Bless his heart, I’m glad Rothman is back and blogging! I really enjoy his opinions and, quite honestly, I think we align up pretty well in our feelings and editorials. It’s like having a security soulmate!
Rothman recently posted a nice opine about product reviews. Honestly, I put most of my value in products based on just 2 things. My own experiences hands-on. And experiences of others who are hands-on and not either hand-picked from the vendor or have any stake whatsoever in pimping one product (vendor “partners”) or not pimping another. Basically, if I know you work as a net admin and you use product A, I’ll ask how you like it and what’s good/bad. And hopefully I get decent answers because if I pick up that I should hate McAfee products, can I tell my boss (and his boss) that it’s because CN hates on them on Exotic Liability’s podcast? I’d like I need to have some real responses, and that often only comes through hands-on with products, either myself or others I can trust.
I would love a venue for real reviews, kinda like HardOCP is to me for computer hardware. However, Mike’s right, I’m not sure there is money in it. I mean, I’m certainly not going to pay for the review results, and I’m not sure these industries have enough players to be properly compared to computer hardware review sites or video game reviews in gaming mags. Most IT product reviews I read in mags and sites are met immediately with skepticism. Are these two in bed with each other? Is that a paid-for ad on page 76 for the same product you’re “objectively” reviewing? Do they mention anything negative at all, or criticisms, or their competition? Hell, I even dismiss articles in Insecure when the author is the CTO…
Then again, half the beauty with HardOCP runs in line with what I value in researching a product: being able to ask questions on a forum to people who have real-world experience with said products. So maybe the real problem is finding a security-specialized community-building forum for discussing products, offtopic junk, and attacks. Yeah, I like the Security Catalyst community, but I really feel like I should be wearing a tie in there and refrain from community-building offtopic posts like, Best Super Bowl commercial. Or things you can bullshit about in IM or IRC. What if Infragard had an online forum that was protected but allowed anything you wanted to talk about without being too confusing and splintered into subforums? Then again, all it takes is a copy-and-paste and “sensitive” information is leaked. Pooh.
I’m stopping before I ramble some more… I think it’s time to start idling in IRC more and participating in some nice forums…digital social networking, if you will.
I feel the same way – and created the Security Catalyst Community for just that purpose.
I found it interesting and enlightening that your sense is the community is buttoned-up and requires a tie. It actually made me laugh a bit – I have not worn a tie in a decade and go barefoot and in shorts ~ 90% of the time, regardless of the weather.
Somehow I’ve not translated that carefree attitude into the forums; I’ll take that under advisement as we prepare for the relaunch of the community in Q2. It’s time for some changes and improvements.
You are an outstanding/outspoken community member – let me know how we can make it a bit stronger for your needs, and I’m happy to listen.
And between now and then, feel free to “bullshit” with me and others… and let me know which commercial you liked best at the Superbowl 😉