Unsurprisingly, it contradicts some of the claims Entropic has been making. Entropic admits to having exceeded agreed upon budgets by a significant amount, which DEFCON corroborates. There is some disagreement about what has been paid, though, as DEFCON believes they have paid for the hardware development.
Some of the other claims also appear to have been exaggerated or at least phrased in misleading ways. The Entropic Engineering logo was not removed from the PCBs. Their logo was not included on the plastics because Entropic was not responsible for the plastics and the initial plan to include their logo was only a courtesy before the relationship soured. The DEFCON statement alludes to budgets being exceeded by a significant margin (not covered by minor reductions in hourly rate as the other statement implied) and even calls out some “bad-faith” charges.
I’m also confused about the earlier threats to use the DMCA against DEFCON for using the firmware without a license. As far as I can tell, the firmware was produced as part of the agreement between DEFCON and Entropic, in which case there shouldn’t be much question about the license as it’s a work for hire. Imagine hiring a company to write software to your spec and then to have them later try to claim they’re going to pursue legal action for using the software you paid them to write. Something is strange here.
It also appears that the firmware engineer’s dismissal from the talk was communicated before it began, so his choice to get on stage anyway knowingly violated that decision. Regardless of what we think should have happened, getting up on stage after being told not to isn’t going to go well at any conference for any reason.
I think there’s a lot more to this story than the initial round of accusations let on. I think the first movers in publishing their narrative often win the public opinion debate, but if even half of what DEFCON is saying is true then Entropic and their team don’t appear to be operating entirely in good faith with the way they’ve handled this publicity.
Such a gross "oversight" does not reflect the care they're claiming to have exercised.
This part also seems a tad over the top and dramatic:
> We are especially grateful that Dmitry was not hurt in the physical removal he was subjected to as a result of his demonstration of solidarity
This individual chose to not comply with the venue operator's request to leave the stage, so they pretty gently escorted him away, as can be seen in the video which has been linked in every prior submission. Risk of injury was negligible, if any.
So I'm left uncertain which story is to be trusted here.
To be fair, it's clear DefCon has previously been fueled by Supermen and Superwomen who threw themselves under the bus (possibly were exploited) by working for free or nearly free to deliver. People deserve to be compensated for their work according to the terms of whatever employment agreement was signed, not the games that have been played here.
If quality of work was misaligned, it'd be another matter, but neither party has alluded to this.
Why would someone's gender, sexual orientation or skin color be relevant to developing a badge? This is so weird.
It's impossible to try to remove the sense of entitlement one gets from this company after that, given the rest of the situation seems to weight in to that way especially given I've heard of procurement of these badges having no such problems before.
EDIT: That said, Defcon doesn't end up looking too good either after this. Nothing good can come of this given things like this are usually probably done in quite good faith.
Defcon stiffs badge HW vendor, drags FW author offstage during talk
> Once a month, we billed for our work and submitted an updated estimated per badge final cost - committing as costs built to discount our work as necessary in order to hit DEFCON’s per unit cost targets.
If it's true that DEFCON wanted dirt cheap badges produced in record time, then I think the fault lies not in the project's management & execution but in the client's expectations & resourcing. No accomplished vendor would accept such a low price point, so that just leaves the unaccomplished. Vendors who overpromise and underdeliver, who would accept payment in terms of "clout", or who would be too afraid to pushback on crazy or high pressure expectations until it's too late.
A classic set-up-to-fail situation.
Any guesses on DEFCON's budgets "targets" and EE billed extra hours (including rates) anyone? :?
We are especially grateful that Dmitry was not hurt in the physical removal he was subjected to as a result of his demonstration of solidarity. We want to extend our thanks to all attendees who have been asking questions, reaching out, attending surprise side-walk cons, displaying the about page badge on the con floor, and, especially, keeping a community eye on law enforcement and conference security to help ensure our friend Dmitry’s safety in the last 48 hours.
The guy deliberately crashed the stage, knowing his invitation had been rescinded, demanding that "security" (read: random goobers who volunteer for this role in exchange for a colored t-shirt) remove him. He's fine. He got literally the thing he wanted, and "Entropic" knows that full well.
You're a vendor in a contract dispute, Entropic, not Poland's organized effort to throw off Soviet Communism. Miss me with this "solidarity" stuff.
To really understand who is right and who is wrong here we would need to read the letter of the agreements between these entities, and cross reference them with facts. Of course neither the contracts, nor the facts are available to us.
As is, the best I can do here is to put all participants on my personal “do not work with” list. Who needs the drama.
In particular there seems to be at least two points of miscommunication: it sounds like EE were told how much DEFCON can spend per badge. And they took that number to mean only the cost of the board and electrical engineering costs associated with it. Ignoring other costs (lanyard for sure, and maybe the cost of the plastic case too?).
The other missed connection seems to be the legal position of the firmware developer. EE seems to say they thought the guy was not their subcontractor but someone working for DEFCON. While DEFCON seems to imply that they thought he was an EE subcontractor.
I see a lot comments here with strong opinions on who is right and who is wrong in this dispute. It also seems to be that those strong opinions are based on assumptions. In particular assumptions about what the contract might say, but treated as if it is not a speculation but the truth. That logic is not persuasive to me.