Skip to content

Be Prepared: What Cyber Security and the Rubicon Trail Have in Common

This past weekend I was lucky enough to experience what for some people is a “bucket list” item—I drove a 4×4 Jeep over the Rubicon Trail from Georgetown, California to Lake Tahoe. It was an amazing experience, but the best part fell into two simple categories:

1) There was a sense of danger and excitement in crawling over gigantic granite boulders, down steep chutes, up the side of a hill with a sheer drop-off on your right, and through this scary thing called “Little Sluice”—there was nothing little about it!

2) Sitting up on a rock with my friend and co-worker, Kim Ringeisen, drinking a Bud Light in fancy REI camp chairs watching meteorites go by. Also, not coincidentally, getting stung on the forehead by a yellow jacket—it must have known I was not a Georgia Tech fan. (War Eagle!)


Continue Reading →

Vendor Responsibility and Product Safety

For twenty years now I’ve been building and operating IT products: switches, routers, secure enclaves, etc. The overwhelming majority of vendors I know have a goal of building great products that meet or exceed customer expectations in performance, reliability, quality, etc. With the trend towards the consumerization of IT and an increasingly competitive marketplace I’ve witnessed an increased focus on time-to-market. There have been many examples cited where there is a significant first-mover advantage and a winner/fast-mover-takes-all type of outcome, whether we are discussing car sharing, home sharing, tablets, or the latest enterprise technology. This unerring focus on speed may be having some unintended consequences.

When you hurry a product schedule along you aim for the MVP – the minimum viable product. In short, what is the least we can do that will fulfill the customer’s expectation and hopefully enable this product to sell, capture some market share, and then based on real-world customer feedback add incremental capabilities to the offering to further expand the market and adoption rate. It is a model that has been getting a lot of press as it is more agile and nimble than the take-your-time, ‘nail it and scale it’ model. The costs, though, may be not only in quality and testing, but as we have seen more recently, cyber security is often being ignored in the overall product design and architecture. There have been too many reports over the past year of companies who should have known better shipping products with gross flaws and then ignoring the feedback from trusted security researchers.


Continue Reading →

5 Reasons to Not Use Skyport

“You shall not pass!”

Ever have that day where you just feel a bit contrarian? Like, just for fun, being a little bit of an ass? I think we all have that day now and then – it is that day I don’t feel like letting the guy cut me off when he didn’t get into the merge lane properly so I hug the tailgate of the car in front of me. Or I’m playing Blizzard’s new shooter Overwatch as Bastion, just repeatedly gunning down the same enemies again and again with the gatling gun while taunting them on the mic.

I was feeling a bit that way today, and I really don’t know why (maybe it was rolling off a great weekend of charity poker tournaments, beach visits, and dinners with friends and I need to re-balance), but I started thinking about ‘Why people should not buy the SkySecure Systems from us…’ Not being facetious about it either – you know those fake rhetorical questions we ask so we can make answers where using our product is really the only obvious solution such as:

Trite rhetorical question: ‘Who should NOT use Skyport?

Obviously contrived answer: ‘People who really want to get hacked soon and lose their jobs and customers and have their boss end up on the Wall street Journal bemoaning the evils of an unregulated Internet’. These are worse than Internet click-bait…Serious answers, though:


Continue Reading →

Five Necessary Improvements to the Swift (Not Taylor Swift) Security Model

Taylor+Swift+Taylor+Swift+Runs+Errands+Security+1nqK1IPSawwl

@securiTay – Taylor has better security than some banks transferring millions using SWIFT

Recently there has been what is likely the beginning of a wave of break-ins and financial exfiltrations via the SWIFT Alliance.  Reports vary a bit, but between vendor/operator mistakes, weak security controls, lack of integrated forensics, and some not-so-best practices we have ended up witnessing the theft of over $80 million dollars.  (It could have been over $950 million dollars but for the successful identification of typos by some astute bank operators.)

I spent some time going through the SWIFT Alliance’s publication ‘Security Guidance for Alliance’ published on 18 March 2016 (current version is 29 April 2016) to understand what their baseline security recommendations and architecture are and then thought about how I would re-implement them to protect against some of the more malicious threats we are seeing today.

TLDR; the document is a fairly comprehensive approach to securing SWIFT against the types of attacks that were prevalent a decade ago.  Times have changed, their model does not seem to have adapted to the threat landscape we are facing today.  If you operate a SWIFT infrastructure or just find armchair quarterbacking and 20/20 hindsight to be fun to read – please continue!  I’ll do my best to make this entertaining and hopefully informative.

Continue Reading →

Channel Vision: Win2003 Security

Prise_de_la_Bastille-2July 14, 1789. If you’re a history buff, you recognize the date. In France, the Storming of the Bastille. In our industry, July 14, 2015 was just as historic; it marked the official end of support by Microsoft for Windows 2003. The date was called out well in advance by the trade press with multiple recommendations for remediation, as the threatening negative security consequences for running critical apps on W2003 were communicated globally.

So how serious was the problem, how much of it has been solved nearly one year later, and what opportunities still exist for Skyport Channel Partners? Some quick facts:Continue Reading →

Killing the Cow: We should treat Servers like Prisoners

Four happy servers graze on the range before their long march to economic results.

Four happy servers graze on the range before their long march to economic results.

Odd title for a tech blog, no?  Well a few years ago I heard a great analogy from my friend Josh McKenty.  He said, we should not treat servers as pets, but instead cattle. The basic thesis being that a sick puppy takes a family of three to care for it while a sick cow in the herd gets shot in the head by the rancher and the herd moves on – three ranchers can handle a thousand plus head of cattle.  Applied to servers and IT infrastructure this model is a core premise of cloud architectures: we should never get so attached to an individual device that we stop receiving the rewards of economies of scale.

Let us continue with Josh’s analogy.  You have your herd of cattle, you are driving them from Texas to Sedalia, Missouri – the closest railhead at the time that ran to Chicago – and one of them gets sick.  But this time it is something virulent and unfortunately deadly like BSE (mad cow disease) which is infectious and causes the cattle to lose the ability to stand, thus ineffective on the drive.  Your cow has a folded protein, a virus, malware, something in it that should not be there.  You hopefully catch it before it spreads, but if you do not you can lose the entire herd.  Rapid quarantining may not be enough, euthanization may not be enough depending if the infection vector precedes the onset of identifiable symptoms.  Economic disaster.

The problem is that security killed the cow.

Continue Reading →

1 2 7
Follow

Get every new post delivered to your Inbox.

Join 3,018 other followers