Changing the world, one side project at a time

It is somehow fitting that the day I retire, the state of Ohio chose to unveil an historical marker outside the former headquarters of my first employer, CompuServe. I guess I’m history :-)

Figure 1: “CompuServe Historical Marker”

Figure 1: “CompuServe Historical Marker”

I started in June of 1985, and, looking back, what was going on there was world changing: the first commercial email, the first online banking, the first online shopping, the first electronic news wire feed, the first song released exclusively online (Arrowsmith 1994), online chat (CB), OS and compiler development, VPNs (X.25 !), data over cable in ‘82 …

In the course of my career, it turns out that many of the things that mattered wound up coming out of individual side projects, not grand corporate visions.

1 Side projects

1.1 The Eternal September, sorry.

One of my earliest lasting contributions resulted from a side project that I put my good friend karl kleinpaste, up to: creating the first Compuserve <-> Internet mail gateway as a skunk-works project while we were both working at Ohio State Computer Science. Karl followed up with a USENET <-> CompuServe gateway, which was soon copied by AOL leading to the eternal september Sorry.

Eternal September seems to be about to repeat it self with facebook’s “threads” implementing a gateway to Mastadon.

1.2 The Web Browser that never was

Then there was this web browser I wrote at CompuServe that would have let the masses access the WWW before most people had even dial-up Internet. But the corporate powers-that-be we’re not sure this web thing was going to catch on, so it was never released. Vision !!!

It depended on a graphics library and the WinCIM interface developed by Steve Wilhite (of GIF fame)

1.3 The editor that created Linux

In early CompuServe days, Wilhite and I did a little collaborative coding to to improve MicroEmacs, I posted the source code to the Usenet group comp.sources.amiga and it took on a life of it’s own thanks to Daniel Laurence, first being called MicroGNUEmacs until RMS himself objected to the use of “GNU” in the name. Linus Torvalds (he of Linux fame) maintains a verison of MicroEmacs. And Carsten Dominik, creator of Org Mode (“Your life in plain text”) was an early user and was influenced by it.

Org Mode is central to most parts of my life today. What goes around, comes around.

1.4 SANS, IETF, Flocon, the White House

Along the way I wrote The Router Audit Tool (RAT). Offshoots of this work fed indirectly (via XCCDF) into the creation of STIX and TAXII. John Stewart, the venture capitalist and former CISO and VP of Cisco and Neil Ziring, tech director at NSA, contributed code to the project while I was leading it. Alan Paller of SANS convinced me to release it through the Center for Internet Security as one of their benchmark tools. RAT started as a side project at UUNET.

Also at UUNET I started what became RFC3871: The IETF OpSec working group continues to this day as an offshoot (“Many fine lunches”?). This was a side project that spanned UUNET and MITRE.

While at CERT (CERT/CC at Carnegie-Mellon, the original CERT, not US-CERT) I had the opportunity to chair twice. This was something of a side project for the organization, but one that got resources (my time).

Also at CERT I had the opportunity to provide netflow analysis training to the White House SOC.

1.5 Side projects at Palo Alto

At Expanse/Palo Alto I spent a lot of time staring at Internet scan data, trying to figure out what vulnerable devices were presenting themselves to us (and hackers). An irony here being that 15 years earlier we thought scanning was always bad, and there were PhD theses around how to detect it. Mike Collins is still cataloging scan traffic (give it up Mike, Internet traffic IS scan traffic :-))

After Palo Alto acquired Expanse, I spent a fair bit of time understanding the vast array security-related data available for analysis in other parts of the company. In my judgment, Palo Alto may have the best overall collection of data for analyzing and addressing security threats, second, possibly, only to AWS. They actively work to use these data sources to protect customers, see PanDB, for instance. I presented on my findings at an annual internal meeting of researchers. A side project.

As part of that effort I met Janos Szurdi and collaborated with him and other AMAZING researchers in that division, mostly on informal projects such as an internal “Hackathon”, my role mostly being to advise on the use of Expanse datasets. The result can be seen in Janos’ blog post about detecting stockpiled domains

At this year’s internal research meeting Tim Hofmockel and I explored further applications of combining data sources to support security analysis to solve our customers challenges. Such meetings are side projects for everyone, but the in-person interactions that happen there are what gets the creative and collaborative juices flowing and are often the source of further outside-the-box projects. I think that’s why I like them, and why companies fund them.

There is a possible patent coming out of some side efforts (this would be the first of my career).

2 The Amazon Leadership Principals

There is one set of corporate mumbo-jumbo I actually believe in: the Amazon Leadership Principals. They stick with you. They form a way of thinking about the world and getting things done: Dive Deep, Learn and Be Curious, Bias for Action, Earn Trust, Disagree and Commit, Deliver Results. It’s said that some Amazonians have to try hard to turn them off with family.

I think one of the reason those struck such a cord with me is that I saw them modeled 10 years before Amazon was founded at an early, impressionable period in my carrer. You could not have found a better description of Steve Wilhite (but one would have to add laconic, curmudgeonly, self-assured, stubborn and a few other adjectives)

I’m holding my Amazon stock despite Andy Jassey now being in charge and the FTC going on an anti-trust fishing expedition. The company is solid. And the leadership principals and customer obsession are a large part of it.

3 People matter.

Yes, you have to have corporate vision statements to keep investors happy and make HR VPs think they are relevant, but so often what matters are the side projects, the accidents, and things that fly under the radar.

I have it from Wilhite (30+ years ago) that the first DEC10 was delivered to CompuServe by mistake. It was then the computing arm of Goden United Life Insurnace Compay. They had ordered a smaller machine from Digital Equiptment Corporation. When the DEC10 arrived, they kept it, eventually started selling extra cycles as time-sharing (Cloud Computing, 1975), built a packet switched network, c.a. 1972 (take that ARPANet), started the first online service, c.a. 1979, and much of the world as we know it today was born.

Shortly thereafter, Dan Piskur had to invent “Cybersecurity” ab initio.

Wilhite left Ohio State during the 1970 riots to go do fun work on a big computer at a startup down the road. He never finished his degree. Too much to do. Things worked out. I think I can say the same.

People matter. Individuals matter. Side projects matter (again, see Wilhite and GIF.).

So make your strategic plans, track things in your kan-ban boards, have project managers run your agile sprints, but remember

“Life is what happens to you while you’re busy making other plans”

— John Lennon, 1980 in “Beautiful Boy”

#52 of #100DaysToOffload take 3.1,