We have another network security blog in the house. Not too far on the heals of Secure64 CEO, Steve Goodbarn, two of his technical guys have decided to join the ranks of the network security bloggers. The blog, www.Paths2Trust.com, is co-authored by Joe Gersch and Bill Worley. Joe, the head of development for Secure64, has taken the lead and started putting up some blog posts while Bill’s been heads-down cranking out DNSSEC product code.
The primary topic of their blog is DNSSEC. Both are active in secure DNS product development and I expect they’all also share some of their experiences with the standards bodies, DNSSEC adoption, and implementing DNSSEC. Both Joe and Bill have the career chops to talk tech and I’m sure we’ll enjoy hearing what they have to say not only about DNSSEC but also their past experiences in networking, RISC computing platforms (in which Bill is an industry pioneer) and other topics of interest.
I enjoy working with all of these guys as part of my Converging Network LLC business. It’s a real pleasure to see them joining the security blogging community. Take a moment to welcome them by checking out both www.paths2trust.com and www.stevegoodbarn.com. You can also check out Steve on his recent SSAATY podcast appearance.
It's always satisfying when someone takes your advice and as a result I'm happy to welcome a new blogger who's decided to join us. The new blogger on the block is Steve Goodbarn, CEO of DNSSEC vendor Secure64. Steve's a client of my business, Converging Network LLC, and we've been talking about doing a blog with two of his other "more technical" executives. But after spending time with Steve it was really clear he has a unique perspective and a great deal of wisdom to share with us. Steve comes from a background as CFO of Janus Funds, so he really understands how businesses (and CFOs in particular) evaluate, assess and justify risks and mitaging costs around security purchases. Plus he's a genuinely nice guy which I'm sure others will discover as they read his blog and meet Steve at various industry events and security blogger get togethers.
Join me in welcoming Steve to the blogosphere and the community of security bloggers. You can find Steve at http://www.stevegoodbarn.com. Steve also recently appeared on SSAATY podcast episode #61 with Alan and me.
Our guest on SSAATY podcast #61 is Steve Goodbarn, former Janus Funds CFO and now CEO of Secure64, maker of highly scalable and deployable DNSSEC products. DNSSEC has been in the news a lot lately, (Network World seems to be the place where it's covered most), largely because of Dan Kaminsky's talk this summer at Black Hat 2008 in Las Vegas. Now you frequently see articles and blog posts explaining how cache poisoning exploits can be used to hijack not just individual servers but entire domains, right up the path to .com, and . root.
Fortunately solving DNS security isn't as ginormous as stopping global warming but to truly secure DNS then DSNSEC would need to be fully deployed throughout the Internet and will happen in steps over time (as discussed in this blog post.) That's where Steve and the other experts at Secure64 come in. They've developed technology that can both handle the high speed demands of very large DSN infrastructure (and small) and makes DNSSEC much easier to deploy. Both of these challenges are obsticles DNSSEC has faced until now. Secure64 is not only a client on Converging Network LLC (my company) but also someone who I think will be a winner in the new era of domain sercurity services.
In the podcast Steve gives Alan and me his take on the DNS security issues and how Secure64 tackles these problems for their customers. Steve and some of the technical leaders are getting into blogging, with a little prodding and assistance from yours truly. Steve's blog is at www.stevegoodbarn.com. Secure64's CTO, Bill Worley, and VP of engineer, Joe Gersch (read more about them both here) also have their own blog at www.paths2trust.com.
If you'd like to learn more about the social media strategy and product innovation services of Converging Network LLC, please contact me directly.
A former co-worker and security software developer dude Joe Webster started up his own blog, Security For All (http://secforall.info). Joe joined StillSecure back when I was CTO and I remember he was interested in the whole blogging and podcasting thing back even then. Hey, Joe… I'm surprised it took you so long to start the blog! 🙂
Seriously, Joe's not only a sharp guy but is also dedicated to improving securty. Plus, he's a really nice guy and great keyboard/composer. So check out Joe's new Security For All blog. He has a good post up there in response to one of Joel Snyder's videocasts about Network Access Control.
Sometimes I see myself as something of a social anthropologist. I'm reallyfascinated by the social, interpersonal and individual dynamics of how peopleinteract, communicate and work together. I had a great opportunity to observeexactly that through the social networking that occurs among the networksecurity community while at Black Hat thisweek. It truly was fascinating to observe and be a part of.
At conferences such as Black Hat there is always a big push to find out wherethe corporate parties are and make sure you score an invite. Some of them can betough to get into, making getting that ticket, wristband or special invitecard a really coveted item. Wednesday evening one of the better parties wassponsored by
Core Security Breach at theCaesars Palace Shadow Bar. The VP of Marketing at Core Breach was kind enough to giveme a ticket to attend. The party was crowded and difficult to move around in butI was able to spend time talking with Rothman, McKeay, Andrew Storm, my buddy Alan and a bunch ofother friends. It was a bit crowded and kind of hard to talk so three of usdecided to head out and go to Casa Fuenteto talk over cigars in a little bit quieter environment. So three of us headeddown to the cigar bar.
When we arrive, we entered Casa Fuente's sizable humidor to pick out a goodsmoke for the evening. I had just picked out a nice cigar when someone tapped meon the shoulder and said, "I'm Ryan Naraine and I've really wanted to meet youMitchell. I'd like to buy you that cigar you've picked out." Whoa. I've probablyread a thousand tweets (Twitter messages)of Ryan's but have never met him before. Ryan is not only a prolific Twittercontent generator, he is also a widely read journalist forZDnet's security blogs. He wantsto meet me? I want to meet him. I feel like I know the guy better than half thepeople I work with on a day-to-day basis because of his Twitter feed and his writing.
Ryan and Tim join us and now the group had grown to five. Sometime soon Ryanand Andrew tweeted we were down at the cigar bar. Pretty quick Rothman andMartin left the Core party and joined us, followed soon after by Hoff, Ryan, JJ and then Mogull. The group grew 2 and sometimes 3 or 4 ata time. Everyone learned from their Twitter community that a new group wasforming at Casa Fuente. Within 45 minutes the group had grown from 3 to 40+people.
If you've been to Casa Fuente in Caesars you know it's not a huge placeso 40+ a very sizable group, enough to take over half the joint. I'm sure ourwaitress was glad to see her night's tip increase by the minute. The group was ahuman example of soap bubble surface tension dynamics at work as one table afteranother gave way its individual space and became part of our group. I felt badfor the guy next to us whose personal space was taken over faster than abiblical grasshopper plague. We invited him to join us multiple times but heresisted our attempts to assimilate him into our collective and eventually leftwhen there wasn't much left to either his space or his cigar.
The group participants ebbed and flowed, moving around to talk with differentpeople. Many of us follow each other's blogs and/or Twitter feeds but haven'tmet in person before. I met many people I've followed and whose blog I read butwouldn't recognize from their tiny Twitter picture or blog portrait. The groupmakeup was very diverse; there were people from a few independent analyst firmsand from Gartner, small and well known product vendors, consultants, four orfive different press outlets, security researchers and every day securitypractitioners. Blogging is probably something commonly shared by a large portionof the group.
I was then and still am fascinated at the dynamics that lead to the formationof this event. It wasn't one of the much sought after corporate events, it was ablogger / social networking impromptu driven event. While there are certainly anumber of vocal and well equipped leaders that could rise up to suchan occasion, this wasn't a "leader situation". No one was the group leader ororganizer, we were just our own self forming group. It didn't hurt of coursethat we had a source of capital, thanks to one person's corporate credit card.(Thanks dude, I don't want to get you in any more trouble by naming youhere.)
A number of people were letting Twitter messages fly over the wires toannounce what funny thing happened or ridiculous comment this person or thatmade. I'm sure a few iPhone, Blackberry and camera phone pictures made their wayout too. These were all part of the dynamic that helped the group form and grow,and make it attractive for others to want to come join in. Yes, people Twitteredthere's a party over here but a good bit of what likely attractedpeople to come join the group was that the Twitters communicated there was awhole lot'a friends and fun happening over here.The large group broke upat 11pm when Casa Fuente closed their doors for the evening. Smaller groupsreformed and headed out to different parts but the tweets kept happening so mostpeople knew what was happening and where for the rest of the evening.
I've been reading about some of the differences between formal organizationsand social networking, particularly about self forming groups, in the book HereComes Everybody and this situation was a great example of it. We all worrywhether cell phones, social networking and web 2.0 apps are making personalrelationships impersonal. I think the situation I've described, which is onlyone of what were likely hundreds or thousands of similar examples during theconference, shows how social networking technology lets you build relationshipswith people before you've ever met or talked in person, how it collapsesdistance, enables the dynamic formation of groups, and and continuesrelationships whether people are present together or physically far apart. I'vebeen following the conference through tweets long after leaving theconference. Taking in the whole situation is simply quite marveling to me.
One thing's for sure; social networking, web 2.0 apps and camera phones havetotallydestroyed the belief What happens in Vegas, stays in Vegas. Iwouldn't put much faith in that saying any longer. (I'll let you find the moreincriminating camera phone pictures from Black Hat yourself, and don't ask about me about the hamster — I can't tell you. But you're welcome to follow him on Twitter.)
I've started a new blog called Breast Cancer For Husbands.com. As many of you know, my wife and I have battled her breast cancer together over the past three years. There have been highs and lows, struggles and victories, and through it all breast cancer is something we battle both together and on our own. If you've been close to someone with breast cancer, you know that even once the cancer is no longer detectable you still live your life changed from that experience.
I decided to blog about the topic, first for my own therapeutic need through writing and sharing, and second to create something that I and other husbands (and their wives and family members) could be a part of while supporting a loved one with breast cancer.
To learn more, check out the initial blog post where I talk more about the reasons behind creating this new blog.
If you or someone you know has had or is living through the breast cancer journey with a spouse, I would appreciate your forwarding a link to http://www.breastcancerforhusbands.com.
Thank you to everyone who continues to provide love, support, prayers, calls, emails, letters and visits. I hope you'll share my new blog with someone who it might benefit. I surely will be blessed through all who are part of this journey as well.