Posted on

4 Problems with Krypt3ia’s Krampus List

I like Scot “Krypt3ia” Terban. The security researcher has a crotchety communication method I enjoy, and I read his posts a lot. I especially enjoy when he goes after security vendors for FUD (fear, uncertainty and doubt).

So when he released his annual Krampus List — a naughty list for the security community — I read it and laughed a lot.

But as I read through it, I found some of it mean spirited. By the end I found myself in a familiar quandary: How could I laugh and be disgusted at the same time? My brain has always been a mass of contradictions, and this is just another example.

There’s a razor-thin line between good-natured jabs and outright venom. From my perspective, picking on Boris Sverdlick because he “took his third job in two years and moved his family across the country for the third time” was a good-natured ribbing. He has switched jobs a lot and there’s nothing wrong with that. You gotta go where your heart takes you. But when his adventures are chronicled on Facebook, his friends — myself included — like to pick on him, as good friends often do. He gives as good as he gets.

Picking on Kelly Lum (@aloria) for narcissistic drama and a lack of contributing to the community? That was pretty shitty. Sure, her posts can be dramatic, but the same can be said about most of us. Hell, my posts have been all about family deaths and unfinished family business all year. I’m sure some of you don’t like it, but that’s what has been on my mind and you’re welcome to unfriend me any time. Kelly has been open and honest about dealing with mental illness. She’s done her day job well despite all that and has set a good example for the rest of us. Whine all you want about her not contributing to the community. In my book, the example she sets is a big contribution.

But there are bigger problems with Scot’s list:

  • It’s made up of anonymous submissions. It’s easy to rip on someone when nobody knows who you are: You don’t have to back your comments up. You don’t have to worry about being attacked in kind. That’s awfully convenient — and cowardly.
  • People who make the comments almost certainly spread their own drama. The worst hypocrisy is the kind where the hypocrite doesn’t show their face.
  • People love to bitch about “a lack of contribution” to the security community. I find that odd, because if you’re doing your job well, you are contributing to the community.
  • Terban endorses all the comments. Though it’s made up of anonymous submissions, Terban collects them and distributes them, essentially endorsing the mudslinging. When a lot of people are criticized for talking shit and spreading drama, Terban is spraying bullets inside a glass house.

Infosec is hard. The people it attracts can be difficult to work with, myself included. Since we’re connected to each other by Facebook and Twitter, we’re exposed to each other’s personal drama. None of us are perfect. We all have different ways of contributing to the community, and what’s useless to one person is valuable to another.

Laugh all you like at the Krampus List. But if you don’t see some of yourself in there, you might be part of the problem.

Cyber Krampus Logo

Posted on

Why I’m Not Enjoying the Ashley Madison Hack

Because I have a happy marriage and am not the cheating type, I thought I’d enjoy the fallout over the Ashley Madison hack, in which millions of people using the adultery site were outed. One of the outed individuals was reality TV star Josh Duggar, a self-proclaimed devout Christian who preaches the virtues of family values. Everyone likes to see hypocrites fall, right?

Mood music:

https://youtu.be/OZZ9bm_qe9w

I spent a lot of time pondering what I could write in my information security blogs. I could have harped about all the old lessons people failed to learn about how to behave in cyberspace. In the case of Ashley Madison, the lesson is that there’s no such thing as true privacy, that if you use sites like this, a determined hacker will figure out how to break in and expose you.

Then I started to feel dirty about it all.

I had been feeling morally superior to all the apparent cheaters. Once I realized where my head was going, it freaked me out a little and I felt ashamed. Why? Because I’ve done a lot of dumb things in my life, too.

Go through this blog and you’ll find plenty of examples. I’ve lied to my wife. I’ve talked crap about others behind their backs. I’ve done a lot of selfish things and hurt people along the way. I’ve been guilty of thinking I’m better than others.

With these truths in mind, I found it hard to share in the online feeding frenzy.

The Ashley Madison story is replete with casualties. Significant others are learning that they were cheated on, and site users now have to deal with their demons in a very public way. I’m not going to tell people how they should think about this story. I only know how I feel.

Ashley Madison’s slogan is “Life is short. Have an affair.” Life is short. I want to learn some things and be a better person along the way. Not engaging in hypocrisy is a step in the journey.

Ashley Madison Home Page

Posted on

Irish Alzheimer’s Disease

Alzheimer’s Disease is a terrible thing. I’ve known some precious souls trapped within that mental prison over the years, and it’s one of the saddest things to behold. But there’s another mental prison we all find ourselves in from time to time. The late Fr. Dennis Nason, former pastor of my church, described it as Irish Alzheimer’s.

Simply put, you forget everything but the grudges.

I’d like to tell you I don’t suffer from it, but I’d be lying. The difference between me today and me of yesterday is that I used to adore my grudges. I was faithful to them and reveled in them. Now when I catch myself in the middle of a grudge feeding frenzy, I’m ashamed.

Grudges used to be cool to me. Zeroing in on someone else’s faults made me feel so much better about myself. In all the darker episodes of my life I’ve looked for others to blame.

It doesn’t work so well for me anymore.

The ability to hold grudges is related to an inability to stop judging other people. We have an irresistible urge to compare ourselves to other people. If we feel like shit because of what our lives have become, we want assurances that what we have is at least better than what the next guy has. If we come from a family of drama queens, we want assurance that some other family is ten times as bad. In that toxic mix, we hold on to hard feelings.

When the bad feelings harden into stone, you have a grudge.

I used to hold grudges against various family members for what I considered to be their wrongs against me, forgetting that I had been as bad to them at times. I forget about all the shitty things I’ve done when I focus in on my problem with other people. A good grudge helps you forget the pain of your own failures. It’s an escape from personal responsibility.

Create enough of those stones and the weight becomes too much to carry. That’s where I’ve found myself in recent years. So I’ve set about throwing the stones away. The problem is that, sometimes, it feels so good to clutch ’em and throw ’em at others’ glass houses.

I once wrote about being a control freak. That condition is ideal for nurturing grudges. Whenever I tried but failed to control things, there was always someone to blame: Family members. Work colleagues. Whoever was close by. Whenever I tried to make sense of a friend’s or family member’s untimely death, I zeroed in on people I could blame.

But the buzz of a good grudge never lasts for long, and when it dissipates I feel like I’m in more pain than I was in before.

I’m no different than a lot of other people in this regard. But I look for a cure every day. I’m going to keep looking until I find it. When I do, I’ll share the cure with you.

Cartoon: Jury of 12 cats with a 'guilty' sign

Posted on

Which Is Worse? You Decide.

I woke up pissed at the world yesterday. Part of it is that people in my life are acting like idiots, and part of it is my realization that thinking this way makes me a Grade-A hypocrite.

Mood music:

[spotify:track:1GnCH2KszUkpUjXuDP2G3N]

I’m sick of all the ass-hat political posts friends and relatives are putting on Facebook lately. Rather than sticking with issues like our economic well-being and the best way to achieve national security, people are content to post a bunch of memes littered with half truths and outright lies. Democrats and Republicans are equally guilty.

But then I’ve been blogging a lot about how futile these elections have become and how the outcome will have absolutely zero impact on the things that really matter in our lives.

Which is worse? You decide.

I’m sick of people who go on Facebook and complain about everything. They hate their job. They hate their significant others or the lack thereof. They make cryptic statements so someone out there will bite, asking what’s wrong or telling you how fucking special you are.

But then I do something similar in this blog. I never complain about my job or make cryptic statements, but I sure do complain a lot. I’m doing it right now.

Which is worse? You decide.

I’m sick of people who tell you how you should behave, how often you should call your parents and how self-absorbed you are when they can’t get their own shit together.

But then I turn around and do the same things. And I just blog about it afterwards.

Which is worse? You decide.

When I lose patience with people, I can get pretty self-righteous. I take someone down a few pegs, even though I’d make the same stupid decisions and say the same stupid things.

I’ll admit it sometimes, and then go do the same stupid things all over again.

Which is worse? You decide.

Before long I’ll return to my sunnier disposition. But I wanted to take this moment of moodiness and use it as an opportunity to keep it real.

Cinderblock Balloon