Monday, August 07, 2006

Someone Explain This Cartoon

I'm going to withhold commentary until I hear some other opinions on this cartoon. Would anyone care to share their interpretation? I emailed Bruce Schneier to get his ideas as well.

30 comments:

Keydet89 said...

Why not just email the author and say, "uh...I don't get it". ;-)

My thoughts...some folks (you and Bruce) take what you know and put it in a book. Mike took a different route...which I won't recount.

Anonymous said...

Seems as if the comic's author is trying to say that Michael Lynn regurgatating information for both of the books...

Adam said...

Michael Lynn is going to become the next Bruce Schneier, or Richard Bejtlich.

Brian said...

I think that's a great comic strip. It says to me that the reader should compare the knowledge that goes into Schneier's and your books as opposed to the tactics of a Lynn (who just delivers his "work" in some slides without any background or context).

Thomas Ptacek said...

You're not going to like this, but my read is, "Those who can, do, those who can't, write books."

It's Securiteam, so you can't give the author any credit for a sophisticated analysis of Applied Cryptography (which is an evil book). My read is that he's saying something nice about the two books; specifically, that they are in the top tier of security books. I agree with half the sentiment.

However, compare the amount of new information conveyed by books to what's released at a conference!

I like this comic. Bit of a Rorshach blot, isn't it?

Pete said...

I think it means that people (in this case you and Schneier) are writing books full of security information and for some reason Michael Lynn has to sign a nondisclosure for his work at Black Hat. The (very weak) notion being that there is plenty of info available already so it is sort of foolish to restrict Lynn from publishing.

Richard Bejtlich said...

Ding ding ding! I think Pete has the answer.

Looking at the cartoon it appears "Mike" is signing a paper (with "Black Hat") on the top.

He doesn't look happy either.

Anonymous said...

I don't think Pete's take is correct. Lynn never signed an NDA with Black Hat. He signed a settlement with Cisco.

The 2005 conference proceedings for Black Hat was the same red color. It looks to me like Lynn is simply autographing the conference program (which in itself was controversial because Lynn's page were physically cut out by Cisco minions as the show opened). I think a few unmolested 2005 programs did manage to sneak out, hence the desire for an autographed copy.

Coldguy said...

Could also demostrate what a "paper cert" would be if a hacker tries to aquire hacking knowledge by only reading books, and not actually compromising something.

Richard Bejtlich said...

Anonymous,

Hmm, your answer might make sense. If you're right, though, I don't understand why the cartoonist would take a shot at Bruce. Is the cartoonist saying no one wants an autographed copy of Applied Cryptography?

Richard Bejtlich said...

Also, why take a shot at Bruce (or me) when he so strongly supported Mike Lynn last year, as did I?

kurt wismer said...

why do you think it's a shot at you or bruce? why can't it be simple social commentary?

what do you think it says about the security community that heaps such attention on lynn? and isn't it implying that lynn has become part of security's pop-culture?

John Ward said...

Geez Rich, your getting testy in your old age. Whats next, are you gonna scream for me to get off your lawn? ;)

Seriously, I believe Pete and Kurts interpretation are the closest and get the “Closest to the Pin” trophies. Read the post that is associated with the cartoon.

I think it’s parody. Guys like Schneier and you are writing books, and are invited to the “party”. Mike Lynn, who was big news last year, is sulking as he forges a signature to get in. I don't think he’s poking fun at any of the 3 individuals involved, but rather at Ellen Messmer, who wrote a factually inaccurate article at http://www.networkworld.com/news/2006/080306-lynn-cisco-black-hat.html. I believe he is signing the "Black Hat Card" since most people would just scratch their heads at the "Black Hat Cisco Afterparty Card".

At least that’s my take on it…

Richard Bejtlich said...

Ok, so now the latest interpretation is that the cartoon shows Mike Lynn signing in to the Cisco party at Black Hat. Wonderful.

ryan said...

I'm with anonymous on this one, but I don't necessarily think the author is taking a shot at anyone. He's drawing a comparison. Seems like he's saying, "Michael Lynn is up there with Schneier and Bejtlich"

John Ward said...
This comment has been removed by a blog administrator.
John Ward said...

Rich,

Why not, with the ambiguity of the content, that interpretation makes as much sense as any...

I will say this much, despite the lack of artistic or script writing talent, this guy is a marketing genius. Look at the discussion it has generated. I wonder how many hits you've sent this guy’s way? Perhaps that the purpose of the article...

Daniel Miessler said...

I think the answer is passive vs. active, i.e. academic content vs. conference content. It can be taken as offensive, but I think it's more of a friendly push, as if to say, "Get out there and show us more of what Lynn did."

That being said, the cartoon's activity in the last frame is a bit ambiguous, so I could be wrong...

Anonymous said...

Lynn is writing the menu for a new restaurant named "Black Hat" -- formal attire required, which pretty much leaves out nearly everyone who goes to DefCon.

Special of the day for Tuesday: Cisco Duck with Condolezza Rice. Price: $6.66, plus tax. Whine costs extra.

:-)

Chris_B said...

Rich, why do you even care?

Richard Bejtlich said...

Chris_B, I am an intel analyst. It's my job to figure out stuff like this. :)

Anonymous said...

It's my job to figure out stuff like this. :)

Then DO it. Just keep in mind that it's only a frelling cartoon.

I suppose it's just TOO easy to write the author and ask what his intended meaning is. Na, that is too hard.

Richard Bejtlich said...

Anonymous,

Try finding an email address for Brian Shearer.

If you don't like this thread, why are you reading it?

Anonymous said...

http://gravyboy.com/brian/

???

That took every bit of 3 seconds.

Anonymous said...

I love this thread. It's got buttons to push!

Richard Bejtlich said...

Of course I searched for "Brian Shearer" and visited the first Web site returned. I also found nothing on that site directly linking GravyBoy with the cartoons.

I could have searched for "gravyboy memory leak" and found his MySpace page, which mentions his work for the SecuriTeam cartoon. I avoid MySpace like the plague though.

I could have also waited for him to simply reply to the comment posted to the cartoon on 7 Aug 06, to which he never responded.

We'll see if Brian replies now.

I'm not taking this as seriously as some anonymous posters seem to be.

Richard Bejtlich said...

By the way -- my "buttons" don't say "cartoon"! Try "threat" or "vulnerability." :)

brian said...

Wow.

Um..okay, let me tackle some of your comments. First of all, I didn't write this strip, it was a collaboration between myself as a work-for-hire artist and those at securiteam. Some strips I have more input in the writing stage...this wasn't one of them as I do not follow these type of issues.

ANONYMOUS SAID: "The 2005 conference proceedings for Black Hat was the same red color. It looks to me like Lynn is simply autographing the conference program (which in itself was controversial because Lynn's page were physically cut out by Cisco minions as the show opened). I think a few unmolested 2005 programs did manage to sneak out, hence the desire for an autographed copy."

Yes, this is what was explained to me in the script. In retrospect, I should have shown the first two panels with the authors signing their books too. This might have cut down on the ambiguity.


JOHN WARD SAID: "I will say this much, despite the lack of artistic or script writing talent..."

Ouch.

this guy is a marketing genius."

Not so much.



"I wonder how many hits you've sent this guy’s way?"

Actually, not that many. But feel free.



THOMAS PTACEK SAID: "you can't give the author any credit for a sophisticated analysis of Applied Cryptography"

If your referring to to the person who actually wrote it, I can't tell you one way or the other...because I'm not qualified to do a sophisticated analysis of people qualified to do a sophisticated analysis of Applied Cryptography.

RICHARD SAID: "I avoid MySpace like the plague though."

I did as long as I could...but I have things to shamlessly self-promote...things that aren't nearly as attention grabbing, apparently, as Memory Leak # 12 :)

"I could have also waited for him to simply reply to the comment posted to the cartoon on 7 Aug 06, to which he never responded."

Sorry I forget to check those comments. I hope I have more than made up for that here.





Well, it was fun. I hope I made things a little clearer.

Anonymous said...

"So I was right, it's Brain Shearer, co-creator GravyBoy", she says to himself while patting herself on the back for her 'intel work.'

Anonymous said...

Brian Shearer's name is ON the cartoon as artist.