I spend a lot of time in public places. I basically work in coffee shops and spend more than my fair share of time in airports and restaurants. There is nothing worse than being in the groove, banging out a blog post, and then catching a whiff of someone – before I can see them. I start to wonder if the toilet backed up or something died in the wall.

Then I look around the coffee shop and notice the only open table is next to you. no. No. NO. Yes, the sticky dude sits right next to you. Now I’m out of my productivity zone and worried about whether the insides of your nostrils are totally burned out. Sometimes I’m tempted to carry some Tiger Balm with me, just to put under my nose when in distress. Yes it would burn like hell, but that’s better than smelling body odor (BO) for the next couple of hours.

It’s not just BO. How about those folks that bathe in stinky perfume? Come on Man! The Boy had a tutor once that just dumped old lady perfume on. I wonder if she thought we were strange because we had all the windows in the house open in the middle of winter. Finally the Boss had to tell her the perfume was causing an allergic reaction. Seems we’re all allergic to terrible perfume.

I just don’t get it. Do these folks not take a minute to smell their shirt before they emerge from the house? Do they think the smell of some perfumes (like the scent that smells like blood, sweat and spit) is attractive or something? Do they have weak olfactory senses? Do they just not care? I know some cultures embrace natural human smells. But not the culture of Mike. If you stink, you should bathe and wear clean clothes. If you leave a trail of scent for two hours after you leave, you may be wearing too much perfume. There’s got to be a Jeff Foxworthy joke in there somewhere.

What should I do? There are no other tables available in the coffee shop. I could throw in the towel and move to a different location. I could suggest to the person they are hygienically challenged and ask them to beat it. I could go all passive aggressive and tattle to the barristas, and ask them to deal with it. Maybe I’ll get one of those nose clips the kids wear when swimming to keep my nostrils closed. But I’ll do none of the above.

What I’ll do is sit there. I won’t be chased away by some smelly dude. I mean, I paid my $2.50 to sit here as long as I want. So I pull the cover off my coffee and take a big whiff of java every 10 seconds or so to chase away the stench. By the way, it’s hard to type when you are inhaling coffee fumes. It’s unlikely I’ll get a lot done, but I have no where else to be, I can just wait it out.

Which is stupid. My ridiculous ego won’t accept that body odor is likely covered under the 1st Amendment, so I couldn’t make the guy leave even if I wanted to. I’ll suffer the productivity loss to prove nothing to no one, instead of hitting another of the 10 coffee shops within a 5 mile radius of wherever I am. Thankfully I have legs that work and a car that drives. I can just go somewhere else, and I should.

Now when the stinky dude occupies the seat next to you on a 7 hour flight, that’s a different story. There is no where to go, but 30,000 feet down. In that case, I’ll order a Jack and Coke, even at 10 in the morning. I’ll accidentally spill it. OOPS. You have to figure the waft of JD > BO every day of the week.


Photo credit: “body_odor“_ originally uploaded by istolethetv

Heavy Research

We’re back at work on a variety of blog series, so here is a list of the research currently underway. Remember you can get our Heavy Feed via RSS, where you can get all our content in its unabridged glory. And you can get all our research papers too.

Ecosystem Threat Intelligence

Continuous Security Monitoring

Database Denial of Service

API Gateways

Newly Published Papers

Incite 4 U

  1. Define “Integration”: So Forrester’s Rick Holland took the time machine for a spin advocating for security solution integration and the death of point solutions. Nothing like diving back into the murky waters of the integrated suite vs. best of breed issue. It’s not like a lot has changed. Integration helps reduce complexity, at the alleged cost of innovation since it’s mostly big, lumbering companies that offer integrated solutions. That may be an unfair characterization, but it’s been mostly true. Then he uses an example of FireEye’s partnerships as a means to overcome this point solution issue. Again, not new. The security partner program has been around since Check Point crushed everyone in the firewall market with OPSEC in an effort to act big, even as a start-up. But the real question isn’t whether a vendor has good BD folks that can get contracts signed. It’s whether the solutions are truly integrated. And unless the same company owns the technologies, any integrations are a matter of convenience, not necessity. – MR
  2. Movies are real: Yesterday I had an interview with a mainstream reporter about some of the research presented at DEF CON this year. Needless to say, there was the ubiquitous “terrorism” question. It seems pretty much every security vulnerability leads directly to a terrorist attack, the death of children, or the destruction of our media-driven economy. Though I should credit to the reporter, as he asked in the right context. That said, sometimes movie and television plot scenarios do actually happen. Take this simultaneous release of every prisoner in a high-security block of a prison. Now it could have been operator error, or a bug, or maybe even a hack, but the end result involved a shank and red stuff. My general instinct is to assume someone paid off a guard, but I have to admit perhaps an exploit was involved. A bunch of industries are slowly learning that security matters, and never assume anything. But even if it was a hack, I doubt the bad guy used 16 monitors and 5 keyboards to pull it off. – RM
  3. Skynet’s start? Cracking passwords…: Rich does a ton of research into security automation and orchestration, mostly around cloud computing. But he’s not the only one, as it seems automation is happening hot and heavy in the botnet world. But it’s not like automation has to be complicated, as these bots just do very simple brute force attacks on content management systems to gain admin access. Amazingly enough lots of folks use extraordinarily weak passwords on their sites. Go figure. This is a precursor to a lot more cool stuff that can be automated to pwn sites, exfiltrate data, and use the device as a C&C node or phishing host. All without touching a keyboard. Now that’s the kind of leverage the attackers love to have. – MR
  4. Welcome to 2013: Our very own Dave Lewis wrote up his experiences as a new board member to the ISC(2) (the CISSP folks). Like many in security I have very mixed feelings about large standards and certification organizations. And yes, I realize the irony since we work closely with the Cloud Security Alliance and built the curriculum for their CCSK training. Security moves quickly, and any standard body of knowledge will inevitably fall behind. The essential skills of 2003 are not what new security pros need to know in 2013. Even many technical SANS classes are pretty out of date unless they are updated annually (which they aren’t). ISACA, ISSA, ISO, and the others constantly battle for relevance. The real question becomes if they can build a culture that embraces change knowing that it is expensive, difficult, and you never get to relax. And these certification bodies need to do this in the face of a constituency that, on the whole, doesn’t want to have to learn everything all over again every 2 years. It’s a tough challenge, but I do think there’s hope when people like Dave and Wim Remes take the time to get involved, learn the ropes, and work change from the inside. At least that what we tell Dave. – RM
  5. The (Alert)Logic of going private: The love affair between security companies and private equity firms continues unabated. Yesterday Welsh Carson acquired AlertLogic from a band of VCs who likely wanted (or maybe needed) liquidity. It’s not like the MSSP market is shrinking and with consolidation with other players, AlertLogic had some runway to continue their growth. But the issue with security services is that growth is linear, not like security products, which can show exponential growth (like Palo Alto and FireEye). VCs want big multiples and that means slow, predictable growth isn’t usually part of the equation. Of course, those with patience – like PE firms – can wait for profitable growth and milk profits, which MSSPs usually hemorrhage once they hit scale. But more to the point, it’s not just other security companies that are targeting other security companies nowadays. The PE guys are a factor and will remain active, as long as attackers keep attacking. And enterprises continue spending to (not) solve the problem. – MR