I've grown quite tired of the non-technical information privacy and security scene. It's a churn of politically and financially motivated misinformation. Prominent/respected community members are often the ones spreading misinformation and promoting scams without accountability.

It's exhausting dealing with fallout from misinformation confusing users and misleading them into making bad decisions. The endless attacks on projects doing useful work, unequivocal support for charlatans and lack of interest in truly making things better is very demotivating.

I've been focusing on other projects lately due to the consistent lack of support and the endless daily attacks on the work that myself and others are trying to do. I wake up every day with a bunch of notifications / messages caused by the endless cycle of attacks/misinformation.

I don't feel comfortable going to events like DEFCON due to the involvement of certain malicious people supported by the community. I certainly won't attend another Linux Security Summit. It would take a lot of effort for me to go to an event like this even before the hostility.

I want to be involved in the technical privacy / security community but I'm not welcome in it. You support people that have stabbed me in the back, stolen money from me and gone out of the way to inflict harm. I'm not talking about one specific case but rather a larger pattern.

My experience in the industry has been people repeatedly taking advantage of me, stabbing me in the back, and a focus solely on financial gain rather than making anything better. Seems to me people are generally fine with it, including revering clearly malicious/dishonest people.

I wish there was more interest in the fact that Twitter gave a scammer control over my open source project's previous account. It used my email, phone number, birth date and had TOTP-based 2FA enabled. The ownership was clear and I stopped sharing access at least a year earlier.

I don't see how it's okay that a scammer can invent a false narrative and trick Twitter into turning over control of an account, with radio silence from Twitter the entire time. No opportunity to contest the false claims and not even a notice that my account had been taken away.

If you work for Twitter, you should be embarrassed about such a horrifying ongoing failure in security. This has caused massive damage to my open source work and continues to be an ongoing source of harm. I'm going to make sure that Twitter is eventually held accountable for it.