Richard Bejtlich's blog on digital security, strategic thought, and military history.
Someone Explain This Cartoon
Get link
Facebook
Twitter
Pinterest
Email
Other Apps
I'm going to withhold commentary until I hear some other opinions on this cartoon. Would anyone care to share their interpretation? I emailed Bruce Schneier to get his ideas as well.
Get link
Facebook
Twitter
Pinterest
Email
Other Apps
Comments
Anonymous said…
Why not just email the author and say, "uh...I don't get it". ;-)
My thoughts...some folks (you and Bruce) take what you know and put it in a book. Mike took a different route...which I won't recount.
Anonymous said…
Seems as if the comic's author is trying to say that Michael Lynn regurgatating information for both of the books...
Anonymous said…
Michael Lynn is going to become the next Bruce Schneier, or Richard Bejtlich.
I think that's a great comic strip. It says to me that the reader should compare the knowledge that goes into Schneier's and your books as opposed to the tactics of a Lynn (who just delivers his "work" in some slides without any background or context).
Anonymous said…
You're not going to like this, but my read is, "Those who can, do, those who can't, write books."
It's Securiteam, so you can't give the author any credit for a sophisticated analysis of Applied Cryptography (which is an evil book). My read is that he's saying something nice about the two books; specifically, that they are in the top tier of security books. I agree with half the sentiment.
However, compare the amount of new information conveyed by books to what's released at a conference!
I like this comic. Bit of a Rorshach blot, isn't it?
Looking at the cartoon it appears "Mike" is signing a paper (with "Black Hat") on the top.
He doesn't look happy either.
Anonymous said…
I don't think Pete's take is correct. Lynn never signed an NDA with Black Hat. He signed a settlement with Cisco.
The 2005 conference proceedings for Black Hat was the same red color. It looks to me like Lynn is simply autographing the conference program (which in itself was controversial because Lynn's page were physically cut out by Cisco minions as the show opened). I think a few unmolested 2005 programs did manage to sneak out, hence the desire for an autographed copy.
Could also demostrate what a "paper cert" would be if a hacker tries to aquire hacking knowledge by only reading books, and not actually compromising something.
Hmm, your answer might make sense. If you're right, though, I don't understand why the cartoonist would take a shot at Bruce. Is the cartoonist saying no one wants an autographed copy of Applied Cryptography?
why do you think it's a shot at you or bruce? why can't it be simple social commentary?
what do you think it says about the security community that heaps such attention on lynn? and isn't it implying that lynn has become part of security's pop-culture?
Geez Rich, your getting testy in your old age. Whats next, are you gonna scream for me to get off your lawn? ;)
Seriously, I believe Pete and Kurts interpretation are the closest and get the “Closest to the Pin” trophies. Read the post that is associated with the cartoon.
I think it’s parody. Guys like Schneier and you are writing books, and are invited to the “party”. Mike Lynn, who was big news last year, is sulking as he forges a signature to get in. I don't think he’s poking fun at any of the 3 individuals involved, but rather at Ellen Messmer, who wrote a factually inaccurate article at http://www.networkworld.com/news/2006/080306-lynn-cisco-black-hat.html. I believe he is signing the "Black Hat Card" since most people would just scratch their heads at the "Black Hat Cisco Afterparty Card".
I'm with anonymous on this one, but I don't necessarily think the author is taking a shot at anyone. He's drawing a comparison. Seems like he's saying, "Michael Lynn is up there with Schneier and Bejtlich"
Why not, with the ambiguity of the content, that interpretation makes as much sense as any...
I will say this much, despite the lack of artistic or script writing talent, this guy is a marketing genius. Look at the discussion it has generated. I wonder how many hits you've sent this guy’s way? Perhaps that the purpose of the article...
Anonymous said…
I think the answer is passive vs. active, i.e. academic content vs. conference content. It can be taken as offensive, but I think it's more of a friendly push, as if to say, "Get out there and show us more of what Lynn did."
That being said, the cartoon's activity in the last frame is a bit ambiguous, so I could be wrong...
Anonymous said…
Lynn is writing the menu for a new restaurant named "Black Hat" -- formal attire required, which pretty much leaves out nearly everyone who goes to DefCon.
Special of the day for Tuesday: Cisco Duck with Condolezza Rice. Price: $6.66, plus tax. Whine costs extra.
Of course I searched for "Brian Shearer" and visited the first Web site returned. I also found nothing on that site directly linking GravyBoy with the cartoons.
I could have searched for "gravyboy memory leak" and found his MySpace page, which mentions his work for the SecuriTeam cartoon. I avoid MySpace like the plague though.
I could have also waited for him to simply reply to the comment posted to the cartoon on 7 Aug 06, to which he never responded.
We'll see if Brian replies now.
I'm not taking this as seriously as some anonymous posters seem to be.
By the way -- my "buttons" don't say "cartoon"! Try "threat" or "vulnerability." :)
Anonymous said…
Wow.
Um..okay, let me tackle some of your comments. First of all, I didn't write this strip, it was a collaboration between myself as a work-for-hire artist and those at securiteam. Some strips I have more input in the writing stage...this wasn't one of them as I do not follow these type of issues.
ANONYMOUS SAID: "The 2005 conference proceedings for Black Hat was the same red color. It looks to me like Lynn is simply autographing the conference program (which in itself was controversial because Lynn's page were physically cut out by Cisco minions as the show opened). I think a few unmolested 2005 programs did manage to sneak out, hence the desire for an autographed copy."
Yes, this is what was explained to me in the script. In retrospect, I should have shown the first two panels with the authors signing their books too. This might have cut down on the ambiguity.
JOHN WARD SAID: "I will say this much, despite the lack of artistic or script writing talent..."
Ouch.
this guy is a marketing genius."
Not so much.
"I wonder how many hits you've sent this guy’s way?"
Actually, not that many. But feel free.
THOMAS PTACEK SAID: "you can't give the author any credit for a sophisticated analysis of Applied Cryptography"
If your referring to to the person who actually wrote it, I can't tell you one way or the other...because I'm not qualified to do a sophisticated analysis of people qualified to do a sophisticated analysis of Applied Cryptography.
RICHARD SAID: "I avoid MySpace like the plague though."
I did as long as I could...but I have things to shamlessly self-promote...things that aren't nearly as attention grabbing, apparently, as Memory Leak # 12 :)
"I could have also waited for him to simply reply to the comment posted to the cartoon on 7 Aug 06, to which he never responded."
Sorry I forget to check those comments. I hope I have more than made up for that here.
Well, it was fun. I hope I made things a little clearer.
Anonymous said…
"So I was right, it's Brain Shearer, co-creator GravyBoy", she says to himself while patting herself on the back for her 'intel work.'
This is a quick note to point blog readers to my Zeek in Action YouTube video series for the Zeek network security monitoring project . Each video addresses a topic that I think might be of interest to people trying to understand their network using Zeek and adjacent tools and approaches, like Suricata, Wireshark, and so on. I am especially pleased with Video 6 on monitoring wireless networks . It took me several weeks to research material for this video. I had to buy new hardware and experiment with a Linux distro that I had not used before -- Parrot . Please like and subscribe, and let me know if there is a topic you think might make a good video.
Just what are "tactics"? Introduction MITRE ATT&CK is a great resource, but something about it has bothered me since I first heard about it several years ago. It's a minor point, but I wanted to document it in case it confuses anyone else. The MITRE ATT&CK Design and Philosophy document from March 2020 says the following: At a high-level, ATT&CK is a behavioral model that consists of the following core components: • Tactics, denoting short-term, tactical adversary goals during an attack; • Techniques, describing the means by which adversaries achieve tactical goals; • Sub-techniques, describing more specific means by which adversaries achieve tactical goals at a lower level than techniques; and • Documented adversary usage of techniques, their procedures, and other metadata. My concern is with MITRE's definition of "tactics" as "short-term, tactical adversary goals during an attack," which is oddly recursive. The key word in the tacti
I've completed the TaoSecurity Blog book series . The new book is The Best of TaoSecurity Blog, Volume 4: Beyond the Blog with Articles, Testimony, and Scholarship . It's available now for Kindle , and I'm working on the print edition. I'm running a 50% off promo on Volumes 1-3 on Kindle through midnight 20 April. Take advantage before the prices go back up. I described the new title thus: Go beyond TaoSecurity Blog with this new volume from author Richard Bejtlich. In the first three volumes of the series, Mr. Bejtlich selected and republished the very best entries from 18 years of writing and over 18 million blog views, along with commentaries and additional material. In this title, Mr. Bejtlich collects material that has not been published elsewhere, including articles that are no longer available or are stored in assorted digital or physical archives. Volume 4 offers early white papers that Mr. Bejtlich wrote as a network defender, either for technical or pol
Comments
My thoughts...some folks (you and Bruce) take what you know and put it in a book. Mike took a different route...which I won't recount.
It's Securiteam, so you can't give the author any credit for a sophisticated analysis of Applied Cryptography (which is an evil book). My read is that he's saying something nice about the two books; specifically, that they are in the top tier of security books. I agree with half the sentiment.
However, compare the amount of new information conveyed by books to what's released at a conference!
I like this comic. Bit of a Rorshach blot, isn't it?
Looking at the cartoon it appears "Mike" is signing a paper (with "Black Hat") on the top.
He doesn't look happy either.
The 2005 conference proceedings for Black Hat was the same red color. It looks to me like Lynn is simply autographing the conference program (which in itself was controversial because Lynn's page were physically cut out by Cisco minions as the show opened). I think a few unmolested 2005 programs did manage to sneak out, hence the desire for an autographed copy.
Hmm, your answer might make sense. If you're right, though, I don't understand why the cartoonist would take a shot at Bruce. Is the cartoonist saying no one wants an autographed copy of Applied Cryptography?
what do you think it says about the security community that heaps such attention on lynn? and isn't it implying that lynn has become part of security's pop-culture?
Seriously, I believe Pete and Kurts interpretation are the closest and get the “Closest to the Pin” trophies. Read the post that is associated with the cartoon.
I think it’s parody. Guys like Schneier and you are writing books, and are invited to the “party”. Mike Lynn, who was big news last year, is sulking as he forges a signature to get in. I don't think he’s poking fun at any of the 3 individuals involved, but rather at Ellen Messmer, who wrote a factually inaccurate article at http://www.networkworld.com/news/2006/080306-lynn-cisco-black-hat.html. I believe he is signing the "Black Hat Card" since most people would just scratch their heads at the "Black Hat Cisco Afterparty Card".
At least that’s my take on it…
Why not, with the ambiguity of the content, that interpretation makes as much sense as any...
I will say this much, despite the lack of artistic or script writing talent, this guy is a marketing genius. Look at the discussion it has generated. I wonder how many hits you've sent this guy’s way? Perhaps that the purpose of the article...
That being said, the cartoon's activity in the last frame is a bit ambiguous, so I could be wrong...
Special of the day for Tuesday: Cisco Duck with Condolezza Rice. Price: $6.66, plus tax. Whine costs extra.
:-)
Then DO it. Just keep in mind that it's only a frelling cartoon.
I suppose it's just TOO easy to write the author and ask what his intended meaning is. Na, that is too hard.
Try finding an email address for Brian Shearer.
If you don't like this thread, why are you reading it?
???
That took every bit of 3 seconds.
I could have searched for "gravyboy memory leak" and found his MySpace page, which mentions his work for the SecuriTeam cartoon. I avoid MySpace like the plague though.
I could have also waited for him to simply reply to the comment posted to the cartoon on 7 Aug 06, to which he never responded.
We'll see if Brian replies now.
I'm not taking this as seriously as some anonymous posters seem to be.
Um..okay, let me tackle some of your comments. First of all, I didn't write this strip, it was a collaboration between myself as a work-for-hire artist and those at securiteam. Some strips I have more input in the writing stage...this wasn't one of them as I do not follow these type of issues.
ANONYMOUS SAID: "The 2005 conference proceedings for Black Hat was the same red color. It looks to me like Lynn is simply autographing the conference program (which in itself was controversial because Lynn's page were physically cut out by Cisco minions as the show opened). I think a few unmolested 2005 programs did manage to sneak out, hence the desire for an autographed copy."
Yes, this is what was explained to me in the script. In retrospect, I should have shown the first two panels with the authors signing their books too. This might have cut down on the ambiguity.
JOHN WARD SAID: "I will say this much, despite the lack of artistic or script writing talent..."
Ouch.
this guy is a marketing genius."
Not so much.
"I wonder how many hits you've sent this guy’s way?"
Actually, not that many. But feel free.
THOMAS PTACEK SAID: "you can't give the author any credit for a sophisticated analysis of Applied Cryptography"
If your referring to to the person who actually wrote it, I can't tell you one way or the other...because I'm not qualified to do a sophisticated analysis of people qualified to do a sophisticated analysis of Applied Cryptography.
RICHARD SAID: "I avoid MySpace like the plague though."
I did as long as I could...but I have things to shamlessly self-promote...things that aren't nearly as attention grabbing, apparently, as Memory Leak # 12 :)
"I could have also waited for him to simply reply to the comment posted to the cartoon on 7 Aug 06, to which he never responded."
Sorry I forget to check those comments. I hope I have more than made up for that here.
Well, it was fun. I hope I made things a little clearer.