A Decision to Cancel
By Michael Pinchera
As “From the Mouth of Chaos” came together, it was clear that my planned inclusion of the following event cancellation due to Trump’s immigration ban was no longer a match. There was concern it would come off too negative as a standalone piece, but it’s good stuff, nonetheless, so here it is.
Four days after U.S. President
Donald Trump’s Executive Order 13769 was signed, Per Thorsheim cancelled
PasswordsCon—“the first and only conference all about passwords”—an information
security (infosec) event that he has organized since launching it in Norway in
2010.
“My belief in democracy & the
United Nations Universal Declaration of Human Rights takes priority over my
work, hobby & general obsession into passwords and digital authentication,”
Thorsheim explained in a statement shared online.
On the phone, he said that he knows
good people in the infosec and academic research communities that would be
unable to attend PasswordsCon in Las Vegas under the executive order solely due
to the soil on which they were born. And messages he’s received from the
infosec and academic communities relating to his reason for cancelling
PasswordsCon have been nothing but positive.
“I’m just standing up for what I
believe in. It’s good to be able to prove that I have a spine,” he says with a
laugh. “That’s very important in this industry.”
PasswordsCon, which drew up to 200
participants to its Las Vegas edition last year, had been scheduled for July
25-26 at the Tuscany Suites & Casino as a two-day track within larger
infosec conference BSidesLV. These events were scheduled to take place
immediately prior to a pair of major infosec gatherings in Las Vegas: Black Hat
and DEF CON.
Thorsheim briefly considered moving
this summer’s PasswordsCon to Canada or Mexico, but some of his infosec
colleagues already in the U.S. offered assistance and, with his blessing, have
added a password-specific track to the BSidesLV schedule, branded “Ground1234!”
“I wouldn’t want to do anything
that would hurt BSides—they’re friends of mine,” Thorsheim says.
Inevitably, PasswordsCon will
return to the U.S., if and when the travel ban is lifted or expires. And
Thorsheim is not concerned about potential backlash when he next travels to the
U.S.
“People from the U.S. government
attend [PasswordsCon] to learn about cryptography. I have no problem with
them,” he says. “I’m not into trying to interfere in politics…but I don’t have
to go to the U.S. with my conference, and if they’re blocking people just
because of their country of origin…then I’ll go to another country.”
The twice-yearly event will next
take place next in December in the European Union—the precise location has not
yet been finalized.
He does lament the thought of such
events excluding, by travel ban necessity, certain foreign participants: “We’re
stronger as a global community.”
Lessons from the cancellation of
PasswordsCon:
·
If you have to make a moral stand and cancelling
your event is personally the best choice, understand that your attendees will
miss out on education as a result.
·
Consider reaching out to colleagues that may be
interested in filling your void and providing similar content under a different
name—especially if your event was a single track within a larger event—so those
already planning to travel and attend will not be disadvantaged.