To all my "OG" readers:

Let's take a step back in time to 1996.

I sit across from Rob T. Lee on the 609th Information Warfare Squadron operations floor. He's my crew commander; I'm his crew chief.

Lee knows I run "the Computer Virus Myths home page," which has grown so...
...popular that it's eating up all my free time. In December of that year the Ziff-Davis publishing empire will crown CVMhp "the world's #1 most useful website."

Trivia: Lee corrected a web page I wrote where I talked about Start Trek spaceship orbits!
Fact: Lee's career path toward AFOSI began when I formulated a plan to "lateral move" him off the ops floor. Trivia: I *almost* finagled DoD to attend the FOR508 class he authored with him on podium!

What I'm saying is, Lee & I have a career-long history:
In mid-1997 I went my way and Lee went his. One thing he knew for sure, though: I spent the next eight years as the world's reigning expert on cybersecurity FUD.

"CVMhp" re-branded as "Vmyths" in 2000. Then 9/11 consumed my time as a military reservist. Vmyths collapsed in 2005.
The Venn diagram for our career overlap has shrunk since 1997 but Lee hasn't forgotten me; nor I, him.

Today, @malwarejake" took the honor of dispelling FUD in an "urgent webcast" hosted by Lee. But if you wonder "why didn't Lee pick Rosenberger?," STOP!
Lee had NO reason whatsoever to think of me for any role in today's "urgent webcast." Ostensibly, I would've chided him if he wasted one brain cell on the idea.

That's "ostensibly."

If you're an "OG" reader of mine, you know I'm about to explain what I'm REALLY up to 😈
Know that @MalwareJake is right: the FUD is bad here.

Really bad.

As in "#Y2K virus panic attack" bad, with Wolf Blitzer reporting live on CNN about future cyber threats while bombs rain down on Ukraine.

We haven't seen FUD *this* prolific since the ancient days of Vmyths.
Lee is the Chief Curriculum Director at SANS -- a group my "OG" readers will recall I've chided over the years for its own occasional bouts with FUD.

When this war is over, SANS should consider a new course on how to distinguish cyber #fact from fiction:
Because if my "OG" readers know anything about cybersecurity, it's the #fact our industry loves to

exaggerate;

cite hysterical newspaper sources;

decline to cite authoritative sources;

ignore evidence or the lack thereof;

refuse to document events...
Right now Russia is at war exploiting an unprecedented array of #disinformation to promote its narrative.

I predict Russia's disinformation will go off the charts if/when U.S. Cyber Command takes a lead role. Putin could easily claim "10,000 dead" from American cyber attacks!
And how could any of us outside Russia know the true number of dead & wounded?

What if Putin *wants* us to twitch our itchy trigger finger in the cyber realm?

I predict Putin will fondle our cybersecurity #fetish in ways we won't like...
...and this is where I tell Rob Lee:

"Rob. It's me. Jake is right, but he's not the most experienced in the room re: FUD. I am. In the coming days we may find ourselves bombarded not so much by cyber 'attacks' but rather by #disinformation aimed at -- and passing through -- us."
"Rob, I've long predicted our industry's long history of FUD will come back to haunt us. If Putin starts using our #fetish against us in this all-too-real war ... that's when you need to call ME into an 'urgent webcast'."

See:
web.archive.org/web/2016032800…
@threadreaderapp unroll
You can read this thread as a single web page:
web.archive.org/web/2022022705…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with 🗣 Rob Rosenberger

🗣 Rob Rosenberger Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @vmyths

Feb 21
@taco_x86 @threadreaderapp Not yet.

Let me begin by recognizing that more than one person has yelled at me for RT'ing a debate re: cyber where I feel my followers should see both sides of the issue. Generally speaking: they don't want me to highlight our public conversation. I'm always like "WTFO?"
@taco_x86 "OG" readers like you know I view cyber from a similar perspective as #Doctrine_Man and #Mother_of_Tanks -- just two of many whom I've pissed off for QT'ing their tweets to reveal how insanely out-of-whack our industry's perception of #cyberwar really is.

Yet as a critic...
@taco_x86 ...I'm compelled to QT an abundant crop of tweets on crime & warfare to help us understand how cyber will fit into it.

I dare to ask philosophical questions, or to make what our industry would call a "valid" assumption, that makes no sense whatsoever to the person I'm QT'ing.
Read 6 tweets
Feb 21
@taco_x86 As a matter of fact I do! You're an "OG" CVMhp / Vmyths reader; you'll probably remember the column where I explained my Bacon Number to Roger Ebert is exactly 1:
@taco_x86 I continued conversing w/ Roger Ebert on CompuServe in the '80s & '90s. After his tirade re: "Highlander 2," I emailed him to explain how it broke the timeline for the sword Ramírez wielded. "Another reason to hate the movie," he replied! [paraphrased]
en.wikipedia.org/wiki/Highlande…
@taco_x86 The original "CVMhp" website followed a ... loose interpretation of what it means to be a critic.

Things changed in 1999 when Denise's career took her to Iowa. "As a consolation, why don't you take CVMhp to a new level? Make it profitable."

As if I needed a consolation prize 😃
Read 10 tweets
Feb 21
It won't surprise me if Inglis an "OG" Vmyths reader. Consider this sentence:

"Cyber-professionals and policymakers are too often motivated more by a fear of risk than by an aspiration to realize cyberspace’s full potential..."
He goes on to say 💯 "A durable [cybersecurity] solution must involve moving away from the tendency to charge isolated individuals, small businesses, and local governments with shouldering absurd levels of risk..."
(I say "he" but it's actually @ncdinglis & @HarryKrejsa)

We talk a lot about China & Russia as adversaries -- but I challenge anyone to find any occurrence where *this* observation came from the tongue or quill of any high-placed U.S. gov't official:
Read 7 tweets
Jan 27
@thegrugq Your video promotes two #UrbanLegends at the 18:09 mark. I'll begin with the latter: that Ukrainian artillerymen are KIA over an infected phone app.

@CrowdStrike created this #myth in a hysterical report they were compelled to "update" in March 2017:
crowdstrike.com/blog/danger-cl…
@thegrugq @CrowdStrike Ukraine's ministry of defense refuted CrowdStrike's "deadly" claims. An alleged source claims CrowdStrike made errors.

Regardless how plausible you think it is, there exists NO evidence of soldiers dying over the use of malware-laden phone apps.
voanews.com/a/crowdstrike-…
@thegrugq @CrowdStrike You've fallen for one of many #UrbanLegends where no evidence exists.

Now comes the hard part.

Will you face up to getting duped?

Or will you rationalize it, perhaps by saying it will convince soldiers not to use potentially malware-laden phone apps on the battlefield?
Read 18 tweets
Jan 26
This paragraph implies the global cybersecurity community sometimes *fails* to galvanize the IT community to stamp out a vuln that can kill hospital patients in an operating room.

But there IS a precedent. I will don the oldest hat in cybersecurity #criticism to reveal it...
#thegrugq, who has 121K followers including the CISA Director herself, posted a video on "cyber warfare" the other day confirming cybersecurity's failure to save hospital patients' lives. Cyber MURDERS occur because IT & gov't don't yet care to stop it:
#thegrugq was forced in his video to shrug off the murderous "cases of people at hospitals who have died due to cyber incidents," recognizing that "there's not really a response that can be made to it." He went on to say "until it's a huge big deal, it's sort of ignored."
Read 4 tweets
Jan 25
Do you believe @thegrugq's claim that "there have been cases of people at hospitals who have died due to cyber incidents and it hasn't been publicized & pushed because there's not really a response that can be made to it... Until it's a huge big deal, it's sort of ignored"?
Do you believe @thegrugq's claim that a "targeting app ... used by Ukrainian artillery crews ... [contained] malware [that] was specifically sending the GPS location of those phones ... to the Russian military ... [leading to] people being killed because they were using an app"?
In your personal opinion, which government has secretly covered up the MOST patient deaths due to hospital #ransomware attacks as detailed by @thegrugq in his recent "cyber war" video?
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(