Thursday, November 5, 2015

Identifying Insider Threats Within Your Docker Containers

I have a new post on the Threat Stack blog!

Tuesday, June 2, 2015

Goodbye, TWiT!

Last weekend I unsubscribed from all my TWiT podcasts. The hypocrisy and lack of professionalism finally became too much. I post this on a blog because I have recommended the podcasts to others. While I cannot find every person and rescind my endorsement, I can post my decision here. I will also note that I do not judge anybody who does not make the same decision I made. I may be misinformed or ignorant of key pieces of information, but I do not trust Leo Laporte or his TWiT network anymore

I finally had to confront the duplicity of TWiT when, at the end of Security Now from May 26th, Leo announced that they would not be airing the taping of that show live anymore. Steve Gibson got confused, but Leo explained they would still tape it at the same time, but that they would only air the produced copy later and not the live show. I knew that Leo has often expressed the immense value he gets from the chatroom and doing live shows, so I knew something must have happened. I also knew that since this wasn't the first time, it must have been something bad. It was.

Even so, I might have overlooked it in isolation. I might have at least waited for the dust to settle. My problem is that the list of offenses has grown too long and too pervasive:
  • Leo's affair with his CEO
  • Erik Lanigan's dismissal and eventual death
  • Petty banning of Jason Calacanis
  • Leo accidentally showing sexts on shows
  • Departure of many hosts
  • General misogyny during shows
  • Recent emphasis on virtualized porn
  • Most recent issue
I did not know how much to go into the list. If you want or need to know more, I'm sure Google will help you. It's with a heavy heart that I leave the TWiT army. The shows were well-produced, quirky, funny, and informative. Integrity is one thing TWiT no longer has (if it ever had it), and that's the value that matters most to me. That network. . . is in the can.

Saturday, May 16, 2015

Ride against cancer

One of my daughter's friends asked for donations toward her dad's bike ride against cancer. Please take a minute to look and donate if you can.

David Sachs's Ride

Thursday, May 14, 2015

SSH to VirtualBox

I had to mess with ssh into VirtualBox this morning. I need NAT on my VM so I can leverage my hosts' VPN, but I want the host to also communicate with the box. No full-on tutorial here, just some pointers to articles that helped:
I ended up not doing the NAT port forwarding and used a second emulated network adapter to speak with the host. Seems to be working okay, although I haven't got the keys completely setup yet.

Monday, February 23, 2015


In case you have not heard through other social media outlets: Bit9 and I have parted ways, which leaves me looking for my next opportunity! Check out my resume.
"Experienced software engineer and leader. Ported flagship Bit9 security product to Linux, implemented real-time signal processing for the Predator drone while at BAE, and published half-a-dozen papers on compiler dataflow analysis while in grad school. Actively looking for next opportunity!"

Thursday, June 5, 2014

One year later: Snowden & the NSA leaks

News broke a year ago about Edward Snowden's leaks of NSA documents to Glenn Greenwald. At this one year anniversary I feel it necessary to write down and share some of my thoughts about the ongoing repercussions from that event. Although I have followed the story with interest, I would not consider myself obsessive about it. If I come across stories about the latest leak in my normal perusal of news then I get the update, but I do not seek out additional information. The first few weeks of June last year being the possible exception to that.

Working for a company that produces an information security product, I always assumed the United States conducted some level of surveillance and spying going on the internet. Nevertheless, PRISM still felt like a slap in the face. Assuming the government has betrayed you is one thing, seeing documents showing how they're doing it is something else. My previous office worked on information fusion, and the state-of-the-art there pretty much stunk. I naively hoped that applied universally, but that appears incorrect. I understand why the NSA wants to collect all this information, but I also understand the Fourth Amendment.

Writing this post has been on my todo list for a few months now, the anniversary of the leaks being a convenient forcing function. In another month comes another significant anniversary: the 4th of July. Have you considered what sort of effect NSA-like surveillance would have had on the American Revolution? We now put the Founding Fathers on pedestals and consider them inspired men, but at the time they were traitors to England. Although we may romanticize the origins of our nation to some extent, I feel it reasonable to assume that a surveillance state would have squashed it. Look at how China has handled Tiananmen Square, and that was 25 years ago.

These leaks will forever be associated with Edward Snowden, so a discussion of one must involve the other. He accurately predicted the government's attempt at character assassination in his initial interview. At least one of my coworkers instantly condemned Snowden's leak and called him "a tool." I regularly listen to TWiT, and Leo Laporte almost as quickly labeled Snowden as a hero. At his talk at RSA earlier this year, Richard Clarke labeled Snowden as a traitor and said the United States should prosecute him as such. My opinion of Snowden trended toward positive, although it swayed significantly depending on with whom I had most recently spoke.

Our environments have an effect on us. I know that my environment has an effect on me. The longer I work in information security, the more paranoid I get. That paranoia doesn't get mitigated any by my favorite TV show: Person of Interest. One of my favorite authors, Daniel Suarez, consistently discusses government misuse of technology and abusing civil liberties in his novels. He writes science fiction, but in many ways the ideas hit too close to home. Some of my thoughts on Snowden and his leaks may come from my overfed imagination, but I do not think I arrive too far from the truth.

What would you do in Snowden's shoes? In his recent NBC interview he claims to have raised the issues internally, although the NSA denies this. Have you ever worked anywhere that your ideas would get patiently listened to and then the only response would be a nice pat on the head? Can you see that being the case at the NSA, a government organization? If he tried to raise the issue internally (like I suspect many have), he obviously did not get enough response. If he did not raise the issue internally, perhaps he though he might get "disappeared" to Gitmo. Maybe he thought he might get droned. The post-9/11 rules for how the government treats those it does not like seem very undefined. The Patriot Act, Obama's inaction, and his own experience as a government contractor had cost him his faith in the system.

Snowden still saw a problem that needed resolving. He could not resolve it through traditional channels out of bureaucracy or fear, so it needed to come as a leak. Here's the problem: the American public has a very short attention span. Six months before the Snowden leaks started, the nation cried out for more gun control after the Sandy Hook shooting. Sadly, two months later and nobody said anything more about it. A single release of information or short event have a similar affect. "We the people" would rattle our sabers for a couple months but then the government could go back to business as usual. Snowden needed a sustained campaign that would last through one or more election cycles.

However brilliant of a programmer or high-minded of a citizen, Snowden didn't have the pulpit from which to preach his gospel. He needed a bulldog in his corner that felt as strongly about the issue as he did and would doggedly pursue the story. It had to stay in the limelight. It had to keep making headlines. It had to hurt politicians, so they would vote for change. It had to hurt NSA recruiting, so they would need to clean up their act. It had to cut across party lines, so nobody could just point fingers. I do not follow journalists, except for maybe a few tech ones, but apparently Glenn Greenwald fit the description. Snowden had to pursue him for months and educate him on secure communication.

One objection to Snowden's behavior during the first couple of weeks consisted of his somewhat strange escape route. To complain about NSA surveillance and then go to a country that obviously had it significantly worse seemed hypocritical. To go from there to KGB-led Russia made little sense as well. His interview throwing softball questions to Putin did not help. I do not have all the answers here, but I know that if I really wanted and expected change, I needed to stay in a place where I could act. That meant Snowden had to stay out of range of United States authorities. A safe bet that our two biggest frenemies could keep him out of jail, provided he applied a little leverage. Maybe that leverage consisted of not airing their dirty laundry, or sharing one or two country-specific NSA secrets. I admit the evasion route still has questionable parts, but it at least seems feasible.

Then comes the discussion of why he did not just surrender himself to the justice system, or why he does not do so now. The justice system, like every other branch of our government, is warped to the point of serious breakage. Consider the Patriot Act and the Computer Fraud and Abuse Act. Not the actual laws, but how cases have gone in the courts regarding those. For the Patriot Act, see our friends in Gitmo. Also consider Ladar Levison, the owner and operator of Lavabit. His farce of a what one might call a court case has cost him his company. The Computer Fraud and Abuse Act yielded a vicious attack on Aaron Swartz. Aaron's feeling of helplessness in his situation eventual drove him to end his life, five months before the Snowden leaks. The point being that our judicial system does not have a track record of doing things fairly or coming to logical conclusions.

Thank you for reading through my thoughts on Snowden & the NSA leaks. I still do not obsess about it, but felt the anniversary deserved more than a passing note. I think Snowden did something incredibly brave and that history books will describe him as a hero. In our fear after 9/11, the pendulum of freedom vs. security swung dramatically toward security. It's time it swung back to freedom.

DISCLAIMER: This post reflects my views and opinions only.  Any comments made on this website, by myself or by third parties, do not necessarily reflect views or opinions of my employer, religion, family, or any other organization to which I belong.