Last Thursday I thought I was dying.
Not a joke. Not an exaggeration. As in “approaching room temperature”.
I was just outside D.C. having breakfast with Mike before going to teach the CCSK instructors class. In the middle of a sentence I felt… something. Starting from my chest I felt a rush to my head. An incredibly intense feeling on the edge of losing consciousness. Literally out of nowhere, while sitting. I paused, told Mike I felt dizzy, and then the second wave hit. I said, “I think I’m going down”, told him to call 9-1-1, and had what we in the medical profession call “a feeling of impending doom”.
I thought I was having either an AMI (acute myocardial infarction (heart attack), not the cloud thing) or a stroke. I’ve been through a lot over the years and nothing, nothing, has ever hit me like that.
The next thoughts in my head were what I know my last thoughts on this planet will be. I never want to experience them again.
Seconds after this hit I checked my pulse, since that feeling was like what many patients with an uncontrolled, rapid heart rate described. But mine was only up slightly. It tapered off enough that I didn’t think I was going to crash right then and there. Fortunately Mike is a bit… inexperienced… and instead of calling 9-1-1 with his cell phone he got up to tell the restaurant. I stopped him, it relented more, and I asked if there was a hospital close (Mike lived in that area for 15 years). There was one down the road and he took me there.
(Never do that. Call the ambulance – we medical folks are freaking idiots.)
I spent the next 29 hours in the hospital being tested and monitored. Other than a slightly elevated heart rate, everything was normal. CT scan of the head, EKG, blood work to rule out a pulmonary embolus (common traveling thing), echocardiogram, chest x-ray, and more.
I ate what I was told was a grilled cheese sandwich. Assuming that was true, I’m certain it was microwaved and the toast marks airbrushed.
Once they knew I wasn’t going to die they let me loose and I flew home (a day late).
I won’t lie – I was pretty shaken up. Worse than when I fell 30 feet rock climbing and punctured my lung. Worse than skiing through avalanche terrain, or the time my doctor called to ask “are you close to the hospital” after a wicked infection. Especially with my rescue and extreme sports background I’ve been in a lot of life-risking situations, but I never before thought “this is it”.
Tuesday I went to the doctor, and after a detailed history and reviewing the reports she thinks it was an esophageal spasm. The nerves in your thorax aren’t always very discriminating. They are like old Ethernet cables prone to interference and cross talk. A spasm in the wrong spot will trigger something that is essentially indistinguishable from a heart attack (to your brain). I’ve been having some reflux lately from all the road food, so it makes sense.
There are more tests on the way, but it seems you all are stuck with me for much, much longer. All that testing was like the best physical ever, and I’m in killer good shape. but I am going to chill a bit for the next few weeks, which was in the works anyway.
False positives suck. Now I know why you all hate IDS.
Update: I was talking with our pediatrician and he went through the same thing once. He asked “can I ask you a personal question?” “Sure” I replied. “So what was running through your head when it happened?” I said, “I can’t believe I won’t be there for my girls”. “Oh good” he went, “I’ve never talked to anyone else who went through it, but I was trying to figure out if I had enough life insurance for my family”.
And a coworker of my wife’s mentioned she had the same thing, and called her kids to say goodbye. To be honest, now I don’t feel so bad.
On to the Summary:
Webcasts, Podcasts, Outside Writing, and Conferences
- Adrian quoted on dangers to law enforcement from recent hack. My Spanish is good, no?
- Adrian’s DR article on Fraud Detection and DAM.
- Rich, Zach, and Martin on the Network Security Podcast.
Favorite Securosis Posts
- Adrian Lane: Cloud Security Q&A from the Field.
- Mike Rothman: Spotting That DAM(n) Fake. Grumpy Adrian is a wonder to behold. And he is definitely grumpy in this post.
- David Mortman: Spotting That DAM(n) Fake.
- Rich: Beware Anti-Malware Snake Oil
Other Securosis Posts
- Security Management 2.0: Revisiting Requirements.
- Fact-based Network Security: Outcomes and Operational Data.
- Incite 8/24/2011: Living Binary.
- Security Management 2.0: Platform Evolution.
Favorite Outside Posts
- Adrian Lane: Visa Kills PCI Assessments and Wants Your Processor to Support EMV. This is the carrot I mentioned, which Visa is offering to encourage adoption. As Branden points out, most merchants take more than Visa, but I expect MC to follow suit.
- Mike Rothman: National Archives Secret Question Fail. H/T to the guys at 37Signals for pointing out this security FAIL.
- David Mortman: Soft switching might not scale, but we need it.
- Rich: Wim Remes petitioning to get on the ISC2 ballot. Although I burned someone’s certificate on stage at DefCon, the organization could do some good if they changed direction. (No, I don’t have a CISSP… as a DefCon goon I’m not sure how to answer that whole “Do you associate with hackers?” question.)
Research Reports and Presentations
- Tokenization vs. Encryption: Options for Compliance.
- Security Benchmarking: Going Beyond Metrics.
- Understanding and Selecting a File Activity Monitoring Solution.
- Database Activity Monitoring: Software vs. Appliance.
- React Faster and Better: New Approaches for Advanced Incident Response.
- Measuring and Optimizing Database Security Operations (DBQuant).
- Network Security in the Age of Any Computing.
- The Securosis 2010 Data Security Survey.
Top News and Posts
- Chinese Military Unwittingly Demonstrates Hacking US.
- Microsoft updates SDL security tools.
- Feds and Amazon Web Services.
- HBGary: Attack by Anonymous helped our business.
- When hackers become The Man.
- JailbreakMe’s Comex goes to work for Apple.
Blog Comment of the Week
Nice piece! I recently wrote a column identifying 4 lessons to learn from recent high profile attacks. You touch on two: the first is “FUD serves no one” – and it resonates well with your snake oil warning. The second you mention is “if I have an incremental $10, I’m spending it on monitoring and incident response technologies”. I agree with where you want to spend your budget, but I think there’s a better place to spend it. Spend it on talent. I’m not certain we need more monitoring and IR technologies as much as we need (numerically) more skilled security staff. We simply have too many understaffed operational networks. Our adversaries aren’t outperforming our elites so much as they are finding ample mismatches among the huge number of nets run by not so elites. If you’re interested in the column it’s at http://www.enterpriseefficiency.com/author.asp?section_id=1207&doc_id=232444&