[funsec] Self-promotion

Rob, grandpa of Ryan, Trevor, Devon & Hannah rslade at sprint.ca
Sat Sep 17 02:53:17 CDT 2005


> I'm sorry, but the guy is just so off-base and is such a relentless  
> self-promoter on top of it all, I can't see that he contributes - 
> anything- constructive.

Self-promotion?  Hah!  I, who created cissp-self-promotion at egroups.com, I 
*laugh* at your self-promotion!  Piffle!  Gibson?  He's an *amateur* at self-
promo (and general annoyance of the community).

You want self-promotion?  I've been saving this up, so I'm gonna sanitize it a bit, 
but those who hang around security lists should be able to recognize the guy ...


MLDRASSC.RVW   20050817

"Dear Associates", Xxxx Xxxxxxx, 2005, free (and worth it!)
%A   Xxxx Xxxxxxx
%C   someplace 
%D   2005
%E   it would help, but he doesn't have one
%I   Xxxx Xxxxxxx Enterprises 
%O   Free on any security mailing list Xxxx Xxxxxxx can get on
%O   Audience n- Tech 1 Writing 0 (see revfaq.htm for explanation)
%P   must be in the millions by now
%S   Xxxx Xxxxxxx's repostings and opinions
%T   "Dear Associates"

First of all, to avoid any charges of bias, I should say that, while I
have no connection with Xxxx Xxxxxxx, this review has been commissioned.

October 15, 2003 Xxxx Xxxxxxx posted a message to the securitytech mailing
list, trying to promote a workshop.  Almost nothing more was heard
from him for the next 18 months, by which time he had obtained his
CISSP.

list x was created on May 12, 2005.  It appears to be
primarily a vehicle for Xxxx  to repost articles either from news sites
or other security mailing lists.  Occasionally Xxxx presents an
opinion on the topic, usually less than a sentence in length.

The first post Xxxx  made to the CISSPforum was on July 25, 2005, and
was, rather ironically, in response to a discussion about subjects
that would be off-topic in regard to the postings on the forum. 
(Xxxx's posting did not address the theme: he said something about the
motivations of criminals.)  Between then and August 17, 2005, he
posted 82 messages, or an average of four per day.  Of these, eighteen
were the aforementioned recycled news stories, sixty were responses to
the postings of others (generally supplying little in terms of new
content), and the remaining four were topics originated by Xxxx.  In
two of those he asks for the opinions of others in regard to audit,
one (CISSPforum #75460) is an intriguingly convoluted (and misspelled)
attack on others, and one is an apology, in which he promises to limit
his postings.  (It is followed, four and a half hours later, by more
recycled news stories.  And, an hour and a half after that, by a
posting dissing the CISSP certification.)  (Since then his posts have
been less reiterative, and more vituperative.)

Xxxx's responses to other messages typically provide only simple,
generic information, and frequently do not address the main theme.  In
one recent post, someone asked whether checking that a password was an
anagram of the username was a standard feature of password checking
software.  Xxxx's reply was that a) he had used a password checker, b)
password checkers are extra work, and c) many sysadmins foolishly use
the same password for every system.  In other posts he points out that
computers are connected to the Internet, that detective controls
exist, that some companies outsource security, and that sysadmins make
mistakes.

It isn't altogether clear whether Xxxx's first language is not
English, or if he is just in such a tearing hurry to get his posts out
that he doesn't read them, but they are rife with errors in spelling,
grammar, and even typing.  Often these mistakes combine to such an
extent that it isn't really possible to know what Xxxx  is talking
about.

Xxxx's replies to other people increasingly contain references to
democracy, and implications that certain persons or groups are
attempting to restrict his freedom of speech.

Given the lack of material in the postings, and Xxxx's lack of concern
over the enormous amount of negative reaction his postings generate,
it is likely that his postings are an attempt to build "mindshare" or
"presence" within the security community, simply on the volume of
postings alone.  However, the content of his messages is quite basic,
and would only benefit the rawest newcomers to the field.  Generally,
the impression that is being left is of one who is consuming a great
deal of bandwidth (and the time of others), to very little purpose.

MLDRASSC.RVW   20050817


> From: Xxxx Xxxxxxx
> Date: Aug 16, 2005 4:17 PM
> Subject:         Apologies to the forum....

> To whom it may concern,

We're not concerned.

> Apologies to one

Who is that?

> and all of this forum who I may have inadvertently
> offended or upset.

How about those you have advertantly offended?

> In the future I will refrain from expressing my opinions

Promises, promises ...

> on this forum and instead directly contact members off list to avoid
> the onslaught that generally appears following any of my follow up
> posts. 

I haven't seen any onslaughts.  Have you seen any onslaughts?

> If you have an opinion about me personally I kindly request that you
> forward it to me directly 

My mother told me not to use that kind of language.

> and not the forum!, (that is the professional thing
> to do). 

Do the professional thing!

> Posting to the forum only upsets people

Absolutely.  Every time I post a book review, people get upset.

> and serves absolutely
> no value except to degrade the content of the forum.

There are, of course, those who would say that it is impossible to
degrade the contents of the forum.  

> I trust that our
> forum peers will concur with this fact.

Trusting soul, isn't he?

> If a member posts a request and/or contacts me directly for
> information I will only respond if I see a legitimate e-mail address
> (not generic). 

What about a legitimate generic email address?

> Please do not take any of this personally, its just the way that I
> operate. 

He's a bot!  I knew it!

> Leadership Quotes by Kenneth Blanchard: "The key to successful
> leadership today is influence, not authority." 

Xxxx  certainly has influence (like influenza), even if he is hardly 
authoritative.


From:       Xxxx Xxxxxxx
Date sent:  Wed, 17 Aug 2005 13:42:25 -0300
Subject:    Targeting the Newbie - "Associate of (ISC)2"

> It is obvious that there are many professionals who now maintain the
> CISSP credential of various levels of talent and experience. 

It isn't even obvious what that sentence means.

> Thus when addressing the CISSP forum it is impossibly to
> differentiate between newbie's and the many seasoned veterans. 

One indicator is that seasoned veterans tend to spell properly.

> However, that fact remains that the CISSP is the premier information
> security certification which establishes a benchmark or starting
> point for professionals following this career path. 

Well, now, they had to have been following the path for four years 
already ...

> With that in mind, rather than creating more and more
> certifications, (which marketing people live for), 

You just answered your own question.

> why not introduce a class or level into the existing
> CISSP cert. 

Agreed.  All those in favour of marking Xxxx's cert as second class 
say "Aye."

> For instance a class 'A' could represent passing the basic exam
> which would test for knowledge and understanding. Class 'B' would
> test for high levels of practicum such as application and analysis,
> while a third level 'C', (the highest level), would test for
> synthesis and evaluation skills. 

D would be the grade assigned to those who suggested this was a good 
idea.


From:         Xxxx Xxxxxxx
Date sent:    Wed, 17 Aug 2005 23:07:41 -0300
Subject:      The USA tries to impose its "moral" values on the rest
of the Internet

> To whom it may concern,

a) We aren't.
b) Not "Dear Concerned Associates"?

> Although there may be some moral benefits I don't see this strategy
> as simply being driven out of moral values. 

There's a moral benefit to driving out moral values?

> They are other issues involved.

Surprise, surprise.

> Our communities, social values and criminal activity is being
> recreated online at a staggering rate. 

Just last night there was a purse snatching on alt.fan.Britney-
Spears.

> Many communities have created red light districts to attempt to
> isolate issues, problems before they affect other parts of the
> region. 

cissp-red-light?  If only he would go there ...

> In the real world these issues impact crime rate, 
> insurance, property value, quality of life and the economy.

But not family structures, political will, or the workers-control-of-
the-means-of-production.  

> It's perfectly logical

Oh, silly me.  I thought it was pointless maundering.


Subject:      Revised OT standards
From:         Xxxx Xxxxxxx
Date sent:    Tue, 30 Aug 2005 16:42:20 -0300

> Speaking of off course.

Obliviously.

> Some of you guys sure get your knickers in a not 

Are you implying that we lack undergarments?

> Generally most discussions that I'm involved in focus on the subject
> line, 

Well, they certainly seem free of topic!

> after all that's why we have one.......correct..??  Oh don't tell me
> you want to debate the purpose of a subject line too... 

We frequently do ...


Subject:      Risk Assessment Question (sidebar again ???)
From:         Xxxx Xxxxxxx
Date sent:    Tue, 30 Aug 2005 18:41:12 -0300

> Ok, and what value have you offered with this advise,

Proper spelling?

> except to demonstrate major contempt for a simple attempt to get
> some thought processes happening? 

He's right, you know.  Xxxx is obviously trying desperately to get his
brain to work.  With a signal lack of success.  

>  I just don't understand

We know.

> some of the listserves member's motives and it 
> appears to always be the same group of people....

True.  "Those with brains."

> Are you guys attempting to
> silence everyone,

He's tumbled to the plan.  Now we'll have to kill him.

> so that no-one dares to offer any information regardless of
> whether its conjecture or not? 

Well, I'd certainly be in favour of preventing people passing off
conjecture as information.  We have enough trouble with the Integrity
side of the triangle as it is.  

> Is that what they teach in your old school of
> learning?

He's not from the Old School!  Strangle him with his counterfeit tie!

> .....  Because if it is, it has nothing to do with leadership or
> collaboration.....

No, but it does have to do with accuracy ...

> If all you can do is offer criticism than I challenge you to
silence. 

OK, I accept.  You go first.

> I 
> won't waste much more time on repelling insolence,

Oh, please don't stop!  Your petty whining is *SO* entertaining!

> its such a waste of time and
> my patience....

Yes, it's obvious you don't have much of that ...


Subject:      Disaster recovery/ business continuity software (EOT for
MB)
From:         Xxxx Xxxxxxx
Date sent:    Fri, 2 Sep 2005 22:59:29 -0300

> The only thing that is apparent is that we both have different
> experiences and 

Some real, and some imaginary.

> regardless off who's right or wrong. 

He's going to off people regardless?

> I'm no going

He's stopped?

> to continue this online
> debate,

Don't people in a debate have to been discussing the same topic?

> because it will only end up p*** off the list serve membership.

He's going to pick people off?  That's twice he's talked about 
offing them!

> Best of luck with your work.....

Best of luck with your babbling.

> I look forward to future discussions !!

I thought he was stopped ...


Subject:      Disaster recovery/ business continuity software
From:         Xxxx Xxxxxxx
Date sent:    Fri, 2 Sep 2005 22:53:18 -0300

> That's an interesting example, because when I go to purchase my
> groceries a person standards there and sweeps bar codes across a
> scanner before taking my banking card and swiping it for payment. 

Aha!  We begin to get some information on the reasons for Xxxx's
babbling.  Obvious dietary deficiency: he doesn't eat any fruits or
vegetables, only processed and packaged foods.  

> When I go to the bank a person
> standards in front of me and swipes my card to retrieve my account.

Lives in an area with no ATMs.

> When I go to the doctor or hospital a person stands in front of me
> and swipes my health card. 

And makes a diagnosis on that basis?

>  Human touch may be preferred but automated effective, efficient
> logic and computers will always handle the majority and the core
> processing, wherever operational costs can be reduced. 

And whereever meaning can be removed from verbiage.

> e-business is all about automating and reducing costs to improve the
> bottom line and when I go shopping online there is nobody doing the
> swiping for me (except maybe my wife). 

I've never yet swiped a card while shopping online, but I will admit
that my online shopping experience is limited.  

> Of course there are industries where manual labour is necessary, but
> even in many of those such as mining technology is being integrated
> through the use of robots and wireless technology. 

Oh, yeah, robots and wireless work *real* well down the mines.


From:         Xxxx Xxxxxxx
Date sent:    Tue, 6 Sep 2005 07:26:23 -0300
Subject:      Video Surveillance  (I can't believe you...)

> You "busy-little-bees"

Better a busy bee than a sonofa bee.

> turn everything that I say

No, Xxxx.  This little bee, for one, doesn't even bother to read
everything you post.  In a way, you're like my favourite newspaper
(when travelling), USA Today.  I always know that, regardless of how
rushed I am in the morning, I can start reading USA Today, and, if I
have to leave without finishing, I haven't missed out on any news at
all.  

> around and then post them to
> the masses

Hey, any publicity is good publicity.  You should be thankful.

> instead of writing me directly as I have requested.

I understand that a number of people tried that.  It didn't work.

> Not everyone sees things as you do....

It takes all kinds to make a world.

> so please stop pretending that they
> do.....

Oh, now you're trying to destroy our fantasies ...

> I'm not berating anyone,

That'll be a first ...

> just providing some additional facts to consider as per
> Anthony's inquiry.....

Ummm, nope, no facts here ...

> Please stop making everything that I contribute

You contributed something?

> negative only

No, you've got it all wrong.  We're *positive* that your postings have
no content.

> to make 
> yourself look better,

I think the aim is to save time and bandwidth.  Actually, New Yorker
dog cartoon to the contrary, on the net it is quite easy to see who
contributes more ...

> its very transparent culture or not....

Well, the meaning of that wasn't transparent ...

> its not 
> professional to make an impersonal subject personal.

It isn't exactly professional to whine and complain every time someone
points out that you've made an error.  So don't take it personally.


Subject:      Video Surveillance  (I can't believe you...)
From:         Xxxx Xxxxxxx
Date sent:    Tue, 6 Sep 2005 18:46:38 -0300

> The difference is;

That what's sauce for goose Xxxx  is very much *not* applicable when it
comes to us ganders/bees/members of the forum.  *Obviously* the rules
don't apply to *Xxxx!*

> When stating an opinion it should be made subject specific

Rather than just random blather.

> and not a 
> critique of someone else's opinion. 

Oh, good heavens, no!  My gosh, if you try to critique someone else's
opinion, why the next thing you know, people will be trying to
determine if purported *facts* are correct!

> Regardless of whether someone is right or
> wrong

I mean, you know, really, is anyting really right or wrong?  I mean,
can't we just all accept our own reality, you know?  I mean, just,
like, *be*, OK?

> it is not the responsibility of one peer to critique another's
> opinions,

Good heavens, no!  To critique a peer might actually correct an error
that they were making!

> that's unprofessional

Definitely!  Professionals just accept any old garbage!  Especially
auditors!

> and petty

No, petty is flinging wild accusations in all directions every time
anybody hints that you might be wrong.

> especially if its regarding one persons
> assumptions about what the writer thought or intended. 

That is, of course, assuming that the writer actually thought.

> Critiquing someone's
> freely expressed opinion is the role of a Moderator.

Not really.  A moderator in a debate or discussion is there to make
sure the debate doesn't get out of hand.  A moderator should be
willing to rein in someone going off on tangents, or making wild
accusations, or unsupported statements.  (Or a moderator might reign
over the discussion, and keep people in line.  Or possibly rain on the
loose cannon's parade of diatribe.)  A moderator on a mailing list, of
course, might simply ensure that extravagantly extraneous posts don't
make it to the list, or that an abuser of the list is removed.

> If a person feels that they have a better answer,

And you obviously feel you do ...

> than express it!  

Doing that right then, rather than keeping silent?

> If it is
> indeed a superior answer that it will stand up for itself......

Well, we hope so ...

> and if its not
> it will fall by the way side.

But sometimes total garbage gets a little help from people who keep
repeating it.

> To be completely honest,

Why is it that as soon as someone says this, we figure he's being less
than forthright?

> I was asked by Anton

Obviously a breakdown in the Toronto LARA node ...

> to join this forum

But you didn't have a CISSP, right?

> after he 
> noticed my posts on the Privacy Strategies listserve

You should have kept them private.

> because he enjoyed my posts

We really *will* have to fix the Toronto node ...

> about privacy related policies and issues,

Is "shut up" not one of them?

> but now I'm wondering what the real
> motive was.

Obviously an evil plot to get you to make a fool of yourself in front
of a huge component of the security community!

> If you met me personally,

Please, we hardly know you!  (And, by this time, many of us would like
to keep it that way ...)

> you would soon find out that many of the 
> assumptions made on this forum about me are unfounded.

OK, he's not a guy named Xxxx, and he doesn't have a CISSP.  What
other assumptions did we make when he first started posting?

> Busy-little-bees indeed.....

Yes, frequently too busy to grab random notes off other lists and
repost them here.



======================  (quote inserted randomly by Pegasus Mailer)
rslade at vcn.bc.ca      slade at victoria.tc.ca      rslade at sun.soci.niu.edu
The political and commercial morals of the United States are not
merely food for laughter, they are an entire banquet.   - Mark Twain
http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade



More information about the funsec mailing list