Shimel Violates Cardinal Rule Of Vegas at Black Hat Conference
Well, I have to say that we had a great time last night, "networking" in Las
Vegas at the Black Hat conference. A whole crew of us checked out the various
vendor bashes, including the Qualys and Fortify parties. You know me, I'm not
one of those elitist security vendors, I just hang with the common security
practitioner, sharing my knowledge and experiences, trying to help the overall
cause for better security. But I have to say, something's gotten into Alan
Shimel. He's just become some kind of unrecognizable person since I saw him last
(it was only a few weeks ago when he was visiting Colorado, after all.) I think
it had to be the high gas prices, maybe that the airlines now charge you for a
drink of water, or maybe the bathrooms on his airplane were converted to the
coin operated kind. It has to be something. Here's the situation I'm talking
about...
First, Alan comes up with some wild, totally off the wall story about me borrowing his shoes to get into some Vegas club because I was wearing "Colorado country bumpkin" sandals. Now, I have been working in Boulder, Colorado, a lot recently so I could see how he might mistake "Colorado Wingtips" for sandals. They go over perfectly fine on the Pearl St. mall in Boulder, after all. But, to go public with such a crazy story on his blog is clearly a violation of the fundamental code of conduct of Vegas. What's come of the well accepted axiom, What happens in Vegas, stays in Vegas?
Is there no trust left among security friends and former co-workers? My little notebook is full of titillating Shimel stories, but do I go public with them, tossing them around carelessly for all to read? Certainly not, and not on my blog! Do I talk about Shimel's case of prairie dog mistaken identity and Manhattan rodents, or his curiousness about air conditioning and cattle? No! Those are to remain strictly private, something only the intimate details shall be known among Alan, myself and an unnamed source at the Gartner Group. (No, It's not Rich Mogull.)
Despite Alan's other significant contributions on his blog, flogging the latest security vendor who writes a fluffy bunny or woefully inaccurate press release, and his building up of the Black Hat Security Bloggers Network, this situation is still one that must be dealt with, and dealt with swiftly. It is unfortunate to inform everyone of this, but I have petitioned the Black Hat security ethics committee for a formal review of Alan's conduct in this matter. While their punishment can be very harsh (too graphic to talk about on a blog), I'm sure this matter will be dealt with swiftly and justly. I'm just relieved to know that caning is still illegal in the U.S. (but, I'm not 100% sure about Vegas).
In the meantime, please take with a grain of salt any further tall tales by Alan regarding other Black Hat members' actions here in Las Vegas. I wouldn't want to see additional claims made against what has otherwise been a fine, upstanding contributing member to our security community. I'll will keep you all updated for those who follow me on Twitter.
