Back in the Saddle

Friday, January 25th, 2013

After quite a break I will be back blogging here. I used to blog for my old role at Juniper Networks and focused my efforts there. Now that I no longer work there and I have a bit more mental freedom you will start to see new posts here. One of my first pieces will be the review of my System 76 laptop.

Community Caring: Dojo Day

Saturday, April 14th, 2012

No one wants to be “forever alone“. Even those social recluse nerds like myself. We need a bond, a place to share our ideas, a place to share our passion about what we do. I am as awkward as any nerd I suppose, but I still love to bond about the things I am passionate about. Growing up in Detroit I did manage to assemble a small group of people that could talk about Never Winter Nights on AOL or the lastest rules expansion in AD&D 2nd edition but out in the open we were the scourge of society. People didn’t seem to understand our need to play Highlander cosplay or why we needed to carry around 40 pound portable computers.

When I moved to Silicon Valley this was my hope, to find a place of acceptance. I didn’t just find acceptance but I found my true homeland. Now of course its not like living in the Valley allows you to walk up to anyone and talk about the rule of two but its generally accepting. For myself I found a hideaway where nerds and business gurus alike can co-mingle and enjoy the warmth of sharing ideals, this place is the Hacker Dojo.

The Hacker Dojo can be described as a lot of things, but to me I call it home. The idea behind the Dojo started as community center of sorts. Its 1/3 co-working, 1/3 meeting place, and 1/3 social hang out. Its warehouse feel and open setting make it a comfortable place to hang out. But its more inviting then that. As you walk in and sign in to the Dojo you get a strong sense of the place. You quickly overlook the library which contains hundreds of donated books. You see the various craft projects hanging on the walls and you start to feel that this is a place for nerds of all kinds and even just regular people.

I have been a paid member for several months but I haven’t been able to attend as much as I hoped. I am imminently changing roles in my company and I want the Dojo to be me home away from home once that transition occurs. On Friday I setup camp with a few of my coworkers. We picked a nice area with couches and tables giving it a very living room working area. I worked to pound away at some code while my brethren cleaned up this weeks email. We casually chatted about various topics but overall felt at home.

In developing yourself personally and professionally you can never do this completely alone. Its simply too hard to not talk or not be around like minded people. To me this is one of the best parts of the Dojo, its community of members or other folk wondering through. In the times that I have been there I have met gaggles of startups, tech nerds, business planners, and other interesting people. This is a resource that you can’t buy but it must be grown. The people at the Dojo have done an amazing job to do this. The value there is immense and its the type of place I wish I had in the 90’s when I was getting my feet wet as a hacker.

I think that the “Hacker” part in the Hacker Dojo name might confuse some people. If your a member of the community you get it, but many may think its some sort of organized crime club. In 1984 the book Hackers: Heroes of the Computer revolution by Steven Levy was published. Its an amazing tale about people that follow in the hacker way. Oh my gosh were they digitally robbing banks back then? Well I am sure it happened but thats not the hacker way. Its about using computers, its about solving problems in new ways, its about not judging others in any way except for their skills, its about not following the rules and moving to create things that my otherwise be thought impossible. If all of this sounds scary I am sure your own Mother uses a product created by these ideals. Its called Facebook and I am sure you have heard of it and perhaps even seen the dramatization about it.

I can’t be more excited about the Hacker Dojo. My only regret is that I didn’t find it sooner, but I can enjoy it now so it all works out. If your in Silicon Valley I suggest that you come by and check it out. The experience is like a hug for your brain. Currently the Dojo is doing many fund raisers to keep its doors open. Being a community driven place its funded by the community. Operating in the Valley isn’t cheap so please donate upon your visit. Buy a T-Shirt or two to support the young minds of tomorrow. As part of my blog I am offering the first ten people that mention “dojolove” to me (@robWcam) on twitter a Dojo coffee mug. I will box it up myself and ship it to you in the next week or so (international shipping may vary).

No matter what your into, no matter what your passions are, always support the community that drives you. If you don’t then it may be gone when you need it most.

Insecure Security

Monday, April 2nd, 2012

Its been one heck of a year so far in the security industry. With Q2 upon us we have had no shortage of DoS attacks, data breaches, and seemingly utter chaos on the Internet. So with all of this going on where has all the security gone? Security sales grow year over year, products become more advanced and yet how can we STILL have all of these breaches, breakdowns and complete Internet chaos occurring?

Well its simple really, its people. I don’t want to start this and make it sound that the products have gotten it right and the people using them are wrong. Sure we have made significant improvements in products but the hard part is that they have become more complex to use. When I first started in the industry there was always this one person in the organization that could seemingly manage the entire network including the user infrastructure. Today its seems like everything is a speciality. No one understands two or more topics. Its because the depth of any one topic is so much more today than ever. Even within a firewall you can be a L4, L7, or App specific guru. Within one product you can have specialties and subspecialties to the point where the “god boxes” with dozens of features need to be operated by a team.

If anything I think this plays greatly against us in security. It lessens the effectiveness of any ONE person as they are so specialized. Now we will always need people that go into the weeds on a topic. We do need the person that is a master of DFA tables within IPS or the ASIC guru that can minimize the number of operations on a packet. But in security administration if it isn’t simplified, if it isn’t easy we are going to create trouble for ourselves. Its great to say that you have oodles of logs and mounds of metrics but who the heck wants to troll through them looking for the answers? You do get the super nerds who like that but even a super nerd wants to go howe and play the latest patch in Star Wars: The Old Republic. Why can’t we have tools that tell us what is going on in the network?

I don’t mean log aggregators or network traffic graphs. I want something that at a glance will tell me what is going on. I want to know what has happened and what will happen within my network. Can you tell me what is going on within your firewall? What if that firewall had 20 million sessions and 16 Interfaces each with a dozen subinterfaces? Its tough to imagine a dashboard that can solve that problem. But the need is there and now is the time we have to make this easier.

Its not a lack of skill on the security admins part. I meet about a thousand people a year and I hear their stories. Most if not all of the people that I meet are exceptionally bright. The one downside is that they are the user and not the creator of these products. They don’t have time to muck with APIs to get the data they needs. They want results, fast, now, and the have to be accurate. People do pay and are willing to pay good money for this so vendors please listen and make these clairvoyant tools for the admins.

I am going to shortly transition to a new role within my company and this analytics topic is one that is close to my heart. After scrolling through logs for nearly 15 years and mining data manually I want to provide a bit of clarity for the security world. I want you to go home early and spend time with your family, I want you to finish your level 50 character in Star Wars: The Old Republic. I am vowing to help fix this issue of network visibility because I am tired of the SecOps people getting beat up for not defending from the latest breach. The tools to defeat the breach are available today, but the tools to help you configure them are not.

By translating information into an easy to understand format if gives the admin the information they need to configure the devices to secure their network. Isn’t this what we want? An easier way to know what we need to do? Isn’t this what the smart phones do for our lives, simplify the handling of all of today’s tasks? Why not this but for security? If any important advancements need to be made its security analytics. Or the simplification of massive amounts of data to make your enforcement decisions easier. If we had all of correct data in front of us we would make better decisions around what to secure. Do you know why the hacker/cracker wins today? Its because they know more about your network than you do. Change that equation and it translates into a more secure world.

Monoglot Heros

Sunday, April 1st, 2012

I hate bilateral debates. Coke is better than Pepsi, PS3 has .374% sharper graphics then the Xbox 360, or that sandals are better than shoes. I bring up my hate for this hate around two topics for this rant: networking config syntax and programing languages. While these are very different topics they, much like the age old Coke vs Pepsi, are one in the same. Let me start with programing languages since that started this blog for me and I will end with networking configs since that made it blow up in my mind.

Arguing over the value of programing langages has been onc of those epic nerd debates since the beginning of time. I am sure that even Grace Hopper had some classic jokes in her time. If anything defines nerds is passion and humor. To be a nerd (geek, dweeb, or any sort of you focus too much on one thing adjetives) you must deeply love something beyond the point of rational thought this is the passion part. Also you must have humor around what you love. The passion can be so intense that it can jade your vision around the other topics within the same genre. It can make anything that tries to harm your “precious” an act of war. I get it, just try and ask me a question about something. I like to say with me there are no short answers and too often thats true. But I like to look at things objectively. I feel that everything has value relative to itself.

With programing languages you often get these “hip in the moment languages” that drive furious rage. On one side you get those who love the language and the others that will stop at nothing to destroy any good will. There are those of us that are caught in the middle and say “can’t the language be good, but is it ok that it doesn’t solve everything?” This is where the key nerd characteristics come into play. The passion. If you are extremely passionate about your cause odds are your going to annoy someone. Not everyone wants to know about how JavaScript can solve world hunger, shine your shoes, and calculate every number in Pi within 6.432525 seconds (just an example with real world performance research coming).

A friend recently asked me why are there so many scripting languages. To him, a VPN guru who has worked mostly in compiled languages, saw the various non-compiled languages to be the same. This turned into a beautiful discussion. What we determined is that often someone learns a language and then they never choose or need to learn another. Also the language is well rounded enough to solve all of their needs. This leaves people to stick with what they know and not move on. Really they don’t need to as they have the perfect hammer for their nails. Then you get the folks who do move on as the hammer doesn’t strike as true as it used to. This has continued on from the days of shell scripting until today where JavaScript is the language of the now. Various language tribes have been created and this is where the war begins.

To draw a parallel lets look at networking devices. Most networking devices have a “flavor” to its syntax and mechanics. All of which were derived at different times for different needs. Cisco’s IOS defined the standard in networking CLI. Its the friend almost all of us grew up with. Its familiar and loving but often not forgiving. I could write a book just on the syntax and its impact to networking as its so iconic. At the time it made perfect sense to its operation where as today it may be missing some key features that are preferred. Cisco has also moved on by adding more modern features to its newer CLI operating systems. ScreenOS, the OS for NetScreen firewalls, copied its operation nearly 1:1 due to the fact that people were familiar with it.

When Junos came out in the late 90’s it changed the game by adding some new key features. These features were added because at the time there were some huge pain points to the IOS operational model. For the networking world this was huge as new developments in CLI were so rare. Over time Cisco and other vendors added the “Junos-like” features back into their CLIs to create an equilibrium in the CLI community. The important point I want to draw is that things evolve to meet the needs of today. If not we will all still be wearing powered wigs and monocles (unless your an ultra classy chap today). We don’t need to throw dookie at each other over these debates. As there are two important items to note: things are created for whats appropriate for the time and over time mechanics evolve.

I feel these two ideas are easier to explain with networking configs as programing languages seem to stick around for much longer. In fact C has been around for thirty years and its nearly identical to the modern versions. But C has evolved to meet the needs of today without trying to become the one stop shop of programing language features. C knows its limits and sticks to them, true to the design of the language. If we wouldn’t have had C then we wouldn’t have JavaScript. If we didn’t have Cisco IOS we wouldn’t have Junos. If we didn’t have Junos we wouldn’t have IOS XE. So please don’t hate these other things that you don’t use, aren’t familiar with, or don’t understand. They all exist together in an ecosystem. You can’t have B without A and without C it can’t be as easy as ABC123.

I title this blog “Monoglot Heros” or those of you that are lucky enough to use one language to get your job done. For those of you that are lucky enough to be able to use one thing and be amazing at it please don’t hate us polyglots. You know who you are polyglots. Those that must configure Junos, IOS, PanOS, Check Point, Adtran and all the other network operating systems out there. Those who must program in a dozen languages due to working in a schizophrenic environment or because you rapidly evolve with the world and want to learn all there is to know. Each language is a tool and its a tool to solve a problem. Some of us have more problems than others to deal with so please love us, embrace us, understand that we need to live the life of a polyglot.

When being passionate have humility. There was a time no seeming oh so long ago when I didn’t have humility. For me my wake up call was a large group of upset union workers. I found my humility and luckily kept my legs in fine working order. I haven’t seen these violent threats in the networking or programming communities and I hope it doesn’t come to that. Keep an open mind around what your brothers/sisters in arms do and come to understand more of the WHY people are passionate about something. It will help you understand the other language/config and where the other person is coming from. Take a lesson from the Jedi and don’t deal in absolutes, search your feelings and you will know what is true.

%d bloggers like this: