def-con-logoJeff Moss (a.k.a. “Dark Tangent”) made news on Wednesday by abruptly and formally disinviting government and law enforcement officers (“the FEDS”) from his annual hacker confab. The symbolism was powerful – coming after years during which the lines separating “hackers” and “the FEDS” got ever more blurry.

But I’m afraid that Moss’s gesture will have to go down as a “nice try.” Simply put: relations between the hacker community, the private sector and the federal government and law enforcement agencies have only grown more cozy with each passing year. DEF CON is no exception. Given the money at stake, hurt feelings and bruised ideals caused by the National Security Agency’s PRISM surveillance program aren’t likely to change that relationship in the slightest.

Of course, this goes against what we would all like to believe about DEF CON, which still goes to great lengths to maintain its counterculture air, even as its sister conference Black Hat (now owned by CMP) long ago donned lipstick and sensible shoes for a roomful of corporate suitors.

Part of the lore of the annual DEF CON is its anti-authoritarianism. For years, that was embodied not just in F-bombs from the podium, but in the annual “Spot the FED” contest, which enlisted show participants to out attendees they suspected of being federal agents or law enforcement. (Essentially: anyone wearing chinos and a collared shirt.) The prize (for both spotter and FED) was a t-shirt.

Back in the day, the concern was that the lawmen were there to keep tabs on black hats, gray hats and anyone else who knew their way around a Unix shell. And, indeed, there have been no shortage of DEF CON attendees (and even speakers) who have gone on to make a name for themselves as cyber criminals. (Credit card master-thief Albert Gonzalez’s right hand man, Stephen Watt (a.k.a “Jim Jones” a.k.a. “Unix Terrorist”), spoke at DEF CON 10 years before he was arrested and jailed for his role in hacks against TJX and other prominent firms.

But that was a moment in time. With each passing year, more and more government and professional types filled the hallways of whatever down-on-its-luck ‘Vegas hotel the annual event calls home. (Lately, that would be the Rio Hotel and Casino). They came not to keep tabs on hackers, but to keep tabs on hacking craft and the latest attacks and exploits. Even more important: they came with job offers in hand for the most talented and in-demand security folks.

In short order, “Spot the FED” (DEF CON 17) gave way to “Meet the FEDs” (DEF CON 18), a panel of federal agents who wondered– wait for it – “how do we conduct robust continuous monitoring across a large multi-organizational enterprise yet stay within the constitutional requirements for privacy, civil rights and civil liberties?” I guess we all know the answer to that question!

But now something has changed. A line has been crossed.

“When it comes to sharing and socializing with feds, recent revelations have made many in the community uncomfortable about this relationship,” Moss wrote on the DEF CON web site. “Therefore, I think it would be best for everyone involved if the feds call a ‘time-out’ and not attend DEF CON this year.” The time off, he said, will “give everybody time to think about how we got here, and what comes next.”

While I can feel Moss’s outrage at PRISM and know it to be genuine, who among us can really say we’re surprised to learn about the extent to which the government is using its authority and the 18685938_savailability of “big data” to monitor citizens activities? Protest too much, and we sound like Inspector Renault in Casablanca peeling away from the Roulette table at Ricks Café to declaim that he’s “Shocked. Shocked! To find that there is gambling going on!”

As for “what comes next?” I think the answer is pretty clear: more of the same. Because, while everyone who has ever donned a DEF CON badge may, as Moss says, be “uncomfortable about the relationship” between the hacker community and the federal government, the amount of money and resources flowing into computer security is likely to remain an irresistible lure for any DEF CON attendee with even moderate skills. Indeed, in an era of government sequesters and forced austerity, cyber is one of the only areas of the Defense Department’s budget that is likely to see an increase in funding in the coming years. And, as the government’s appetite for computer security and hacking talent grows, shows like DEF CON – watering holes for hackers of all stripes – become must-attend events.

It’s not clear what the impact of Moss’s blog post will be. Maybe the Feds will just go back into disguise and “Spot the Fed” will find a new relevance in the post-PRISM world. But one thing is for sure: the Feds will surely keep coming, invite or no.

About Paul Roberts

Paul Roberts is an experienced technology writer and editor that has spent the last decade covering hacking, cyber threats, and information technology security, including senior positions as a writer, editor and industry analyst. His work has appeared on NPR’s Marketplace Tech Report, The Boston Globe,, Fortune Small Business, as well as ZDNet, Computerworld, InfoWorld, eWeek, CIO , CSO and He was, yes, a guest on The Oprah Show — but that’s a long story. You can follow Paul on Twitter here or visit his website The Security Ledger.

Comments (1)

Richard Steven Hack | July 11, 2013 10:41 pm

Of course the Feds will come. And that's the point. Do they recognize the problem that caused this situation? Do they respect real hackers enough to address the issue? Are they prepared to show up and NOT LIE about the invasive NSA practices - as Alexander is now proven to have lied?

If they come despite the request to "hold off" for a bit, then clearly they are the ones with antagonism toward the hacker community. They are the ones who are exploiting the hacker community for ends inconsistent with the US Constitution.

Have you seen the report from an alleged member of the government "cyberwar" community that they have literally "thousands" of government hackers using "thousands of zero-days"? Is this what the hacker - and infosec - community wants to be responsible for?

There have been talks before at infosec conferences about the "dark side of infosec" - and they have never been more appropriate than now.

And the people in the infosec community who are dropping out of Defcon because of Moss' stand are people who are painting themselves as supporters of oppressive government and invasion of privacy. That will come back to taint them in the future.

Please Post Your Comments & Reviews

Your email address will not be published. Required fields are marked *

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.