https://old.reddit.com/r/Defcon/comments/1ep00ln/def_cons_response_to_the_badge_controversy/ jump to content my subreddits edit subscriptions * popular * -all * -random * -users | * AskReddit * -pics * -funny * -movies * -gaming * -worldnews * -news * -todayilearned * -nottheonion * -explainlikeimfive * -mildlyinteresting * -DIY * -videos * -OldSchoolCool * -television * -TwoXChromosomes * -tifu * -Music * -books * -LifeProTips * -dataisbeautiful * -aww * -science * -space * -Showerthoughts * -askscience * -Jokes * -IAmA * -Futurology * -sports * -UpliftingNews * -food * -nosleep * -creepy * -history * -gifs * -InternetIsBeautiful * -GetMotivated * -gadgets * -announcements * -WritingPrompts * -philosophy * -Documentaries * -EarthPorn * -photoshopbattles * -listentothis * -blog more >> Defcon Defcon * comments * other discussions (2) Want to join? Log in or sign up in seconds.| * English [ ][] [ ]limit my search to r/Defcon use the following search parameters to narrow your results: subreddit:subreddit find submissions in "subreddit" author:username find submissions by "username" site:example.com find submissions from "example.com" url:text search for "text" in url selftext:text search for "text" in self post contents self:yes (or self:no) include (or exclude) self posts nsfw:yes (or nsfw:no) include (or exclude) results marked as NSFW e.g. subreddit:aww site:imgur.com dog see the search faq for details. advanced search: by author, subreddit... this post was submitted on 10 Aug 2024 167 points (89% upvoted) shortlink: [https://redd.it/1ep0] Submit a new link Submit a new text post Get an ad-free experience with special benefits, and directly support Reddit. get reddit premium Defcon joinleave41,590 readers 852 users here now Defcon's website is http://defcon.org See http://defcon.org/html/links/dc-faq/dc-faq.html if you are brand new to the concept of Defcon. If you hear Defcon is cancelled, and then you don't go... yeah, for you, it's cancelled. Submit photos, videos, and stories. --------------------------------------------------------------------- a community for 15 years MODERATORS * message the mods discussions in r/Defcon <> X 166 * 75 comments DEF CON's response to the badge controversy 62 * 5 comments Crowdstrike President @ Pwnie awards 40 * 3 comments [9ZDQGkwS] Entropic's Statement 60 * 53 comments [hdyWlCF-] Hey NeuroSpicy h@ck3rs, want a fun sticker? 35 * 12 comments Does Goon = Asshole? 53 * 36 comments Attendees stealing from vendors. 340 * 125 comments [cnBpN3Rk] 0:20 Defcon stiffs badge HW vendor, drags FW author offstage during talk 42 * 8 comments [NH34JHp0] Close up shots of the defcon32 badge board, confirming the existence of the Entropic logo. 15 * 1 comment [-1BxuQfx] Lol in a urinal 20 How to put Defcon 32 badge in 'badge/wearable mode' Welcome to Reddit, the front page of the internet. Become a Redditor and join one of thousands of communities. x 166 167 168 DEF CON's response to the badge controversy (self.Defcon) submitted 4 hours ago by DCsleestak DEF CON thrives on community collaboration and has operated for over 30 years successfully working with hundreds of vendors including the dozens that have helped with our badges over the years. For this year's Raspberry Pi badges, DEF CON hired Entropic Engineering to do the hardware development and firmware. After going overbudget by more than 60%, several bad-faith charges, and with a product still in preproduction, DEF CON issued a stop work order. Any claims that DEF CON did not pay Entropic Engineering for its hardware or firmware development are false. Unfortunately, we heard that these issues with Entropic Engineering were not unique to DEF CON. We decided at that point to finish the badge on our own. We paid to send engineers to Vietnam to work onsite to finalize and test the badges in order to ensure they would be done on time for the conference. We never removed Entropic Engineering's logo from our badge, it is still on the PCB. However, Entropic was not involved in the design and production of the case, and we removed their logo we had added as a courtesy. We were happy to still include one of their contractors on the badge panel session. Unfortunately, shortly before the talk was set to take place DEF CON became aware that unauthorized code had been included in the firmware we had paid Entropic Engineering to produce, claiming credit for the whole badge and promoting their coin wallet to solicit money from DEF CON attendees above and beyond what we had negotiated. When asked about the unauthorized code, the engineer said it had been done as a "joke" two months ago and forgot to remove it, and we decided as an organization not to have him on stage while we kept the slides in the talk giving him credit for his work. We communicated the change in advance of the talk, and this individual decided to show up for the panel anyway. He refused to leave, demanding that our security team remove him. Wanting to ensure that the other people involved in creating the badge were able to deliver their presentation, we complied with his wishes and escorted him off the stage, where he was free to continue attending the conference. Any issues of non-payment are between him and Entropic Engineering, DEF CON fulfilled its financial obligations. * 75 comments * share * save * hide * report all 75 comments sorted by: best topnewcontroversialoldrandomq&alive (beta) [ ] Want to add to the discussion? Post a comment! Create an account [-]288585B8804A2 65 points66 points67 points 3 hours ago (7 children) Entropic Engineering's statement on the matter can be found at https: //www.entropicengineering.com/defcon-32-statement . To prove authenticity, check the creation date of this account : hextodec(288585B8804A2) [this username] yields two numbers that are on the badge PCB, one number is visible near the edge, the other is hidden. If anybody is curious - they are the phone numbers for my grandparents modem - which I used to start one of the local DC groups in Malaysia as a teenage kid many years ago. * permalink * embed * save * report * reply [-]decay_cabaret 29 points30 points31 points 2 hours ago (4 children) So wait... You're saying that you discounted the last invoice you sent by 25% so that you would not go over the total agreed upon budget, and that you did not, in fact, attempt to charge DC Badge team more than the agreed upon budget prior to the stop work order? Just trying to understand the facts here because it sounds like you basically managed to do the fucking impossible, and still came in at the target budget (by discounting the labor and materials to guarantee you stayed under budget)but then out of the blue they're like "stop everything, we're not paying that amount we agreed to. Instead we're offering you this even SMALLER amount that we will NOT negotiate on and if you don't like it, get bent."? Is that essentially the gist of it? * permalink * embed * save * parent * report * reply [-]288585B8804A2 22 points23 points24 points 2 hours ago (3 children) As far as I understand it - my opinion only - we had been given agreed upon a per badge cost and we discounted our work (and indicated a willingness to discount further) to keep it at target as we had agreed to. We sent updated cost forecasts regularly but it seems updated ones of these were not seen until too late. I want to be fair to them, there were a million emails running around as you might suspect and those later forecasts were easily missed - everybody was working almost around the clock with very little sleep. But yes - we discounted our work to hit those targets. I also now understand that there were further minor external expenses that we were not involved with (e.g lanyards). Our forecast missed those since we were not involved in those expenses. I take responsibility for our part in this oversight - we tried to do everything possible to provide the community with the badge they deserve and I wish we were better taken care of in the process and accordingly credited. * permalink * embed * save * parent * report * reply [-]manidontknowlikewha 2 points3 points4 points 1 hour ago (1 child) Were these pre-agreed cost commitments? It reads like you agreed to a fixed fee, and your would-be but non-contractual hourly rate was higher. But that rate wasn't what was agreed to. Is that correct? * permalink * embed * save * parent * report * reply [-]decay_cabaret 7 points8 points9 points 1 hour ago (0 children) It sounds like, to me, they agreed upon a budget, EE stayed inside that budget by discounting things on their end, cutting into their bottom line significantly, and then were told they had to take even less money or get nothing at all. Meanwhile DC is saying that EE came in at more than 60% over budget and that's what caused them to issue the stop work order and send out their own people to finish the job. This is a whole lot of fuckery, and I am personally landing on the EE side of things for 100% purely personal reasons because of stuff like "well, EE didn't design the case and since we made them stop working on the internals so we could finish the last 10% of the work, we took their name off the case"... That's the kind of thing people who have burned me in the past have said, so my feelings are 100% anecdotal personal bias. But my opinion doesn't really matter anyway: I'm not involved in the situation, I am not there this year, and I'm nobody important. I just asked for a little clarity on the situation so that it might help other people like me who read about it and went "what in the actual hell is going on here?!" * permalink * embed * save * parent * report * reply [-]decay_cabaret 2 points3 points4 points 1 hour ago (0 children) Damn. That's messed up. I wasn't able to go this year, but y'all have my respect for basically doing the impossible. I'm sorry you got shafted and maligned in the process. That's really fucked. * permalink * embed * save * parent * report * reply [-]snowden2020 13 points14 points15 points 3 hours ago (0 children) I spent way too long on this: ``` 0x288585B8804A2 71286302 7561634 ``` PJ7561634 in this image below: https://preview.redd.it/ close-up-shots-of-the-defcon32-badge-board-confirming-the-v0-i4od0r0kquhd1.jpg? width=6000&format=pjpg&auto=webp&s= 997ab72927eefabfefb8c686f279ded03e8f00e8 * permalink * embed * save * parent * report * reply [-]aestetix 4 points5 points6 points 2 hours ago (0 children) Are you able to say how much money is involved? I keep seeing percentages, but I'd be interested to know what the originial costs were, how much they increased, why they increased, and so on. If not it's ok, it's mostly just to get a solid idea of the situation. I want to also respect your privacy. * permalink * embed * save * parent * report * reply [-]dmitrygr 48 points49 points50 points 2 hours ago (2 children) Get your shit straight. I was not anybody's contractor or subcontractor. I'm not employed by entropic nor by you. I did this in my free time so attendees could have a fun badge. And issues of payment are between you and entropic. * permalink * embed * save * report * reply [-]Activate_The_Robots 2 points3 points4 points 53 minutes ago* (0 children) Who asked or invited you to do the work? Or, perhaps a better question: how did your code end up running on the badge? Did you provide it to someone at Defcon, to someone at Entropic, or was it some other way? * permalink * embed * save * parent * report * reply [-]ryanlrussell 1 point2 points3 points 18 minutes ago (0 children) Couple of questions if you're willing to entertain them. No hostility or accusation intended, I'm just curious. You're the one who put the Easter egg in, yes? Why does it credit Entropic rather than or in addition to yourself? You were aware of the dispute when you put the Easter egg in? Who has control of the payment address on that screen? * permalink * embed * save * parent * report * reply [-]autobahn 37 points38 points39 points 4 hours ago (3 children) I wonder who they'll find to do the electronic badge next time? List is probably pretty short at this point willing to work for peanuts and exposure. * permalink * embed * save * report * reply [-]NDN-null 3 points4 points5 points 34 minutes ago (1 child) Sounds like the playbook of an Orange person * permalink * embed * save * parent * report * reply [-]cluehq 0 points1 point2 points 5 minutes ago (0 children) I got dragged in another thread for stating as much but that's DC for you. * permalink * embed * save * parent * report * reply [-]jercos -1 points0 points1 point 28 minutes ago (0 children) Any number of hackers should be happy to work on the next DEF CON badge... and by work, I mean pocket the money and ignore calls from Jeff. * permalink * embed * save * parent * report * reply [-]girlhax 40 points41 points42 points 3 hours ago (4 children) There are consistently talks of issues with the badge runs every year - and it's become clear that DC isn't giving the folks creating these badges the time (and potentially $$$) it takes to create a mass hardware run like this. I can imagine the margins on these badges aren't exactly large either. I do love DEFCON a lot, but honestly to me it seems most of these issues are recurrent, and solved by $$$ and planning. This extends to the veteran physsec / SOC lead quitting this year due to being uncompensated. * permalink * embed * save * report * reply [-]autobahn 26 points27 points28 points 3 hours ago (1 child) I was actually sort of blown away at the numbers thrown around for the per unit badge budget. It seemed ridiculously low. My understanding is defcon got a sweetheart deal for the Pi chips. I think defcon has gotten too ambitious with the badges and is asking for too much to be done with table scraps budget. The SD card quality is evident of this. * permalink * embed * save * parent * report * reply [-]Truth-Miserable 9 points10 points11 points 2 hours ago (0 children) Entropic is a pi partner and suggested to the raspi foundation that they give the chips to DC for free, which is what they wound up doing * permalink * embed * save * parent * report * reply [-]4DigitPin 9 points10 points11 points 3 hours ago (1 child) Do you have more info about the SOC lead quitting? Haven't heard about this * permalink * embed * save * parent * report * reply [-]WarboyX 12 points13 points14 points 2 hours ago (0 children) https://www.linkedin.com/posts/ securitybuilder_after-15-years-i-have-retired-from-leading-activity-7216898762441400321-TiMx? utm_source=share&utm_medium=member_android * permalink * embed * save * parent * report * reply [-]ncc74656m 28 points29 points30 points 3 hours ago (0 children) Given the claims of extracted free labor by some people very close to and very high up the ladder in the DC world, and the seemingly corroborative story as portrayed by Dmitry, I'd be curious to see if DC could provide any proof of their side of the story. Not so much out of doubt, but out of an interest in seeing DC salvage its reputation here. The hacker community has long had issues with folks who have delusions of grandeur and persecution complexes, (no accusations to anyone on either side - a general statement on the community). It would help restore trust to the DC community given that we have had this seeming abandonment by high level folks, the Caesars issue, last year's badge problems, the significantly increased entry costs, and now this. I'm sure there are many who want to believe that DC still holds its core values. Are there more than words here? * permalink * embed * save * report * reply [-]freshapocalypse 13 points14 points15 points 3 hours ago (0 children) The end of the con talk will surely be interesting. * permalink * embed * save * report * reply [-]GoodEffect79 11 points12 points13 points 2 hours ago (1 child) DEFCON should release their agreement with EE, proving their claim of EE's obligation to supply firmware and their rights as far the content and distribution of it. * permalink * embed * save * report * reply [-]cluehq 0 points1 point2 points 4 minutes ago (0 children) The only way anyone will ever see this is through discovery as a result of a lawsuit. * permalink * embed * save * parent * report * reply [-]4DigitPin 34 points35 points36 points 4 hours ago* (0 children) That's not what the easter egg says though? They didn't claim credit for the whole badge. The entirety of the text in the Easter egg: Entropic Engineering Hardware design by Entropic Stolen credit returned. donate: (I'm not typing out the wallet address) [any key to exit] Also, Dmitry has said multiple times, on reddit, on discord, and in person that he has zero issues with Entropic, it's kind of shitty to imply that's the case Link to photo of easter egg Link to Entropic Engineering's statement * permalink * embed * save * report * reply [-]shrekhandz 23 points24 points25 points 4 hours ago (0 children) This adds some interesting color to the situation * permalink * embed * save * report * reply [-]aestetix 14 points15 points16 points 4 hours ago (2 children) When asked about the unauthorized code, the engineer said it had been done as a "joke" two months ago and forgot to remove it, and we decided as an organization not to have him on stage while we kept the slides in the talk giving him credit for his work. Can you elaborate on why you made this decision? Also, how long before the talk did you "communicate the change", and how did you do this communication? * permalink * embed * save * report * reply [-]dmitrygr 26 points27 points28 points 3 hours ago (1 child) They told me over the phone less than 30 minutes before the talk that I would no longer be welcome in it. They offered me the option for me to apologize and I said that I would happily state that I meant to offend nobody. they told me that was not good enough. The rest you see in the video * permalink * embed * save * parent * report * reply [-]sh4na 16 points17 points18 points 2 hours ago* (4 children) Crediting people for the work they've done is not a "courtesy", my dudes, it is the bare minimum, regardless of when they did the work, whether you're still working with them, or whatever business disputes you might have. Your booklet says RPi did all the work - and that's obviously untrue, isn't it? The extremely sorry spectacle of goons physically manhandling a person is just the cherry on top of this shitshow - you're lucky to not have gotten a criminal charge thrown at you. Amateur hour. * permalink * embed * save * report * reply [-]Upper_Butt 1 point2 points3 points 2 hours ago (1 child) Crediting people for the work they've done is not a "courtesy", my dudes, it is the bare minimum, regardless of when they did the work, whether you're still working with them, or whatever business disputes you might have. This depends entirely on the terms of the contract, which neither of us have access to. * permalink * embed * save * parent * report * reply [-]n0v0cane 5 points6 points7 points 1 hour ago (0 children) There's the contract and there are the expectations of the hacker community. DC should be meeting both, imo. * permalink * embed * save * parent * report * reply [-]bobbytabl3s 0 points1 point2 points 16 minutes ago (0 children) It's actually very rare in the commercial world. * permalink * embed * save * parent * report * reply [-]Herrsrosselmeyer 9 points10 points11 points 1 hour ago (0 children) Unauthorized code? At DEFCON? scandalous. Who ever heard of such a thing? Truly worth stiffing the guy who donated piles of free labor out of the exposure which was his only compensation. Obviously it was more important that you throw your toys on the floor and stomp over a harmless easter egg that called you out. * permalink * embed * save * report * reply [-]0373 24 points25 points26 points 4 hours ago (0 children) And the pwnie award for lamest vendor response goes to Defcon! * permalink * embed * save * report * reply [-]mperklin 17 points18 points19 points 3 hours ago (15 children) However, Entropic was not involved in the design and production of the case, and we removed their logo we had added as a courtesy. If you acknowledge Entropic made the PCB and wrote the firmware, why do you claim adding their logo to the badge was only a "courtesy"? Didn't it take MORE work to add the logo to the design and then scrub it off later before production? Yes it sucks a vendor went 60% overbudget and had to be ordered to stop work. But it sounds like they still delivered the PCB and the firmware. Listing contributors in the credits of a project isn't a courtesy--it's expected. I just pulled out a bunch of electronic badges from previous DEF CONs and I see Kingpin, MK Factor, Parallax, etc. This shows DEF CON has a history of crediting the companies that make their badges. And when comparing what the PCB+Firmware do for the badge vs. what the case does for the badge... it's pretty clear that Entropic's work contributed far more to the whole than the plastic case did. Spin it how you want, but to me it seems DEF CON's decision to remove the largest contributor's logo from this year's badge is what led to this drama--not Entropic's inability to keep costs within budget. Sure, Dmitry's ask for donations isn't a good look on him either, but it seems to me that had he been credited for his work, he wouldn't have had an incentive to add an easter egg adding his company's name back onto the badge in the first place. * permalink * embed * save * report * reply [-]dmitrygr 19 points20 points21 points 3 hours ago (2 children) I did not ask for any donations to me and have been refusing them all morning while I was signing badges today. You will easily find witnesses of me, refusing money from people all morning I did this for free and I have received no compensation from anybody before, or since. * permalink * embed * save * parent * report * reply [-]mperklin 5 points6 points7 points 2 hours ago (1 child) Thanks for that clarification. Adding Bitcoin and Ethereum addresses to the easter egg appears as a solicitation of funds, and it is not clear whether the addresses you added are controlled by you, Entropic, or another entity. I hope you can see how someone (like me) could so easily misinterpret displaying these addresses as asking all DEF CON attendees for donations. * permalink * embed * save * parent * report * reply [-]lestofante -1 points0 points1 point 47 minutes ago (0 children) It is an easter egg, you have to know the specific code and input it. Very unlikely to find about it if you are not actively looking for them or someone tell you about it * permalink * embed * save * parent * report * reply [-]autobahn 8 points9 points10 points 3 hours ago (11 children) Important to note Dmitry doesn't work for Entropic * permalink * embed * save * parent * report * reply [-]mperklin 2 points3 points4 points 2 hours ago (0 children) Thanks for the correction * permalink * embed * save * parent * report * reply [-]pablopeecaso -1 points0 points1 point 2 hours ago (8 children) Huh? That makes little sense. Explain please. * permalink * embed * save * parent * report * reply [-]autobahn 2 points3 points4 points 2 hours ago (0 children) He is not an employee of their company. * permalink * embed * save * parent * report * reply [-]TetrisMcKenna 3 points4 points5 points 2 hours ago (0 children) He wrote the firmware for the device in his free time. He wasn't employed by Entropic (hw designers) or Def Con but did it out of good will to both. * permalink * embed * save * parent * report * reply [-]Iguana_Bench_86 2 points3 points4 points 2 hours ago (0 children) He clarified already, Dmitry was doing this developement for free and still does not want any money. The easter egg was about the costs EE never got reimbursed from Defcon, in their statement they also say didn't ask for this but Dmitry added it by himself * permalink * embed * save * parent * report * reply [-]GoodEffect79 2 points3 points4 points 2 hours ago (4 children) His work for Entropic seems to be as a freelancer. Entropic pulled in Dmitry to build the firmware. He seems to have agreed to donate his time and effort to the Con (and/or his agreement to not get paid after DC's lack of payment). He continued his contributions even as DC's relationship with Entropic sour'ed. His Entropic easter egg (seems hard to find to me) was likely meant to give the Entropic team their recognition, even if no one but them will ever end up seeing it. I.e. like when Steve Jobs printed the signatures of the entire dev team on the inner casing of the Macintosh. * permalink * embed * save * parent * report * reply [-]theswordsmith7 0 points1 point2 points 1 hour ago (0 children) Team signatures were also inside first RCA DSS (Dish Network) sat receiver inner casing, circa 1995. * permalink * embed * save * parent * report * reply [-]_ReD__ -1 points0 points1 point 53 minutes ago (2 children) like when Steve Jobs printed the signatures of the entire dev team on the inner casing of the Macintosh. Err... not really... That wasn't Steve Jobs nor the Mac. The famous signatures of the entire dev team (and Jay Miner's dog Mitchy) where instead on the inside of the Amiga 1000 top cover. * permalink * embed * save * parent * report * reply [-]GoodEffect79 1 point2 points3 points 42 minutes ago (0 children) Idk what you are talking about and I don't care. https:// www.reddit.com/r/VintageApple/s/AhNXihtzZm * permalink * embed * save * parent * report * reply [-]monocasa 0 points1 point2 points 36 minutes ago (0 children) https://oneminutemacman.com/signatures-inside-original-macintosh-case / * permalink * embed * save * parent * report * reply [-]pablopeecaso -2 points-1 points0 points 2 hours ago (0 children) Huh? * permalink * embed * save * parent * report * reply [-]petermal67 3 points4 points5 points 1 hour ago (0 children) Why do hacker conferences ALWAYS have BS drama like this? Seriously. There's always badge issues, and a variety of other issues. Hackerspaces also suffer from drama issues as well. Just makes me want to avoid them and live in peace. Too old for this bullshit. * permalink * embed * save * report * reply [-]Tognioal 13 points14 points15 points 3 hours ago (1 child) Please pay these people for the work they did and issue a proper apology for acting like an entitled POS corporation. * permalink * embed * save * report * reply [-]GoodEffect79 5 points6 points7 points 2 hours ago (0 children) Anyone see the de-shitification talk today? On the same stage Dmitry got hauled away from. Couldn't be any more ironic. Link likely to die, will replace when officially posted. Timestamp was 1:51min from start. https://www.youtube.com/live/YhuTmYGpgtM?si=ZfA9fyRp7FtEOavS * permalink * embed * save * parent * report * reply [-]ardevd 2 points3 points4 points 2 hours ago (0 children) So we're just silencing people over petty disputes now? * permalink * embed * save * report * reply [-]two-dollars 2 points3 points4 points 1 hour ago (0 children) escorted him off the stage, where he was free to continue attending the conference I'm curious as to why he was outside the LVCC with the police yesterday and then outside again today if he's free to attend? * permalink * embed * save * report * reply [-]evilalmus 1 point2 points3 points 1 hour ago (1 child) Id like to know how we ended up with some large % of SD cards were faulty causing people to need to go out and buy replacement cards in order to have a correctly functioning badge. * permalink * embed * save * report * reply [-]dmitrygr 1 point2 points3 points 1 hour ago (0 children) Most of the sd card budget was spent on printing on them in color. (Yes), IIRC. Remaining per-card funds weren't enough to buy good cards. * permalink * embed * save * parent * report * reply [-]manidontknowlikewha 2 points3 points4 points 1 hour ago* (4 children) Observations based on reading statements from both sides. Entropic's response stinks to me. Some perspective - I've negotiated millions and millions of dollars in tech contracts for years. You don't discount your charge by 25% to meet your contract obligations. You either meet your bid or don't. Was it a time and materials deal? A fixed fee? Phases? Their description on their website makes it sound like they agreed to target and then it was harder than they expected, and now they're spinning it as offering some kind of discount because they screwed the bid. Entropic signed their side of the agreement. Nobody else did. Theres a lot of "but we tried soooooo hard" in their writeup. They're playing the poor little guy card really hard in their writeup. Smells bad. They got their tiny little company in front of all of DefCon, and they saw the massive marketing opportunity that was for them. I don't buy the victim line one bit. Absolute nonsense. But including a "joke" (I call absolute BS) Easter egg asking for money? If I had a vendor make some pop up hit my entire customer base asking to fund THEM, I'd kick the absolute crap out of them. Lawyers called in. No questions asked. if Dimitry put that in then kicking him out was absolutely appropriate. * permalink * embed * save * report * reply [-]_ReD__ 2 points3 points4 points 1 hour ago (0 children) I'm 100% with you on this. I've had a long experience in negotiating and managing hardware development contracts since the '80s and what I read in Entropic's response is exactly what most suppliers sing when they screwed up and did not meet their part of the contract. As for any attribution of fault, first of all the contract. Because a contract is a contract is a contract. * permalink * embed * save * parent * report * reply [-]Iguana_Bench_86 4 points5 points6 points 1 hour ago (2 children) To me, it sounds like Defcon had extremely bad communication and tracking of this project, and in the end a less experienced contractor got hit by a big hammer. No matter how bad EE cost estimation was, they claim that they gave monthly updates and projections, but at the end ( very late in the Project ) they got told that those were way off as they only tracked their work, not the total project cost ( which is the responsibillity of Defcon to overlook ). If they claim otherwise, then the only logical outcome is that Defcon deemed that they will stop the work after they get the prototype working - as it would be impossible to find someone else to do it - and throw them under the bus on the finishing details. For the code matter, we all get that it was not a "joke"; just something that Dmitry most likely answered on the spot, but in the end, Defcon did also a snafu on this one as they cannot claim unauthorized anything on code they dont own - or even worse - think that they do. Overall, it is clear that this is a whole mess as Project management goes, and sorry to disagree with you, I find Defcon to blame, as they were supposed to track this project and communicate things in a productive way. Instead.. even on this message they resort to hearsay and trying to appear like they were in control... which they clearly were not. As for getting Dmitry off stage for "unauthorized code" in a Hacker conference, they both gave him a badge of honour and at the same time stated their real nature, the one that every Hacker is against :) * permalink * embed * save * parent * report * reply [-]manidontknowlikewha 0 points1 point2 points 1 hour ago (1 child) I get that this isn't the place to go after someone for hacking something, I'll cede that point :) I'd need to see the contract to have more opinions. To me it's not clear (maybe I need to re read) who owned what in this agreement. Entropics response stinks bad to me though - when someone gets into it with me on performance / contract issues, I go to the agreement. Their response has way too much "but we tried" in it on the numerator and way too little "here's how we held to our agreement" in the denominator for me to believe they're innocent at this point. * permalink * embed * save * parent * report * reply [-]Iguana_Bench_86 1 point2 points3 points 1 hour ago* (0 children) I also do see that in the EE response ( lack of data and appeal to emotion ), but generally account that to inexperience or/and lacking a team that can do damage control and PR. I do also expect that this is not the first time any project in Defcon has gone wrong. I guess what I say is that the handling and communication of Defcon side was unfit and triggered a lot of backlash today. In the end ( if ends up in court for example ) the emails, contacts and deliverables will be clarifying the situation legally, that said, issuing a stop work order pretty much equates as a late realization of a situation or something less naive. tbh, both sides appear bitter on this matter though, so I expect some pretty standard angry emails to have been sent both ways before any of this became public... Defcon though acted then with the priority of delivering A badge, and I give them that, but most likely in the cost of risking derailing this whole project they also chose to stop interacting with it's creator. In any case, I dont think Defcon lost more than EE did on this matter, most people will forget about what happened as they did eventually get their Badge, EE on the other side has too much drama connected to their names atm, which is a shame, because they did seem to have done a pretty good job hardware wise. tldr; I do see your point on a legal/contractual view, but still believe Defcon dealt this in a way that was not with the spirit of collaboration with a less experienced contractor. * permalink * embed * save * parent * report * reply [-]OriginalPlayerHater 2 points3 points4 points 2 hours ago (6 children) DefCon is enshittified it seems. Time to move on, folks. Black Hat it is * permalink * embed * save * report * reply [-]Tognioal 13 points14 points15 points 2 hours ago (2 children) Instead of black hat, support your local conferences. Maybe even start a conference if there aren't any locally. * permalink * embed * save * parent * report * reply [-]4DigitPin 5 points6 points7 points 2 hours ago (0 children) Putting CactusCon in Phoenix, Arizona as a suggestion! Been going since around 2017, the con has always happened and delivered what it promised. Don't let it being in Phoenix dissuade you, it's in January so the heat isn't a problem lol * permalink * embed * save * parent * report * reply [-]OriginalPlayerHater 4 points5 points6 points 2 hours ago (0 children) yeah that would be sweet! I think smaller groups of people tend to be better. I appreciate the suggestion and you get a VIP badge to my future hacker conference in SoCal :) * permalink * embed * save * parent * report * reply [-]_glitter_hippie_ 10 points11 points12 points 2 hours ago (0 children) and you think defcon is enshittified... * permalink * embed * save * parent * report * reply [-]evilwon12 5 points6 points7 points 2 hours ago (0 children) Could not pay me to go to Black Hat. I have enough vendors calling me with their flavor of the week already. Local contains maybe a bSides * permalink * embed * save * parent * report * reply [-]n0v0cane 0 points1 point2 points 1 hour ago (0 children) You do realize that black hat is founded and owned by the same person who founded DC. But it's much more corporate friendly. * permalink * embed * save * parent * report * reply [-]Slow-Special-2728 0 points1 point2 points 2 hours ago (0 children) Probably Goon training 101 should be an agenda item for next year.... * permalink * embed * save * report * reply [-]michael1026 -1 points0 points1 point 3 hours ago (1 child) Always two sides to a story. * permalink * embed * save * report * reply [-]jeffofreddit 8 points9 points10 points 3 hours ago (0 children) Three sides really * permalink * embed * save * parent * report * reply [+]Double_Cap4731 comment score below threshold-7 points-6 points-5 points 2 hours ago (0 children) Who gives a fuck. * permalink * embed * save * report * reply * about * blog * about * advertising * careers * help * site rules * Reddit help center * reddiquette * mod guidelines * contact us * apps & tools * Reddit for iPhone * Reddit for Android * mobile website * <3 * reddit premium Use of this site constitutes acceptance of our User Agreement and Privacy Policy. (c) 2024 reddit inc. All rights reserved. REDDIT and the ALIEN Logo are registered trademarks of reddit inc. [pixel] p Rendered by PID 162021 on reddit-service-r2-loggedout-54464b6c9c-k2nq7 at 2024-08-10 23:00:22.820508+00:00 running 3ee9f63 country code: US.