DEF CON 22 was the first time I was ever described as non-human; one of many quirky aspects of DEF CON. A colleague and I spoke for a DEFCON 101 track on how to generate threat intelligence utilizing honey nets. Though this was a highlight, it was not to be the pinnacle of my experience. The pinnacle of my experience came from the observance of the actors engaged in a cultural struggle. The fact that DEF CON 22 started the day after the more corporate’y BlackHat trade show made the attendance a little more interesting. When it was time to go, I decided to take a detour through Death Valley. The long vastness of the desert enabled me to ruminate on my life’s journey thus far. And what occurred to me, was that the talk we gave is a great metaphor for how people should operate if they are truly trying to “disobey”—that disguised disobedience is far a far more effective method for really accomplishing something. Let me explain.
DEF CON is a study in cultural and intellectual extremes. In a one-hour period, I went from chatting with a fellow speaker whose talk was about hacking traffic systems, to speaking with two people attending for the first time, who were using fake accents and personas (really bad ones too) because they thought it was necessary for the conference. At times DEF CON seemed more like a trendy fashion experiment than a convention of people trying to learn new tactics to enable disobedience. People are free to do what they want, however, what they do is not always free.
Growing up as a punk of the ‘80s and ‘90s, playing guitar in bands and listening to Bad Religion, Black Flag, The Misfits and other notable agents of thought-provoking music, I “knew” I had it figured out. I spent most of my energy trying to advocate my viewpoints through verbal and non-verbal rebellion, which ultimately served to help form an identity, that though immature, was mine. The disapproving looks received from the “compliant,” a term I used for anyone that was not like us, provided gratification that seemed to validate our cause. The phrase “We are the Resistant” was used often during conversations with peers to stroke our egos and solidify our identities. What my lack of experience and maturity did not allow me to understand, is that undisguised “identity” creates signatures, and I had no explainable cause other than myself.
In my twenties I met someone who was a master of debate. He pinned me to the proverbial wall by asking, “What is your cause?” it took many years to come to the conclusion that justice was the only cause worth pursuing, thus it became mine. The DEF CON theme of “disobey” is about disobedience against those who are unjust. To disobey for the sake of disobedience achieves nothing. Justice should be, but is often not, the only valid reason for disobedience.
Justice is why the honey net project is important. The fundamental purpose of a honey net is to gather intelligence against those who have a potential to commit an injustice. A technical aspect of a honey network is to ensure that a signature cannot be developed for the honey pots, as this could make gathering intelligence harder. It is important to have honey pots blend in and not been seen, observing and reporting. A phrase I came up with to teach people about bots is: “Bots have sigs, pots wear wigs.”
There are times to purposely create signatures. People who speak for causes voluntarily expose who they are because it is beneficial to a cause. Others speak because it keeps them in the lime light and feeds their ego. This is where John McAfee comes into the picture.
A colleague and I were discussing disabling security systems utilizing swarmed robots with nitrogen cannons and laser beams strapped to their heads. We happened to be in a room right next to the stage where John would be presenting. John and company had to use the restroom in the room to powder their noses prior to going on stage. One of John’s McAfee handlers asked if we wanted a photo. I said “of who?” She said “John McAfee, of course.” I obviously knew who he was but I did not really want to feed his ego. We took the photo because I wanted to write about it later on. Then on stage he ranted about conspiracy, people taking photos and other nonsense that feeds his story. The reality is that no photo would have been taken if he hadn’t wanted the photo to be taken. If you look at the reality, he was behaving like a bot controlled by his environment.
Do you remember anyone from the conference you never actually spoke with? Think about attributes that caused you to remember them. This is their signature that exists in their Johari window. If the attendees of DE FCON are going to be at the center of disobedience campaigns for future injustices, then the “Resistant” should take lessons from the operational aspects of honey nets. The appearance of compliances does not change who you are, but limits the signature you produce.
About The Author
Mike Thompson is Director, Engineering & Architecture for Cloud and Security at A10 Networks in San Francisco Bay Area.