This would depend on the contract that DEFCON has (had) with Entropic Engineering and what the deliverables were.
It may turn out that Entropic would be the one paying the penalty and footing the bill if one of the people they worked with decided to change the license.
Revoking or changing that license afterwards may fall on the vendor rather than the distributor to make things right.
While this isn't likely to be something anyone is going to come out smelling like roses out of... my crystal ball says that Entropic is going to come out the worse for it.
Having a "volunteer" working for a for profit company has hints of FLSA violations ( https://www.reddit.com/r/Defcon/comments/1ep00ln/comment/lhj... ). Having a person that Entropic is working with for embedded software put in easter eggs that went counter to the SOW becomes difficult. Entropic relying on software that has a license of "as long as the software author is ok with it" may complicate future business relationships with other clients.
It may turn out that Entropic would be the one paying the penalty and footing the bill if one of the people they worked with decided to change the license.
Revoking or changing that license afterwards may fall on the vendor rather than the distributor to make things right.
While this isn't likely to be something anyone is going to come out smelling like roses out of... my crystal ball says that Entropic is going to come out the worse for it.
Having a "volunteer" working for a for profit company has hints of FLSA violations ( https://www.reddit.com/r/Defcon/comments/1ep00ln/comment/lhj... ). Having a person that Entropic is working with for embedded software put in easter eggs that went counter to the SOW becomes difficult. Entropic relying on software that has a license of "as long as the software author is ok with it" may complicate future business relationships with other clients.