Coming back from London after BH2018

Here are some raw thoughts on our second immersion in a computer security conference (or simply con, in the field’s “native language”): Black Hat Europe 2018, London. Black Hat is probably one of the most famous and important computer security con, even though according to the attendees themselves, the European edition is much smaller than the one held in summer in Las Vegas, where the first con was held in 1997. The con was divided in two sections: the trainings – that we did not attend for an obvious lack of technical knowledge – and the briefings. Those sessions covered a wide range of tracks, from cryptography and malware analysis to applied security and IoT (Internet of Things).

I guess a good starting point is to ask the ground-level question that I have been asked several times: what were we doing there?

We try to outline the issues and stakes of the international field of computer security and this con represents for us a significant entry door. By attending such a event, we do not plan to grasp the technical but to sharpen our understanding of broader elements as well as to take advantage of this gathering of experts to meet some of them and carry out our first interviews. The question is then: how do we do that? We grope… We try to anticipate as much as we can by reading the program, trying to guess who we would like to meet and sending some emails. We also plan time for strolling around trying to meet someone or capture something unexpected. The questions we ask to ourselves or to the other participants are: who are they? What do they do here? How? Why? Of course, the way we are trying to figure out all these questions relies on a somehow crooked path, but I believe that preparation and thorough observation can undermine some of the uncertainties of fieldwork.

In fact, the ease of a fieldwork depends very much on how we connect with insiders, and we were relieved to find out that it was pretty easy for us to meet these experts and have in-depth conversations with them. A couple of emails before the con and a quick talk after their presentation were all we needed to get in touch with these people. Neither our peculiar standing point nor the lack of technical knowledge seemed to have bothered them. On the contrary, it helped us tackle some broader (and sometimes very naive) questions on their practices and trajectories, as well as on the ethical and political dimensions of the computer security field. The 5 interviews we carried out, as well as the informal talks during the con were instrumental for us to become familiar with their reasons to be there and their own perceptions of the con. I look forward to listening again to the recordings because a lot of questions seem to arise.

Further, flicking through my notes, I am surprised to realize the presence of many elements that relate to very anthropological topics. I will give just three instances of such topics. The first one concerns the gift/counter-gift issue, which is especially visible in the business hall where the sponsors distributed a huge amount of goodies such as stickers, USB devices, key rings, mugs, pens, tee-shirts, socks, even Lego or playcards. Some people also distributed some stickers or tee-shirts during their talks. And I don’t forget to mention the bag full of stuff (a bottle, a USB-adaptor, a comic, a pen, etc.) that we received when collecting our badge. In anthropology, we tend to believe that there is no gift that does not require a counter-gift and Marcel Mauss identified three actions that are equally important to grasp what is at stake: to give, to receive, and to give back. I do not dare to compare the business hall to a potlatch where all the companies compete to be the nicest, the richest, the most original or the most powerful (or not yet). As a good student though, I ask myself what the counter-gifts are in this case. The most obvious is our contact information, since everytime we spoke to a sponsor our badge were scanned so that they have our email addresses (I received already a lot of emails from these companies). But there is probably much more at stake.

Another topic is about performance – and I do not only think about the introductory keynote, where Jeff Moss, a founder of Black Hat, arrived on a huge stage with music and light show, introducing the only woman I saw alone on stage. As said by Dwight Conquergood,

Cultural performance is the appropriate unit of analysis—perhaps we should say “focus of reflection”—for the interpretive researcher because it is self-consciously available for plumbing insights into cultural process, for natives primarily, for ethnographers incidentally. It is an indigenous form of native epistemology.

Cultural Struggles. Performance, Ethnography, Praxis, 2013, p. 19

And indeed, although we surely not get much of their technical insights, we try to figure out how the speakers present their research, in front of what kind of audience and with which aim in mind. Beyond the technical, what was the message and the aim of the presentation? How does the audience react? What kind of questions or comments and discussion are there after the presentation? Likewise, I attended a “community break” on open-source security tools (hosted by Rachid Harrando and Nabil Ouchn) and observing the kind of questions that were discussed is already a good indication for me.

Of course, the choice of the sessions we attended and the people we talked to are surely not representative of the whole field and we still have a lot to discover. It is also clear that we are likely to have missed something important. But our observations are like bricks that we gather in order to build a bigger thing: we might not know yet how the whole thing will look like, but something is definitely taking shape!