Feelings! Nothing but feelings!
At BSides San Francisco, I met David Sparks, whose blog post on 25 security professionals admit their mistakes I commented on here. And in the department of putting my money where my mouth is, I talked him through the story on camera. The video is here: “Security Guru Tells Tale of How His Blog Became a Botnet Server ”
It felt weird. It really did. I’m glad I did it. I want to continue to be able to talk about owning up to mistakes, and a big part of that is how we feel about talking about it. It’s all to easy to talk about something else, and not learn from it.
On which, kudos to Chris Hoff for talking about his story in “A Funny Thing Happened On My Way To Malware Removal….” Kudos to Jeremiah Grossman for owning up to being “Terrified” before getting on stage. And kudos to Bill Brenner for writing his OCD Diaries.
Despite our aspirations, we’re not computers. We’re not fully rational beings. We’re collections of tiny advantages collected in an expressed genome. We are products of our experiences through life. Pretending it’s all about the technology hasn’t worked.
I’m eager to learn from my mistakes and share the lessons, but I don’t always see those lessons myself. So sharing the stories and learning from each other will give us advantages, let us become products of not only our experiences, but those of others, and drive our ability to make information security a lot more fun.
Seeing more than the technology is one of the key themes that Andrew and I wrote about in the New School, and I think it deserves more attention.
We’re not going to be all about feelings here, but we’re going to talk more about the human side of security.