krisoft
As per usual nobody comes out of these things looking good.

To really understand who is right and who is wrong here we would need to read the letter of the agreements between these entities, and cross reference them with facts. Of course neither the contracts, nor the facts are available to us.

As is, the best I can do here is to put all participants on my personal “do not work with” list. Who needs the drama.

In particular there seems to be at least two points of miscommunication: it sounds like EE were told how much DEFCON can spend per badge. And they took that number to mean only the cost of the board and electrical engineering costs associated with it. Ignoring other costs (lanyard for sure, and maybe the cost of the plastic case too?).

The other missed connection seems to be the legal position of the firmware developer. EE seems to say they thought the guy was not their subcontractor but someone working for DEFCON. While DEFCON seems to imply that they thought he was an EE subcontractor.

I see a lot comments here with strong opinions on who is right and who is wrong in this dispute. It also seems to be that those strong opinions are based on assumptions. In particular assumptions about what the contract might say, but treated as if it is not a speculation but the truth. That logic is not persuasive to me.

Aurornis
DEFCON’s response was posted on Reddit: https://www.reddit.com/r/Defcon/s/NVw5T4LXQR

Unsurprisingly, it contradicts some of the claims Entropic has been making. Entropic admits to having exceeded agreed upon budgets by a significant amount, which DEFCON corroborates. There is some disagreement about what has been paid, though, as DEFCON believes they have paid for the hardware development.

Some of the other claims also appear to have been exaggerated or at least phrased in misleading ways. The Entropic Engineering logo was not removed from the PCBs. Their logo was not included on the plastics because Entropic was not responsible for the plastics and the initial plan to include their logo was only a courtesy before the relationship soured. The DEFCON statement alludes to budgets being exceeded by a significant margin (not covered by minor reductions in hourly rate as the other statement implied) and even calls out some “bad-faith” charges.

I’m also confused about the earlier threats to use the DMCA against DEFCON for using the firmware without a license. As far as I can tell, the firmware was produced as part of the agreement between DEFCON and Entropic, in which case there shouldn’t be much question about the license as it’s a work for hire. Imagine hiring a company to write software to your spec and then to have them later try to claim they’re going to pursue legal action for using the software you paid them to write. Something is strange here.

It also appears that the firmware engineer’s dismissal from the talk was communicated before it began, so his choice to get on stage anyway knowingly violated that decision. Regardless of what we think should have happened, getting up on stage after being told not to isn’t going to go well at any conference for any reason.

I think there’s a lot more to this story than the initial round of accusations let on. I think the first movers in publishing their narrative often win the public opinion debate, but if even half of what DEFCON is saying is true then Entropic and their team don’t appear to be operating entirely in good faith with the way they’ve handled this publicity.

metadat
I'm struggling to reconcile this response vs the Bitcoin address "Easter egg" and the other claims in the prior article (https://news.ycombinator.com/item?id=41211519), and a few other aspects.

Such a gross "oversight" does not reflect the care they're claiming to have exercised.

This part also seems a tad over the top and dramatic:

> We are especially grateful that Dmitry was not hurt in the physical removal he was subjected to as a result of his demonstration of solidarity

This individual chose to not comply with the venue operator's request to leave the stage, so they pretty gently escorted him away, as can be seen in the video which has been linked in every prior submission. Risk of injury was negligible, if any.

So I'm left uncertain which story is to be trusted here.

To be fair, it's clear DefCon has previously been fueled by Supermen and Superwomen who threw themselves under the bus (possibly were exploited) by working for free or nearly free to deliver. People deserve to be compensated for their work according to the terms of whatever employment agreement was signed, not the games that have been played here.

If quality of work was misaligned, it'd be another matter, but neither party has alluded to this.

olalonde
> They expressed that they specifically wanted to work with us as a woman-owned, queer- and POC-driven engineering firm

Why would someone's gender, sexual orientation or skin color be relevant to developing a badge? This is so weird.

maxlin
Who starts an article, especially one questioning responsibility with the lines in the sort of "woman-owned, queer- and POC-driven ... " ??

It's impossible to try to remove the sense of entitlement one gets from this company after that, given the rest of the situation seems to weight in to that way especially given I've heard of procurement of these badges having no such problems before.

EDIT: That said, Defcon doesn't end up looking too good either after this. Nothing good can come of this given things like this are usually probably done in quite good faith.

ChrisArchitect
Related:

Defcon stiffs badge HW vendor, drags FW author offstage during talk

https://news.ycombinator.com/item?id=41207221

djfergus
How does one reconcile the statement below with DEFCON’s claim that they were 60% over budget?

> Once a month, we billed for our work and submitted an updated estimated per badge final cost - committing as costs built to discount our work as necessary in order to hit DEFCON’s per unit cost targets.

j0hnyl
DEFCON continues to demonstrate year after year just how poorly its run. There are bigger events out there (albeit not hacking cons) that cost less and go much more smoothly. Meanwhile, the price of DEFCON admission continues to increase every year while value diminishes.
tedunangst
Did the contract between defcon and EE include working firmware? If Dmitry rescinds the license, is the deliverable now even more short of specification?
iseanstevens
Very classy response. I hope things get worked out
chambers
Reading this statement, DEFCON's, and Reddit: it looks like the lowest bidder was a hired to do a complicated and costly project that the client historically underfunded (paper badges last year).

If it's true that DEFCON wanted dirt cheap badges produced in record time, then I think the fault lies not in the project's management & execution but in the client's expectations & resourcing. No accomplished vendor would accept such a low price point, so that just leaves the unaccomplished. Vendors who overpromise and underdeliver, who would accept payment in terms of "clout", or who would be too afraid to pushback on crazy or high pressure expectations until it's too late.

A classic set-up-to-fail situation.

jmward01
It sounds like an independent third party needs to review what happened.
numpad0
Do this look like someone mistook budget allotted by a magnitude, or was too scared to speak up until it's too late and situation had to be escalated to (no offense)an adult to initiate shutdown?
Gud
What would be interesting to see is if this is a pattern. DEFCCON is a yearly convention with many participants. Has others been treated in a similar fashion? Or are they usually fair.
kovacs_x
Only meaningful info in whole this is that it was a production of 30'000 units.

Any guesses on DEFCON's budgets "targets" and EE billed extra hours (including rates) anyone? :?

tptacek
I regret that I have only two eyes to roll at this:

We are especially grateful that Dmitry was not hurt in the physical removal he was subjected to as a result of his demonstration of solidarity. We want to extend our thanks to all attendees who have been asking questions, reaching out, attending surprise side-walk cons, displaying the about page badge on the con floor, and, especially, keeping a community eye on law enforcement and conference security to help ensure our friend Dmitry’s safety in the last 48 hours.

The guy deliberately crashed the stage, knowing his invitation had been rescinded, demanding that "security" (read: random goobers who volunteer for this role in exchange for a colored t-shirt) remove him. He's fine. He got literally the thing he wanted, and "Entropic" knows that full well.

You're a vendor in a contract dispute, Entropic, not Poland's organized effort to throw off Soviet Communism. Miss me with this "solidarity" stuff.

tokamak
Seems like they conveniently omitted some facts here. Very fishy.
commercialnix
[flagged]
HL33tibCe7
[flagged]
Fokamul
[flagged]