Denim Group has been acquired by Coalfire. Learn More>>

Questions to Ask General Alexander at BlackHat 2013

By John Dickson


In less than three weeks, security geeks will once again invade Las Vegas and the spacious confines of Caesars Palace conference center to hear three days worth of vulnerability announcements, boasting, and war stories.  There will also be some drinking.

BlackHat will be packed with security gurus – some good guys, some bad guys, and a lot of folks somewhere in between.   Gone mostly will be the bearded UNIX guys with suspenders, but you’ll see the occasional old school security guy mumbling about the Morris Worm or wardialing the entire (404) area code in the 80’s. There will also be legions of security guys decked out in jeans and black t-shirts, “security casual” so to speak.  Some t-shirts will have clever sayings, and others will be borderline offensive.  Standing out in the crowd will be a slightly older, stately gentleman who also might be wearing jeans and a black t-shirt like he did at DefCon 2012, or he might be wearing a crisply ironed military uniform, that of the United States Army.  His uniform will be bedecked with military ribbons and four shining stars on both epaulettes.   For those of you who have been under a rock for most of this summer, that person will be General Keith Alexander, Director of the National Security Agency (DIRNSA for those in the community) and Commander of the US Cyber Command.   Given that there are, shall we say, diminished expectations of cooperation between the hacker community and NSA this go around, trying to fit into the t-shirt and jeans crowd might go unappreciated.

Suffice it to say, General Alexander is a major player in the community (that would be the intel community, not the underground community).  He has guts.  He’s going into the belly of the beast – hacker central – right in the midst of the Eric Snowden leak story.  You might bump into him, and if you do, be ready with a question.  To get you thinking, I came up with a handful of questions to have in your back pocket should you have a chance encounter with the US’s #1 cyberspy…

  1. Seriously, how much fun was it when you hit the “Go” button for Stuxnet?
  2. What happens in Vegas, stays in Vegas is a total myth, right?
  3. How anonymous is Anonymous?
  4. What’s more fun, being a spook or a hacker?
  5. How quickly did you unfriend Eric Snowden on Facebook when he boogied to Hong Kong?
  6. Can you please limit the use by the military of the term “cyber” to only one million times/day?
  7. After APT was outted, is referencing Sun Tzu is every security PowerPoint still cool?
  8. Can NSA collect personal information faster than Facebook gives it away?
  9. What’s that medal for?

Follow me on Twitter at @johnbdickson for on-scene commentary and observations from BlackHat 2013 and Vegas.  See everyone in a couple and contact us if you'd like to meet up with Denim Group folks at BlackHat.


john _at_


About Dan Cornell

Dan Cornell Web Resolution

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Leave a Reply

Your email address will not be published. Required fields are marked *