Please accept my resignation. I don't care to belong to any club that will have me as a member, let alone #1 - you have to admit it was a nice exercise in blog social engineering though, have you ever seen flattery injection work so beautifully?
Thomas Ptacek
· 2 years ago
No, I haven't. I'm waiting for Lindstrom to call out ITSecurity.com for publishing an exploit instead of fixing the vulnerability.
Alan Shimel
· 2 years ago
Come on Thomas admit it, you are just upset because they didn't give vulnerability researchers as high a ranking as they did the analysts ;-) You really think Bruce is more influential then me? I am crushed ;-) BTW, you left out that Sam Van Ryder actually claims my blog as well. Maybe he can get into a bidding way with Hoff over it. I figured with this the multiple on my blog went through the roof. I guess I will still need a token to get on the subway.
Thomas Ptacek
· 2 years ago
Hey, they said me and "Et Al" were about 15 ranks more important than John Thompson, so I'm super proud.
Mitchell Ashley
· 2 years ago
Aw, come on. You all (me too) are just flattered to be on a list for something other than doing something wrong.
Face it, if we all didn't have blogs we'd have to resort to writing in journals, a.k.a. diaries. Who would fess up to that?
Blogging is a manly term so we're proud to say that!
Thomas Ptacek
· 2 years ago
Baiting respected security bloggers into linking to a faux-news site is not a benign thing. I'm not trying to make you guys look dumb; I'm just reminding you that "IT Security Dot Com" is evil.
Amrit
· 2 years ago
It's pretty benign, and not very difficult to convince a bunch of self-referential navel gazers to link to a list of themselves
_ryan
· 2 years ago
The entire "more bloggers from our feedreader" list was copy/pasted from the RSVPs from the RSA blogger meetup.
_r
Christofer Hoff
· 2 years ago
I still reject my #24 ranking because I appear twice on the same list (although my name is spelled incorrectly both times!)
The funny thing is they haven't cashed the check I sent them yet.
I wonder what Fox News is saying about all this.
I'm more in love with myself now, more than ever.
/Hoff (Sandwich Meat Blogger)
Amrit
· 2 years ago
I spent yesterday scooping up I'm #1 t-shirts to go with my #1 Dad coffee mug (which is totally true, I really am, just ask my kids) I'm sure I have one of those #1 foam fingers somewhere in the garage ;-)
Just goes to show that right now, someone somewhere is opening an email, or linking to a list, because they truly believe that someone really loves them...(here)
Thomas Ptacek
· 2 years ago
This list is an amazingly effective hack. "IT Security Dot Com" is in no way qualified to source such a list. They've taken apparently less than an hour to generate it. And I'm getting all sorts of mail congratulating me for being on it.
How the hell did they pull this off?
Christofer Hoff
· 2 years ago
Cisco will no doubt acquire them for billions!
...either that or the RationalSecurity Blogsolidation Corp. will swing into action once again.
And Alan - to be fair - even back in February, I had seen the mistake and posted a comment on that site (check the comment section). I never claimed it and have freaking clue why it showed up there (or anywhere for that matter). I even made a comment on the IT Security Dot Com blog (which is not showing up). They obviously did not do their research. And on top of all of this, I do not advocate hostile takeovers of blogs like you rowdy bunch of pirates do. :-)
Thomas Ptacek
· 2 years ago
It is frustrating to me that this is the conversation we're having. This is beyond Inside Baseball; this is inside batting practice. In AAA. There IS a list of security influencers for 2007, and none of us are on it.
Instead of joking about how it's nice to be on a list somewhere and it's no big deal that the list is on a link farm and who cares and all that, can I get you guys to start proposing who SHOULD be on the list?
I'll start: DVD Jon.
Amrit
· 2 years ago
Why?
What difference does it make? Seriously - who cares?
I am pretty sure we will not even come to agreement on the definition of influential.
For example most Gartner security analysts speak to an average of 6-8 large enterprises in every vertical and they do this 3-4 times a week and we definitely provided a hefty amount of influence on tactical and strategic security direction, not to mention the number of vendors that would respond to a single research note, take for example the NBA (network behavior analysis) market or SIEM (Security information and event management), or dare I say IDS is dead!
Does this mean an analyst is influential? Depends on your definition...
What about a security researcher, are they influential? Do they influence buying decisions or strategy for large global organizations? Depends on your definition...
So although I do agree with your analysis of the silly list the itsecurity.com folks created, I don't understand your frustration or desire to create another list.
Thomas Ptacek
· 2 years ago
I don't like it when people say, "this is hard to figure out, so, not only is it not worth trying to figure out, but we should just play around when incompetant people pretend they've figured it out".
You propose "influential Gartner analysts". Instead of preaching about why there might be some influential Gartner analysts, name some. It can't be Steinnon; we're talking about 2007.
I absolutely believe that there are influential analysts. It would be interesting to know who they are. Everybody who got on their blog and congratulated themselves and their peers for landing on this silly list is now obligated to contribute something interesting to the security blogosphere. Thing of it as detox.
Name the most influential analyst you can think of, Amrit.
Amrit
· 2 years ago
Thomas,
I never said it was hard, I said - what is the point
In security for Gartner it would be John Pescatore, and some number of 7-8 others. There are certainly others that are not in security as well, but again what is the point? Seriously man, why are you so wrapped around the axle on this? I certainly don't give a shit.
Thomas Ptacek
· 2 years ago
I have a list of around 30 top influencers now. Pescatore wasn't on it. A great addition, and thank you!
Amrit has contributed. Everyone else needs to, too. What the hell is the point of having a security blogosphere if we can't make top 10 lists together?
Get to work, Alan. Nominate someone.
Marcin
· 2 years ago
Thomas, you may think your group/blog is not influential at all... Regardless if you are or not, I enjoy reading your blog. What I like most is your attitude-bluntness-"no holding back" what you really think.
wrc
· 2 years ago
When I see the phrase "IT Security", I really have to wonder who made that up. Is it a demographic group in something like PRIZM NE Workplace?
If I look up foo-co, will I get back "Executive Sharks" "IT Security" and "Accounting Elite"?
Does the description of "IT Security" look like "Median budget of $2,500,000 a year / Spends money on gadgets / Attends trade conferences / reads CSO magazine and US News & World Report"?
Richard Bejtlich
· 2 years ago
As I alluded to in my post on this ridiculous list, I was actually contacted by the author (who is unnamed at itsecurity.com) for my "review" for "glaring omissions." I told him I didn't want any part of his list. You can see previous work of his here.
Andy Willingham
· 2 years ago
You mean that my 8 months of blogging has NOT vaulted me to the top of the IT Security world?! Why do I continue with this? All my dreams are crushed!
Chris_B
· 2 years ago
TP
You need a new category, may I suggest either "snark" or "humor".
if i may make a suggestion - i agree with amrit, making a single official list is pointless... the people who influence me are different than the people who influence you (whoever you are, this is directed at everyone)...
each person should probably have their own list - and guess what, at that point it becomes indistinguishable from a blogroll...
Thomas Ptacek
· 2 years ago
I think the distinguishing factor, Kurt, is that almost nobody on my list has a blog.
kurt wismer
· 2 years ago
good point... now i've probably offended a bunch of people who have influenced me a great deal outside of the *cough/hack/choke* blogosphere...
of course a linkroll is as good as a blogroll, and with the extent to which things are archived onto the web, you could probably find/generate links to representative pages for most of them...
Steve Christey
· 2 years ago
Tom -
How did they pull this off???
BECAUSE WE DON'T SAY THIS STUFF OURSELVES.
We don't name names about who we think is influential or not. Navel gazing is right.
Look at the comments - almost all of them about what's wrong with the list, not who should really be on it, and some people actually saying we shouldn't bother.
At least they got Michal Zalewski on their list, and that guy who co-researched those IDS problems all those years ago, I forget his name. He works at some place called "Matasana" according to the list.
- Steve
Mitchel Ashley
· 2 years ago
Alan, that was nice of you to mention Brad in your list.
Let me tell you all, he's an up and comer. Brad may not have all the fancy degrees and accreditations but he's as good as they come. He's learned in the trenches of life and he's as hard a worker as you'll find anywhere. Definitely a star in our organization. He does everything we ask of him and more. From when he took on leading the Denver ISSA chapter, to traveling to the far east, or when he lends his creative talents to help design our next generation products. He's a star all around.
I remember when he passed his CISSP on the first try. Brad is not my son but I'm proud of him like he is, and a friend as well. He and Alan are both in my list, even though I didn't mention them on my first blog post.
Scott J. Roberts
· 2 years ago
Even as great as I think I am I knew it seemed too good to be true being put on a list of such prolific names. And we all know what they say about when something seems to good to be true.
That being said I have to echo the thoughts of many that such a list is ludacris. One of the biggest reasons, to add on to the many that have already been submitted, is the fact that any day at any time something new can happen and someone can completely change the entire landscape. DVD John did when he broke CSS, HD Moore did when Metasploit came out, and someone will again when the first major vulnerability/exploit/worm for Windows Vista is released. It's a fluid industry, and you can be at the top of the heap one day, and not remembered the next.
All Comments
Face it, if we all didn't have blogs we'd have to resort to writing in journals, a.k.a. diaries. Who would fess up to that?
Blogging is a manly term so we're proud to say that!
_r
The funny thing is they haven't cashed the check I sent them yet.
I wonder what Fox News is saying about all this.
I'm more in love with myself now, more than ever.
/Hoff (Sandwich Meat Blogger)
Just goes to show that right now, someone somewhere is opening an email, or linking to a list, because they truly believe that someone really loves them...(here)
How the hell did they pull this off?
...either that or the RationalSecurity Blogsolidation Corp. will swing into action once again.
And Alan - to be fair - even back in February, I had seen the mistake and posted a comment on that site (check the comment section). I never claimed it and have freaking clue why it showed up there (or anywhere for that matter). I even made a comment on the IT Security Dot Com blog (which is not showing up). They obviously did not do their research. And on top of all of this, I do not advocate hostile takeovers of blogs like you rowdy bunch of pirates do. :-)
Instead of joking about how it's nice to be on a list somewhere and it's no big deal that the list is on a link farm and who cares and all that, can I get you guys to start proposing who SHOULD be on the list?
I'll start: DVD Jon.
What difference does it make? Seriously - who cares?
I am pretty sure we will not even come to agreement on the definition of influential.
For example most Gartner security analysts speak to an average of 6-8 large enterprises in every vertical and they do this 3-4 times a week and we definitely provided a hefty amount of influence on tactical and strategic security direction, not to mention the number of vendors that would respond to a single research note, take for example the NBA (network behavior analysis) market or SIEM (Security information and event management), or dare I say IDS is dead!
Does this mean an analyst is influential? Depends on your definition...
What about a security researcher, are they influential? Do they influence buying decisions or strategy for large global organizations? Depends on your definition...
So although I do agree with your analysis of the silly list the itsecurity.com folks created, I don't understand your frustration or desire to create another list.
You propose "influential Gartner analysts". Instead of preaching about why there might be some influential Gartner analysts, name some. It can't be Steinnon; we're talking about 2007.
I absolutely believe that there are influential analysts. It would be interesting to know who they are. Everybody who got on their blog and congratulated themselves and their peers for landing on this silly list is now obligated to contribute something interesting to the security blogosphere. Thing of it as detox.
Name the most influential analyst you can think of, Amrit.
I never said it was hard, I said - what is the point
In security for Gartner it would be John Pescatore, and some number of 7-8 others. There are certainly others that are not in security as well, but again what is the point? Seriously man, why are you so wrapped around the axle on this? I certainly don't give a shit.
Amrit has contributed. Everyone else needs to, too. What the hell is the point of having a security blogosphere if we can't make top 10 lists together?
Get to work, Alan. Nominate someone.
If I look up foo-co, will I get back "Executive Sharks" "IT Security" and "Accounting Elite"?
Does the description of "IT Security" look like "Median budget of $2,500,000 a year / Spends money on gadgets / Attends trade conferences / reads CSO magazine and US News & World Report"?
You need a new category, may I suggest either "snark" or "humor".
each person should probably have their own list - and guess what, at that point it becomes indistinguishable from a blogroll...
of course a linkroll is as good as a blogroll, and with the extent to which things are archived onto the web, you could probably find/generate links to representative pages for most of them...
How did they pull this off???
BECAUSE WE DON'T SAY THIS STUFF OURSELVES.
We don't name names about who we think is influential or not. Navel gazing is right.
Look at the comments - almost all of them about what's wrong with the list, not who should really be on it, and some people actually saying we shouldn't bother.
At least they got Michal Zalewski on their list, and that guy who co-researched those IDS problems all those years ago, I forget his name. He works at some place called "Matasana" according to the list.
- Steve
Let me tell you all, he's an up and comer. Brad may not have all the fancy degrees and accreditations but he's as good as they come. He's learned in the trenches of life and he's as hard a worker as you'll find anywhere. Definitely a star in our organization. He does everything we ask of him and more. From when he took on leading the Denver ISSA chapter, to traveling to the far east, or when he lends his creative talents to help design our next generation products. He's a star all around.
I remember when he passed his CISSP on the first try. Brad is not my son but I'm proud of him like he is, and a friend as well. He and Alan are both in my list, even though I didn't mention them on my first blog post.
That being said I have to echo the thoughts of many that such a list is ludacris. One of the biggest reasons, to add on to the many that have already been submitted, is the fact that any day at any time something new can happen and someone can completely change the entire landscape. DVD John did when he broke CSS, HD Moore did when Metasploit came out, and someone will again when the first major vulnerability/exploit/worm for Windows Vista is released. It's a fluid industry, and you can be at the top of the heap one day, and not remembered the next.