I want to mention something about government in general, people often refer to it as a single monolithic entity, and in fact there is a ton of different pieces of government, and they have kind of competing agendas, conflicting agendas. For example, the Federal Trade Commission, which is: “What does that have to do with anything?” – well, they actually hired one of us, a privacy advocate and technologist, and I think he’s speaking right now, Christopher Swegan. There are federal agencies that have the same passion for activism and protecting consumers that some of us do.

Then there is also the FBI, which, like I said, they are busy with actual real scary cybercrimes and nation states and whatnot. The NSA, and I’ll briefly mention this: I was going to talk about how our interests are overlapping; and yes, many of us fear the NSA in some ways, there’s secrecy and things unknown about their surveillance capabilities and their offensive capabilities.

So in some ways we have interest in offensive capabilities too, so there’s an interest we share in common. But more than that, they have a leadership role in protecting our infrastructure, and everyone wants an Internet so they can plan it, and they’ve supported Linux SE, they’ve supported various hardening guides and want our overall infrastructure to be secure and want to share the knowledge to help spot vulnerabilities. And so, in that way I’m very happy: the more public they are with this and the more open they are with that, I think the better defensive posture everyone has.

So, I think I’m running out of time. Thank you all and enjoy your DEFCON!

Read previous: Before, During, and After – 20 Years of DEFCON, or FEDCON?

Like This Article? Let Others Know!
Related Articles:

Leave a comment:

Your email address will not be published. Required fields are marked *

Comment via Facebook: