Adult. What a weird concept.
I keep finding myself saying that word in different contexts, and it feels weird because deep inside I’m still pretty much a non-adult (can’t really say kid, so non-adult would work best here).
Lately, all the buzz was around (another) overblown drama in the infosec community, fueled by emotions, friendships, followings, almost to a cult behavior, sprinkled with the necessary “wait a second, someone needs to be the adult here” moment.
So here goes – as Lesley eloquently put it, this is my community. She quotes the hacker manifesto, which I still hold close to my heart as well, and I couldn’t agree more with her. But there’s a bit more that I’d like to add.
We are hackers (at least a lot of my friends and who I consider the more “fun” part of the infosec community). As such, yes, we tend to have personalities that can become borderline, but at the end of the day we learn how to deal with each other. We have been for decades already. Nothing new.
However, in the past few years, a weird spin is developing around this community. This spin (like many) brings good as well as bad to us. The good part, is more visibility and attention from the “muggles”. The outside world. The business, media, and general population. What we do is starting to bubble up into people’s attention as they get closer to the matrix, and realize that we have lived it all our lives. Cars, factories, financials, entertainment, social, you name it, we’ve done it. And it’s great. The bad part is that we get more attention. And as such we get to see cases of “rockstar” issues.
Now, I usually don’t care much for this rockstar bullshit. Everyone gets their 15 minutes of fame, and everyone should be able to enjoy it while it lasts. But letting it get to your head is when things get ugly. And while I can look up to people in the community because I respect what they do, and the kind of people they are, the “rockstar” phenomena is flawed when you look back at who we really are. Hackers. And this is what drove me to this rant.
How did we, hackers, get to have our “own” people behave like sheep? From where I’m sitting, this is inexcusable.
It’s totally OK to look up to someone. I do. But the second that blindly following someone clouds your judgment you lose your hacker-cred (again – in my personal view). And while we all cultivate our quirky personalities, we need to remember that we do represent something bigger – especially when viewed in our hacker persona. And mixing this with personal quarrels is a recipe for disaster.
Case in point – I consider Adrian a friend. Someone who I respect for what he does, for his personality, sense of humor (sarcasm ;-)) and contribution to the hacker community. I can also disagree with him, and tell him so without being afraid that he’s going to be insulted. And then have drinks and laugh about it.
I also hold BSidesLV close to my heart. I’ve been close to it and part of it pretty much from the first instance in Vegas. It represent a big part of what I consider the hacker community, and have grown (along with the usual growing pains) to something that I am proud of.
So yes, when the latest twitter drama unfolded, I could easily convey my support to Adrian on a personal level, while also supporting the BSidesLV decision to part ways with him. As ambivalent as it may sound, it makes perfect sense to me. Pretty much like being able to separate friendship from business. Hard and painful decisions sometimes need to happen, but based on my experience, they tend to strengthen friendships rather than ruin them.
So yes, for some of you this may seem out of context. If it does – totally ok, I’m sure you’ll catch the next drama. For others – it’s also OK to get pissed at me for picking one side, or another, or both. I still love you for what you are. Because at the end of the day, we are all hackers.
But lets also stay professionals. Adults. It’s not a bad word. It just makes us stronger, and at the end of the day lets us have more fun and focus on what we do best.
Update: because I’m lazy I didn’t sum up the gist of said drama. Here’s a summary from someone less lazy: http://blog.erratasec.com/2015/09/whats-that-drama.html (thanks Rob!).