I hate it when my friends argue. Disagreement is fine, but when it get’s to point of high emotions and deteriorating listening skills, I get sad. So when two of my friends, Josh Corman and Mike Dahn started disagreeing and fighting after Shmoocon earlier this year, I was more than a little upset. Both men are people I respect greatly due not only to their passion for security in general and PCI specifically, but also for their ability to see aspects of the industry that no one else sees. And I usually respect their ability to not only form their own logical, reasoned arguments but to listen to and pull out the best of what other people are telling them. So when these two started feuding, I was understandably upset. Josh and Mike, while coming from very different viewpoints, both agree that the end goal is to make our industry more secure, no matter how we get there.
I wasn’t the only one who noticed the friction between these two. Gene Kim, creator of Tripwire and the then CTO of Tripwire had also noticed and included several comments about getting Mike and Josh to sit down and reconcile their differences in his presentation at BSides Las Vegas. This was followed by Nick Owen (aka wikidsystems) offering $100 to donate to charity if Josh and Mike would ‘hug it out’, with a number of other people offering up donations if Mike and Josh would just hug and make out .. er.. make up. And thus was the idea for PCI Hug It Out was born!
The idea languished for a little while, until Gene approached me with an idea: Tripwire had offered to support a project to help understand the stances Mike and Josh take on PCI, why they are so different and where they both agree on what can be done to improve the security of the industry as a whole. By understanding their differences and commonalities, we hoped that both of these outspoken proponents of security would be able to harness their energy to move us all forward rather than concentrating on each other. Gene and I interviewed first Mike, then Josh and thanks to Tripwire’s sponsorship, we were all able to meet in Orlando at the PCI Community Meeting and have a real face to face discussion about what can be done to improve our situation.
On top of everything else Tripwire has done, they’ve agreed to match the first $1000 dollars worth of donations to the Electronic Frontier Foundation and Hackers for Charity! These are both very worthy charities and everyone who’s been involved with the project is glad we’re able to support them in this way. We hope you’ll add to the donations that Tripwire and others are supplying and allow these organizations to continue their efforts. Leave a comment here after you’ve donated, send an email to firstname.lastname@example.org or use the hashtag #PCIHugItOut to let us know you’ve donated and Tripwire will contribute as well.
The first installment is our interview with Mike Dahn. Mike explains how he got into the PCI arena, a lot about his philosophy concerning PCI and why he continues to support efforts to make PCI better. The podcast is available from the Network Security Podcast site, or you can download it directly at http://traffic.libsyn.com/mckeay/PCIHugItOut-MikeDahn.mp3. Next week we’ll be joined by Josh Corman to explain his viewpoint on PCI and how it’s driving the security industry, followed by the recording of our meeting in Orlando, FL the week after. And yes, there will be photos of the final confrontation between these two industry exemplars.