Skip to main content


Showing posts from 2018

Social Engineering or: How I Learned to Love a Flash Sale

Disclaimer: This was originally written as a blog post for a social engineering graduate class. It was developed to provide non-InfoSec and everyday folks with an explanation of what social engineering is. Hopefully, something that could be given to your parents or the grandmother that just got hired on at your company.

There's a misconception that social engineering is only used by nation-state actors, thieves, and used car salespeople. What people miss is that social engineering is all around us. It's in the media that we consume, it's in the habits that we have, and the bonds we form with people. By demystifying social engineering, we can help people understand that this isn't some fringe concept that is only employed by the mischievous and maleficent, but something that is used by everyone. It's easier to guard yourself against the everyday spring rain shower than it is a nuclear holocaust.


Each of us can probably imagine a time that we fell susceptible…

Pay vs Passion: Redux

GrrCON 2018 has come and passed. It's been an interesting year since the last one with a whole lot happening since then. Let's look at some of it...

Accepted to grad schoolAgainst all of my own beliefs, I got accepted to graduate school. This semester includes a class in social engineer, IoT, and finally homeland security. It's been a wild semester so far. I've had the chance to work on some great projects and learn some really interesting concepts. I won't say it's all been great. It's been incredibly busy! I'm working part-time, TA'ing, and going to school full time. Hard to find time for much more in all honesty. Not every day does it feel like it's worth it, but looking at the semester so far it has been.Ran a teen hacking program at the local public libraryThis was pretty awesome honestly. I happened to mention to a friend that I was thinking about doing a teen program to get kids into hacking. She just happened to work at the public libr…

Pay vs Passion: The Price of Risk

A little under a year ago I was sitting at GrrCON trying to decipher why I wasn’t enjoying myself. I didn’t want to go to the villages; I didn’t want to mingle, and I definitely didn’t want to listen to talks. It’s an understatement to say that I was weighed down by some anxiety, apprehension, and fear. The weekend eventually culminated in me having a panic attack in the parking lot. While crawling into the shower — hungover of course — the next morning I came to the realization that I was unhappy with where I was headed. I couldn’t enjoy the conference, because I was thinking about everything that laid in front of me after the conference.

 Flashback six months earlier and I was contemplating what I would do once I graduated from University. I was about to graduate with a BS in Network Engineering. A job offer was on the table at a respected managed service provider in Chicago. The pay was great, the benefits were outstanding, and it would be a move to the big city! A newfound interes…