Black Hat 2011: “Staring into the Abyss: The Dark Side of Security and Professional Intelligence” by Richard Thieme
Richard Thieme, esteemed writer, speaker, and thinker on important topics such as the relationship between culture and technology as well as the spiritual dimensions of technology, gave a fast-paced yet very deep talk at the 2011 Black Hat Convention held at Caesar’s Palace in Las Vegas.
Listen Carefully Or You Will Miss It All
One must listen carefully to Richard Thieme speaking because the talk is nested and there different levels of meaning. Thieme sets the stage by saying
“I’m going to try and build a bigger picture of the security world than we are usually in the habit of hearing described in all of the conferences we go to and try and look at some of the nested realities in which security is really taking place and ask ourselves whether the word security itself is appropriate to what is in fact the behaviors that actually take place inside the ‘security space.'”
The World Is Grey
We often hear of hackers being classified according to their “ethics” into White hat hackers, Black hat hackers, and Grey hat hackers but Thieme challenges the notion that the terms mean anything and that they can be so easily pigeonholed.
“As we grow and go through developmental changes, hopefully our view of things gets more sophisticated, more nuanced, more complex, and that usually means a greater sense of the grayness of all things. You hear about black hat hackers and grey hat hackers and white hat hackers and they are often defined imprecisely. “It’s all grey. The world is Grey. Distinctions that seemed clear and precise in our earlier life all go liquid on us and we realize that everything is not as binary as the code which is hackable.” “The truth is fudged all the time. We are all in it together; The world is grey. Hacking is a subset of the world, therefore hacking is grey.””A black hat hacker is a hacker. A grey hat hacker is a hacker who knows when to fudge the truth; and a white hat hacker is a hacker who put the truth down somewhere and can’t remember where he put it.”
The Myth That Is Called Security
“So when we talk about the problems that confront security the weakest link in the chain is frequently the definition of the problem and the definition of the problem is really not what we think it is.””Security vendors sell solutions that address our fears, real or imaginary, and they sell the tools that can do what they can do. They can’t sell the tools that can’t do what they can’t do.””People lose the ability to think critically about information. People don’t know what is true so they believe simplest explanation that will secure their world so they can wake up in world that is same as when they went to sleep.”
The Problem Is Built Into The System Itself
Richard Thieme talks about being approached by a company that wanted him to work in the area of Brand Defense. It was explained to him that his job would be to create credible looking websites for the company where people could go to criticize the company or ask questions regarding a problem. Sound familiar? The goal was to control and direct the conversation in the direction that would be in the company’s own good. If someone got too close to the truth, Thieme stated, it was time to “blow it up” or to inflect the conversation.
The Solution
Be real with yourself. Don’t let that nagging feeling go untended. Do not rely on others to take care of the issues you see, because then you give all your power away. If you see some odd process going on in the background of your computer or your mobile phone, don’t rely on your favorite website to update you on the news. Start learning more about computers. And don’t forget to get the free and useful tool Wireshark so you can get started yourself in seeing what the fuss is all about.
I Want To Hear More Of What Richard Thieme Has To Say
You can learn more about Richard Thieme on his personal website.
If you think hes speaking style is elloquent then you just might find his books fun to read as well. You can download kindle versions of his books on Amazon.com
Richard Thieme Books
Mind Games by Richard Thieme. (From Amazon.com Description) Mind Games is a unique collection of 19 stories of brave new worlds
and alternate realities – stories of computer hackers, deception and
intelligence, puzzling anomalies, spirituality and mysteries of
consciousness, the paranormal, UFOs, alien life forms – in short,
everyday life in the 21st century.
Islands in the ClickStream by Richard Thieme. (From Amazon.com Description) CNN called Richard Thieme “a member of the cyber avant-garde”. Digital Delirium named him “one of the most creative minds of the digital generation”. Now Richard Thieme’s wisdom on the social and cultural dimensions of technology is available in a single volume. “Islands in the Clickstream” ranges beyond the impact of technology to spirituality, psychological insight, and social commentary. Now that people are used to living in virtual worlds and move easily between online and offline worlds, they want to connect that experience to the deeper issues of our lives, including spiritual issues. Some examples include “Dreams Engineers Have”, “The Crazy Lady on the Treadmill”, and “Whistleblowers and Team Players”. These essays raise serious questions for thoughtful readers. They have attracted favorable commentary from around the world and a fanatic, almost rabid fan base.
YouTube Video | DEFCON 19: The Dark Side of Crime-fighting, Security, and Professional Intelligence
The speech was also given at Defcon 19, and as of December 1, 2011, can be seen on Youtube.
Awesome post!
I happened to walk into Richard’s presentation at Black Hat this year, on a whim. The presentation I wanted to listen to at the time was boring me, so I wandered into the room where he was giving his talk.
“Stairing Into the Abyss” absolutely moved me. Afterward, I went up to the front, shook his hand, and thanked him for his presentation. I then went upstairs to buy his books, and when I found they didn’t have them, ordered them immediatly from Amazon.
Thanks for the post.
It’s amazing isn’t it? Just when I thought I understood the talk and what I wanted to write about I would watch it again and come out with a completely different interpretation. Thanks for the comment. Dan