Hoff-Crosby and the sumo match that never was


A few months back Chris Hoff – then Chief Security Architect at Unisys challenged Simon Crosby – CTO at Citrix Systems to a sumo match.  My oh my that would have been fun to watch, but alas it never came to fruition.  I figured the next best thing would be to attend the Virtualization Security panel where the two of them could duel it out.  On the panel with them were Michael Berman – CTO at Catbird and Steve Herrod – CTO and VP of R&D at VMWare, the moderator was Andreas Antonopoulos – Sr. Vice President at Nemertes Research.  A good lineup for sure but would it live up to the hype?

It was very good, but it could have been even better.  Andreas did an excellent job keeping everyone in line so props to him for that.  Hoff was his usual self – poking, prodding and making his points as only he can.  Crosby was trying hard to push buttons and seemed to succeed but there were points he tried to make without any legit information.  Berman was very quiet and looked like he just wanted to stay out of the fray, probably a good choice.  Herrod had many opportunities to bitch slap Crosby and in turn Citrix but unfortunately he didn’t.  It was as if VMWare had put a gag order on him and gave him a script with a few phrases he was able to use.  If Herrod had been more open and direct this panel would have been UNBELIEVABLE!

Crosby is fun to listen to but sometimes taking him seriously is difficult.  For those who don’t know, he is of the belief that a virtualization platform company should secure the hypervisor but the remaining security in the virtual environment is someone else’s problem.  His justification for this statement is that they are not security companies and should leave that to the professionals.  He bashed VMSafe calling it weak, without ever seeing it mind you.  He actually called Herrod incompetent at implementing security and when Hoff spoke up mentioning that Steve is not actually implementing the security Crosby then said that all of VMWare is incompetent.  If he was on the street pitching this shit I would give him a few bucks thinking this poor crazy homeless guy needs something to eat before losing his mind.  If the CTO gig doesn’t pan out for him at least he has a fall back.  Seriously though, he is obviously a smart guy but seemed to just be tossing out the most absurd statements to get Herrod fired up hoping he would snap.

Herrod didn’t appear to be fired up but he should have been.  I wanted to hear the VMWare representative flex some muscle and teach Crosby a thing or two about why it is important for VMWare to roll security into the product.  There are so many examples he could have thrown out to prove his point, but he didn’t.  Instead VMWare got slapped around without any real defensive action, or worse, without any offensive action.  Luckily for Herrod and VMWare, The Hoff was on the panel.  Hoff had no problem calling Crosby out on his outlandish remarks and mostly played the role Herrod should have.  When he gets on a roll it is fun to watch, and he was rolling.  VMWare should pay him some serious cash for protecting them against the bully.  😉

Look, I don’t care that VMWare is not a security company.  I don’t care that their expertise isn’t on all things security.  As far as I am concerned they are taking steps toward helping their customers implement more secure virtualized environments than they have today and that is the right thing to do.  They will not get it 100% right out of the box, but something is better than nothing.



2 Responses to “Hoff-Crosby and the sumo match that never was”

  1. 1 Rob

    You nailed it! I was in the session as well and could not believe the beating that VMWare took without fighting back. Simon is quite entertaining though, can’t take that away from him.

  2. 2 VMWareSucks

    You are an idiot, just like the guys at VMWare. Creating a bloated hypervisor isn’t going to make anything more secure. If anything you increasing the attack vector on the most important aspect of your virtual environment. Is VMWare paying you to protect them from the bully?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: