Hoff-Crosby and the sumo match that never was
A few months back Chris Hoff – then Chief Security Architect at Unisys challenged Simon Crosby – CTO at Citrix Systems to a sumo match. My oh my that would have been fun to watch, but alas it never came to fruition. I figured the next best thing would be to attend the Virtualization Security panel where the two of them could duel it out. On the panel with them were Michael Berman – CTO at Catbird and Steve Herrod – CTO and VP of R&D at VMWare, the moderator was Andreas Antonopoulos – Sr. Vice President at Nemertes Research. A good lineup for sure but would it live up to the hype?
It was very good, but it could have been even better. Andreas did an excellent job keeping everyone in line so props to him for that. Hoff was his usual self – poking, prodding and making his points as only he can. Crosby was trying hard to push buttons and seemed to succeed but there were points he tried to make without any legit information. Berman was very quiet and looked like he just wanted to stay out of the fray, probably a good choice. Herrod had many opportunities to bitch slap Crosby and in turn Citrix but unfortunately he didn’t. It was as if VMWare had put a gag order on him and gave him a script with a few phrases he was able to use. If Herrod had been more open and direct this panel would have been UNBELIEVABLE!
Crosby is fun to listen to but sometimes taking him seriously is difficult. For those who don’t know, he is of the belief that a virtualization platform company should secure the hypervisor but the remaining security in the virtual environment is someone else’s problem. His justification for this statement is that they are not security companies and should leave that to the professionals. He bashed VMSafe calling it weak, without ever seeing it mind you. He actually called Herrod incompetent at implementing security and when Hoff spoke up mentioning that Steve is not actually implementing the security Crosby then said that all of VMWare is incompetent. If he was on the street pitching this shit I would give him a few bucks thinking this poor crazy homeless guy needs something to eat before losing his mind. If the CTO gig doesn’t pan out for him at least he has a fall back. Seriously though, he is obviously a smart guy but seemed to just be tossing out the most absurd statements to get Herrod fired up hoping he would snap.
Herrod didn’t appear to be fired up but he should have been. I wanted to hear the VMWare representative flex some muscle and teach Crosby a thing or two about why it is important for VMWare to roll security into the product. There are so many examples he could have thrown out to prove his point, but he didn’t. Instead VMWare got slapped around without any real defensive action, or worse, without any offensive action. Luckily for Herrod and VMWare, The Hoff was on the panel. Hoff had no problem calling Crosby out on his outlandish remarks and mostly played the role Herrod should have. When he gets on a roll it is fun to watch, and he was rolling. VMWare should pay him some serious cash for protecting them against the bully. 😉
Look, I don’t care that VMWare is not a security company. I don’t care that their expertise isn’t on all things security. As far as I am concerned they are taking steps toward helping their customers implement more secure virtualized environments than they have today and that is the right thing to do. They will not get it 100% right out of the box, but something is better than nothing.
Filed under: Conference, Security, virtualization, vmware | 2 Comments
Tags: Berman, Crosby, Herrod, Hoff, hypervisor, RSA, sumo match, Virtualization Security