UPDATE: the Security BSides global organization has published a statement here on the BSides Cleveland event, which includes a statement from the (now former) event organizer. Please scroll below to see Skytalks response to these statements.
On 17-18 June 2022 the BSides Cleveland organization hosted their conference, at which they chose to hide the identity of a “special guest” speaker prior to the talk itself. A rehash of the issues, events and allegations surrounding that speaker are beyond the scope of this statement. Nevertheless, we at Skytalks, as individuals and as an organization, are pissed off with the BSides Cleveland organization’s decision to leverage speaker anonymity to give this individual a forum. In short, not only did BSides Cleveland violate the trust of the community by scheduling this speaker anonymously: they set an unwelcome precedent which jeopardizes the trust placed in other conference organizations that host anonymous talks responsibly, including Skytalks.
Skytalks is regarded as “the Underground track at DEF CON”. Our talks (bar a couple of special exceptions and incidents) are unrecorded and off-the-record. We support speakers in using handles or anonymity to disassociate their talks and identity from their corporate life, or to help increase their safety. There are several reasons people may not be comfortable presenting, even with a pseudonym. Our intent is to help protect speakers from “blow back” from companies and organizations, not to protect speakers from their previous bad decisions.
The actions of the BSides Cleveland organization in hosting this specific speaker concern us greatly. We feel that by obscuring both the speaker and the title of the talk and making it a “special guest”, the BSides Cleveland organization has damaged the “cloak of anonymity” that allows events like Skytalks to invite speakers to speak openly about sensitive topics. There have already been calls on Twitter for events to disclose the identity of anonymous speakers in limited circumstances. It has been observed by some individuals that by making this disclosure to other speakers at the event, it will allow said other speakers the choice to withdraw their participation in protest.
Our position is that anonymity on-line and in life can have legitimate purposes. This was not one of those cases. While we understand and value freedom of speech and freedom of association (or dis-association), we feel that BSides Cleveland should have been straightforward about their intentions to host this speaker.
Skytalks attempts to vet and review our speakers and topics, and verify if they are prohibited from speaking at or attending DEF CON or other events. We also try to make sure that talk titles and abstracts are available to attendees as well as other speakers. We strive for using good judgment in selecting speakers or topics that may be controversial.
We ask BSides Cleveland to explain their decision as requested by the BSides Global organization (https://twitter.com/SecurityBSides/status/1538287530545516545) and we trust that BSides as a global organization will help other events avoid similar situations in the future.
As an organization:
- Skytalks (signed 19 June 2022 0600 UTC)
As Individuals (Name and/or Handle):
- Matt Clauson @bluknight (signed 19 June 2022 0600 UTC)
- @JivesX (signed 19 June 2022 0600 UTC)
- Nicole Schwartz @CircuitSwan (signed 19 June 2022 0600 UTC)
- James Troutman @troutman (signed 19 June 2022 0600 UTC)
- Duck Duck @dsmcf (signed 19 June 2022 0600 UTC)
- @wornbt (signed 19 June 2022 0600 UTC)
- Cassiopiea (signed 19 June 2022 0600 UTC)
- Rishi Malik @whoisthisogre (signed 19 June 2022 0600 UTC)
- Guy Barnhart-Magen @barnhartguy (signed 19 June 2022 0600 UTC)
- nullMutex (signed 19 June 2022 0902 UTC)
Skytalks Response to the Security BSides Global statement
Skytalks is pleased to see the statement from BSides Global leadership, as well as the (now-former) organizer of BSides Cleveland. For ourselves, we accept the apology offered by Rockie Brockway and appreciate his willingness to own his decision, and the repercussions. We recognize that this was likely very difficult for Rockie from a personal standpoint. The difficult lessons always are. We hope that he will be able to return to contributing to the Infosec community and our various conferences after some time and reflection.
We know from experience that con event organization is hard. The Skytalks crew has learned some valuable lessons in our years of operation, and we’re always happy to share our knowledge with others. The SecurityBSides team has laid out an excellent model for moving forward, and we appreciate their quick response to this incident.
As an Organization:
- Skytalks (signed 21 JUN 2022 0145 UTC)
As Individuals (Name/Handle):
- Matt Clauson @bluknight (signed 21 June 2022 0145 UTC)
- James Troutman @troutman (signed 21 June 2022 0145 UTC)
- Nicole Schwartz @CircuitSwan (signed 21 June 2022 0259 UTC)