jump to navigation

A bit of travel part 1 May 29, 2007

Posted by Dave Marcus in General Chatter, General Security.

What a week last week was! I had the opportunity to travel to both Germany and Ireland last week on business for McAfee. Having only been shortly to Germany and never to Ireland, I jumped at the chance to go.

For Germany I was in Hamburg for two days. Quite a beautiful city and I very much enjoyed the people, food and beer! I would like to have had more time there but work kept me quite busy and on a tight schedule. Spent most of my time with my co-workers (who are great) and getting more familiar with malware in Germany and Europe. I have always said McAfee Avert Labs has the finest researchers and this trip to Germany has solidified that view. Our researchers in Germany and across Europe are on the bleeding edge.

In Ireland I had the chance to spend time in Cork. Cork City to be exact. This very well may be one of the most beautiful countries on Earth (at this point I haven’t been to all the countries on Earth!). Being from The Bronx, NYC originally meeting friendly people on the street is kinda odd to me. Several folks actually stopped me to ask where I was from, did I know where I was going, could they help, etc… I was amazed and quite touched. The highlight of my time in Ireland was a trip to Kinsale. We stopped at Forts Charles and James to walk a bit. Didn’t have a chance to walk inside them as it was late in the day but, hey, there is always next time. And of course we went to The Spaniard! Finest pints of Guinness I have ever had (I lost count of exactly how many).

I cannot wait for an excuse to return…..


Bonus episode of AudioParasitics Podcast May 24, 2007

Posted by Dave Marcus in General Security, Malware, PodCasting, Vulnerabilities, Zero Day.
add a comment

We released a bonus podcast episode of AudioParasitics – The Official Podcast of McAfee Avert Labs earlier this week.

In this episode we delve once again into the debate around vulnerability disclosure and bounty programs. Jim Walter and I wrestle with the ethics of bounty programs and whether or not they help protect customers. We battle with the explosive and complex relationships between bounties, vulnerabilities, exploits and malware.


Remember that you can subscribe to the podcast through iTunes or Podzinger as well.

A literary vacuum lately May 20, 2007

Posted by Dave Marcus in General Chatter.
add a comment

I find myself besot with a serious lack of anything relevant to say lately but…. here we go anyway!

I have some international travel coming up this week that I am really looking forward to. I will be traveling to Germany for a few days and then, stopping on my way back, to spend a few days in Ireland. Last time I was in Germany I was there for less than a day and I have never been to Ireland so I am really looking forward to this! I will spend a couple of days in Hamburg and then onto Cork. Plenty of beer tasting will be done my friends.

Guitar practice has been going very well lately. Focusing on Allman Brothers and Stevie Ray Vaughn style blues for the most part. Mostly an emphasis on chord forms and progressions. Starting to work on arpeggios as well.

New podcast today! May 15, 2007

Posted by Dave Marcus in Malware, PodCasting.
add a comment

Jim Walter and myself unleashed Episode 6 of AudioParasitics today!

Jim is a great guy to be doing these podcasts with. He is great in interviews and discussions as well as being gifted with audio and music. On this episode we discuss rootkits and rootkit components as well as touch on detection, cleaning and varying perceptions.

Check it out on iTunes or Podzinger.AudioParasitics

New axes for the collection May 10, 2007

Posted by Dave Marcus in Guitar Ramblings.
add a comment

I have been in the process of completely rebuilding a Fender Stratocaster that I got from a cousin of mine. Replaced the body and most of the electronics. I plan on swapping out the neck with a custom scalloped fretboard (yes – just like Blackmore and Malmsteen). By the time I am done with it not a single original part will remain!!!

Also just picked up a real nice Ibanez Bass as well. I wish the skill grew as quickly as the collection!!

Been revisiting most of my Stevie Ray Vaughn cd’s as well. At the end-of-the-day SRV is my guitar hero. Check out my YouTube playlist for some of my favorite shreddings. The one vid entitled SRV Interview on the second page is possibly my favorite SRV clip. Rude Mood is awesome to behold.

A bit of shameless self-promotion May 9, 2007

Posted by Dave Marcus in General Chatter, General Security, PodCasting.
add a comment

Hey, it never hurts! We have begun podcasting at McAfee Avert Labs. Episode 6 will be coming out next week and I really must say they are quite good (alright I am the co-host so could I really say anything different).

The podcast is titled AudioParasitics – The Official Podcast of McAfee Avert Labs and can be subscribed to through the following methods:

We are definitely a security podcast with difference and a whole lotta attitude! Check us out.

Weekend in NYC May 8, 2007

Posted by Dave Marcus in General Chatter.
add a comment

It is plain and simple. I love NYC. I was born in The Bronx and try to get back to Manhattan as often as I can.

This past weekend my wife and I decided to take the Amtrak to Penn Station and stay in Times Square. We stayed at The Marriott Marquis in Times Square which is quite nice and decided to take in a Broadway show. We decided upon Spamalot (I am a Python fan since around 1976) and had a great time. The show itself, IMHO, is geared toward less rabid Python fans than myself. Don’t get me wrong, it is extremely funny at times. Personally I have never felt that Holy Grail was nearly their best or funniest work. I have long maintained that their best work was always Life of Brian and that their early Flying Circus episodes (prior to John Cleese leaving) had some of their finest writing as well.

The funniest part of the show for me was a take off of my absolute favorite skit – The Fish-Slapping Dance. Maybe myself, my wife and about 5 other people in the theatre even knew what it was from. To this day I role in absolute glee whenever I see the Fish-Slapping Dance!

We ate both days at Bar Americain, which is one of Bobby Flay’s three restaurants in NYC. My wife and I are big Food Network fans and of Bobby Flay in particular so we were hoping to get a sighting in as well. No such luck on Sunday but boy did we ever luck out on Monday!

We just returned from the Guggenheim Museum and decided to stop at Bar Americain again before heading over to the Amtrak Station at Penn. We are chatting over our lunch when suddenly my wife’s eyes open wide as she sees Bobby Flay walk into the restaurant! I immediately asked the waiter if we could get a couple of menus signed…

A few minutes pass…….

Very shortly Bobby (I feel that I can refer to him as Bobby at this point!) is standing next to our table talking to our waiter asking who wanted menus signed. I decided to open up my big mouth myself and introduce my wife to him (she was almost bouncing in her seat at this point). He actually stopped and talked with us for a good ten minutes and I must say he is quite genial and very approachable. He is very much the same in person as he appears to be on his shows – very down-to-earth. I found him to be very much a gentleman. We briefly discussed his latest shows, newest restaurant and Vodka-based sauces! After a few more minutes of conversation, he excused himself as he had to go and signed a menu for my wife. It was a most memorable meal. I cannot speak highly enough of the restaurant, food (which was excellent) or Bobby Flay himself. Even if you do not see him there you should visit the restaurant anyway just to have the Kentucky Hot Brown and Banana Crepes!

Cannot wait to go back……

Powered by ScribeFire.

My latest presentation May 8, 2007

Posted by Dave Marcus in General Security, Malware, Presentations.
add a comment

I posted recently about a presentation I was about to give at the DoDIIS Conference. I am pleased to say that it went well. I really like these types of conferences best – smaller venue, smaller rooms – ’cause it lends itself better to really good Q&A. I think presentations are truly about Q&A. I think it the ultimate test of whether or not you have connected with an audience.

The presentation itself was about malware trends. Two areas in general:

  • Financial Trends in Malware
  • Stealth in Malware

We then had some really good discussions about rootkits and proactive detection in anti-malware technology. I always like discussing proactive detection which usually comes from the “AV is dead” line of discussion. This area of discussion is a great opportunity to discuss the different types of “signature” or driver detections. Most exponents of the whole “AV is dead” line of thinking simply do not truly understand the main types of detections – specific, generic and heuristic. Most tend to think that AV detection is solely specific signature (or driver) detection. This usually gives rise to the whole “AV is dead” line of thinking. A friend of mine at McAfee, Greg Day, does a great job of explaining the differences in a paper he presented at VB2005.

The Riddle of Storytelling and Speaking May 3, 2007

Posted by Dave Marcus in General Chatter, Presentations.
1 comment so far

At the moment I am sitting in a conference room at the Hyatt Regency in Chicago going over my presentation for the DoDIIS Worldwide Conference and I am feeling what I always feel before I present – utter excitement.

I have been presenting/speaking/storytelling for years now and I will be honest and say I have never felt fear prior to getting up in front of an audience. It has always made me feel energized and fully “in-the-moment” whether I am presenting to four people or four thousand people.

My presentation style (such that it is) is not very polished or overly rehearsed. I speak honestly and openly about security threats and trends using analogies, stories and humor. I also hold the uncompromising belief that McAfee Avert Labs is THE finest security research organization in the world.

I have recently been championing the value of communication skills, networking and speaking professionally. This has forced me to take a close look at what makes my presentations successful. Why do they seem to resonate? What makes a good presentation? What skills are needed?

Good storytelling and speaking is truly a riddle…… I have never really considered how I present. I, in truth, rarely ever “practice” or “rehearse” a presentation. Don’t get me wrong however because I really know my content. Backwards and forwards, I know my content. I also rarely go very heavy with statistics and numbers. I don’t think they really resonate with people. I don’t think people really remember them. People DO remember stories and analogies mixed with humor however.

Hmmmm….. maybe that is a route to pursue.

Re-birth and a bit of re-focusing May 3, 2007

Posted by Dave Marcus in General Chatter, General Security, Presentations.

I have been away from my blog for quite some time. Believe it or not tho, this was intentional. It is not that I have felt I have little to say or contribute (most who know me would probably agree that I talk to much and am way to opinionated) but more around what I want to contribute to or converse on. That has been what has occupied me so much recently.

More and more I find myself fascinated by communication, mainly presenting through storytelling, and being drawn continually back to music. Presenting and communicating is an integral part of my career at McAfee Avert Labs – Threat Briefings, blogging, podcasting, journalists and analysts relations, etc….. are all, to me anyway, different mediums to tell stories and build relationships. And I love them all.

Going forward, that will be my main focus. Presenting. The guitar. Computer security. In no particular order!