On Infosec Friends

Friday, August 24, 2012

Javvad Malik

99edc1997453f90eb5ac1430fd9a7c61

For all the talk about it being an echo chamber and the like, I’ve met a ton of people in security whom I otherwise wouldn’t have.

As I was pondering over this over breakfast one morning, I came to the conclusion that I end up grouping my infosec friends into different categories. They probably look a bit like this:

Level 0 – These are your closest security friends. They are the guys who you look out for and they look out for you. If you see a bug in their code, you’ll sort it out for them.

When they call you up at 3am because they need help with a security strategy presentation, you’ll stay up with them all night working on it. Whenever you are stuck for something, you’ll turn to them for help.

They’re your best teacher and most annoying student rolled into one. You know how many kids each other have, their ages and names. You can never get rid of them and they can’t get rid of you.

The amazing thing is that you may never have met some of these people in real life.

Level 1 – These are best friends. You hang out with them, connect with them on every social media channel. Bond with them on a personal level and hear out their problems.

When you need a LinkedIn reference or someone to endorse your CISSP you’ll go to them. If there’s a job going in their team, they’ll do what they can to get you on their team.

They are there for you when you are stuck pen testing a website, but won’t do much beyond getting pizza and running Nmap.

Level 2 – These are more friends of friends. You’ll meet them at conferences and local chapter meet-ups. Sometimes they may move up the ranks and get promoted to a level 1 friend or maybe not.

They’ll retweet something witty you say and will like your blog posts. They’ll meet you for lunch but never offer to go any more than halves with you on the bill.

Level 3 – These are those security people you have to be friends with. Normally these are work colleagues. You learn nothing from them and often put up with their moaning and spreading of office gossip.

Every morning whilst going into work you pray they will be sick and you don’t have to see them.

Level 4 – Anyone who follows you on social media like twitter or Facebook that doesn’t fall into any of the other categories. They are the trolls who follow you and make smartass comments whenever they can.

They contribute nothing positive to security, yet linger around like a bad smell. Secretly everyone hopes they fall down an open elevator shaft onto some bullets.

Cross-posted from J4VV4D

Possibly Related Articles:
32480
Security Awareness
Information Security
Social Networking Security Information Security Infosec Professional Resources IT Security
Post Rating I Like this!
14a99a86a54b134f8052222127b442c9
Jackie Singh Hahahaha - YES!
1345858349
7915fce77d8ad81d6283c6a08c274f3e
aleph So what's the best way to gain more of Level 0 and Level 1 friends? I currently am stuck in a job where I seem to be the only one with a passion for Security (and IT in general) and the people I work with fall squarely into Level 3. I'd much rather talk about the latest SELinux policy you wrote than how Lorrie in Accounting gave you a blowjob the night of the Christmas party.
1345871302
1de705dde1cf97450678321cd77853d9
Ian Tibble Aleph, I wrote in piece in this blog 14th August, related to jobs in security, based on the comments of 5 industry gurus.

Thing is, in most organisations (2 examples) what they're actually doing in terms of "Security" is "risk assessment" which is calling app owners while wading through checklists, and when some point is non-compliant, they'll call the app owner and ask them to sign an exemption. Sounds like rocket science?
Another example: "penetration testing"..i.e. enter IP addresses into Nessus, toss the autotragically generated report into ops...I could go on. Security teams generally don't get platform access anyway.

So if friends are level 0 or 1 as on this list, it is not because you were forced to engage with them and bond thru necessary camaraderie as in battle...that isn't security. Level 0 or 1 will be because you share some common interests, have similar sense of humor...such as perhaps talking about Lorrie in Accounting.

Luckily for myself I was a contractor mostly, so I could breeze through these security departments without getting drawn down into the abyss. But what I/you described is a very common picture. In some cases its even worse - if you even mention "Linux" or "computer" you'll be extradited.

The industry is getting more tech, albeit slowly. Hang in there and chins up my friend.
1345879053
B8c3567ca021e673164cc9f2c10634e2
K0nsp1racy Javvad: I find your comments shallow and stereotypical of a practitioner that only uses the logical side of his brain in a quest to organize life like one big sock drawer of widgets. I am clearly a Level 1.5 friend to you, yet you are a Level 0 friend to me. How in the hell are we supposed to reconcile that dissonance? Perhaps a certification exam is in order? LOL!

Peace, my Level 0 friend... Good post.

1346099958
Default-avatar
mk MK http://www.burberryfactorys.com/
http://www.shophandbagsonline.com/
http://www.official-coachoutlet.com/
http://www.barbour-factory.com/
http://www.burberry-outlet2014.com/
http://www.gucci-factory.com/
http://www.marcjacobsonsale.com/
http://www.mcmworldwide.ca/
http://www.guccishoes-uk.com/
http://www.kate-spades.com/
http://www.louisvuittonas.com/
http://www.lv-guccishoesfactory.com/
http://www.official-mkoutlets.com/
http://www.official-pradaoutlet.com/
http://www.michael-korsusa.net/
http://www.north-facesoutlet.com/
http://www.moncler-clearance.com/
http://www.north-faceclearance.com/
http://www.clothes-mall.com/
http://www.polo-outlets.com/
http://www.ralphlauren.so/
http://www.ralphlaurentshirts.com/
http://www.ferragamos.in.net/
http://www.longchampsoutlet.com/
http://www.abercrombiee.com/
http://www.barbour-jacketsoutlet.com/
http://www.michael--korsonline.com/
http://www.thenorthface.so/
http://www.cheapuggsbootsr.com/
http://www.beatsbydreoutlet.net/
http://www.tommyhilfiger.in.net/
http://www.ralphslauren.co.uk/
http://www.michaelkors.so/
http://www.oakleyssunglassoutlet.com/
http://www.warm-boots.com/
http://www.tory-burches.com/
http://www.woolrich-clearance.com/
http://www.tommy-hilfigeroutlet.com/
http://www.uggboots-factory.com/
http://www.official-northfaceoutlet.com/
http://www.nike-jordanshoes.com/
http://www.monsterbeatsbydres.net/
http://www.canada-gooser.com/
http://www.bestcustomsonline.com/
http://coach.mischristmas.com/
http://www.coach-blackfriday2014.com/
http://www.coachccoachoutlet.com/
http://www.coach-clearance.com/
http://www.coach-factories.net/
http://www.coach-factorysoutlet.com/
http://www.coachlosangeles.com/
http://www.coachoutletstates.com/
http://www.coach-pursesoutlets.com/
http://www.hermes-outletonline.com/
http://www.misblackfriday.com/
http://www.mischristmas.com/
http://www.mmoncler-outlet.com/
http://www.newoutletonlinemall.com/
http://www.ralphlaurenepolo.com/
http://www.zxcoachoutlet.com/
http://www.misblackfriday.com/uggsale.html
http://www.mischristmas.com/uggboots.html
http://www.newoutletonlinemall.com/coachoutlet.html
http://www.zxcoachoutlet.com/coachoutletonline.html
http://michaelkorsoutlet.mischristmas.com/
http://mcmbackpack.mischristmas.com/
http://monsterbeats.mischristmas.com/
http://northfaceoutlet.mischristmas.com/
http://mk.misblackfriday.com/
http://coachoutlet.misblackfriday.com/
http://coachfactory.misblackfriday.com/
http://uggaustralia.misblackfriday.com/
http://coachpurses.misblackfriday.com/
http://coachusa.misblackfriday.com/
http://coach.misblackfriday.com/
http://michaelkorss.misblackfriday.com/
http://michaelkors.misblackfriday.com/
http://airmax.misblackfriday.com/
http://michael-kors.misblackfriday.com/
https://twitter.com/CoachOutlet2014
https://www.facebook.com/coachoutletstoreonline
https://www.facebook.com/ralphlaurenoutletonline
1418205476
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.