The RSA Conference was never where "security experts" went anyway. Sure some smart people occasionally showed up and talked, but it was mostly because their employers wanted exposure.
RSAC always was and always will be for suits that need to spend money and the vendors who need to take it from the,. All the cool kids with innovative research will be at BSidesSF.
Defcon is more of a recreational conference than a professional venue. Black Hat, CanSec... maybe Recon, HITB... those are the professional venues. CRYPTO and ASIACRYPT are major crypto venues.
Nothing is going to happen at any of them. RSAC is an oddity in that it is a conference that cuts across the whole industry that is "owned" by a single vendor.
I'm sure you're aware BH recently shot itself in the head by getting rid of their last connection to the Jeff Moss days; it looks like it's rapidly headed toward "just another RSA".
Also happened during the sequester, and when GSA had recently gotten in trouble for Vegas boondoggles, so I think there was a reduction in interest/increase in cancellations, and this was both a cheap way to send a "message", and a face-saving way to help them cancel.
Here is a quote from RSA rep Hugh Thompson after explaining his "disappointment" with the cancellations;
"Security has risen in the agenda of almost every company and every government in a way that we've never seen before," he said. "I think that the security dialogue is more intense than it has ever been."
Isn't this a bit like the murderer who kills his parents and then appeals to the mercy of the court because he is an orphan?
Though unrelated, today I was watching a 2006 episode of Boston Legal where one of the characters makes an impassioned argument about how Americans have next to no privacy nowadays (2006) and how the NSA is already reading all of our emails and listening to all of the phone calls. Anyone who was involved in any way with security knew perfectly well what NSA was doing, and yet it took this long for people to care. And truth be told, outside our technobabble no one cares still. Sigh....
Ordinary people generally do not understand the second order effects of government decisions. That is why you need to explain them the consequences of these decisions in a more dramatic way.
I am new to America but from little experience I can say that if you really want American to move their asses then should somehow link the issue with some of the American sports. Say that NSA is actually fixing NBA, MLB matches and you might have an uncontrollable situation in the country.
If you are waiting for The People to get on your side, forget it. That's never how it works. They'll get there once it's completely obvious to the most casual observer (there's a tautology in this if you look). At which point the fight is over and they'll be no help. If you don't like what's happening, do what you can do. Now. Don't wait.
The point is not that 'we knew' they were doing it years ago.
The point is that we now have actionable evidence of crimes against humanity being committed, and can properly go after the criminal elements behind this power grab.
We've known for years that the American people are okay with their out-of-control government using its super powers to gain even more treasure throughout the world. But until we actually have evidence that can be used to do something about it, we shouldn't just stop repeating the message.
The reason is that there are, every year, whole new waves of human beings entering this realm of culture, gaining enlightenment on these issues, and formulating their own opinions. These people will be running the country soon enough. Just because we old folks knew it, doesn't mean we shouldn't keep beating the drum for the teenager->adult crowd, too. Or else if we don't, then we're going to see just how quickly a culture can be flipped on its values.
I think the significance of this goes way beyond a conference and is indicative of the fact that due to the NSA overreach, we cannot trust corporations with security the way we used to. Do I think the NSA had some ties with RSA in this matter? Probably. Given Shamir's treatment though by the US government they can't be on perfect terms, but the fact remains, corporations have lost the trust factor. We can't trust Microsoft, Google, RSA, or anyone else.
I think this is the beginning of a major industry shakeup and the word for the ages is "hubris ante nemesis."
RSAC always was and always will be for suits that need to spend money and the vendors who need to take it from the,. All the cool kids with innovative research will be at BSidesSF.