How we made the luck Anonymizer needed to survive

The latest blog over on Feel The Boot is quite personal. I talk about what an important role luck played in our success at Anonymizer.

I tell a few of my favorite stories from that time to illustrate how we took control of our fate and exploited the hidden opportunities around us.

Check out the blog or watch the video!

Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

Entrepreneur advice on the go with the Feel The Boot podcast

I am excited to announce that the Feel The Boot podcast is now live with audio version of all of our YouTube videos. You can get all the startup tips on the go with any of the major podcasting services.

Spotify

Some help understanding stock options

Whether you are confused about stock options you have received or are trying to explain the concept to an employee, this article will help.


I have seen few topics generate more confusion than stock options. People with options in fast growing companies like to brag about them but often don’t actually understand them. Employees don’t understand what they are getting, so the option grant is less impactful. Here are the basics of what workers need to know about their stock options.

Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

Where to follow my writing now

Where to follow my writing now

I have not been posting very much on Obscura.com lately because I have been working furiously on two other websites.

I am blogging about startups, entrepreneurship, and angel investing at Feel The Boot. This site allows me to help far more startups than I could possible mentor personally.

At Ntrepid I blog about managed attribution and online operations. Managed attribution is the natural extension and refinement of the anonymity work started by Anonymizer.

Read More

Understanding OSINT

What is OSINT-thumb.jpg

Open Source Intelligence or OSINT is a critical but frequently misunderstood method for gathering information about the world and potentially hostile organizations.

In this video and this blog I go into detail on what OSINT is and some of the complexities of doing it in practice.

Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

A fun conversation with the Securiosity Podcast.

While on a quick trip to Washington DC recently, I had a chance to sit down with Greg Otto and Jen O’Daniel of the Securiosity Podcast to talk about a wide range of topics. We discussed how I got started in privacy, why you don’t need to worry about nation state super hackers, being anonymous, OSINT, and wine. What a fun conversation!

My interview starts at about the 24 minute mark.

Airlines are leaking passport data. DHS is chasing China off the internet. And you can finally FaceTime again. In our interview, we talk to Lance Cottrell from Ntrepid -- hitting everything from astrophysics to wine. Oh, right, and the evolution of privacy on the internet. That's probably why you're listening.



Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

If you embrace the fact that many attacks are impossible to mitigate, your security will improve.

securityweek_logo.jpg

Back in the 1990’s, I was involved in a discussion about how an individual could deal with Van Eck monitoring, where an attacker captures the contents of your screen from outside the building. My take was that if your opponent has a surveillance team in a van full of special equipment parked right outside your house, your only realistic option is to run and never look back, in hopes of starting a new life elsewhere. Perhaps this scenario is a bit dramatic, but it illustrates an important point. We spend a lot of time thinking about and trying to mitigate threats that are so extreme you are basically already doomed if they are ever used against you. You can’t mitigate against Mission Impossible-style attacks, because whatever you try to prevent, they always have another way of getting at you.

Read the rest of the article at SecurityWeek

2 Comments

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

Getting ROI From a Security Advisory Board That Works: Part 2

Earlier I wrote about why a good security advisory board can be a powerful addition to any business. In this article I dive in to exactly how to make sure you get that value from your advisory board. My taking the right actions, you can ensure a strong ROI for your time and money while significantly boosting the security of your organization.

Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

Don’t let a bot bust your holiday budget

I had a chance to talk with Hiawatha Bray of the Boston Globe about GrinchBots which are a form of scalping that drives the cost of many limited edition items into the stratosphere.

Read the full article HERE.

Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

Fifth Domain interview on remaining anonymous online

In this video from Fifth Domain I talk about the problems of conducting online undercover operations. In this video I talk about issues with profile photos, writing style analysis, and patterns of behavior.

Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

How To Defend Yourself Against APT / Nation State Attackers

When talking about information security, nation-state backed hackers are set up as the ultimate threat. The countries have brilliant hackers, unlimited resources, endless exploits, and they are all after you! Fortunately for us, there are also many more nation state hackers who are not that skilled, on a tight budget, and forced to use off-the-shelf tools. Just because your organization might be of interest to foreign services does not mean that you should just give up.

Read the entire article here

Published on cyber scoop.com

Published on cyber scoop.com

 
Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

Getting ROI From a Security Advisory Board That Works: Part 1 - Why

image.png

In 2016, my CEO asked me to work with an outside advisor, Gary McGraw, to create a Security Advisory Board (SAB) for our company. Right away, I realized that creating a strong advisory board to effectively support the company would take a lot of work. We spent significant time thinking about how this board could add value to the business, and how to ensure that the board’s ideas and solutions were implemented. First, let me note that credit for many of the ideas in these articles should go to Gary. He was instrumental in the creation and continued success of our SAB. In the first article of this two-parter, I will explore the kinds of value a SAB can bring to a company, and why its creation is worth all the effort. In the next article, I will talk about the nuts and bolts of executing a successful SAB.


Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

The Problem with Passwords

Back at Black Hat I talked with the MISTI training institute about the many problems with passwords and some thoughts on how to do better.

You can see the article and video on their site.

Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

The End of an Era

I founded Anonymizer Inc. in 1995, almost 23 years ago. It was born of my passion and commitment to privacy, security, and anonymity. I deeply appreciate the support, encouragement, and loyalty from the millions of people who have used the service over the years.

I am profoundly proud of what this company has accomplished. We were the first commercial internet privacy service in the world. We created the Kosovo Privacy Project, provided censorship circumvention services to hundreds of thousands of people in China and Iran, and worked with numerous human rights groups to provide protected communications and safe access to information. We also set up a secure anonymous terrorist tip site in the first days following 9/11.

Read More

The DNC Hacker Indictment: A Lesson in Failed Misattribution

Reading legal documents is not something I usually enjoy. The Muller indictment of the Russian DNC hackers was different - the amount of detail revealed in the document stunned me, and suggests that the US had very deep visibility into the hackers’ operations. In this article I am not going to look at the details of the hacking or phishing attacks used. Rather, I am interested in how the hackers attempted to misattribute their activities and how their actions and errors undercut that effort.


Read the whole article at Security Week to see my analysis of all they ways the hackers failed in trying to remain hidden.


Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

Preventing the Other Kind of Hack Back

There has been endless discussion among security professionals about the ethics, propriety, legality, and effectiveness of corporations “hacking back” against attackers. On the other hand, there is no hesitation on the part of attackers to hack back against threat intelligence researchers who are investigating them. Identification and retaliation are a constant risk for anyone probing the darkest back alleys of the internet.


Read the whole article at Security Week to see why and how watching the wrong people can lead to counter-attack.

1 Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

Keeping it on the Down Low on the Dark Web

Sites on the Dark Web Have Several Motivations to Unmask Their Visitors

So, there you are, finally on the private sections of a dark market. You have established reputation and credibility with your targets. Suddenly, you get exposed as a “rat” and banned for life. They grab your escrowed cryptocurrency, and you are back at square one with a foe who is even more alert than before... How did this happen?


Read the full article at Security Week for my thoughts on staying anonymous while visiting the dark web.

Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

Do you make any of the top 6 managed attribution mistakes?

Staying anonymous while engaging online is hard, particularly if you need to do so over an extended period of time. While there are thousands of things that can trip you up there are six mistakes that cause most of the problems. Read the article to learn what they are.

The Top 6 Mistakes That Will Blow Your Online Cover - SecurityWeek

Comment

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.

No end in sight for big IoT DDOS attacks.

The tragedy of the commons makes it hard to convince IoT companies to add real security to stop this kind of attack. My initial thoughts on the event were captured in this AP article.

Comment /Source

Lance Cottrell

I have my fingers in a great many pies. I am (in no particular order): Founder, Angel Investor, Startup Mentor/Advisor, Grape Farmer, Security Expert, Anonymity Guru, Cyber Plot Consultant, Lapsed Astrophysicist, Out of practice Martial Artist, Gamer, Wine Maker, Philanthropist, Volunteer, & Advocate for the Oxford Comma.