For a while there all the events and conferences I was seeing was just more corporate branding. So, I tried to help a bunch of people do cool things in Seattle using my professional contacts.
I put on a showcase of all of the leading tech companies with local offices who would respond to me to speak about their appsec programs. I made sure it was free and nobody was gatekeeping these meetups as per the OWASP speakers agreement.
These were all of the events from the most recent.
FANG (and pals) Tech Series
Facebook (again)
November 12, 2019
Twitter (again)
September 17, 2019
Tableau
July 30, 2019
Extrahop
July 26, 2018
T-Mobile
November 28, 2018
Mixpanel
October 9, 2018
Nation state censorship with live examples of blocking, policy, and circumvention
Docusign
August 30, 2018
Lightning talks at Deja vu Security
August 17, 2017
(No one liked my source talk preview)
Twitter
June 13, 2017
Facebook
December 13, 2016
Other things I figured out that I thought was neat
Free admission to Cyber Forensics and Cybersecurity Seminar
Free admission to Annual Cyber Summit Featuring US DHS
Free admission to the FIDO summit
FIDO Authentication: Moving Beyond Passwords
If the venue didn’t cover refreshment, I would pay for it out of pocket as a service to my community. The OWASP staff would always ignore me when I would ask about covering expenses, getting the additional volunteers I dug up plugged in, and other chapter business. Just a black hole of effort where once there was a cool hacker org. Just look at the budget for more info, and if you notice that it’s not funding OWASP projects, you have found the problem.
Like the previous open letter that got my OWASP accounts suspended, there’s another effort to try to encourage OWASP to be cool again.
All the dumb politics. So much.
The biggest examples of community damage was Derbycon closing and the weird soviet Defcon bans for secret CoC violation and hiding the reason in defamation case hand waiving. Just say you’re stealing things because you can and anyone who’s tried to do business with ethics-free hackers will understand. This junk is all over the place and being weaponized for irresponsible reasons. The first time I saw it weaponized was on the Toorcamp google group and many times since. We know it when we see it. Even the huge multi-decade quarterly event series, The Agora at the University of Washington, got ended due to more of this same garbage which no one talks about because of how much fear and terror these malicious actors inject into people trying to do cool things.
The last one ever
Some people can’t be cool, which was the real takeaway of my last long form talk, and it is only worse when there’s unlimited encouragement and funds for prescriptively not being cool. I don’t want to go to your coke parties and hang with your eastern block crypto drug dealers funding your next money laundering operation for who knows what shadow sponsored reason. Hey you made a few bucks and lurked in some underground government caverns and smoky military skunkworks all while partying with your aspiring terror cells on weekends.
Good for you. Be cooler. The amount of wasted time and effort spent on dealing with the chronically uncool is colossal.
Remember when there was a hacker ethos of being cool and sharing your work?
All the hosts and presenters, nearly without exception, have been universally great no matter where I’ve encountered them. However, the amount of bizarre hatred displayed for peers, the general public, and myself that I experienced from these professional organizations of idle people in Seattle (ISSA, ISACA, ISC^2, OWASP, and others) is my real lesson from my time organizing events and trying to give back to my professional community.
Anybody can put on an annual conference with a million dollar budget and letting vendors do pay-to-play sales presentations. Look at all the cool community stuff that I was able to put on with zero budget just by asking and trying to be cool.
Go out there and find awesome stuff for your community.
Bad Penny 