As I had mentioned previously this year, I’m going back to school. Not to take classes, but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their kid wanted to learn Python, I developed an Intro to Python class aimed at high school students that I’m teaching weekly. I thought that this would be good fodder for the State of Security. So, whenever I have something interesting to discuss, I’ll post it here.

Week 5 proved to be an interesting week for a couple of reasons. I volunteered seven hours of my time to provide extra Python help to some of the college students who wanted to put in more time with the language. We had SecTor, which my team here at Tripwire along with several of my students attended. In my high school class, we reviewed their previous week’s quiz, and with the college students, I discussed obfuscation. It was the obfuscation that I wanted to talk about this week.

Shroud of Mystery

Cybersecurity is shrouded in mystery. To be fair, many industries are, but there’s something different in our mystery. Sure, companies like Coca-Cola and KFC keep their recipes under lock and key, but that’s one aspect of their business. In our industry, everything is a mystery. From businesses to criminals to enterprises to individuals, everyone wants to keep information secret and limit the flow. Everyone thinks they have a reason to do this, and in many cases, they are correct. For those entering the industry or learning, this can make the waters even trickier to navigate.

Interestingly, there’s a lot that we don’t intentionally hide, but it remains (Read more...)