[Cryptography] Boing Boing pushing an RSA Conference boycott

Bear bear at sonic.net
Tue Jan 14 14:20:28 EST 2014 

On Mon, 2014-01-13 at 15:33 -0500, Phillip Hallam-Baker wrote:
> On Mon, Jan 13, 2014 at 3:26 PM, Kent Borg <kentborg at borg.org> wrote:
>         On 01/13/2014 02:35 PM, Phillip Hallam-Baker wrote:
>                 There should be a penalty, no question. But what
>                 should the penalty be?
>         
>         How important *is* this conference?  I admit I have never
>         attended...
> 
> 
> It is the only international trade show for the IT security industry. 
> 
> 
> Try 10,000 people coming to buy products to protect themselves from
> the NSA etc.

I may be excessively cynical here, but when you wrote "etc" I think 
you might have been misspelling "RSA."

Why should we ask someone go to an RSA conference to get products 
to protect themselves from RSA itself?  Considering the conflicts 
of interest, that doesn't seem likely to be fruitful, does it?

While I think that a simple boycott is too broad, there has to be 
an alternative course of action.  The industry needs conferences 
(for sales) but would prefer not to have RSA's name plastered on 
them (for credibility).  The public needs conferences (for security
information and products) but would prefer not to be going to a 
conference organized by the very same people they have discovered 
that they need to secure their business against.  

Both groups would be well-served by a parallel series of security
conferences, scheduled very deliberately to conflict with RSA's 
conferences and ideally not open to companies who are also presenting 
the same papers or products at the RSA conferences.  

That would allow people to actually *do* the boycott of the RSA 
conferences without missing all possibility of making sales or all 
possibility of securing their infrastructure.  It would reduce 
the level of collateral damage and allow the very targeted kind 
of boycott that I think everyone could support. 

Can we get a University (one with a hell of a good math program, 
or who offer graduate degrees in cryptography) to organize one, or
if they won't organize it could we get them to host it?

More information about the cryptography mailing list