Fear and Loathing In Infosec: A Savage Journey Through the Security Wet Dream
Recent tweets on twitter regarding conferences being attended and the “epic-ness” thereof once again stirred the bile within me and the urge to spew my vile sarcasm upon you all.
I have written in the past about the “INFOSEC Deadhead” cycle but it seems once again to be back in swing and is the grain of sand in my brains gullet bringing you this little gem.
I also wanted to write a piece in the style of Hunter S. Thompson as an homage to him as well as to bring the psyche back again to the people that he once gave to a generation of swine. We have a new generation of swine that need to pay attention to what “Uncle Hunter” was trying to say and take heed.
As they say, past is prologue right?
As I look around today at our situation where our digital rights are concerned as well as the oppressive culture of fear that has been eroding what America’s “Dream” was supposed to be, (what Hunter actually went looking for all those years ago) I oft times feel like I need to rip his carcass out of the ground and let him rail against us all for not heeding his words.
He was ultimately decrying the fear and loathing, the dark desires and the petty crimes that people in power tend to perpetrate because they have the power. Today, that power extends to everything we do because we do it online.
This is the dark and bloody ground, as he would say, that we all have to live on today. The INFOSEC community and it’s corporate masters (or lackeys) are the new Nixon’s and Muskie’s of a latter day passion play equal to the 72 election that Hunter covered for Rolling Stone.
The players may have different names, but the outcomes are the same when you look at them from the larger picture of oppression and dirty dealings (Nixon) and those in the community who wish to fight against them (Muskie) but in the end, we too have to come to the conclusion, as Hunter did, that the system itself is corrupt and those who gravitate to it are either already corrupt, or corrupted by it in the end.
This is for you Doc.
Fear and Loathing In INFOSEC Part One: “The Industry is akin to two dogs fraking… Not even a hose can stop them”
I have written before about the “Industry” as have many others in the business. Many of those writers lament the sleaziness of it all now and how they feel sickened by it. Go to any “con” today and you are besought by a bevy of scantily clad booth babes hawking the wares of this or that instant security solution by XYZ vendor.
For those vendors who have caught up with the times though, they instead have the usual grease man with the clipboard at the ready to take your email address to spam the frak out of you while offering you a spectacular chance to win a new iPad!!
But, this is just one level of the multiplex of INFOSEC Hell, that not even Dante could envision today were he alive….
You see, the real business is done outside the cons, in the boardrooms and the bedrooms, the bars and the back bathroom stalls, anyplace that the corporate greedheads and charlatans can ply their trade… It happens all over the country, but more so than ever today, within the Beltway of this lands capitol.
All of these players mime their passion plays to obtain the almighty dollars to sate their needs for more things and to make their daily bread. Grimy hands slither over every inch of the client while pouring soothing words, cooing in their ears about how their solutions will cure their ills and make them more virile than the next guy in line.
It’s Sodom all over again….
Today, we are seeing the works of Hieronymous Bosch coming to life before our eyes, the dull eyes of the damned being clawed and molested by the demons but we are unable to do anything about it. The surging mass of corporatized security snake oil is oozing over every aspect of our lives as the corporate set makes the beast with two backs with the government today in this overly fearful and loathing time post 9/11 and Anonymous.
The fear levels of the Bush administration have been supplanted by just one color, the color of fear, and it’s the blackest of black lines covering up the narratives of our lives because it’s been determined to be in the national interest to “classify” it.
It’s all for your protection… Trust us…
But, as we have seen in the last year or so, the security companies and the agencies that employ them, are powerless to stop skiddies from popping shells on their shit and raping and pillaging their and potentially our data in a festival of stupid the likes of which I have only seen in the cheapest of geek shows in a roadside carney just shy of the dustbowl.
The barkers in their seersucker suits tell us that they have a show for us like no other on earth. The shill in the audience says “Holy frak! I saw it and it was fraking great! I am going to see it again” so we go along for the ride thinking that we will be seeing amazing things.
“Trust us, we can protect you! We just bought this here new firewall with DLP protection, it’ll protect your data that we are taking from you.. Err.. We mean, holding for you”
Soon though, you realize that neither the barker nor the shill exhorting you about the wonders, it’s all a scam and you are the rube in the end holding your pockets inside out with your sad hobo clown face drooping as they walk away holding the burlap sack with the dollar signs on it.
Hey rube, how are you feeling about the business now? See? There are no sure things in life nor are there any sure fire solutions to your security needs and you have to come to realize that, but then again, now it’s probably too late as you watch that charlatan’s shadow slink into the night huh?
“But… But… You promised me security” slips from your tongue to an empty dirt floored big top and you realize that the carnival of security has taken you for quite the ride. It’s then that the revenuer comes out of the shadows and say’s “Don’t worry, I am from the government, and I am here to help you”.
This is where you should flee the scene, but you can’t because you have nowhere left to go, the emperor who usually has no clothes on actually stole yours, so naked you stand sheepishly lowering your eyes…
You’ve been screwed.
The moral here kids, is that the corporations, all of them, are not seeking to protect your data. They are seeking to make money. The corporations set up to sell the “security” to protect that data of yours are just as bad, they are just looking to hawk their wares and to make money.
Sure there may be some within them trying to do good, but the all encompassing drive for revenue, the almighty deity of all business no longer is to do a good job, or make a great and sturdy product, instead the ethos has been replaced with “make money now as quick as you can and then exit stage right”. This is the real drive behind every business today and if anyone tells you anything different they are either fooling you, themselves, or both of you if you really believe it.
Every day there’s a new “Veg-O-Matic” for security and every day a new bypass is found for it by some crackerjack security researcher out there noodling around, or perhaps they aren’t just noodling huh? Perhaps they are actually a cog in the large wheel of the security machine huh?
Perhaps they are just a pawn in the great game of security chess, move and counter move and the ultimate goal is the almighty sack of money in the non extradition country bank? What’s the point really anymore other than the congress of conjugal visits with material wealth huh?
Seriously, this is the ultimate corporate and charlatan’s wet dream, a never ending revenue stream from vague ideas that are easy to bamboozle and flim flam people and companies easily with.
“See, you’re gonna have to rip out that root kernel because you are back-boning on my internet”
“Yes yes! Oh my fraking God YES! Say mister how much? How can I get in on the ground floor here?”
A generation of blind and significantly mentally deficient swine are buying the swill of the security industry, charlatans, barons, and hucksters all. Now, you can add to this the government and their need to suckle the security tit as well. Good God are these guys also the biggest bunch of rubes and con men as well.
Never a more incestuous bed has been laid in as the one we are seeing now between the government and the fraks of business bedding them. Truly, there is fear and loathing kids, and the fear is being fed to you and the loathing has only just begun.
Open your eyes… See the horrors…
The whiskey is gone now and the sun is setting blood red into the west… I have expended my bolus of bile and bones from having ingested this diatribe only to spit it out in your faces. Take heed dear reader, there will be more… And the next time I will be delving into the government oubliette where they had hoped to hide their collective dirty sins…
But they cannot hide them... It’s all so Freudian….
Take from this diatribe that in the end, no one is looking out for us corporations or companies. It’s all about profit and sleaze, ego and fame….
Til next time…
“Fear and Loathing in INFOSEC The Community: Ego, Boredom, and Empty Hipsterism” coming soon.
Editor's note: Some of the more coarse language has been altered in this piece. The unadulterated version can be found here:
Cross-posted from Krypt3ia