Ever wondered what makes Alpine tick? We decided to create this post to give our faithful readers some personal insight into how we see the world. Read on to take a journey into the minds of a few of our engineers and architects — and to have a little fun. So without further adieu, here is the first installment of Alpine Says.
What are some of your favorite blogs to read to keep on top of the technology world?
Steve: AWS Security, Full Disclosure, and High Scalability keep me busy enough. Wired and Engadget keep me in touch with the consumer market and other interesting topics.
Jeremy: Blogs:gizmodo.com, lifehacker.com, extremetech.com, engadget.com, techcrunch.com. I also listen to podcasts: Security Now, Risky.biz, Reply All, Startup
Frank: DarkReading, infosecurity-magazine.com, ArsTechnica. Some vendor blogs also can have really good insights into the threat landscape.
What is the worst day you have had in IT support?
Steve: My worst day was also my best. It was the day that I brought a new domain live, with a team simultaneously swapping thousands of desktop and laptop hard drives as the final step of a year-long separation from the previous parent company. While I was running on my 26th uninterrupted hour, my Sharepoint admin told me that he had accidentally deleted the largest of our content databases. No recovery possible. Thankfully, he soon realized he could re-import it from a previous backup, and the day was saved after a couple of hours. The roller coaster of emotions was intense!
Jeremy: After weeks (maybe months) of planning, I was responsible for overseeing a site-specific replacement of the HDs on my company’s laptops when we realized that there was a problem with the pre-imaged replacement drives when booting in the IBM Thinkpad T42 and T60 machines. It had to do with the TPM chips and we ended up having to reinstall the OS on almost every laptop. It grossly put us behind schedule and we ended up working way more hours than we thought we would.
Frank: Way back when I was doing IT for my college I had to help someone try to figure out why their printer wasn’t printing in color. After 45 minutes of being stumped, I asked if I could look at their computer and the document they were printing was all black text. They were just confused because they normally print those documents in color. While frustrated, I had to laugh a little. I can totally apply this to being a cyber security professional. There are many people that are used to doing things in their set ways, even it it’s wrong, and it’s my job to explain to them how to do it the correct, safe way.
What has been the coolest technology you have worked with in your career?
Steve: Amazon Web Services is by far the coolest in breadth, depth, and philosophy. They are continuously redefining the art of the possible with cloud computing, decreasing their prices as a matter of course, and bringing more and more advanced features to the masses each year. Their commitment to democratizing compute power and platform services decreases the barrier for all levels of tech hobbyist and professional to taking their projects to the next level.
Jeremy: I would have to say it is a toss up between Kali Linux for all of the Offensive Security work – vulnerability assessments, attacks, penetration tests, etc – and Amazon Web Services not only because of how accessible and reasonable in price computing capabilities are but really how broad the platform is in that you can quite literally build a virtual data center and design it however you want without being hindered with capital restrictions – the pay-for-what-you-use model makes it possible for creative and passionate technologists to pursue any project they can imagine.
Frank: Currently I find the sandboxing technology in some threat management devices to be the coolest thing I have ever seen. It is hard to wrap your head around the fact that a system can take a file and run it through millions of iterations of software to determine if it is malicious. In only a few minutes these systems can run a file through every version of Windows, with every patch level, with every version of Office/Adobe/etc and all of their patch levels. Amazing.
What drives your passion in your career?
Steve: I’m the luckiest guy I know. I get to work with amazing people, playing with cool technology, helping companies become more secure and capable for less money, all while keeping an eye on the true driver for my success — my family. Yes, I’m passionate about technology and proper process. But if that couldn’t provide for a good life for my family, I’d give it up in an instant. Thankfully, I’m lucky enough to be in a position where I can have it all.
Jeremy: I realized after I left college how much of a constant learner I am. Working in the technology field requires you to always be interested in the “why and how things work” not just the “what it does”. I try to engage with people who are smarter and more passionate than me because I learn from their experience and then I turn around and try to apply it to something that I am working on.
Frank: I fell into cyber security from the programming world. It turns out that I am pretty good at spotting the abnormal in patterns which leads me to be a pretty good analyst. Mix that with my love of ripping things apart to understand how they work and I have never had a boring day in my cyber career. There are always new malware samples and vulnerabilities to dive into. Because of this we are seeing a huge increase in really cool technology for reverse engineering malware and detecting it.
Pertaining to your job/field, what is something you wished other people paid more attention to?
Steve: My world is focused on IT infrastructure and information security. There is a simple fact in the world today that many people refuse to believe — a properly designed solution in a properly constructed “public” cloud (read: AWS) is MORE SECURE than its on-premises equivalent, with very few exceptions. Only companies of a certain size have the resources and talent to challenge the physical, technical, and administrative controls offered by an established cloud provider. Build your widgets. Let the cloud handle your data center.
Jeremy: This might seem like a pet peeve… and it is but a small thing I think everyone should understand is how to properly wrap or coil a cable… even though wireless technologies are becoming more and more common, we should still take care of our cables. We need them for communication, data transfer and charging. Here is a link to a great video that explains this art… https://youtu.be/pEd7ru24Vx0
Frank: I really wish people wouldn’t blow off security because it’s, “too hard,” or, “too annoying.” There are a ton of tools out there to help you find the middle ground between security and convenience. Yes, you should use a different password for every site, and there are a ton of tools to choose from to help you remember them. Yes, you should use two-factor authentication for every account that allows it. There are phone apps (or even SMS messages) that force you to enter a password and then a randomize, ever-changing, passcode as well. Nothing in security will be more annoying than someone draining your bank account or opening a credit line with your social security number.
Is a hotdog a sandwich?
Jeremy: Despite all the evidence to the contrary, a hotdog is NOT a sandwich. I think the technicality exists in that most buns are a single roll that simply has a cut in it and not two separate pieces of bread… So maybe it has to do with how deep that cut is. The deeper and thus the more the bread becomes 2 individual pieces, the more likely it is becoming a sandwich.
Frank: No way! I am a big proponent of that idea that language is always evolving, and the sandwich definition is out of date. The best argument I can use to describe my feelings are if you were told you were having a sandwich for dinner and come back to a hotdog, you would definitely be taken aback.