Oh no, the US has its delicate sensibilities hurt by cyber espionage! Come on China, why would you spy on us? It's so mean and unfair, why would anyone do it?
Despicable.
Why not host Defcon in Canada, or somewhere else? If Chinese hackers cannot attend industry events because of the US's imperialistic tendencies, it's our responsibility to modify our events so that they can.
Perhaps our discomfort with the Chinese[1] has more to do with defending our secrets (business, political, military, infrastructure etc) than our delicate sensibilities, though I hear where you're coming from.
Still, wouldn't you say it's in the US's interests (and Canada's, for that matter) to try to marginally disrupt the flow of tips of the hacking trade to the Chinese, in spite of the despicable aftertaste?
Canada's CSEC is as closely partnered with the NSA as GCHQ is. They even hacked Brazilian private oil companies, most likely for economic reasons similar to China:
Tendency to spy and tendency to exclude visitors for specious reasons are orthogonal. US immigration control is notorious, even amongst citizens just trying to reenter our own country from other "friendly" countries.
Americans involved in defcon possibly do not want to cross borders. I pity the border agent who powers the wrong defcon-bound machine in order to extract information. Lets hope they have excellent airgapping and sandboxing etc.
I guess the Euro conferences would welcome Chinese hackers.
The allegations are that China used state-sponsored espionage to gather industrial secrets to give to Chinese industry. Apparently, it's ok to spy as long as you keep the information within the government alone. Disrupting capitalism is the crime, not espionage. </s>
It is okay to spy if you are the ones doing the spying. This has always been the case - shock that some foreign power is spying, expelling those spies from our nation, waiting for our ahem diplomatic staff to be expelled from their nation.
The indictments against the five charged Chinese citizens are not for espionage, they are for theft of trade secrets and associated IP law violations. The Chinese government, so far, has denied the allegations. This happens between countries, the French, for example, also have been known to use their intelligence agencies to steal information from other countries to help their domestic industries.
China is alleged to have done the same, so the US is upping the ante to try to get China to stop. This is just one more way countries do this to each other. Don't get sucked in by the click bait on this. This is pure economics between commercial competitors, and the use of government resources to steal IP to help their domestic industries, it's not anything else.
Last I checked they still haven't given an explanation for that. Probably because their default explanation for spying over the past years has been "because terrorists", but they couldn't give that one for the spying on Petrobas because they would be laughed out of the building. And that's just one example of US economic espionage, as it's probably part of the foreign policy by now.
> China has denied the charges, saying they were "made up."
The charges are "made up". It says so clearly right there. I am sure the chinese goverment wouldn't lie to its people, in the same way the US does not. </s>
"also have been known to use their intelligence agencies to steal information from other countries to help their domestic industries."
Yes, that does appear to happen. And, based on my server logs at least, I'm going to say suspicion of China doing this seems reasonable.
However, as bad as using intelligence agencies to benefit private corporations may be, the US could be accused of using it's military paid for by public funds and actually killing large numbers of people to benefit private industries. Not saying the US isn't right. But, until its behavior improves on the international stage, its hard not to roll ones eyes in disgust.
This benefits no one. No real Chinese hackers or security professionals would ever risk coming to the USA in the first place. And Chinese government officials involved in cyber security would never come without a diplomatic passport. So really all this hurts are academics.
Yes that's very possible. But I do know for a fact that Chinese working at security companies in China are already afraid to visit the USA.
Anyone working for Huawei in security visiting a hacker conference is going to have troubles getting a visa, even before this. I think this announcement is just for show.
There's also a language barrier -- a lot of engineers in Chinese companies aren't as fluent in English as would be necessary to have a good or productive time at DEF CON, so it would have to be more senior/management type people.
If they do this, Defcon 23 will be in Mexico or Canada, I suspect. (I'm speaking AT DC22, but I can't speak for Defcon, but I've been going since DC7 and I'm pretty familiar with how they think.) Montreal would rock.
BTW, there's an awesome conference in Beijing I'm going to submit to -- http://xcon.xfocus.org/
How long of a notice would Defcon have to reschedule? Especially since they probably have the hotel booked and everything else? Also they would have to inform all speakers that it would be held in Mexico / Canada and some people might not want to come so it really just hurts the Conference in general. But regardless we still have to wait and see if Visa letters start getting rejected.
8-12 months, most likely. I guess the most plausible situation would be a split con, with most of it still in Las Vegas, but live VTC stream to a parallel con elsewhere.
Black Hat would not move; Defcon and Blackhat hate each other now, but it's still a big draw (your work usually will let you expense Blackhat, and Defcon is on the weekend after)
While Canada would certainly welcome you - I'm guessing a large segment of the demographic would get stuck at the border (criminal convictions and such).
Sure. Defcon is the beacon of fair and balance, true champions of moral choices. This is why they had liar and traitor Keith B Alexander as a speaker and are actively helping feds recruit from hacker community.
>Federal prosecutors said the suspects targeted companies including Alcoa Inc, Allegheny Technologies Inc, United States Steel Corp, Toshiba Corp unit Westinghouse Electric Co, the U.S. subsidiary of SolarWorld AG, and a steel workers' union.
Its my comment about US politics and policy...anything along those lines gets downvoted into oblivion on reddit and lately hn too. (Previously on hn you'd get angry yet reasonable responses - now its all silent downvotes)
Now the Chinese hackers will have no choice but to go to the security conferences in Asia. All of them are way better than Defcon though, so who is really losing?
Are they also going to force participants not to blog, talk about, or otherwise disseminate the information they gleaned there?
Otherwise, this childishness is just another act by the clueless to try grabbing some attention for themselves, while doing something of no practical value. While simultaneously flaunting how little they know, about how the world really works.
Exactly, this does nothing. Let's not forget the US is operating on the same level as China. The US spies on China as much China spies on us. We spy on our own citizens as much as China does. The only real difference is that the US doesn't actively censor internet but I expect that to change.
And, with little real positive effect, these types of actions can appear aggressive, petty, unreasonable and produce negative sentiment.
Personally I don't see the need for the bellicose rhetoric emanating from Washington lately. I would think it wiser to at least appear friendly and co-operative whenever possible while warning in private up until it's time to take real measures. Then take those for real. Don't indict 5 guys you are never going to get, then make a big show of suspending conference visas. It appears paranoid and weak in my opinion. But maybe that's why I am not a policy maker.
It's interesting that the US regards as criminal and prosecutable the same actions that the NSA conduct against foreign telcos and others. I would have thought that there might be caution about bringing indictments in such cases.
Seems like a silly idea. Why not send some NSA or CIA people to DEFCON, find the Chinese nationals in question, and then pwn their devices with one of what I'm sure must be many 0days that NSA have in their pockets?
Maybe the government is sending this signal in order to encourage DEFCON to move outside the US, because that would make tracking and surveillance easier for them than within the US, and create a false sense of security for attendees?
I think you are giving them too much credit. The US Government has already demonstrated that it and its 3-letter agencies are above the law when they failed to prosecute high-ranking officials for lying to Congress which is supposedly a capital crime.
I'm sure that if they wanted to surveil DEFCON, it would be trivial for them to do so.
Despicable.
Why not host Defcon in Canada, or somewhere else? If Chinese hackers cannot attend industry events because of the US's imperialistic tendencies, it's our responsibility to modify our events so that they can.