Hello my fellow cyberscouts, I have plenty of news to share with you and I need your help today!
Warning: there are some words in this email, but I promise it's a VERY short one. Strings are everywhere my dude/dudette.
- I am changing domains soon, going back to an oldie of mine: quasarops.com. So if you receive the next Tales of a Cyberscout newsletter from quasarops.com, rest assured that it is none other than your humble servant here doing it with full intention.
- Why do I write? As Henrik Karlsson would put it, writing for me is a very long and complex search query to find fascinating people and create new connections that didn't exist before. That's what this is about.
- On the above, I suck at promoting my research and selling myself out there, I don't follow SEO best guidelines, I don't "post" regularly, I don't do Instagram, Tik-Tok, etc. If I don't have something meaningful to say, why say anything at all? Above all, I value my time for deep connection with the people that give meaning to my life. My writing is a way to share meaning with you on the other side.
- Do you want to write with me in the Tales of a Cyberscout? Get in touch! I get bored of just reading my own words. We need a multiplicity of voices to increase discoverability of great ideas.
A lovely couple of weeks?
It's been around two weeks since a curious PostgreSQL developer from Microsoft saved OpenSSH around the planet from being backdoored by APT-level malware. Thousands of incident responders are probably thanking him.
How on earth were we saved from this one? You need to thank two things: curiosity and antifragile systems. We tend to underestimate the value of curiosity, and we tend to overestimate the value of calculative rationality with predictable risk management results. What happens when you cannot reliably mitigate social engineering threats? You cannot tell C-Suite execs out there to "embrace randomness". Well, what do you think you are doing when you talk about "unknown unknowns"? You cannot systematize, formalize, and program randomness. By its own definition an "unknown unknown" is something you absolutely without a shadow of a doubt cannot predict and risk manage. Perhaps we need to revisit this commonplace vocabulary we use to describe things in the cyber world. I've written about this extensively in the past.
There remains a thread that leads to an interesting pattern though: to fight back in our current perilous times is to remain deeply curious about the transient states of the world, just like Andreas was, doing benchmarking work and getting curious about the slightly higher-than-normal CPU usage of sshd
. Yeah, that is it guys.
I have words a plenty to share about the XZ Utils backdoor but there are some more pressing matters. This email is to let you know that I haven't forgotten about you on the other side of this envelope for thoughts mounted on top of an SMTP protocol bike.
Next week I plan to release the first part of the Research concepts of R1D3 framework, something I've briefly mentioned in my last long post.
Until then, stay tuned and have a great week!