Worst. Idea. Ever.

All I want to know is, who comes up with this stuff?

See, I've been waiting.....and waiting......and waiting......for the sessions from RSA2008 to hit the web, so we can watch and listen and absorb or whatever. There's a lot of people who couldn't make it who have also asked me if / when my own presentation would be available to listen to. Last year, RSA seemed to be pretty open about who could get their hands on the talks (Hell, we still have one complete with funky Flash thing here).

Now? I get an Email from the RSA organisers last night pointing me to this page, with the following genius idea:

The information and ideas discussed at RSA Conference 2008 will have an impact on the information security industry for years to come. Be sure to capture all of the discussions by replaying the session recordings from this year's Conference. (Free for 2008 Full Conference attendees, $395 for non-attendees)

Wow, yes! What a brilliant idea! We'll have "an impact on the security industry for years to come" by.....letting all the same people who saw the talks originally watch them again!

Wooo!

Also, WTF and doh. Let's be honest and put the hyperbole aside for a second - nothing talked about at RSA will "have an impact on security for years to come", because nobody cares. It was a bunch of talks about stuff, and now it's over. Some were good, some were bad, same as it ever was. But hamming it up with over-the-topness just so we can justify charging lots of money to let people hear it who couldn't make it / afford it? Man, that sucks. That sucks ass, and is a terrible, exclusionary idea.

If there was anything of worth, of interest spoken about at RSA, how are we helping to spread those ideas by chaining them to full conference passes or extortionate amounts of cash after the event is long gone?

And why is it always just about the "security industry" anyway? There's a whole variety of people and initiatives that likely fall outside that narrow definition (purely because they're not running around yelling BUY THE BOX!) and yet they're just as active, just as important to the security scene as anyone else.

But of course, they didn't pay stupid amounts of money to attend and so don't count. Excuse me while I roll my eyes. How many people attending these conferences are only there because their company paid for them to go in the first place? And how many of those people wouldn't come within a hundred feet of security conferences if they actually had to pay up themselves?

Nobody can claim access to 365 session recordings for $395 is good value for money, because nobody in their right mind is going to listen to three hundred and sixty five sessions unless they are clinically insane.

Anyone with any interest in RSA2008 that didn't go is more likely to want to hear the odd handful of sessions - and here's a breaking newsflash, they are NOT going to pay out four hundred bucks just to hear them. I don't believe RSA have a "reduced fee" anywhere to listen to (say) five talks, but meh, even that would suck.

I really doubt half the people at RSA on free Full Conference Passes (courtesy of their company) would complain if people who didn't attend got to hear the talks for free after the event. Again, by this point nobody cares, right? It's now just a bunch of talks at some conference somewhere, and everyone is now too busy gearing up for the next conference in a few weeks or months time.

And if someone argues that it's not good form to have the great unwashed masses listening in for free when all those companies had to stump up tons of cash for full conference passes? Well, too bad for all those companies. Surely half the fun of the full pass is the chance to hear people speak in person that you always wanted to see present twenty feet away from you - not simply possession and apparent ownership of the words that came out of their mouth.

To me, security is all about protecting those same "great unwashed masses" with as much vigor and force as the companies at RSA devote to protecting enterprise and business customers - great unwashed masses that (currently) don't have a hope in Hell of hearing talks that might actually contribute to making them consider security a little more in their day to day lives.

It all seems a bit greedy and possessive to me, but then I only spoke at RSA.

What do I know?