Share this page!

🗣 Rob Rosenberger Profile picture
Twitter logo
Jun 20 19 tweets 5 min read
1/17
Many of us have a #cybersecurity horror story about "an employee who got fired as a precaution, only later for the firm to realize their mistake, but HR just wished them thoughts & prayers because they couldn't bear to face up to their hasty firing assumptions."
2/17
We in cybersecurity insist we operate on data, facts, and logic.

But the truth is we love a good #ConspiracyTheory, and right now it's all about BSides Cleveland.

You'll find any number of people, e.g. @MalwareTechBlog, who believe whats-his-name had inside help.
3/17
Hutchins is invested in his theory and has put his money where his mouth is. Me, I'm risking $500 just to prove a point I made in the mid-1980s:

"That we never should have kicked Airman Snuffy out of the Air Force 'as a precaution'!"

I want @robtlee and @RobertMLee to...
4/17
...follow me on this because cybersecurity must NEVER be guided by a mob mentality. Both of these men in their own separate ways will guide the future of our industry.

So let's talk about Airman Snuffy in a scenario created for Professional Military Education in...
5/17
...the mid-1980s. I and my former supervisor, TSgt Merle Corcoran, were getting the equivalent of CEPs.

Airman Snuffy is a top competitor in his field and the wing commander himself is counting on this kid to bring home a prized trophy. In this scenario, we're all...
6/17
...Airman Snuffy's supervisor.

Just as he's getting ready to head off to the big competition, Airman Snuffy comes into our office with a worried look on his face. He tells us he's afraid he'll be disqualified from the competition when he takes a pre-game drug test. 😳
7/17
"What should we do?"

Back in the mid-1980s the Air Force had a convenient way to kick out any first-term airman they thought was doing drugs: they just tossed him on the street w/ a "general discharge code ##." If we can get the wing commander behind us, this kid is GONE.
8/17
We break up into teams of 5 to discuss the matter. Each group will decide what to do next by a simple majority vote.

Merle & I are on the same team. I'm the only E-4; the others are E-5 and E-6.

The four make a hasty decision: "kick the kid out."

And I utterly lose it.
9/17
"For all we know, he ate two poppy seed bagels this morning by accident! Airman Snuffy came to us with a vague fear and you want to throw him out for it!"

They were adamant. "Better safe than sorry."

Our discussion leader leans in as I defend our imaginary troop...
10/17
"Listen to me," I told them. "If you're right, you're ALL going to turn to me and say 'see, we were right!' But you'll be right for absolutely NO reason."

I added "and if you're wrong, I'm going to SHAME you all in front of the wing commander for burning his...
11/17
"...best airman and losing our chance to bring home an important trophy, all because you were hell-bent on throwing out your best troop as a precaution."

"We as supervisors put valuable time & money into all our people, but you'll discharge them on your own assumption!"
12/17
Our discussion leader took no side. This was our group's decision.

4 to 1.

In this scenario, our team started paperwork to kick the kid out of the Air Force, all because he told us that he might not pass a drug test.

The other teams did likewise. Snuffy was OUT.
13/17
Our discussion leader said "Airman Snuffy later admitted to using marijuana. He didn't compete and he was administratively discharged."

I was devastated. Merle & the others relaxed.

Then our discussion leader said "only SrA Rosenberger recognized in this scenario..."
14/17
"...that you had no details other than Airman Snuffy's trepidation over an upcoming drug test. You convicted him before you knew the facts. You all reacted pretty much as everyone else does who goes through this scenario."

During a break I approached...
15/17
...our discussion leader to ask why the scenario didn't put Airman Snuffy at a rock concert the night before where he couldn't get away from secondhand smoke.

He explained how scenarios increase in complication as we progress through Professional Military Education.
16/17
This is EXACTLY the problem I face right now over BSides Cleveland.

Ya'll know one thing, and one thing only:

That whats-his-name weaseled his way on stage.

You don't know who else is involved, if anyone ... but God DAMN y'all got some wild-ass conspiracy theories!
17/17
I'll end with this:

In the original "CSI" show, an innocent man is murdered because Warrick Brown told his assumptions to someone who desperately needed to mete out justice.

Warrick Brown: "I blew it."

Gil Grissom: "Yeah. But you're not the one who's paying for it."
18/17
@threadreaderapp please unroll
19/17
The unroll for this thread has been archived at web.archive.org/web/2022062004…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with 🗣 Rob Rosenberger

🗣 Rob Rosenberger Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @vmyths

🗣 Rob Rosenberger Profile picture
Jun 20
Exactly, sir!

Let's talk a "Cybersecurity No Fly List."

Ostensibly, I placed a $500 bet with Marcus Hutchins at 2:1 w/ the payout going to charity because I'm half-confident many of you jumped to the wrong conclusion about BSides Cleveland.

Realistically, though...
...I placed the bet because I worry our industry will create a "Cybersecurity No Fly List" (CNFL).

We'll do it hastily. We won't think it out properly.

And then we'll have the equivalent of a U.S. "No Fly" list.

Our very own #doxx list for cybersecurity can...
...easily expand from a simple .xls of organizers / venues / speakers / attendees who ooze toxicity.

One day you look down and the CNFL says "ban anyone from Russia. Reason: CISA ThreatKB 202209110842 marked LEO-sensitive. Until: further notice."

The next day you...
Read 14 tweets
🗣 Rob Rosenberger Profile picture
Feb 27
To all my "OG" readers:

Let's take a step back in time to 1996.

I sit across from Rob T. Lee on the 609th Information Warfare Squadron operations floor. He's my crew commander; I'm his crew chief.

Lee knows I run "the Computer Virus Myths home page," which has grown so...
...popular that it's eating up all my free time. In December of that year the Ziff-Davis publishing empire will crown CVMhp "the world's #1 most useful website."

Trivia: Lee corrected a web page I wrote where I talked about Start Trek spaceship orbits!
Fact: Lee's career path toward AFOSI began when I formulated a plan to "lateral move" him off the ops floor. Trivia: I *almost* finagled DoD to attend the FOR508 class he authored with him on podium!

What I'm saying is, Lee & I have a career-long history:
Read 14 tweets
🗣 Rob Rosenberger Profile picture
Feb 21
@taco_x86 @threadreaderapp Not yet.

Let me begin by recognizing that more than one person has yelled at me for RT'ing a debate re: cyber where I feel my followers should see both sides of the issue. Generally speaking: they don't want me to highlight our public conversation. I'm always like "WTFO?"
@taco_x86 "OG" readers like you know I view cyber from a similar perspective as #Doctrine_Man and #Mother_of_Tanks -- just two of many whom I've pissed off for QT'ing their tweets to reveal how insanely out-of-whack our industry's perception of #cyberwar really is.

Yet as a critic...
@taco_x86 ...I'm compelled to QT an abundant crop of tweets on crime & warfare to help us understand how cyber will fit into it.

I dare to ask philosophical questions, or to make what our industry would call a "valid" assumption, that makes no sense whatsoever to the person I'm QT'ing.
Read 6 tweets
🗣 Rob Rosenberger Profile picture
Feb 21
@taco_x86 As a matter of fact I do! You're an "OG" CVMhp / Vmyths reader; you'll probably remember the column where I explained my Bacon Number to Roger Ebert is exactly 1:
@taco_x86 I continued conversing w/ Roger Ebert on CompuServe in the '80s & '90s. After his tirade re: "Highlander 2," I emailed him to explain how it broke the timeline for the sword Ramírez wielded. "Another reason to hate the movie," he replied! [paraphrased]
en.wikipedia.org/wiki/Highlande…
@taco_x86 The original "CVMhp" website followed a ... loose interpretation of what it means to be a critic.

Things changed in 1999 when Denise's career took her to Iowa. "As a consolation, why don't you take CVMhp to a new level? Make it profitable."

As if I needed a consolation prize 😃
Read 10 tweets
🗣 Rob Rosenberger Profile picture
Feb 21
It won't surprise me if Inglis an "OG" Vmyths reader. Consider this sentence:

"Cyber-professionals and policymakers are too often motivated more by a fear of risk than by an aspiration to realize cyberspace’s full potential..."
He goes on to say 💯 "A durable [cybersecurity] solution must involve moving away from the tendency to charge isolated individuals, small businesses, and local governments with shouldering absurd levels of risk..."
(I say "he" but it's actually @ncdinglis & @HarryKrejsa)

We talk a lot about China & Russia as adversaries -- but I challenge anyone to find any occurrence where *this* observation came from the tongue or quill of any high-placed U.S. gov't official:
Read 7 tweets
🗣 Rob Rosenberger Profile picture
Jan 27
@thegrugq Your video promotes two #UrbanLegends at the 18:09 mark. I'll begin with the latter: that Ukrainian artillerymen are KIA over an infected phone app.

@CrowdStrike created this #myth in a hysterical report they were compelled to "update" in March 2017:
crowdstrike.com/blog/danger-cl…
@thegrugq @CrowdStrike Ukraine's ministry of defense refuted CrowdStrike's "deadly" claims. An alleged source claims CrowdStrike made errors.

Regardless how plausible you think it is, there exists NO evidence of soldiers dying over the use of malware-laden phone apps.
voanews.com/a/crowdstrike-…
@thegrugq @CrowdStrike You've fallen for one of many #UrbanLegends where no evidence exists.

Now comes the hard part.

Will you face up to getting duped?

Or will you rationalize it, perhaps by saying it will convince soldiers not to use potentially malware-laden phone apps on the battlefield?
Read 18 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(