Stop the Cyberbole

2012-10-20 01:25:23 by chort

We've been hearing an ever-swelling drumbeat lately about vulnerabilities in critical US infrastructure and the "need" for government regulation to "solve" the "crisis." The latest crescendo comes from Senator Lieberman, who published an op-ed in the New York Times pushing for more legislation.

I believe this message is dangerous and misleading for several reasons, some of which have already been called-out by @krypt3ia on his blog. Here I'll expand on some of those points and add my own.

Read the rest of this story...

Quick Post on Security Rockstars

2012-10-19 23:09:05 by chort

This week there has been a debate about "security rockstars," which I've mostly tuned out. Today a comment jogged my memory and I recall that last year a PR consultant for our company (who appears to do a fairly competent job, not that I would know) heard that I was submitting a CFP for a conference. She told me "I made [insert name of "thought leader"] a rockstar. [person]'s blog now receives [number] of impressions a day. I can help you do the same thing."

I don't really fault the consultant here. She was trying to a) bill more hours (who doesn't want to do that?) and b) get more publicity for the company I work for (which is what we pay her for). I'm pretty sure she's good at her job and she chose her words carefully. This leads me to believe that her pitch is tailored to work on geeks like me. In my case, I did a polite version of running away screaming.

For my own satisfaction, it means a lot more to me to do work that I know is high-quality, know I'm helping other people, and be respected by my peers. I don't want teaming masses who barely know me to hold me up as some shining example when they don't even understand what I'm saying. I also don't want the pressure of being expected to be amazing all the time. I'm human, I make mistakes. I don't want my every decision under a microscope, so I don't go seek out publicity. It seems simple to me.

I realize different people have different priorities, and other people derive their self-worth in other ways. That's OK with me. If someone wants to be a "rockstar," fine. Just remember, with popularity comes scrutiny. The same people who held you on their shoulders will be twice as quick to kick you when you're down.

For everyone else, if you're sick of rockstars, stop feeding their behavior. PR reps wouldn't pitch geeks on becoming "rockstars" if it wasn't something a lot of geeks aspired to.

Installing Thug Honeyclient on Ubuntu 12.04.1 LTS Cheat Sheet

2012-10-15 20:56:43 by chort

Just some quick notes on the steps I had to do differently from the main documentation.

* You need to install build_essential, libboost-python-dev, and setuptool (possibly autoconf too, if build_essential doesn't install that)

* Apply static const int kMaxNumFunctionParameters = 65534; to v8/src/parser.h manually (V8-patch2.diff is out of date)

* Beautiful Soup 4 (python-bs4), html5lib, PEfile (python-pefile), chardet, httplib2, Zope.Interface (python-zope.interface), and scons are all in packages, search for them with apt-cache search and install with sudo apt-get install

* You need to add --enable-python-bindings to options when configuring libemu

* Create /etc/ld.so.conf.d/libemu.conf with the line /opt/libemu/lib and run sudo ldconfig

I think that's it. I haven't tried analyzing any content yet, but python thug.py -h works at least. Let me know if this is helpful (or is missing a step).

PS there was a guide for this already. Derp. It's prettier and more complete. Just remember to manually change v8/src/parser.h.