Originally Posted by techhelpbb (Post 1614814)

If there was an irregularity at my former position federal agencies took notice fairly quickly.

Originally Posted by bkahl (Post 1614821)

((I hope his phone wasn't in his pocket))

Originally Posted by techhelpbb (Post 1614823)

That only actually happened once before I worked there.
It was, in part, the reason I was hired.
No, I am not kidding.

One of the best known hackers in history potentially endangered their systems.

Another reason I was hired was quite simple:
I used to build incredibly fault tolerant systems for the military.
The kinds of things where you can damage 66% of the thing and it still operates.

I used my knowledge of redundancy to my maximum advantage with public and private cloud computing as time went on.
Today I participate in standards committee work for financial systems on cloud and containerization services as well as my other work.

Just one example of the stuff I have interacted with:
http://www.newstarget.com/2016-03-28...nraveling.html

Wouldn't you send people with guns to secure a critical piece of that?
Wouldn't you take a monitoring alert on your phone if you touched a market with more money than the global GDP in it?

Originally Posted by bkahl (Post 1614821)

((I hope his phone wasn't in his pocket))

Originally Posted by bkahl (Post 1614828)

Interesting stuff-

I just hope all of this information doesn't rely on a private, personal server, or your cell phone. Could get risky for those hackers.

Also- can you explain how a sum of money can be MORE than the World GDP?

Originally Posted by techhelpbb (Post 1614830)

One can always bet more than they have in their pockets.
Technically one can bet more than there are physical assets to secure considering the United States is a fiat currency not backed by the gold standard.

There's a lot of people that get alerts these days.
My systems meet the strictest levels of diligence by industry standards.
I have terminated relationships with groups who operate with standards I deem too inferior.
Sure someone could attack me, steal my phone: however in that case my crew would still respond and I would have done my best to do my part.

If you folks think it's a mystery to hackers where I work, how I likely do my job, you'd be extremely wrong. Social engineering is core tool of hackers. They know who I am. They could target me as a defender. It would never be enough for them to achieve their goals. Even my own access would be blocked the minute there was something irregular.

Originally Posted by Brandon Holley (Post 1614832)

I feel like I'm reading an episode of Mr. Robot right now....

Originally Posted by techhelpbb (Post 1614833)

“Fiction is the lie through which we tell the truth.”
― Albert Camus

Originally Posted by techhelpbb (Post 1614814)

Thanks for your concern.
That's a quote from my original post.

You know what it takes to start a financial services company?
A lot of money so early in my career there were often sub-optimal staff for this duty.
It was compensated for with automation.
I wrote a lot of that automation with REST/SOAP, Bash/Ksh, Perl, Python, Ruby and even some VBA for reporting.

Would you seriously suggest I leave a script unattended merely to avoid my inconvenience?
Would you chance leaving your team's FRC robot running unattended and fully autonomous during a match?
Would you bet your retirement on a script that could be fingerprinted or fail to account for the nuances of a security issue?

Even if you answer yes to any of those queries I am afraid that you would be the minority.
People expect their money to stay where they put it and their financial transactions to operate as intended.

If there was an irregularity at my former position federal agencies took notice fairly quickly.
My obligation was stop anything that would cause anyone else to have to act.

I would say those automation skills served me very well considering it would now be considered: SecOps/DevOps
My work in that environment made it possible for us to achieve ISO27001 security certification with a very small number of issues to remediate.
So basically what this translates to is that our security was considered actually very good by some of the highest industry standards.

Originally Posted by bkahl (Post 1614834)

Originally Posted by Andrew Schreiber (Post 1614835)

No. I would, and do, value my health and enjoyment of other activities well above that of my job. And before someone asks, yes I tell my management that. See, I work because I need to earn a living. I have a very strict policy of fire walling my time. I've found this is better for my health and productivity.

I commented that it's a bad policy because I think it causes unnecessary stress which can lead to health problems. I'm glad you draw pride in this but to me it is a sub par solution.

Originally Posted by bkahl (Post 1614834)

Originally Posted by techhelpbb (Post 1614837)

In fact people have actually died from health problems trying to keep up with me.

Originally Posted by marshall (Post 1614843)

I'm sorry for your loss.

Originally Posted by techhelpbb (Post 1614845)

Thank you for respecting those that paid the highest price in exchange for what our technology has wrought.