Advertisement

A chat with Black Hat's unconventional keynote speaker

The most interesting thing about Black Hat 2015 keynote speaker Jennifer Granick isn't her gender -- though she appears against a backdrop of historically male keynotes. It's that Granick is director of civil liberties at the Stanford Center for Internet and Society. She previously held the same position at the Electronic Frontier Foundation -- and is known for defending some of the more notorious criminal hackers around, including Kevin Poulsen, Aaron Swartz, Jerome Heckenkamp and the hackers in the Diebold Election Systems case. Being the keynote speaker at the Black Hat conference means she's about to go front and center with the very organizations and government entities her clients have hacked. Granick is joining a colorful catalog of former keynoters who tend to represent the interests of the international cybersecurity conference's corporate-enterprise and government attendees.

Among Black Hat's most controversial keynote episodes was 2013 speaker General Keith Alexander, then the director at the NSA. During his packed Black Hat USA keynote Alexander assured the crowd that the NSA's surveillance programs were lawful interception; attendees did not hesitate to shout, "Bullshit," and loudly accused him of lying to Congress. 2012's keynote, ex-FBI Executive Assistant Director Shawn Henry, got a chilly reception to his remarks calling for businesses to "step up" and help the US government fight cyberattacks.

Differences in ideology aside, it's no small shakes that Granick is also only one of two women in Black Hat's storied history of keynotes -- spanning back to 1997 -- to command the conference's most public podium.

In 2010, Black Hat had its first female keynote, Jane Holl Lute, who served at the time as the deputy secretary of the Department of Homeland Security. Lute's first comment about the nature of cyberspace set the tone for her keynote, which was, in characteristic DHS cybersecurity style, tone-deaf to attendee levels of expertise.

Lute began, "How do cyberspace and war zones compare? Wars happen somewhere. They involve somebody. Geography is key. Seizing and holding terrain. Wars happen somewhere, but cyberspace is sort of this space-time thing. Nobody really gets it."

Needless to say, the two women couldn't be more different from each other -- and Granick couldn't be more different from Black Hat's typical keynote choices. Curious to see what she had to say about adding her name to Black Hat's storied keynote history, Engadget caught up with Granick for a quick Q&A before she hits the stage.

In Black Hat's keynote history, you're one of only two women to be an esteemed Black Hat keynote. Does this matter?

I think it does. I hope I start a flood of future keynotes by any number of the many great women in computer security.

In a refreshing twist, Cosmopolitan UK upended gender roles for their Avengers interview with Scarlett Johansson and Mark Ruffalo. Instead of the stereotypical questions Johansson was tired of getting, the magazine instead asked Ruffalo about his skincare routine, his red carpet outfits and whether he slimmed down for the role. How do you anticipate handling questions a male keynote would never get?

I have an advantage in this community because I'm a lawyer and not a security professional. People don't tend to think they already know everything I have to say. So they tend to take talking to me as an opportunity to ask real questions. I'll try to think of a funny joke, though, just in case someone asks about my beauty regime. (By the way, it's chia seeds. ... Was that funny?)

Your keynote is called "The Lifecycle of a Revolution." What revolution?

I'm talking about the internet revolution. We early adopters had, have, such hopes and dreams for technology -- leveling the playing field, fostering new ideas and new political power, opening the world up to new communities of people, liberating ourselves from some of the dangers of bad government. Obviously, security is a building block for this future. But in so many ways we're falling short of this vision: surveillance, spyware, censorship, increasingly catastrophic data breaches. This revolution is middle aged, and unless we do something, the next stage promises to be gray, grizzled and sad.

Your bailiwick is criminal defense and civil liberties, and you've defended some of the most notorious hackers in the industry. Since Black Hat's attendees are largely government, corporate, law enforcement and government contractors, you're practically the opposite of a typical Black Hat keynote. What do you bring to their table?

I'm not that radical. As a lawyer, I'm part of the system, too. I just hope I'm going to help everyone listening think about the roots of the security industry, the place of security in a free society and where we're headed.

What happens to security in the Internet revolution's future?

Like all rights and privileges, security is about power. Who gets it, who doles it out and what interests it protects. If the internet revolution can successfully liberate people from traditional power structures -- totalitarianism, bias, poverty -- like we've hoped, that'll be awesome. But at this inflection point, there are signs that surveillance, censorship and entrenched powers may successfully co-opt the internet. It's up to us.

Jennifer Granick's Black Hat 2015 keynote, The Lifecycle of A Revolution, will be presented Wednesday, August 5th at 9AM PT (Mandalay Bay Ballroom, Las Vegas, Nevada).

[Photo credit: Amanda Avila, via Flickr]