The issues with sexism are terrible indeed, organizers should be ashamed of allowing such things to happen.
But the thing with hacking devices.. that's exactly what makes the security conferences so awesome. I've been wanting to go to a real security conference since I was 12 because of things like that. You say it scares away new users, I say it draws them in.
Complaining about people breaking into your phone, what are you doing at a security conference anyway? Last time I checked the site of a security conference it had a detailed guide on how to prevent this from happening to you.
It would be a terrible thing if the baby was thrown out with the bathwater.
As an attendee at Defcon right now I agree with you, it is a rather hostile group.
> Invites to parties being handed out to male speakers and not female speakers
My guess is this was a result of an oddball selection process rather than anti-female bias. I have never seen a party at Defcon didn't already have a huge surplus of males.
> Women stripping being used as a prize in hacker jeopardy
> Jeopardy game features the category "hot pussy"
> Objectifying content on slides
I find this whole Las Vegas scene to be gross. Most indoor places stink like cigarette smoke.
Nevertheless, let's not take Defcon and other Jeff Moss/Dark Tangent productions as representative of the "security community". There are a great many other people in security who go out of their way to be welcoming and respectful.
> Hacking devices of new users at conferences is considered completely acceptable
This is well known. One of the functions of Defcon is as an exploit/malware trading market.
> I can only conclude you don't want to be welcoming to new users.
Should they be? It's a place for amateur hackers, pros, double agents, Feds, and internationals to gather in the same place for a few days with a tacit understanding of some relaxed rules. It's a once a year opportunity for many attendees but its not for everyone.
this is probably not the best argument, because DEFCON has been this way since the beginning (I have been to a lot of them) and the security community as a whole has never really been accepting, forgiving, or inclusive.
so when you make a post that says "your community stinks and I won't be a part of it", the majority response will be "good, we didn't want you anyway".
maybe you could point out that the community loses a lot of potentially awesome contributors by being so exclusive, but the community will be quick to point out the large number of awesome contributors they already have, and how those contributors themselves are prickly, women-hating and exclusionary, and they'll be right.
in short, I don't know what you can do as an outsider beyond ignore it. as an insider, those in the community who agree with you are in the minority, and generally disinterested in engaging with the majority of the community because they are terrible (and also generally quite stupid). I don't really have a long-term interest in being associated with the security community, and am not at DEFCON this year for that reason.
it's a weird, insular and perverted thing that has marginal societal good. the societal good that comes out of computer security is often not connected to what you conceive of as "the security community", but rather professional researchers and engineers that work for universities and major corporations. so, my advice is, ignore the "security community". it will die. let it die.
6 comments
[ 5.3 ms ] story [ 25.0 ms ] threadBut the thing with hacking devices.. that's exactly what makes the security conferences so awesome. I've been wanting to go to a real security conference since I was 12 because of things like that. You say it scares away new users, I say it draws them in.
Complaining about people breaking into your phone, what are you doing at a security conference anyway? Last time I checked the site of a security conference it had a detailed guide on how to prevent this from happening to you.
It would be a terrible thing if the baby was thrown out with the bathwater.
> Invites to parties being handed out to male speakers and not female speakers
My guess is this was a result of an oddball selection process rather than anti-female bias. I have never seen a party at Defcon didn't already have a huge surplus of males.
> Women stripping being used as a prize in hacker jeopardy
> Jeopardy game features the category "hot pussy"
> Objectifying content on slides
I find this whole Las Vegas scene to be gross. Most indoor places stink like cigarette smoke.
Nevertheless, let's not take Defcon and other Jeff Moss/Dark Tangent productions as representative of the "security community". There are a great many other people in security who go out of their way to be welcoming and respectful.
> Hacking devices of new users at conferences is considered completely acceptable
This is well known. One of the functions of Defcon is as an exploit/malware trading market.
> I can only conclude you don't want to be welcoming to new users.
Should they be? It's a place for amateur hackers, pros, double agents, Feds, and internationals to gather in the same place for a few days with a tacit understanding of some relaxed rules. It's a once a year opportunity for many attendees but its not for everyone.
so when you make a post that says "your community stinks and I won't be a part of it", the majority response will be "good, we didn't want you anyway".
maybe you could point out that the community loses a lot of potentially awesome contributors by being so exclusive, but the community will be quick to point out the large number of awesome contributors they already have, and how those contributors themselves are prickly, women-hating and exclusionary, and they'll be right.
in short, I don't know what you can do as an outsider beyond ignore it. as an insider, those in the community who agree with you are in the minority, and generally disinterested in engaging with the majority of the community because they are terrible (and also generally quite stupid). I don't really have a long-term interest in being associated with the security community, and am not at DEFCON this year for that reason.
it's a weird, insular and perverted thing that has marginal societal good. the societal good that comes out of computer security is often not connected to what you conceive of as "the security community", but rather professional researchers and engineers that work for universities and major corporations. so, my advice is, ignore the "security community". it will die. let it die.