🗣 Rob Rosenberger Profile picture
Mar 3 10 tweets 6 min read
🧵
"#Antivirus software is a future Trojan horse."

There. I said it.

"But Rob! You were defending Kaspersky just a few days ago!"

NO.

I've fought a crude #UrbanLegend in our industry that's simmered since the FBI threw a shit-fit over something they've never proven.
Worse, our own global community has never proved it -- and we've got every good reason to prove it if true.

But hey, our industry turned the tables on Kaspersky the day his dictator launched a genocide campaign.

Because we're just like that. We've always been like that.
That's why our industry's #ThoughtLeaders can dance on a pinhead: because IT'S EASY!

The logic in the back of their minds is simple: "Kaspersky is a Russian billionaire who craves genocide in Ukraine and does anything Putin asks. I must destroy Kaspersky with all my willpower."
But there's a catch:

Collectively, our industry has a #fetish for military cosplay. We brag from one side of our mouth and scream in terror from the other side at just how easily we can snuff the lives of thousands, even millions of humans with nary the press of an ENTER key.
When the time actually comes where the global #cybersecurity community can kill someone they don't know with the push of a button…

…a terrifying number of us will DO it. Because we've fantasized about it for far, far too long. But at what cost to us?
Honestly, the cost to us is stated simply:

1️⃣ You push a button

2️⃣ People you don't know, die

3️⃣ You scour the news for stories & videos of the tragedy

4️⃣ You #incredulously ask yourself "wow, did I honestly kill all those men, women, and children?"

Okay, and … then what?
This is where logic will deviate from psychology.

Logic tells us the killers will brag from one side of their mouth and scream in terror from the other side at just how easily they snuffed the lives of thousands, even millions of humans with nary the press of an ENTER key…
…but psychology tells us the newfound killers in our industry will regret murdering newborns. And kids. And off-duty first responders. Annnnnd pretty much everyone else they killed.

And so the newfound killers in our industry will do what a lot of…
…killers in the military go through when they see the carnage they wrought:

They'll *change*. Because of course they will.

As for me? I'm just waiting for the day #antivirus software turns into a Trojan horse. That's when our #fetish will lead us to the coming reality. ImageImageImage
Nobody has proven anything against Kaspersky. I'll defend Eugene and Costin and all the rest for this reason alone.

But I also know the future.

Some day, McAfee or WithSecure or Kaspersky or whoever WILL decide it's in their corporate best interests…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with 🗣 Rob Rosenberger

🗣 Rob Rosenberger Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @vmyths

Mar 3
I agree 💯 with @mikko here.

BUT--

--he might be missing the Pentagon's perspective. So, let me fill y'all in.

Tanks, missiles, etc. are #classic: they deploy everywhere to strike anything. Need to put a hole in something? Tank. Obliterate? Missile. Crater? Bomb…
…but a cyber weapon is #unique as @mikko said. It deploys against a particular version(s) of Windows, or Linux, or even #antivirus software.

At this point you'd be totally correct to say "Rob, you can't drop a 30lb incendiary bomb to take out an underground bunker!" But the… Image
…issue here is "classic."

In WWII, we dropped 30lb incendiary bombs across Germany to demoralize and kill their civilian populations.

Now, in #cyber, you can issue an update, change a setting, even retreat from the Internet. In the real world, though…
ImageImage
Read 5 tweets
Feb 28
🧵
Steve Morgan continues his unashamed touting of absurd guesstimates (see below).

So, let's chart his multi-trillion annual "global cost of cybercrime" as the individual cost to every man, woman, and child on Earth:

cc: @sawaba @KimZetter @shanvav @JMBooyah @nicoleperlroth Image
Steve Morgan's guesstimates stretch from 2015 to the end of 2025. This chart shows how, in less than two years, everyone on Earth will be on the hook for $8,441 of his "global cost of cybercrime."

And that's just by 2025! It gets WAY worse as you project a few years forward... Image
"$10.5 trillion" exceeds $1,000 annually for only 8+ billion people on Earth. It's simple math.

When we project the 20th year of Steve Morgan's absurd guesstimates, we see the "global cost of cybercrime" per capita in 2034 will reach $19,507 for every man, woman, and child: Image
Read 11 tweets
Feb 24
🧵
Today marks the first anniversary of the Russia-Ukraine #cyberwar that killed <checks Microsoft's & Mandiant's reports> no one.

Let's go over last year's mass cyberwar #panic. We'll begin with one of the earliest calls to #boycott @Kaspersky:
There was an immediate feeling that everyone must cancel all Kaspersky subscriptions, as if customers -- especially corporate clients -- had a competitor's product waiting in the wings to replace it in some trivial fashion:
Likewise, there was an immediate plea to [translated] "remove Kaspersky from your PC. Now. Immediately." Again, as if customers -- especially corporate clients -- could do it trivially and without serious consequences:
Read 36 tweets
Jan 5
"in which I address some criticisms (some fair, others not)" ⤵️🤨

Let's talk cybersecurity.

Historically, those who were critiqued felt victimized. These victims often lumped non-critique #heckling with legit #criticism to shield their egos.

The use of #comedy tools in…
…legitimate criticism led many (perhaps most) victims in #cybersecurity to cry out that humor negates legitimacy: "the stakes are too high for <THIS|ME>to be taken so lightly!"

Yet these same victims adore e.g. Jon Oliver for his brutal use of #comedy in legitimate criticism.
And here we arrive at the crux of the matter:

The victims, not the #elements of legitimate #criticism, decide what is "fair" in cybersecurity.

This way, anything that is not ✌️criticism✌️ may be labeled as such so victims can associate legit critics to their SCUM counterparts.
Read 10 tweets
Dec 19, 2022
553 days ago, Steve Morgan's astronomically large yet unexplained #guesstimate for "the cost of cybercrime" exceeded the entire U.S. national debt.

Morgan has bragged that his wild-ass guess is already larger "than the global drug trade":
1/🧵
"Staggering" is ✌️right✌️ — it amazes me how often Steve Morgan's absurdities #dupe cyber experts like @dralissajay, @WaleMicaiah, @lhmphaphuli, @KenBeattyJr, @eSentire, @LilyLopate, etc.

So, let's chart him against the GLOBAL GROSS DOMESTIC PRODUCT
2/🧵
This chart plots Steve Morgan's asinine #guesstimates against WorldBank.org's figures for the 2015-2021 Global Gross Domestic Product with projections up to 2024. For 2025 onward, these charts show a 2.5% increase from an acceptable 2-3% for a healthy global GDP.
Read 10 tweets
Dec 16, 2022
Yes: John McAfee.

What we call "the cybersecurity industry" [d]evolved from the #antivirus industry that formed in 1988 when John proposed "NCSA" as a media con game. It later split in two (think "Good/Evil Kirk"), and the good stuff became what we know today as ICSA Labs.
John's antics appealed to reporters infatuated with the newfangled idea of a computer virus. Some vendors (e.g. Solomon's) shunned it but others (e.g. Panda) couldn't help but play along.

Still, the allure of media exposure tainted nearly everything it touched. There was no…
…ethical foundation in these early days. SANS formed to fill this hole but it struggled at first to make inroads. The late @howardas formed an ethics team inside the White House that ultimately vetted SANS, and he pushed it with every fiber of his being.
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(