Matasano Chargen - Latest Comments in Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

FX — Thu, 22 Mar 2007 09:01:15 -0000

I'm flattered to appear in this list. Halvar belongs there, I guess I don't. I would also like to use the chance to excuse my absence from publicly visible security work. It's the not publicly visible security work that keeps me busy and causes a general lack of any spare time for anything. Ouch, so much to hack, so little time.

Great blog by the way, keep it going.

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

Matt — Wed, 21 Mar 2007 12:47:59 -0000

I was trawling through my desk drawer full of papers that I liked enough to print out and save, and those names came up a lot. claffy and Shenker are both looking at the question of "What's wrong with the Internet today?" There's more to that than just security, but it's security-related enough to matter. Shenker is a "maybe" in terms of his really recent work, but if he publishes on DDoS or infrastructure security this year, people will certainly pay attention. claffy is the PI at CAIDA, which makes her an important voice in all areas of empirical networks research. If you haven't read this slide deck, I'd recommend it. I don't think I'm going to defend Staniford all that strongly; my paper trawl missed the fact that (according to DBLP) he hasn't published since 2004.

Good point about Gutmann.

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

Thomas Ptacek — Tue, 20 Mar 2007 21:24:03 -0000

Niels is at Google, where he's presumably working on an Internetwide "systrace"-alike that automatically disallows inline Javascript in dynamic web pages except to drive page counters and AJAX tables.

Peter Gutmann is the force behind the Vista DRM kerfluffle. By rights, Gutmann belongs on a 2007 influencers list.

Why do Shenker, claffy, and Staniford belong on the list? I've been exposed to all of them (Arbor, remember) --- put them in context for 2007 for me.

Couldn't agree more about Dawn Song and Vern Paxson. And I'm almost as much of a Stefan Savage fanboy as I am for DJB.

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

Matt — Tue, 20 Mar 2007 20:19:37 -0000

Stefan Savage is a rock star. See also Dawn Song, of "Timing Analysis of Keystrokes and Timing Attacks on SSH" fame, who also does IP traceback and worm defense, and Vern Paxson, who has published a ridiculous number of the best empirical and theoretical worm papers of the last five years. Scott Shenker, kc claffy, and Stuart Staniford are up there too. Tadayoshi Kohno and Alefiya Hussain are up-and-coming, but maybe not top influencers yet. A few years back I would also have included Niels Provos and Peter Gutmann, but I haven't seen much from them recently.

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

Thomas Ptacek — Tue, 20 Mar 2007 17:23:27 -0000

Mitchell, these guys both seem very smart. But I'm doing my list now and, if I try to fit it to 50, I'm still rejecting people like Halvar Flake, who essentially discovered an entire new class of C programming bugs.

And I'm trying not to be biased towards researchers. I have my list broken out:

- Academics, like Stefan Savage, who invented stochastic IP traceback and worm payload signature generation.

- Crypto people, like Eran Tromer, who discovered 3 new classes of side-channel attacks against AES.

- Operations people, like Chris Morrow at Verizon.

- Industry Execs, like Chris Rouland, the CTO of IBM/ISS

- Journalists, like Rob Lemos, editor at SecurityFocus

- Researchers, like LMH, of MOKB/MOAB infamy.

- Developers, like Marty Roesch, heir to the SourceFire fortune.

- Pundits, like Pescatore at Gartner.

Are you starting to get a sense of how TOTALLY WHACKED that stupid IT Security Dot Com list is?

How about I put it this way: I don't merit a position on a "top influencers" list. I have advisories, papers, and lots of blog hits. So, do Brad Doctor and John Curry fit on that list?

Why am I saying this to you, Mitchell? Am I that much of an asshole? No! Wait, yes! But I do have a point: your guys COULD be in a top influencer list. But you need to give them the time and resources to do so. Are you? Does StillSecure run a Vulnerability Research Team, with full-time people paid to do nothing but research, find vulnerabilities, present at conferences, and write books? Tell me more about that.

I already learned from HD that there's a guy at Tenable that kicks our asses, and I didn't know about him. Maybe I'll learn something new from you. Or, maybe you'll learn something from me.

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

Mitchel Ashley — Tue, 20 Mar 2007 16:12:06 -0000

Here are some links: http://web.archive.org/web/20031201063706/www.i...

Brad edited the Sneaker Chronicles and produced a number of informative articles.

http://www.village-elder.com/blog/ is kind of a technical how-to and full of useful stuff

Among others.

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

Thomas Ptacek — Tue, 20 Mar 2007 14:19:36 -0000

Mitchel, where would my readers have felt their influence? Perhaps I know one of them under a "different name" --- can you point me to some of their advisories? A paper they've written? An open-source tool that I've seen?

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

Mitchel Ashley — Tue, 20 Mar 2007 13:47:04 -0000

I'd like to mention our own Brad Doctor and Security Samurai John Curry. They are both "Elite Hackers."

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

Thomas Ptacek — Tue, 20 Mar 2007 13:20:51 -0000

Theo is an influencer. No question about it. Karl Rove is also an influencer.

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

Chris — Tue, 20 Mar 2007 13:16:44 -0000

Dare I say it?

Theo.

Flame away.

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

mrkz — Tue, 20 Mar 2007 11:47:54 -0000

Finally a list that consists of the greats working behind the scenes.

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

Nate — Tue, 20 Mar 2007 01:01:15 -0000

For Stefan, you forgot the first software-only exploit of the stock Xbox (font integer overflow). This allowed you to load code without owning any of the games vulnerable to other overflows or opening your box to solder on a modchip. He's also a FreeBSD committer, like all the best programmers. ;-)

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

HD — Mon, 19 Mar 2007 23:50:13 -0000

Nomination for under-appreciated hacker of the year: Nicolas Pouvesle. This is the one man vulnerability research team at Tenable Security. Nicolas kicks ass, thats all there to it. He takes the time to understand the bug behind each and every check he writes and knows the protocols and exploitation methods better than most. I can't count the number of times I have stared blankly at an advisory, only to see well-documented and in-depth Nessus plugin pop out with his name on it. To top it off, he usually has a working exploit to go along with each plugin. If I had a second vote, it would go to MZ, only because he does get some press for his efforts.

-HD

Re: Finger 79/tcp # Top Influencers You Might Not Have Heard Of (Or Not Enough)

Ryan Russell — Mon, 19 Mar 2007 23:26:39 -0000

Stevec who? Christie?