> I was not anybody’s contractor or subcontractor. I’m not employed by entropic nor by you [DEFCON]. I did this in my free time so attendees could have a fun badge.
I’m aware of that claim. I can’t verify it of course.
But even if I take it as true, doesn’t mean that DEFCON couldn’t have believed he was subcontracting for EE.
Similarly if it was DEFCON who introduced the firmware author to EE, EE might believe the firmware author is with DEFCON.
Obviously the contracts should be crystal clear about who is with who, and who is responsible for what. We hear that the fimware developer had no contract with anyone. That is very bad. But whose bad it is?
If there is a contract between EE and DEFCON which states clearly that EE is responsible for the firmware that is very bad for EE then.
If there is no contract between EE and DEFCON, or it is not clear enough who delivers the firmware then that is very bad on DEFCON. (I would be surprised if that is the case, but who knows in this whole mess.)
What's strange is that Dmitry continued to work for defcon after a stop work order, and also that Dmitry was originally invited to speak on stage (smells like consideration).
Based on the sum of all statements it continues to be very plausible that Dmitry basically had no on-paper relationship with anyone... and did everything on a pure friends and family basis. If so that is a huge awkward fuckup.
Also unfortunate is the possibility that if Dmitry is just some detached party trying to defend Entropic's honor, he basically started a firestorm which burned bridges between Entropic and defcon.
Once Dmitry started the whole thing, defcon immediately attacked the reputation of Entropic by saying they exercised bad faith in business and were incompetent and profligate. Defcon attacked so hard that there was no way to unring that bell. Then Entropic had no choice but to respond to defcon.
> We hear that the fimware developer had no contract with anyone.
I see this occasionally with small companies, usually it's more of a personal request from one of the employees to provide some code on a volunteer basis, perhaps solely because they are passionate about that sort of thing and someone knew that about them.
In the end, if the favor is upheld and they provide the code/binary/whatever to the company (who has a contract to deliver such code), then that company's upstream contract is still fulfilled, technically it doesn't matter that the coder was not an employee or contractor. The only real downside I see for this is legal liability for the company if they end up unable to provide for their customer, but that's between the two of them and their contract, the coder is basically not on the hook for any problems.
> I see for this is legal liability for the company if they end up unable to provide for their customer,
That is not the only legal liability. If EE has a contract with DEFCON saying that they will give DEFCON the firmware and the rights to distribute it. But EE does not have those rights (because they haven't signed a thing with the developer) that can go very wrong for EE.
Basically the developer can sue DEFCON, since they are distributing his code. DEFCON believes they have the rights to do so, because of their contract with EE, but basically EE is giving away something they don't have. That can be a lot worse than just failing to deliver the contracted firmware. In my opinion.
This statement seems to be intentionally inaccurate to me. He’s not someone’s contractor, subcontractor or employee, but he still has to have someone he’s communicating with about the project, either at EE, DC or both. Why not state what the situation was? Was he working with EEs team, DC directly or did he switch at some point?
Everyone talked to me and i reported to nobody. DC made only two requests total (color of frame around screen, auto-boot to game instead of menu). EE made no requests but gave me info on hardware as i needed it to write the SW.
How did you get into the project? I’m assuming DEFCON contracted EE and you were contacted by someone later to write the firmware? Was that EE or DEFCON? And to whom did you deliver your firmware code/binaries during development? Did you deliver to EE while they were still contracted by DEFCON and to DEFCON directly after the stop work order?
Sorry for the many questions but you’re the only real source to get more info on this situation here.
But even if I take it as true, doesn’t mean that DEFCON couldn’t have believed he was subcontracting for EE.
Similarly if it was DEFCON who introduced the firmware author to EE, EE might believe the firmware author is with DEFCON.
Obviously the contracts should be crystal clear about who is with who, and who is responsible for what. We hear that the fimware developer had no contract with anyone. That is very bad. But whose bad it is?
If there is a contract between EE and DEFCON which states clearly that EE is responsible for the firmware that is very bad for EE then.
If there is no contract between EE and DEFCON, or it is not clear enough who delivers the firmware then that is very bad on DEFCON. (I would be surprised if that is the case, but who knows in this whole mess.)