miércoles, 19 de septiembre de 2012

Hackers and Runners

After a year of full time parenthood, i decided to start working out again. During my younger years I always played team games, and if you know my condition of Argentinian, you will easy deduce that the main sport was Soccer, of course.
I did other sport for short period of times, such as a little bit of Softball, Kendo, Tennis, etc. But of course, my new condition as a father restrict me in different ways: I need a sport that can be done at random times of the day (when my daughter sleeps), that requires basically no preparation (nap only last from 30 minutes to two hours) and that don't require combining with nine other people to play it (Syncing mature people agendas to play a sport is toughest than parenting).
As a consequence of all this requirements, i decided to just hit the gym. Since getting injured and holding a baby doesn't go well alone, I was very cautious and I decide to warm up each time on the treadmill. As time goes by, I slowly find out that I was getting more excited about the running than weightlifting.
Of course, the first reason that start pushing me more into running that weightlifting was the gym itself. It's a very small gym (but very close to my place), and in rush hour is full of people. Sometimes you have to wait to use a machine, and is quite annoying and broke one of the requirements.
The other reason was the people, (and your gym might not be like that), but i found myself surrounded by groups of obnoxious narcissist  behaving like adolescents and even im used it this kind of environment since I work in information security (same behavior, but people probably a little less healthy) the point of working out was to get away for stressful environment.

So i became a runner.

As I said before, it start only two years ago but now I can said that im semi-obsess about it. I try to go out for a run at least three times a week. If I can't find a proper time, i will wake up at insane time or do it extremely late and still enjoy it.
But it's was not until a couple of days ago when I was reading Murakami's "What I talk about when I talk about Running" when I realize Running was there all my life for me, I just never moved my feet together to make it happen.
Murakami on his books started making a comparison line between writing and running, and as  he was getting deep into the similarities I couldn't stop thinking on my career as a Researcher.
He said that the most important quality of a novelist (apart from the talent) it's focus: "the ability to concentrate all your limited talents on whatever's critical at the moment. Without that you can't accomplish anything of value, while, if you can focus effectively, you'll be able to compensate for an erratic talent or even a shortage of it".
After focus, he said that the next quality is endurance: "What’s needed for a writer of fiction—at least one who hopes to write a novel—is the energy to focus every day for half a year, or a year, two years. You can compare it to breathing. If concentration is the process of just holding your breath, endurance is the art of slowly, quietly breathing at the same time you’re storing air in your lungs."
Surprisingly, if you ever find a vulnerability and exploit it from zero on a complex system, you will find Murakami words very familiar.
Talent is really important, but after you go through the roller-coaster of uncertainty during months trying to exploit something that you never know if it will be exploitable you will find out that focusing on new ideas every days is an exhausting task.
I have known many people with talent and a great ability to focus on a problem, but as soon as the problem gets extended for more than two days, they started boycotting themselves.
And this is something you can acquire  and sharpen it with training, exactly the same as distance running. "You’ll naturally learn both concentration and endurance when you sit down every day at your desk and train yourself to focus on one point. This is a lot like the training of muscles I wrote of a moment ago. You have to continually transmit the object of your focus to your entire body, and make sure it thoroughly assimilates the information necessary for you to write every single day and concentrate on the work at hand."
People in general are quite competitive, and you can totally be like that in the infosec scene but when you sit down with a binary for eight hours straight there is no one else rather than you and the computer. This might sound obvious, but there are no opponents or enemy rather than your own ghost  and those will became stronger as time goes by.

Murakami, Haruki (2008-07-29). What I Talk About When I Talk About Running (Kindle Locations 832-834). Random House, Inc.. Kindle Edition.

sábado, 28 de abril de 2012

Three Reasons why you should listen to what Brett Moore has to said...

There are clearly too many conferences and as a result too many material too catch up. But the difficulties as you probably experience is not finding free time to read it, but rather filtering the insightful research among all the noise.
The best way of course is following recommendation from friends (exclude twitter from this equation, giving the tendency to RT information without reading it) or just read the presentation from "respected" researchers but this is a double edge sword, because presenters has the need to be on the media as part of their business model and so the quality usually decrease and at the same time you narrow down your chances to find some fresh material.

In any case, if there is a researcher that never disappoint is Brett Moore. This guy that came from the further island of New Zeland (country famous for adding fluor on water and as a result breeding  generations of rugby players, hackers and sheep lovers) is one of the big institutions of the antipodes.

There three things that you will always find on a Brett Moore presentation:

  • Brett has a technical standard, and no matter in which conference he is talking, he never lower the quality.
  • He is always as clear as water on his presentation, you will never see him hiding any technical detail. Every piece of the puzzle is always on his slides.
  • Everything he present is based on a real world challenge he had to face at some point. He didn't find a way to bypass SAFESEH because the protection was there, but rather because he had a bug and need to exploit it. This give him an advantage over most of the 90% of the material around, his stuff works. Researchers tend to fall into the Strawberry pudding rule, where requirements to implement their technique are so big that is almost impossible to do so, unless you do it in their own controlled environment. Brett always present a real scenario where the challenge pop up.

If i didn't convince you by now, try reading his new presentation for Syscan 2012 http://www.insomniasec.com/publications/Post%20Exploitation%20Process%20Continuation.pptx on post exploitation process continuation.

PS: Last advice on Mr. Moore, never try to outdrink him or piss him off when he is drunk. You have been warned.