For years, a simple and elegant inside joke has permeated Defcon, the influential hacking conference. You say it to your friends, you reference it during your talk, you design a fake website to try to trick unsuspecting rubes: Defcon is canceled. On Friday, though, the bit became reality. Organizers announced that the Las Vegas gathering, which would have taken place in August, actually is canceled this year due to uncertainty about the Covid-19 pandemic.
Defcon’s more buttoned-up sister conference, Black Hat, which takes place in the days leading up to Defcon every year, has been called off as well. Both events will host online conferences instead that include research talks and social events. The founder of both conferences, Jeff Moss, who is also known by his hacker name the Dark Tangent, said in a forum post that the 28th Defcon will be known as “Safe Mode,” referencing the name most operating systems use for their diagnostic and recovery mode.
“While cancellation negotiations are still ongoing I’ve been lucky that the DEF CON Goons and community writ large have been amazing, helping me to navigate in a safe direction,” Moss wrote. “I am proud that over the years we have all gotten better at self care and supporting each other outside of Con and I can’t wait to see everyone when it is less chaotic and uncertain. Hackers do like security.”
The Defcon organizing team already has plans to coordinate talks, help facilitate subject-specific “villages” that are usually independent in-person events, and host events like remote capture-the-flag hacker challenges, remote Ham radio licensure exams, movie nights, and a Mystery Challenge. Moss says he made the initial decision to cancel on April 11, but needed weeks to work out the legal and financial logistics of shelving this year’s event before going public with the announcement.
Longtime Defcon attendees were saddened by the news, but everyone WIRED spoke to supported the decision.
“We look forward to this every year as a family reunion. We won’t have an opportunity to bond in real life, but this gives us a different opportunity to work across barriers,” says Nina Alli, executive director of the BioHacking Village at Defcon, which announced plans to offer virtual events and content for Defcon in August. “The pandemic means breaking conventional paradigms of interaction, togetherness, and brain bonding.”
“As a young hacker my dream was to attend this hallowed event, and once I had experienced my first Defcon in 2008, I was hooked,” says Patrick Wardle, a macOS security researcher at the enterprise management firm Jamf. “I’m a small conference organizer myself, so I know how much planning and work goes into, and has already gone into, such an event. Having to cancel it for reasons beyond your control must be heartbreaking. But kudos to the organizers for putting the health and well-being of the community beyond all else.”
The security industry has embraced remote conferences in recent months. Ronnie Tokazowski, a senior threat researcher at the email security firm Agari, helped put together a digital corporate conference last week as well as an independent community research conference, InfoSec Oasis, that was conducted in virtual reality in April.
“They made the right call about Defcon,” Tokazowski says. “Remote conferences are totally workable and can be very successful. There’s been a lot of innovation that’s happened over the last two months. But I think specific to Black Hat the business component is going to be harder. A lot of security companies are going through economic pains and trying to get that in-person sales meeting is a lot more difficult remotely.”