[ISN] The Man Who Debunks Virus Myths

From: InfoSec News (isnat_private)
Date: Tue Aug 07 2001 - 03:11:33 PDT

  • Next message: InfoSec News: "[ISN] Study: CIA's In-Q-Tel 'worth the risk'"

    By Michelle Delio 
    2:00 a.m. Aug. 6, 2001 PDT 
    Rob Rosenberger is determined to shine the bright light of sarcasm
    into every dark corner of the computer security industry.
    His website, Vmyths, focuses on presenting the facts -- as Rosenberger
    sees them -- about computer viruses, dispelling any media-fueled
    hysteria about computer security and disputing the smallest shred of
    misinformation from the security industry itself.
    Rosenberger carefully reviews the press coverage of every virus alert
    and rips into reporters who mindlessly repeat whatever "facts" they
    may have been fed by their sources.
    He also savages the experts themselves, mercilessly analyzing their
    motives and stripping them bare to the public's glare.
    Victims of his investigations often ask each other: "Just who the hell
    is this Rosenberger guy anyway?"
    Rosenberger is not just a random ornery writer with a website and a
    bone to pick. He's an experienced programmer, a systems administrator
    and a man of mystery with high-level CIA security clearance.
    Information about Rosenberger's status with the CIA was confirmed by
    an inquiry to a government office, and Rosenberger understandably
    refused to verify or even discuss the issue.
    That's odd, because he's usually ready, willing and able to talk about
    almost anything.
    In his columns for Vmyths and his press releases, Rosenberger happily
    employs huge amounts of sarcasm, satire and outright absurd comments
    to trash any pronouncement that he thinks is intended to spread FUD
    (Fear, Uncertainty, Doubt).
    In response to last week's Code Red media blitz, Rosenberger suggested
    that the best course of action would be to simply "turn off the
    "If Code Red can destroy the Internet, then clearly, the time has come
    for us to give up interconnectivity. Let's just shut down the Internet
    for safety reasons. Call it a failed experiment. Stop the insanity!"
    Rosenberger wrote in an e-mailed statement.
    He vehemently disapproved of the FBI's National Infrastructure
    Protection Center's (NIPC) decision to push the mainstream media to
    write stories about the Code Red worm.
    "When officials need to warn people about a tornado, they broadcast a
    prepared statement over radio and TV. They don't implore reporters to
    write stories about the tornado," Rosenberger said.
    "And they don't ask USA Today or the Wall Street Journal to get
    involved. They deal with local media. Local media in this case would
    be technology publications and websites."
    Rosenberger decided the best way to change the NIPC is to become a
    member. He wants to set up an industry advisory board to work with the
    NIPC and, of course, he wants a seat on that board.
    He launched his campaign with a press release shortly before the Code
    Red story broke and preoccupied the media, so Rosenberger feels the
    worm may have pushed his story out of the limelight.
    "The fallout from the hysteria will occur soon, though, and I predict
    everyone who backed the NIPC will suddenly back out. They'll want the
    Feds to take all the heat. When the fallout starts, everyone will say,
    'You know, I think Rosenberger had an interesting idea there,"
    Rosenberger said.
    Currently, most of his attention is centered on writing for Vmyths,
    which was launched in 1998. Rosenberger handles the day-to-day
    editorial affairs, with Crypt Newsletter editor George C. Smith
    serving as the editor-at-large.
    Rosenberger said he doesn't closely monitor the site's pageview stats,
    but he says he speculates that about a quarter-million people visit
    the site each month.
    Of course, Vmyths feeds off the very hysteria that it aims to combat,
    an irony that Rosenberger is quite aware of and attempts to combat by
    refusing any advertising from the computer security industry.
    "Vmyths.com is the first safe haven for computer security critics,"
    Rosenberger said. "It must refuse money from the computer security
    industry in order to survive. We could get wiped out or we could be
    corrupted if we grow addicted to their income. Addicts will do all
    sorts of things just to satisfy their addiction."
    Some people in the industry understand that Rosenberger's rather
    over-the-top pronouncements are meant to draw attention to serious
    "Rob is a pretty funny and opinionated guy," said Marquis Grove, of
    Security News Portal.
    "You may not always agree with his take on any given topic, but it
    does cause you to give careful examination to both sides of an issue,"
    Grove said. "If Rob's opinions cause you to pause and ponder, then he
    has accomplished his goal of creating awareness."
    Rosenberger is the first to admit he doesn't have a lot of fans in the
    computer security industry. But he figures any dislike is just part of
    his job as a critic.
    "Roger Ebert faces the same problems when he trashes a movie,"
    Rosenberger said. "The actor takes it personally, the director takes
    it personally, the producer takes it personally, and the movie studio
    takes it personally. So when someone yells at me, I think to myself
    'Ebert hears the same shit.'"
    He also said he understands why his writing might anger the people he
    focuses his attention on.
    "We're talking about real people who go to work every day just like
    the rest of us," Rosenberger said. "They fight viruses for a living.
    They want to go home each night feeling like they accomplished
    something. We all do. So it hurts when a critic comes along and says,
    'You Suck!'"
    But some of the people he's written about over the years still like
    "I don't always agree with the way he phrases things, but when he's
    been wrong about something related to me, he's been quick to correct
    it which to me is the mark of a gentleman," said Sarah Gordon, a
    member of Symantec's AntiVirus Research Center team.
    "I guess that's how I'd describe Rob," Gordon said. "He can rub people
    the wrong way and I don't always agree with him or the way he puts
    things, but at the end of the day he's a real gentleman and a class
    Before launching Vmyths, Rosenberger, 38, was a computer programmer in
    the U.S. Air Force. After leaving the force, he worked on Department
    of Defense contract jobs until 1989.
    He authored shareware from then until 1996, when the Air Force invited
    him back to active duty for a year to work on computer security.
    After that stint ended, Rosenberger planned to go back to college, but
    a St. Louis Fortune 1000 firm flung a lot of money at him, and he
    handled their security until 1999, when his wife decided she wanted to
    move to Iowa to be near her mother.
    Rob took a six-month sabbatical in 1999 "so I could putter around the
    house and get it ready for sale," he said. "During that time I worked
    almost full-time on my virus hysteria website. My wife invited me to
    try to turn the site into a real job, so I opened an office in our
    little town and picked up a sponsor, ScreenSaver.com. And here I am."
    But he's not completely removed from his government connections.
    A plaque on a wall of his office refers to his status as "Crew Chief,
    First Information Warfare Division, 609th Information Warfare
    He will discuss his official status as an "Air Force historian," but
    refuses to discuss why a historian needs to have DCID 14/4 clearance,
    which, according to the Central Intelligence Agency, gives Rosenberger
    "access to sensitive compartmented information on a need-to-know
    Rosenberger just smiles politely and changes the subject when asked
    about security clearances or anything related to government work.
    But a flash of what might be military training is present when
    Rosenberger is asked if he really expects to win his war against
    "I did not come here to lose," Rosenberger snapped.
    The next stage in his battle plan against virus myths is a research
    project that Rosenberger has dubbed "House 2.0."
    The project is intended to determine if a safe and secure business
    network with no traditional antiviral software can be successful.
    For this experiment, Rosenberger built a genuine enterprise network in
    his own home, complete right down to the T1 line and the two data
    racks bolted to the floor of his server room.
    "You really don't want to know how I convinced my wife to add a server
    room to our house," Rosenberger said.
    The experiment has just passed Phase One, which Rosenberger said
    proved successful because he built the network from the ground up with
    security as its goal, and because he implicitly trusts every user on
    his network not to click blindly on strange attachments, or download
    files harboring any evil code.
    In Phase Two, he plans to expand the network to other,
    not-so-trustworthy users, thanks to a company called LogiCerv, which
    has offered to supply him with 16 more servers.
    He'll educate the new users about computer viruses and turn them loose
    on the network.
    Assuming Phase Two is successful, the experiment will enter Phase
    Three, and Rosenberger will see how long he can maintain a virus-free
    network, sans any antiviral software.
    The big test is soon to come, Rosenberger said.
    "Phase Two will bring my mother-in-law into the fold. Now there's a
    non-trustworthy computer user."
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Aug 07 2001 - 07:47:59 PDT