[Dailydave] Paid-for Vendor talk .... seems legit?

Blackwell, Joseph M Joseph.M.Blackwell at boeing.com
Thu Mar 22 19:05:30 EDT 2012

"Well, now! You girls are just burnin' with righteousness, aren't you? Problem is you think you're blazing like suns; when really, you're burning like matchsticks in the face of the darkness!"
Nathon Fillion as Caleb - Buffy The vampire Slayer.

Sorry, couldn't resist the off chance to use both a Buffy Quote that ALSO includes Nathon Fillion. You hit the nail on the head (or the spike on the head?). Well thought out and presented, Moxie. I think it is safe to say that anyone hosting or speaking at a conference has a vested interest. I have yet to attend one that doesn't include some sort of marketing. With that being said, the point is not who is paying or why there are there, but more of what they say and how that contributes to the industry. I am a wee bit tired of the scare tactics and dime store advice. DEFCON is a conference that does it right. It is about community involvement and hands-on learning. Leaves one with actual skills and tools to take back to their homesteads. THAT is value added. In my limited experience Infiltrate is on the same plane....with an open bar of course. 

-----Original Message-----
From: dailydave-bounces at lists.immunityinc.com [mailto:dailydave-bounces at lists.immunityinc.com] On Behalf Of Moxie Marlinspike
Sent: Thursday, March 22, 2012 2:20 PM
To: dailydave at lists.immunityinc.com
Subject: Re: [Dailydave] Paid-for Vendor talk .... seems legit?

> On 21.3.2012 15:26, Dave Aitel wrote:
>> Why is it that every conference has gone the full hog and decided 
>> that you must sell keynotes?

As odious as paid keynotes might be, I wonder if this is just a more direct representation of how all conferences work.  Running a security conference comes with a certain amount of power; even if they're not paid, the ability to choose which submitted talks will be given allows the organizers to define the narrative for what people think is happening and what's important.

Paid keynotes exemplify an obvious microcosm of how this can play out.
Even when there are no paid keynotes, however, most security conferences today are put together by organizations or individuals who have a business stake in the security industry.  So while Immunity might not accept paid keynotes, it should be no surprise that the types of talks at Infiltrate are what they are.  That is to say, Infiltrate doesn't need to accept paid keynotes, because the unpaid talks are already selected to contribute to Immunity's business.

I fully believe that, within the context that Immunity has identified as contributing to its success, they will select talks based on technical content, speaking ability, and prevalence of buffy quotes.  But while BHEU had a 30 minute commercial for Fortigate, let's not forget that Infiltrate is in some sense one really big commercial for Immunity.

This isn't to say that I dislike watching the Immunity commercial, or that I don't appreciate its subtlety, but I think we should be wary of suggesting that these things are somehow "vendor neutral" or devoid of vendor influence when the organizers themselves are very often vendors and yield considerably more influence that a single paid talk ever could.

- moxie

Dailydave mailing list
Dailydave at lists.immunityinc.com

More information about the Dailydave mailing list