Matasano Chargen - Latest Comments in Take Me Off Your List!

Re: Take Me Off Your List!

Scott J. Roberts — Mon, 19 Mar 2007 22:05:42 -0000

Even as great as I think I am I knew it seemed too good to be true being put on a list of such prolific names. And we all know what they say about when something seems to good to be true.

That being said I have to echo the thoughts of many that such a list is ludacris. One of the biggest reasons, to add on to the many that have already been submitted, is the fact that any day at any time something new can happen and someone can completely change the entire landscape. DVD John did when he broke CSS, HD Moore did when Metasploit came out, and someone will again when the first major vulnerability/exploit/worm for Windows Vista is released. It's a fluid industry, and you can be at the top of the heap one day, and not remembered the next.

Re: Take Me Off Your List!

Mitchel Ashley — Mon, 19 Mar 2007 19:19:27 -0000

Alan, that was nice of you to mention Brad in your list.

Let me tell you all, he's an up and comer. Brad may not have all the fancy degrees and accreditations but he's as good as they come. He's learned in the trenches of life and he's as hard a worker as you'll find anywhere. Definitely a star in our organization. He does everything we ask of him and more. From when he took on leading the Denver ISSA chapter, to traveling to the far east, or when he lends his creative talents to help design our next generation products. He's a star all around.

I remember when he passed his CISSP on the first try. Brad is not my son but I'm proud of him like he is, and a friend as well. He and Alan are both in my list, even though I didn't mention them on my first blog post.

Re: Take Me Off Your List!

Steve Christey — Mon, 19 Mar 2007 18:32:07 -0000

Tom -

How did they pull this off???

BECAUSE WE DON'T SAY THIS STUFF OURSELVES.

We don't name names about who we think is influential or not. Navel gazing is right.

Look at the comments - almost all of them about what's wrong with the list, not who should really be on it, and some people actually saying we shouldn't bother.

At least they got Michal Zalewski on their list, and that guy who co-researched those IDS problems all those years ago, I forget his name. He works at some place called "Matasana" according to the list.

- Steve

Re: Take Me Off Your List!

kurt wismer — Mon, 19 Mar 2007 14:48:26 -0000

good point... now i've probably offended a bunch of people who have influenced me a great deal outside of the *cough/hack/choke* blogosphere...

of course a linkroll is as good as a blogroll, and with the extent to which things are archived onto the web, you could probably find/generate links to representative pages for most of them...

Re: Take Me Off Your List!

Thomas Ptacek — Mon, 19 Mar 2007 13:06:35 -0000

I think the distinguishing factor, Kurt, is that almost nobody on my list has a blog.

Re: Take Me Off Your List!

kurt wismer — Mon, 19 Mar 2007 10:51:26 -0000

if i may make a suggestion - i agree with amrit, making a single official list is pointless... the people who influence me are different than the people who influence you (whoever you are, this is directed at everyone)...

each person should probably have their own list - and guess what, at that point it becomes indistinguishable from a blogroll...

Re: Take Me Off Your List!

alan shimel — Mon, 19 Mar 2007 09:36:54 -0000

OK, Thomas I made my top 10 list just for you. http://www.stillsecureafteralltheseyears.com/as...

Re: Take Me Off Your List!

Chris_B — Sun, 18 Mar 2007 22:26:38 -0000

TP

You need a new category, may I suggest either "snark" or "humor".

Re: Take Me Off Your List!

Andy Willingham — Sun, 18 Mar 2007 08:48:17 -0000

You mean that my 8 months of blogging has NOT vaulted me to the top of the IT Security world?! Why do I continue with this? All my dreams are crushed!

Re: Take Me Off Your List!

Richard Bejtlich — Sat, 17 Mar 2007 15:42:25 -0000

As I alluded to in my post on this ridiculous list, I was actually contacted by the author (who is unnamed at itsecurity.com) for my "review" for "glaring omissions." I told him I didn't want any part of his list. You can see previous work of his here.

Re: Take Me Off Your List!

wrc — Sat, 17 Mar 2007 09:10:21 -0000

When I see the phrase "IT Security", I really have to wonder who made that up. Is it a demographic group in something like PRIZM NE Workplace?

If I look up foo-co, will I get back "Executive Sharks" "IT Security" and "Accounting Elite"?

Does the description of "IT Security" look like "Median budget of $2,500,000 a year / Spends money on gadgets / Attends trade conferences / reads CSO magazine and US News & World Report"?

Re: Take Me Off Your List!

Marcin — Fri, 16 Mar 2007 22:53:54 -0000

Thomas, you may think your group/blog is not influential at all... Regardless if you are or not, I enjoy reading your blog. What I like most is your attitude-bluntness-"no holding back" what you really think.

Re: Take Me Off Your List!

Thomas Ptacek — Fri, 16 Mar 2007 19:39:15 -0000

I have a list of around 30 top influencers now. Pescatore wasn't on it. A great addition, and thank you!

Amrit has contributed. Everyone else needs to, too. What the hell is the point of having a security blogosphere if we can't make top 10 lists together?

Get to work, Alan. Nominate someone.

Re: Take Me Off Your List!

Amrit — Fri, 16 Mar 2007 18:28:12 -0000

Thomas,

I never said it was hard, I said - what is the point

In security for Gartner it would be John Pescatore, and some number of 7-8 others. There are certainly others that are not in security as well, but again what is the point? Seriously man, why are you so wrapped around the axle on this? I certainly don't give a shit.

Re: Take Me Off Your List!

Thomas Ptacek — Fri, 16 Mar 2007 18:08:26 -0000

I don't like it when people say, "this is hard to figure out, so, not only is it not worth trying to figure out, but we should just play around when incompetant people pretend they've figured it out".

You propose "influential Gartner analysts". Instead of preaching about why there might be some influential Gartner analysts, name some. It can't be Steinnon; we're talking about 2007.

I absolutely believe that there are influential analysts. It would be interesting to know who they are. Everybody who got on their blog and congratulated themselves and their peers for landing on this silly list is now obligated to contribute something interesting to the security blogosphere. Thing of it as detox.

Name the most influential analyst you can think of, Amrit.

Re: Take Me Off Your List!

Amrit — Fri, 16 Mar 2007 17:55:05 -0000

Why?

What difference does it make? Seriously - who cares?

I am pretty sure we will not even come to agreement on the definition of influential.

For example most Gartner security analysts speak to an average of 6-8 large enterprises in every vertical and they do this 3-4 times a week and we definitely provided a hefty amount of influence on tactical and strategic security direction, not to mention the number of vendors that would respond to a single research note, take for example the NBA (network behavior analysis) market or SIEM (Security information and event management), or dare I say IDS is dead!

Does this mean an analyst is influential? Depends on your definition...

What about a security researcher, are they influential? Do they influence buying decisions or strategy for large global organizations? Depends on your definition...

So although I do agree with your analysis of the silly list the itsecurity.com folks created, I don't understand your frustration or desire to create another list.

Re: Take Me Off Your List!

Thomas Ptacek — Fri, 16 Mar 2007 15:35:36 -0000

It is frustrating to me that this is the conversation we're having. This is beyond Inside Baseball; this is inside batting practice. In AAA. There IS a list of security influencers for 2007, and none of us are on it.

Instead of joking about how it's nice to be on a list somewhere and it's no big deal that the list is on a link farm and who cares and all that, can I get you guys to start proposing who SHOULD be on the list?

I'll start: DVD Jon.

Re: Take Me Off Your List!

Samuel Van Ryder — Fri, 16 Mar 2007 14:46:47 -0000

I suspect one of the sources is Lori Macvittie's blog list: http://devcentral.f5.com/weblogs/macvittie/arch...

And Alan - to be fair - even back in February, I had seen the mistake and posted a comment on that site (check the comment section). I never claimed it and have freaking clue why it showed up there (or anywhere for that matter). I even made a comment on the IT Security Dot Com blog (which is not showing up). They obviously did not do their research. And on top of all of this, I do not advocate hostile takeovers of blogs like you rowdy bunch of pirates do. :-)

Re: Take Me Off Your List!

Christofer Hoff — Fri, 16 Mar 2007 13:13:01 -0000

Cisco will no doubt acquire them for billions!

...either that or the RationalSecurity Blogsolidation Corp. will swing into action once again.

Re: Take Me Off Your List!

Thomas Ptacek — Fri, 16 Mar 2007 12:22:05 -0000

This list is an amazingly effective hack. "IT Security Dot Com" is in no way qualified to source such a list. They've taken apparently less than an hour to generate it. And I'm getting all sorts of mail congratulating me for being on it.

How the hell did they pull this off?

Re: Take Me Off Your List!

Amrit — Fri, 16 Mar 2007 12:08:19 -0000

I spent yesterday scooping up I'm #1 t-shirts to go with my #1 Dad coffee mug (which is totally true, I really am, just ask my kids) I'm sure I have one of those #1 foam fingers somewhere in the garage ;-)

Just goes to show that right now, someone somewhere is opening an email, or linking to a list, because they truly believe that someone really loves them...(here)

Re: Take Me Off Your List!

Christofer Hoff — Fri, 16 Mar 2007 11:47:25 -0000

I still reject my #24 ranking because I appear twice on the same list (although my name is spelled incorrectly both times!)

The funny thing is they haven't cashed the check I sent them yet.

I wonder what Fox News is saying about all this.

I'm more in love with myself now, more than ever.

/Hoff (Sandwich Meat Blogger)

Re: Take Me Off Your List!

_ryan — Fri, 16 Mar 2007 11:37:13 -0000

The entire "more bloggers from our feedreader" list was copy/pasted from the RSVPs from the RSA blogger meetup.

_r

Re: Take Me Off Your List!

Amrit — Fri, 16 Mar 2007 10:55:01 -0000

It's pretty benign, and not very difficult to convince a bunch of self-referential navel gazers to link to a list of themselves

Re: Take Me Off Your List!

Thomas Ptacek — Fri, 16 Mar 2007 02:48:31 -0000

Baiting respected security bloggers into linking to a faux-news site is not a benign thing. I'm not trying to make you guys look dumb; I'm just reminding you that "IT Security Dot Com" is evil.