Career and Gloating in Las Vegas
by Thrunter X. Thoompson
We were on the edge on Luxor when the thought leadership began to take hold... I found myself in possession of a Black Hat yellow badge.
This meant I was restricted to the revenue generator known as the vendor floor where I would see nothing but free t-shirts, charging cables that I'll never plug a device into, and industry luminaries imploring me to zero-trust this, and AI that...
The AI is everywhere, slowly devouring entire functional teams with its undeniable allure of free work generated by the lying plagiarism machine. All I could think of was the banality of future endeavor, and where my next drink was coming from.
As I roamed the endless wasteland of disposable tchotchkes and near future car washing rags, all I could see were entire corporations built to service a dying paradigm. Selling complex tools to provide a feeling of comfort to lure these poor reptiles into a quiet complacency that their misconfigured tools would make them safer for the low low prices of whatever it takes to hit my revenue goals.
This is not a place of honor, but of honorifics... an entire industry built on becoming superhuman, a force-multiplier, an all-knowing beast, hellbent on controlling the flow and availability of information all in the name of safety.
In some cases, it succeeded at that goal, but then iterations were seen, different groups doing the same thing as the other with different branding... New clothes for every tiny Caesar in the room.
The opportunity to talk about your accomplishments and brag to others about what you've done in the past year while they only half listen because the alcohol-drenched souls in the room can't conceive of any information that doesn't shore up their own secretly fragile egos, is everywhere and taken at every opportunity like some sort of terrible antidepressant that just leaves you sadder.
I had been in Las Vegas for four days by the time this orgy of security by finance committee had started and had already become an animal. This city will do that to you: tear you down and transform you into an automaton of indulgence in a human suit, and that makes for a surreal experience at the corpo version of DEFCON. Walking among them in my human suit, not trying to say the quiet part out loud... infosec was a mistake.
The juxtaposition of shilling well-crafted combinations of existing open-source tools combined into a platform that is a glorified workflow organizer is a time-honored tradition in this industry, full well on display at Black Hat.
A black mirror of the (((capitalist))) hellscape, finding ways to generate value from the work of others who will never be compensated for their willingness to work selflessly to make the world better.
An exploit that will never receive a CVE, nor a patch. These poor rubes don't even know they are being taken advantage of, and by the time they do there is a steady stream of others hungering for the approval of their peers, like a gifted kid waiting to be picked for a kickball team. We embrace this model in the name of efficaciousness and modernity, but we need to recognize it for what it is, an exploitative labor model taken advantage of by nearly every software vendor in the world, not just infosec.
We all want to make the world better, but don't you dare ask for compensation for the work that enables a corporation to defend its assets - who do you think you are anyway? You don't have the lawyers nor the standing to even ask for compensation for the tools they rightfully colonized. "Get back into the codemines!" they'd shout at you... and you would, because that's what we do... we must create. Are we not humans with extraordinary knowledge, whether gifted or learned through labor?
Were it not for the work of the counterculture in this field, the hackers that are so often maligned, would this industry even exist? This whole Jenga tower came to be because of fear and media influence exerted by those same kids waiting to get picked for the kickball team, but they found the secret hideout and worked from there, in the alley out back, in the treehouse, like a cyberpunk version of The Little Rascals.
Were it not for their nudges to corporate giants in the 1990s and early aughts, would we have compliance and regulatory governance? Certainly not in any sort of fashion that would allow for the density and excess that is on display in the desert at Black Hat.
Those hackers may draw a paycheck from infosec now; we all have mouths to feed, bills to pay, and those forces work real well as a clothespin on the nose to try to ignore the smell. But that odor of misguided hubris and capitalistic masturbation still clings to everything we do.