Article 47MBJ Hackers Baselessly Blame Women and ‘SJWs’ for the End of DerbyCon Security Conference

Hackers Baselessly Blame Women and ‘SJWs’ for the End of DerbyCon Security Conference

by
Lorenzo Franceschi-Bicchierai
from on (#47MBJ)

Last week, the popular hacking conference DerbyCon announced that it was shutting down. The next DerbyCon, the organizer said, will be the last.

"Conferences in general have shifted focus to not upsetting individuals and having to police people's beliefs, politics, and feelings," part of the organizers' lengthy statement about the cancellation said. "Instead of coming to a conference to learn and share, it's about how loud of a message a person can make about a specific topic, regardless of who they tear down or attempt to destroy."

Some in the infosec community read the organizers' statement and began to blame the shutdown on "Social Justice Warriors," and women who complained too much. For example, far right blog Gateway Pundit pointed to an incident where an attendee complained that other attendees were joking about sexual assault outside of the conference's Mental Health Village. Others on Twitter latched on to the rumor that "SJWs" killed DerbyCon.

Got a tip? You can contact this reporter securely on Signal at +1 917 257 1382, OTR chat at lorenzofb@jabber.ccc.de, or email lorenzofb@vice.com

Regardless of the reason for the conference's cancellation, the announcement renewed a conversation about toxicity in the infosec community that has been taking place in earnest since at least 2017 (and in smaller circles before then), when the Verge reported on chat logs from well-known security researcher Morgan Marquis-Boire, in which he confessed to a series of sexual assaults; the Verge and VICE corroborated that reporting with multiple women who have knowledge of the assaults.

While some women in the cybersecurity world were discussing the toxic interactions, sexual harassment, and assaults they've faced in the infosec community, members of a popular closed Facebook hacking group called "illmob" began to attack women who have spoken up about these issues, including Georgia Weidman, a security researcher who recently tweeted that her career was hurt by attending and speaking at DerbyCon in 2013.

"Let's be real here, they don't belong anywhere near cons," Corey Barnhill, a hacker known for being involved in several groups such as Crackas With Attitude, a member of the Facebook group, said in a recent thread referring to women who complain about being mistreated at security conferences. "They belong in mental wards. I'm so sick of seeing these wacko chicks freaking out over nothing at cons. It's always the really ugly ones too."

Barnhill was commenting a thread linking to Weidman's tweet. Barnhill did not respond to a request for comment.

2kZI26OhAs6qSBCYtiRkHthMPHqvKeRB7UQ6j6oO

"Illmobcon. No pandering. No SJWs. Shut up and learn," posted Nathan Magniez, who works at Reliant, a New York City-based security company, according to his Linkedin account. In a Facebook message, Magniez said that his post "aimed at all the drama surrounding the hacker community and that day specifically for the cancellation of my favorite con (Derbycon)."

"No sexism behind it," he said. "I don't have any problems with any women in security and I take my wife and daughter to conferences when time/school allows."

Misogyny in the group is not limited to DerbyCon-related topics, however. In another thread, several members complained about Def Con not allowing strippers at its traditional-and controversial-Hacker Jeopardy event. One group member even created a timeline of "SJW Bullshit at Tech Conferences," lamenting cases where women spoke up against discrimination.

The moderators and admins of Illmob have thus far ignored misogynistic content. Scrolling down for a few hours unearthed several offensive threads and comments.

Ilmob's admin and founder, Genovese, told Motherboard that "none of the content is really moderated," but denied that there's misogynistic content.

"Occasionally some drama content occurs and people answer emotionally either because it affects them personally or the community as a whole," Genovese told Motherboard in an online chat. "I would not say misogynistic as both men and women are often the topic. Anything from fraudsters to snake oil to noobs are the topic regardless of gender."

One female member of the Facebook group who asked to remain anonymous in order to avoid retaliation told Motherboard she monitors illmob as a way to avoid hiring questionable individuals.

"I've chosen to remain a member of the group to see who not to hire in the future," she said.

Weidman, whose tweet was the subject of vitriol in the group, said the group's posts are a perfect example of the kind of treatment women still get in the infosec world.

"This is exactly the kind of behavior that I hinted at when I said Derbycon 2013 was worse for me than Confidence 2013 (where I successfully fended off a would-be rapist with a coffee cup)," Weidman told Motherboard in an email. "The community that I expected to 'have my back' turned on me. I'm older now. I've sadly gotten used to 'Let's meet alone, no you can't bring an advisor' and unsolicited penis pictures as part of the gauntlet that a woman in cybersecurity still has to run even in 2019. #MeToo has opened a lot of eyes, but it's going to take years of effort before we can rid our industry (and hopefully our society) of these bad actors."

Jackie Singh, the founder of Spyglass Security, said that "those comments reflect a set of beliefs that many people pretend don't exist in our community."

"Some of those involved hold respectable day jobs in cybersecurity and often show a different face to the world than the one they feel safer to express among others with similar beliefs," Singh told me in an online chat. "However it is important to state the illmob chat is not the cause, but only a symptom."

After I reached out to a few members of illmob asking about their comments, and Genovese, the admins kicked me out of the group.

Listen to CYBER, Motherboard's new weekly podcast about hacking and cybersecurity.

External Content
Source RSS or Atom Feed
Feed Location http://motherboard.vice.com/rss
Feed Title
Feed Link http://motherboard.vice.com/
Reply 0 comments