Robert GrahamI oppose censorship and cancel-culture at infosec conferences. This will probably get me canceled.
https://cybersect.substack.com/p/stop-with-the-cancel-culture-in-infosec
https://cybersect.substack.com/p/stop-with-the-cancel-culture-in-infosec
I'm screenshotting this response because I don't want engagement with it's author, but at the same time I think it's important to see the sort of behavior that's acceptable in the infosec community.
hrbrmstr ๐บ๐ฆ ๐ฌ๐ฑ ๐จ๐ฆ@ErrataRob unpopular take: there is no infosec โcommunityโ
Viss@hrbrmstr @ErrataRob this is my take as well. that crowd doesnt act like a 'community'. its basically a forum trying to cheat their way past "having any skills or experience" and getting security jobs
@ErrataRob @hrbrmstr i get the impression its less about the mainstream than it is "there is no barrier to entry". if you want to be a doctor, you have to prove you can do the thing. a lot. for years.
if you want to do infosec you just dye your hair or watch some youtube videos, copypaste some text from a blog, cheat your way through a cfp or cert program. and bam. now youre a 'thought leader' or 'the ceo of a social engineering company'.
with zero technical background.
its wild.
@ErrataRob @hrbrmstr and it was incredibly validating to see schiners recent blog that reinforces what ive gave up screaming about for years, saying exactly the same thing
@Viss @hrbrmstr As an old techie, I assume that those replacing me would be creating techie innovations. I didn't expect it would be those saying "omg, why you gatekeeping me, anybody can be a hacker!!".
I mean, I agree there's a lot of worthwhile stuff in the community that doesn't need my sort of technical skills, and there's certainly the "Hackers" 'lite one-upman-ship going on. But at the end of the day, what we do is technical.
@ErrataRob @hrbrmstr its impossible for me to reconcile:
"i want to secure computers for a living"
with
"i have no fucking idea how computers work"
Shecky - Third Wheel@Viss @ErrataRob @hrbrmstr I will bite on this. If there is no barrier to entry then how is there all the gatekeeping that people talk about?
The lack of certain basic skills is something else. We also are in an era when it is easier to find answers (and misinformation) rather easily.
The lack of certain basic skills is something else. We also are in an era when it is easier to find answers (and misinformation) rather easily.
@siliconshecky @ErrataRob @hrbrmstr the people screaming about gatekeeping are the ones who want to "do security without having to learn anything or have technical background". they liken "having basic requirements to work a job" to "someone is actively preventing them from working in a field because of some kind of discrimination".
its a really lazy logical fallacy, and its super obvious.
its like saying you want to be a neurosurgeon with zero medical training. its dumb on its face.
Chester Wisniewski ๐จ๐ฆ@ErrataRob @Viss @hrbrmstr It's important not to confuse real InfoSec practitioners with what you see on social media. I work with nearly 500 researchers and others who take their jobs very seriously and perform incredibly technical and important work to protect the general public. Social media is not very representative of reality.
@chetwisniewski @Viss @hrbrmstr
For me, it's the combination of social community and social interaction at conferences. Conferences like DEF CON have changed.
For me, it's the combination of social community and social interaction at conferences. Conferences like DEF CON have changed.
secureisd@hrbrmstr Not anymore, I guess. I still have fond memories of the 1990s.
@ErrataRob @hrbrmstr there is always a community. It just might not be what you want it to be. Small subsets of it though could be what you remember.
To each their own though.
To each their own though.