Rich here.
When I hurt my knee running right before Thanksgiving everyone glanced at my brace and felt absolutely compelled to tell me how much “getting old sucks”. Hell, even my doctor commiserated as he discussed his recent soccer injury.
The only problem is I first hurt me knee around junior high, and in many way’s it’s been better since I hit my 40’s than any other time I can remember.
As a kid my mom didn’t want me playing football because of my knees (I tried soccer for a year in 10th grade, hurt it worse, then swapped to football to finish up high school). I wore a soft brace for most of my martial arts career. I’ve been in physical therapy so many times over the past three decades that I could write a book on the changing treatment modalities of chondromalacia patellae. I had surgery once, but it didn’t help.
As a lifetime competitive athlete, running has always been part of my training, but distance running was always a problem. For a long time I thought a 10K race was my physical limit. Training for more than that really stressed the knee. Then I swapped triathlon for martial arts, and realized the knee did much better when it wasn’t smashing into things nearly every day.
Around that time my girlfriend (now wife) signed us up for a half-marathon (13.1 miles). I nearly died, but I made it. Over the subsequent decade I’ve run more of them and shaved 45 minutes off my PR. The older I get, the better my times for anything over a couple miles, and the longer distances I can run. But there’s one goal that seemed impossible – the full marathon. 26.2 miles of knee pounding awesomesauce. Twice as far as the longest race I ever ran.
My first attempt, last year, didn’t go so well. Deep into my training program I developed plantar fasciitis, which is a fancy way of saying “my foot was f-ed up”. So I pushed my plans back to a later race, rehabilitated my foot… and got stomach flu the week before the last race of the year before Phoenix weather went “face of the sun” hot. A seriously disheartening setback after 6 months training. I made up for it with beer. Easier on the foot.
A few months later an email popped up in my inbox letting me know registration for the Walt Disney World Marathon opened the next day. My wife and I looked at it, looked at each other, and signed up before the realistic parts of our brains could stop us. Besides, the race was only a month after we would be there with the kids, so we felt justified leaving them at home for the long weekend.
I built up a better base and then started a 15-week custom program. Halfway through, on a relatively modest 8-mile run in new shoes, I injured my achilles tendon and had to swap to the bike for a couple weeks. Near the peak of my program, on a short 2-mile run and stretch day, I angled my knee just the wrong way, and proceeded to enjoy the pleasure of reliving my childhood pain.
Three weeks later the knee wasn’t better, but I could at least run again. But now I was training in full-on panic mode, trying to make up for missing some of the most important weeks of my program. My goal time went out the window, and I geared down into a survival mindset. Yes, by the time I lined up at the race start I had missed 5 of 15 weeks of my training program. Even my wife missed a few weeks thanks to strep throat (which I also caught). To add insult to injury, it was nearly 70F with 100% humidity. In December. At 5:35am.
You know what happened next? We ran a friggin’ marathon. Yes, at times things hurt. I got one nasty blister I patched up at an aid station. My headphones crapped out. I stopped at every single water station thanks to the humidity, and probably should have worn a bathing suit instead of running shorts. But overall it wasn’t bad. Heck, I enjoyed most of the race. I didn’t really start hurting until mile 17, and my pace didn’t fully crack until mile 22. Disney puts on a hell of a race, with distracting entertainment along the entire course.
Thanks to the humidity it was the slowest Disney marathon in the 23-year history of the event. Even then, my time wasn’t embarrassing, and I finished in the top 20% or so (at a time that isn’t even close to getting into Boston or New York). I didn’t feel terrible. My wife also finished up in the front third of the pack, and we spent the afternoon walking around Disney World (slowly). We felt really good the next day, other than my darn knee. The one that held up for all 26.2 miles. The one that will be better in a week or two.
I checked off a bucket list item and completed something I thought was impossible. Something I told myself my entire life I couldn’t do.
There is nothing more satisfying than proving yourself wrong. Except, perhaps, doing it again.
On to the Summary:
Webcasts, Podcasts, Outside Writing, and Conferences
- It isn’t security related, but Rich participated in Apple in 2015: The Six Colors report card.
Securosis Posts
- Incite 1/13/2016: Permitted.
- SIEM Kung Fu: Fundamentals [New Series].
- Incite 1/6/2016 – Recharging.
- Incite 12/15/2015: Looking Forward.
- Building a TI Program: Success and Sharing.
- Threat Detection Evolution [New Paper].
- Building Security Into DevOps [New Paper].
Favorite Outside Posts
- Rich: How Hackers Took Down a Power Grid. A well-balanced article that points to the Ukraine as another canary in a coal mine.
- Mike: Dave Barry’s 2015 Year in Review: Dave Barry has a pretty good gig. Write one column a year, and it better be funny. Good thing it always is, and the 2015 edition does not disappoint.
- Adrian: Microsoft Azure Active Directory (Azure AD) is arguably the heart of Microsoft’s cloud platform. Most firms, when moving to cloud, look anxiously for the cornerstone elements of on-premise IT – such as directory services – to help de-mystify use of ‘The Cloud’. Azure AD does just that, greasing the skids for cloud adoption.
Research Reports and Presentations
- Threat Detection Evolution.
- Pragmatic Security for Cloud and Hybrid Networks.
- EMV Migration and the Changing Payments Landscape.
- Network-based Threat Detection.
- Applied Threat Intelligence.
- Endpoint Defense: Essential Practices.
- Cracking the Confusion: Encryption and Tokenization for Data Centers, Servers, and Applications.
- Security and Privacy on the Encrypted Network.
- Monitoring the Hybrid Cloud: Evolving to the CloudSOC.
- Security Best Practices for Amazon Web Services.
Top News and Posts
- Juniper Backdoor Picture Getting Clearer
- Gatekeeper flaw remains exploitable four months after its discovery
- Hacking Team’s Leak Helped Researchers Hunt Down a Zero-Day. Interesting story.
- Trend totally exposed all their AV customers to attack. AV. Sigh.
- Forbes forces readers to turn off ad blockers, promptly serves malware. So there you go.
- 2016 Reality: Lazy Authentication Still the Norm
- When back doors backfire
Comments