海角大神

Skip to footer
Passcode
Modern field guide to security and privacy

At cybersecurity gatherings, a thaw between feds and hackers

At an Atlantic Council event this week, cybersecurity researchers and experts said last week's Black Hat and DEF CON conferences showed that Washington is working harder to build better relations with the hacker community.

|
David Becker/Reuters
The 2016 Black Hat cybersecurity conference in Las Vegas.
  • By Jeff Stone Staff writer

Over the past 20 years, the Black Hat and DEF CON hacker conferences have grown from intimate gatherings of computer tinkerers and tech outsiders to glitzy conventions that draw thousands of attendees and international media attention.听

While the security research revealed at the back-to-back events 鈥 from breaking into ATMs to hacking roller coasters 鈥 seemed like science fiction just a few years ago, the work on display at last week's conferences in Las Vegas drew the attention of major global corporations and governments from around the world.听

This year also marked the debut of aDEF CON event sponsored by the Defense Advanced Research Projects Agency (DARPA). The DARPA Cyber Grand Challenge aimed to prove that sophisticated computers can find and eliminate flaws in computer code without the help of human operators. Organizers broadcast the seven-team competition, which could revolutionize the cybersecurity process in the future, on jumbo screens听for scores of spectators.

For the first time,politics played a bigger role in Vegas.听Not only did representatives from Congress, the FBI, and the Federal Trade Commission attend the gatherings, but supporters of Democratic presidential nominee听Hillary Clinton听staged a fundraiser at the conferences.

But even though hackers and politicians are increasingly working together, there's still a wide gulf between Washington and the broader cybersecurity community. At an听Atlantic Council Cyber Statecraft Initiative and Passcode event听on Wednesday, security researcher and policy experts explored the growing bond between between the two camps 鈥 and what still divides them.

Panelists included Lorrie Faith Cranor, chief technologist at the FTC; Jason Healey, senior research scholar at Columbia University鈥檚 School of International and Public Affairs; Beau Woods, deputy director at the Atlantic Council's Cyber Statecraft Initiative and Brent Scowcroft Center on International Security; and security researcher Cris Thomas (also known by his hacker handle Space Rogue) of the cybersecurity firm Tenable Network Security.

About video ads

Here are just a few things we learned:

1. The relationship between hackers and feds is warming听

鈥淲e鈥檙e seeing a change from a completely adversarial relationship between government and the hacker community,鈥 said Mr. Thomas.听听

The once-popular game "" is perhaps the best example听of that animosity. The game once challenged听conference-goers听to look for听anyone who appeared to be an undercover officer. Judges awarded both the fed and spotter with free T-shirts.

Now, DEF CON organizers听invite DC insiders into their hacker circles.听This year featured a panel called Meet the Feds, in which the FTC's Ms. Cranor and representatives from the Federal Communications Commission and the White House shared their point of view with hackers.

鈥淲e wanted to do outreach to the hacker community by letting them know what our agency does and to show people we鈥檙e interested in what they鈥檙e doing,鈥 Cranor said Wednesday.

2. It鈥檚 still a boys club

Women represented a mere 10 percent of the 22,000-or-so attendees at DEF CON this year, said Ms. Cranor. But that didn't necessarily make her uncomfortable, she said. At least most of the time. For instance, she said, at听point during the popular "Hacker Jeopardy" game, one presenter known as 鈥淰inyl Vanna鈥澨齪erformed a striptease on stage. As a woman, she said, "It can be isolating."

3. Hackers get political

There was also the 鈥淗ackers for Hillary鈥 event, where cybersecurity pros gathered for the Clinton fundraiser.

But Columbia鈥檚 Mr. Healey had a different take. He said the Hackers for Hillary event was "where we started to matter. Normally we would have to go to DC to testify, but now they鈥檙e coming to us.鈥

That's not all. There鈥檚 also a new willingness among lifelong hackers to participate in what鈥檚 going on outside the hacking community, said Thomas. Often, that means having a dialogue with policy wonks about encryption, or campaigning against the Computer Fraud and Abuse Act, which most respondents in a Passcode poll said stifles legitimate security research.

鈥淭here鈥檚 a growing movement, at least in the circles that I run in, of people actually trying to get involved,鈥 he said. 鈥淲hen the FTC opens a comments period, people actually submit comments. There are more than enough of us who are willing to put a tie on.鈥

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines 鈥 with humanity. Listening to sources 鈥 with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That鈥檚 Monitor reporting 鈥 news that changes how you see the world.
QR Code to At cybersecurity gatherings, a thaw between feds and hackers
Read this article in
/World/Passcode/2016/0811/At-cybersecurity-gatherings-a-thaw-between-feds-and-hackers
QR Code to Subscription page
Start your subscription today
/subscribe