The Ashimmy Blog

You know I have just been too damn nice to Ross Brown lately. So it is November and lets start the month off right.  Ross has a thoughtful article up today on the whole Christopher Soghoian affair.  While I agree with Ross's take on this, that the FBI had no business busting up this guys house, confiscating his computers and generally hassling him, I strongly disagree with Ross's leap of faith analogy to security researchers. 

Frankly, I am really getting fed up with all of these folks who would have us worshiping at the alter of the all powerful security researcher.  If they were really so frigging good, maybe we would not have all the security issues we do. It is still the guys who put their pants on one leg at a time and trudge into the office to fight the good fight against the bad guys every day who make this whole thing go around.  Yes security research has a place at the table in the security world.  But lets remember that much of what they use as tools are not as relevant to Joe Security Admin.  Many of the tools that Joe Security Admin uses are looked down upon as worthless toys by the all powerful security researchers.  The holier (and smarter) than thou attitude has got to go.  The average guy rolling up his sleeves and protecting his network is what this is all about.  Lets try to remember that helping that guy is job 1 around here!