In 2016, can Hillary Clinton be the candidate of the hacker crowd?
That was the question posed at a fundraiser Wednesday at the annual Black Hat security conference, an affair that brings thousands of hackers and deep-pocketed security firms to the Nevada desert to learn about the latest and greatest in computer exploits.
Amid a program packed with technical presentations on computer security, the fundraiser represented an unusual addition and has had a polarizing effect on some long-time attendees of the conference, who consider the event for Clinton out of step with the conference’s hacker ethos. A conference that begins, for example, with a presentation on “Memory Forensics Using Virtual Machine Introspection for Cloud Computing” really shouldn’t end with a partisan political event, some Black Hat veterans privately groused Wednesday. And for these old-timers, who reminisce about the conference’s heyday in the late 1990s, when glitzy corporate sponsorships and booths didn’t dominate the event as they do now, a Clinton fundraiser seems the final deathknell for the event’s counterculture status.
Jeff Moss, the founder of the Black Hat conference, hosted the fundraiser alongside Jake Braun, a former Obama administration official now advising the Clinton campaign on cybersecurity issues. Moss said this election is a time for the hacker community to get decisively involved in policymaking around information security.
“Policy is coming for us, and we’re going to have to be ready for it, or it’s going to get done to us,” Moss said.
Donald Trump may be helping to push hackers toward Clinton’s embrace. Reports that operatives working on behalf of Russian intelligence stole emails and other data from Democratic National Committee servers and possibly passed them to WikiLeaks for publication have dominated talk in the convention’s hallways. The Clinton camp claims the Kremlin released the messages to boost Trump, whose foreign-policy pronouncements on issues like the future of NATO and the sovereignty of Crimea have been warmly received by Russian President Vladimir Putin.
Braun told a crowd of about three dozen (along with a sizeable contingent of journalists), that the DNC breach may be just the beginning. Russia, he said, has attempted to manipulate elections in neighboring states and may go after electronic voting machines in the United States.
“Who’s to say they aren’t going to do it here?” Braun wondered. “That’s something that this community should be deeply concerned about.”
Braun’s warnings about Russian operatives tampering with the vote count comes as a slew of current and former officials have cautioned about risks to electronic voting machines. Homeland Security Secretary Jeh Johnson said Wednesday that his department is “actively thinking about election cybersecurity.” In a letter last month, a boldfaced group of former American national security officials warned that “our electoral process could be a target for reckless foreign governments and terrorist groups.”
But that threat to the voting system represents just one vulnerability in an era of pervasive computer insecurity. Personal health and financial records, credit card data, government background checks — they’re all fair game for hackers. And they are increasingly prompting legislative efforts at a fix, raising the political stakes for those about to get legislated.
For many in Silicon Valley, a kind of disconnect has marked the relationship between Washington and the tech industry in recent years. Most recently, the federal government has fought to gain access to encrypted data over the vociferous objections of tech firms and security experts. Silicon Valley has also waged a high-pitched battle with the federal government over an obscure arms control regime that many in the security research industry believe would criminalize their work. And in 2012, the tech industry cried bloody murder over the Stop Online Piracy Act as a dangerous attack on free speech — and succeeded in killing the measure.
A future Clinton administration, Braun said, needs experienced hands to handle these issues, but whether hackers are ready to embrace Clinton remains unclear. The former secretary of state has a fairly strong record on internet freedom issues. She helped steer money toward online tools designed to protect dissidents and human rights activists. But as these tools, such as Tor and encrypted messaging tools, have been embraced by the Islamic State, the political calculus has shifted on questions of internet freedom.
When Egyptian political activists required anonymous access to the web, it was a political no-brainer to support them. When the Islamic State uses the same tools to plot terror attacks, it’s less advantageous. Asked by the security researcher Collin Anderson whether this shift would change Clinton’s stance on the issue as president, Braun offered assurances that Clinton would seek to protect human rights.
On encryption issues, Clinton has walked a careful line, saying Silicon Valley and Washington need to work together to determine when the government should be able to access encrypted data. When asked Wednesday where Clinton stands on an issue that has united Silicon Valley, Braun dodged the question.
But facing a deeply unpopular opponent who appears to know little about technology — Trump has, for example, called for closing down parts of the internet in response to the Islamic State’s propaganda successes — Clinton appears content to rally what support she can get, rake in fundraising dollars, and position talent for a future administration. The tech trade publication Recode has called her tech platform a “love letter” to Silicon Valley, and Clinton has already pulled in at least $2.6 million in donations from tech industry workers.
On Wednesday, she garnered at least another $20,000 in Vegas, according to Braun.
Photo credit: SCOTT OLSON/Getty Images