Hypocritical Security Conference Organizers


Every once in a while, I receive spam for security conferences of which I’ve never heard, even less attended.  Typically the organizers of these conferences are faculty members, professors, or government agency employees who should know better than hire companies to spam for them.  I suppose that hiring a third party provides plausible deniability.  It’s hypocritical.  To be fair, I once received an apology for a spamming, which demonstrated that those involved understood integrity.

It’s true that it’s only a minor annoyance.  But, if you can’t trust someone for small things, should you trust them for important ones?


Posted by Ed Finkler
on Wednesday, October 17, 2007 at 04:06 AM

We had to block (at the server) spam being dumped on us by a company handling mail for CISSE 2007.  They were clearly using harvested email addresses, as many were sent to accounts we only have for internal use.  It made CISSE look pretty bad, I think.

Posted by Pascal Meunier
on Wednesday, October 17, 2007 at 04:16 AM

Today’s inspiration was ECIW 2008.

Posted by Paul Dowland
on Wednesday, October 17, 2007 at 04:23 AM

On behalf of the “local” organisers, I would like to apologise for this annoyance!

While we are only providing the venue for the conference (and have no role in the event promotion), I will forward your concerns to the admin team responsible for promoting this event.

Suffice to say, only previous delegates to this event should have been contacted and I will endeavour to determine how your address was included in this mailout.

You will note that I have respected your decision not to identify the conference concerned (and havenot taken the opportunity to advertise it via my response)!

Posted by Paul Dowland
on Wednesday, October 17, 2007 at 04:26 AM

Ah well, while I wrote my post you manage to promote it for us :D

Posted by Pascal Meunier
on Wednesday, October 17, 2007 at 04:41 AM

Apology accepted, and you are welcome to the promotion such as it is smile

Posted by Sue Nugus
on Wednesday, October 17, 2007 at 05:22 AM

I am sorry that you received an unwanted notification of the 7th European Conference on Information Warfare and Security (ECIW 2007). I am also sorry that you did not know about this conference, which is recognised by many academics to be a leading event in the field. Although I cannot unfortunately deduce exactly how your name is on our list, I will of course remove it immediately to ensure you do not receive further mailings from Academic Conferences.

Posted by Pascal Meunier
on Wednesday, October 17, 2007 at 06:04 AM

  thanks for the apology even though it included a snide remark.  The point is not simply removing me from your list, but to make you realize that opt-out lists where you first harvest addresses are underhanded because they put the burden on the recipient to make multiple and potentially an unlimited number of originators behave.

Posted by Atilla
on Friday, October 19, 2007 at 09:44 AM

The second problem with such conferences is what you said:
“faculty members, professors, or government agency employees”
and Ms. Nugus repeated:
“recognised by many academics to be a leading event”

Which academics, professors or such, know real-world security, much less about information warfare?

Unless you want to just increase your malware collection - visit a higher ed computer lab…

Leave a comment

Commenting is not available in this section entry.