Main menu

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive
 

Is it me? or has information security completely changed? Give you a bit of a background - I live, breath, eat and sleep computer security. I'm not one of those"masturbating monkeys" as Linus puts it (I was gonna write this blog post, before Marcel told me about his rant about security guys).

I do; Intrusion Detection, Protocol Analysis, Threat and Risk Management - I also do digital forensics etc. I get my hands dirty where ever I can. I'm not one to point out an issue, and say fix it - I prefer to get in there and work with the people in the know to fix the issue as well.

I commend Dan Kaminsky for the epic work done on the DNS flaw - I only wish I had of sent that email to him the 2nd day after the biggest co-ordinated patch release in history. I had almost nailed the issue.

But, that's not what this rant is about. I remember a day when security people were feared - if someone from IS was coming, it probably meant something you were doing was wrong - and you hoped they passed your desk onto someone else's. Now a days it almost seems as tho security is a joke. No back swing for me - I can just sit there and yell - "Somethings wrong!" till I'm blue in the face.. or say "hey, I gotta do this to make sure your safe". Even if there is no impact, no requirements, no nothing - We still get hassled about what we need to do.

Then - it seems as tho, it must be the next big carer boom - the market is flooded with these so called CISSP certified IS professionals. I can't stand them - I'm sure most of them can't even tell the difference between TCP and UDP. Let alone the fact that IPSec is a protocol just like tcp/upd/icmp/gre etc etc etc.

I'd like to see them figure out a routing issue that causes information leakage - or why an IDS can only see half a conversation. Arg.

Don't get me wrong - security needs to change from the police and fire to an EMS type job. Don't be there to police and put out fires. But be there before things happen making sure everyone is safe -- and when something does happen know how to deal with that, and the cleanup afterwards.

For those of you in IT - listen to you security people - not all of them want to stop you from doing things - just keep you safe. A good security person will not only tell you it's not safe - but help solve and make it safe - or at least explain why it's not safe and why there is no alternative.

Good luck, and don't play in the street - try the back yard as an alternative ;)