Poltergeist Memoir

It seemed like a good idea at the time…

A different kind of BOT

NoBot

From 2011 until 2013, I worked for Moscow-based Kaspersky Labs and spent a lot of time in Russia. In Russia, I learned a lot about the Russian hacking “scene.” I left Russia in a hurry, and after settling into my everyday American life, I became “mildly” paranoid. I learned a lot of things that no one else seemed to know (I don’t think we have as many secret agents in Russia as one would imagine).

In Russia, I saw a lot of interest in small computing devices. I recognized the potential for giant Bot networks made up of devices not typically considered “computers.” I decided to start a company that sold hardware to defend against these future threats. I called the product “Nobot.”

I built Nobot and brought it to Boston’s first IOT (Internet of Things) security conference. I had hoped to meet a venture capitalist interested in bringing Nobot to market. After his talk, I approached a VC and told him about Nobot. His response was surprising as it had nothing to do with Nobot. He said, “We like to invest in YOUNG entrepreneurs.” He had no problem telling me I was too old to invest (I was about 50).

I spoke to another VC who said “People don’t care about Bot networks because they use little bandwidth. Americans will not pay for a security device”.

Dan Geer (a brilliant and famous information security guy) spoke at the conference. He worked for In-Q-Tell, the CIA company that funds private ventures. Dan seemed interested and at least was kind enough to listen to me. He set up a few conversations with others in his organization. I provided them with many details about Nobot, but it was just a dead end. No one ever got back to me.

The massive Internet outage caused by DYN attack came four years later, exactly as I had predicted. At the very least, I would’ve hoped that the CIA stole my design, and there would be Nobots protecting the network. But no sign of Nobot.

One other conversation stands out in my mind. After rejecting my ideas, I argued that I was one of the original hackers that launched the PC industry. And that I later joined the original group of people dedicated to information security as a full-time job. Surely I should have some credibility? The response was, “engineers over 50 are irrelevant. No matter what you did in the past, you had your 15 minutes of fame. Maybe you should learn to play golf”.

Immediately after that, I began working on the CISOware project. There was not any existing framework to build upon; I was going to architect my solution “from scratch.” Building the platform was a monumental task. I found a few people that said they would help me build it. But I knew that of the two or three people who had promised to help, at least one would not keep his promise. In under six months, I was alone.

Addendum 2025:

12+ years later the project is complete and I have filed nine patents for original technology. I have also passed retirement age, and been through Covid, divorce and heart disease. But I am still plugging. You can read about the project at cisoware.com