One thing the US govt gave up on, a few years ago, was using the CISSP program to “embed” trusted souls in the heart of corporate america – as it moved to the internet and away from private circuits. These were the folks who were to lead the production of a local capability to “rewrite” communications systems, on demand. Born as the pre-cursor to mandatory wiretapping capabilities in technology, this was the response to the “gap”. The gap is filled by people, indoctrinated and educated to deceive on who is the paymaster. The pay comes in the “accession” to certain committees (with stipends and travel budgets, etc), or “job mobility”.
This didn’t work too well, long term (for reasons I can explain to those with CISSPs or equivalent). Though it did fill the gap in 1996 era, when it was “most needed”.
Its replacement was the pentester – the creation of an entire “independently minded” group of folks with intimate knowledge of the vulnerabilities of corporate systems.
Such as defcon are breeding grounds for the “culture” of pen testers whose ultimate paymaster is not the client but those with a desire to covertly subvert corporate systems, having got an insiders view (from the pentester’s work).
Defcon is a good business for its founder; and one notes now how little dissent is tolerate in its papers and format. Dissent that notes how defcon culture itself is subverted, is entirely vulnerable, and has infact been wholly penetrated is NOT ALLOWED.
Once upon a time defcon could enjoy a good public rant (and enjoy a good humiliation-inducing ribbing (drubbing in English English) of folks such as me who would come down and say the above). But no more. Its too frightened. Not even the fake beer works, any more. The chains of chinese girls being paraded and then farmed out to the elite hackers are to be no more (not being able to get visas, thanks to China/US cyber spat going *too* public).
The little side “contract” from “certain US agencies” ( a favorite phrase on the defcon cognisenti as they do they james bond impression) is at risk. And that’s my new lexus car payment (says the defcon subverted).
So now someone will hack my American password (which will take about 14s, since its made and protected using American technology) on wordpress, and put up a purile pawning statement. We are SO GOOD! What we wont show is how to do it in 2s (if only you had lots more computers, assuming defcon technical types could network their brains together to actually cooperate against the “interna” threat).
I wonder if General Keith will be paid to do a walk-on, to help his retirement fund get to a 100 million?
Wonder if stories about my own “sexual urges” are to be given a public work over, and whether we can see who lies behind the “initiative”” as we see the “raw” face of pen testing culture come to the fore. bet we don’t see any papers at defcon at the links between the participants and those who “hold the little black books” on all of us.