Shostack + Friends Blog Archive


Ptacek scores, Pre-Blogging Department with the assist!

Matasano’s Thomas Ptacek had a Groucho-like reaction to being included as a “Top 59” infosec influencer in’s recent list. EC’s Pre-Blogging Department was initially caught flat-footed on this, but predicted in an update that Tom’s view would gain traction. And it has. Meanwhile, Mark Curphey has stirred the pot by leaving the Security Bloggers’ Network and explaining why he chose to do so.

I hadn’t heard of the SBN until news of the top sekrit security bloggers’ dinner at RSA started to hit the intertubes, although EC is on it. Bejtlich, even though he doesn’t read EC (come on, buddy!) has a view essentially identical to mine on this subject. One aspect of the ensuing discussion that I think is great comes from a CSO who emailed Mark, and whom Mark quotes as asking about:

…the guy who does nothing but conferences and magazine columns, but mysteriously nobody can actually recall him/her actually being a meaningful contributor, holding a senior infosec management post, or similar real world qualification?

I’ve heard this archetype discussed over beers, as I suspect many of us have. Nice to see that there’s a sense out there that while a “real list” of influencers may be a matter of opinion, we can profit from discussing it. Again, Curphey gets it right when he writes of mysterious omissions from the Top 59:

Dan Geer, Mike Howard, James Gosling, Andy Jaquith, Phil Venables, Spafford, and so on.

I might quibble at the margins (No Wietse Venema, Ross Anderson?). Just finger for some influential but lesser-known names, tending toward the vuln research end of things.
I don’t know what the point of all this is, but to the extent that it stirs things up and adds a little chaos into the mix, it’s good. Speaking of stirring the pot, Alan “BalrogShimel has weighed in, too:

Fighting over whether the list is accurate, is the list full of crap or who should be on the list, is just frigging asinine.

Hey, don’t hold back, dude.

Finally, it would be remiss not to credit InfoSec sellout for providing a handy taxonomy.

2 comments on "Ptacek scores, Pre-Blogging Department with the assist!"

  • Adam says:

    I posted this in a comment to Mark McCurpehy:
    I think you’re conflating “How do people want to read my stuff???? with “How do I want to read their stuff????
    I’ll admit, I don’t read everyone in the SBN. But I have readers who like the SBN, and it costs me little to help them out by making the Emergent Chaos feed part of that feed as well. So why not?

  • I hvae yet to post my rant on this list. The list really is bullshit and contains a whole bunch of unknowns who have contributed nothing to the Information Security Community other than their inflated egos and perhaps a few dollars in to their VCs pockets.

Comments are closed.