My home on the interwebs

February 20, 2018

Wisconsin Lawyer Fish


Wisconsin Lawyer (Burbot) is a little-known delicacy. Its white, firm flesh resembles that of the haddock or the cod is a favorite of the locals and tourists of Washington Island in Door County, Wisconsin. The lawyer contains omega three fatty acids (EPA+DHA) at 45 gms in every eight ounces. The lawyer liver oil contains vitamin D potency that is just as high as the one acquired from the cod liver. The liver is also believed to contain high vitamin A and D. The liver of the lawyer is about 10% of its whole body and its six times bigger than the liver of the other freshwater fishes. The Burbot is considered a very rough fish. And its fishery is unregulated. This is because it has a low market demand and what is fished is used in local restaurants.

The low market demand is brought by the fact that most people do not know how to prepare the fish and its unattractive appearance also contributes to its under-utilization. The flavor, the texture and the appearance of the flesh resemble all the other codfishes. It has a white, firm, flaky flesh that’s mildly flavored. It’s very low in oil and also free from bones. It’s, therefore, the kind of meals that are relished by those that desire foods low in fats and high on proteins. The burbots large liver is hardly ever used mainly because the people lack knowledge of its health benefits. The liver contains quite a substantial amount of the easily digestible oil that is rich in vitamins A and D.( “10 fishy facts about burbots”, 2015).

Research by Rummykhan (2012) found that when a fisher gets back with his burbot catch, there are so many appetizing recipes that they could prepare. The most common recipes are frying the fish or roasting the chunks and then dipping them into butter. There are also other recipes that are hardly prepared that would help people appreciate further the fishery resources found in our lakes and rivers. The most common top of the stove recipe entails sprinkling prepared filets with pepper and salt. Roll them in cornmeal or flour or even in a mixture of the both. In a heated skillet place the fillets side skin facing down. Let it cook until brown then turn over and brown the other. Reduce the heathen cook for 15-20 min or until it’s done. The amount of time taken depends on the thickness of the fillet. Coating the fillet with cornmeal gives it a crispier crust than that of the flour. You could also deep fry, boil, steam, Creole, hash, and Cream with butter and vegetables. Burbots oven recipes include boiled fillets, soufflé. Dorothy’s casserole, roll with cheese sauce, stuffed tomatoes, sandwich and salad, molded salad, loaf, stuffed burbot roll, deviled burbot, burbot potato salad, broiled burbot sandwich. These are just a few of the recipes that could spice up and encourage more people to appreciate the lawyer’s fish delicacy

The lawyer according to Froese, Rainer, and Pauly, Daniel, (2006), is a mystery, an enigma and a freshwater fish like no other. It’s also known as the freshwater ling, burbot, the lawyer, lingcod, Coney fish, eelpout, and Mariah. The lawyer fish species is commonly related to the cusk and the common marine ling. It’s the sole member of genus lota. It is a member of the codfish family which are the essential food fish ever existing. Just like its saltwater cousins, the lawyer fish descended from the north. It is a fish of ice wracked stormy waters. The lawyer prefers cold water, deep, darkness and secret hiding places. The lawyer is a winter spawner; it moves in the shallows at the darkest in the night and spawns under the ice. They also spawn in streams and lakes, the smaller lawyer fish almost a foot long is found commonly in cool and cold streams. They are naturally nocturnal and feed during the dead of night.

Burbots live under ice for sometimes in the year, and they need these freezing temperatures to breed. The life of a lawyer fish is timed on a weird cycle: the winter, the wind, the outer darkness and finally the midnight sun. The lawyer fish is a devourer (“10 fishy facts about burbots” 2015).; it’s an ambush predator it attacks and swallows anything that comes its way whether living or dead. Typically, the burbot fish can live in either river or lakes as long as the temp is below seven degrees, the water is clean and oxygenated, and there is plenty of food. Their favorite hiding places are the shipwrecks, rock crevices, and logs. Where there is no cover, the burbots hide in circular, wide, crater-like depressions that have been excavated by generations of burbot. Many burbots survive all year round in the clean cold rivers south of the Arctic. The lawyer fish also thrives well in the lakes and rivers of Alaska, Canada, and Siberia.

The burbot appears like a cross between an eel and a catfish; it has a serpent-like body renowned by a single barbell on its chin. It has a long body laterally compressed with single tube-like projections from its nostrils and a flattened head. The mouth is quite wide with many small teeth on both the upper and the lower jaws.  It has two dorsal fins one being short and low while the other is much bigger. The anal fin is long and low. It has a rounded caudal fin, fan-shaped pectoral fins and finally, the pelvic fins are quite narrow with an extended second fin ray. The lawyer fish according to Froese, et al. (2006) has small fin relative to its body size which shows that the fish has a benthic lifestyle which is low endurance while swimming and the inability to endure strong water currents. As a benthic fish, the lawyer fish tolerates various substrate types which include sand, mud, rubble, silt boulder and gravel while feeding. They also create extensive burrows in the substrate for daytime shelter. The eyes of the burbot appear glassy white and reflective like the zombie eyes, other times the eyes look dark and alive.  From the lower jaw grows a single whisker-like barrel that it uses to probe the mud, the substrates and the scents of their next victim

The reason why burbot fish is also referred to as a lawyer fish is that it is as slippery as a lawyer. It has this odd habit where it wraps its slimy tails around the arm and hand of the unsuspecting anglers like a pseudo slimy lawyer who shakes your hand with his both hands. The lawyer fish takes four to seven years to reach sexual maturity. The spawning season starts in December and ends in March under extremely low temperatures or under ice between one and four degrees. The lawyer fish spawns multiple times though not every year. Like all codfishes, burbots spawn in winter. Some of them migrate out of the lake into the connecting tributaries streams just to spawn. The others spawn on shoals and rocky reef within their home lake. The migratory and the non-transient burbot population may be harbored by a single lake during the spawning period. (“10 fishy facts about burbots”, 2015).

The male lawyer fish rubs the sound producing muscles against their swim bladder producing a drumming noise that attracts their mates. The sound is exactly like that of the grouse drumming. It’s amazing how difficult it is to predict the time to spawn. The southern population spawns way earlier than those in the north. It’s not known what natural phenomena trigger the migration and the spawning but many believe that it could be the dark moons, the full moons, equinoxes the day length or even the water temperature. Establishing this timeline is vital to the mastery of your local burbot population. The smaller males start arriving at their spawning destination weeks before spawning time. The larger females are only visible a few days before and after spawning

The lawyer fish according to Froese, et al.(2006) doesn’t have a precise nesting site rather it releases its sperms and eggs into the water column to drift and just settle on their own. Many males during spawning gather around one or two females and form a spawning ball. Males and females simultaneously writhe in open water and release the eggs and the sperms. The incubation period is dependent on the water temperatures and could take between thirty and one hundred and twenty-eight days. The fertilized eggs drift away until they settle on the voids and the cracks of the substrate. Fertility or the productivity of a female burbot depends on the body size and ranges from 63,000 to 3,478,000 eggs per batch. The water temperatures also influence the longevity, rate of growth and the sexual maturity of the lawyer fish. The older and larger burbot fish produce more eggs than the younger and small individuals. Its eggs are young and contained in a large oil globule. The eggs optimally incubate at between one and seven degrees. When the eggs hatch, the larvae’s become pelagic. This means that they passively drift in the open water. Growth is rapid during the first and the second year where they gain around 12 and 10 centimeters respectively. When they reach adulthood the burbot translate from the pelagic habitat to the benthic environment. At maturity, the lawyer fish can have an average length of 40 cm and the weight ranges from 1-12kg.( Froese et al, 2006).

The small burbots in rivers and streams diet on an assortment of invertebrates including caddis flies, scuds, and mayflies. The larger burbot which is likely to be found in lakes diet on other fishes like the bloater, alewife, sculpin, and other small fish. The lawyer fish according to ( Froese, et. al. 2006) has in leech lake Minnesota become a fun sport where people from all over come for the burbot ice fishing contest commonly referred to as international eelpout festival. This tasty but unusual fish has also become a pivot for the winter festivities in Walker Minnesota. The best method used in fishing is the mowing at night. This method is believed to deliver twenty percent more than other methods. This fish may be considered ugly, but the truth is that burbot is a huge, abundant and delicious fish.

~Michael Goetzman



Annual International Eelpout Festival. (2008)Annual International Eelpout Festival.

Froese, Rainer, and Pauly, Daniel, eds.  (2006). “Lota lota” in Fish Base.

Rummykhan (2012) Poor-Man’s Lobster Eelpout/ Burbot Recipe

“10 fishy facts about burbots”(2015). British Broadcasting Corporation.

February 9, 2018

Wisconsin Sturgeon


Among the oldest species of fish known, Wisconsin is home to the larger share of the sturgeon, with Lake Winnebago holding the largest number of Lake Sturgeons in North America. The species is today a valuable source of income for the commercial fishers, with its products, caviar, and meat being of high-quality value with markets in the United States and the world in large. However, just like any other species, it has been dwindling in numbers and needs to be protected lest it goes into extinction. My family likes to participate in Sturgeon Fest held downtown Milwaukee each year hand releasing a baby sturgeon into Lake Michigan. Sturgeon Fest is an amazing organization run by River Edge Nature Center, which is in close proximity of our family north of Milwaukee.

The Sturgeons have fossil records dating back to about 150 million years ago. According to the Southern Regional Aquaculture Center, the Sturgeon’s cylindrical shape, its scutes, and top elongated tail fins distinguish it from the rest of the species. Also, their scaleless bodies that are spindle-shaped become more rounded as the fish progress with time. Wisconsin is known for harboring two species of this kind, the Shovelnose Sturgeon and the Lake Sturgeon (Robins et al.). Though these species have significant similarities, they also have significant differences. Let’s take a look:


The Lake Sturgeon

The young lake sturgeon are gray dorsally, with dusky dorsal and lateral botches. The adults are gray dorsally and white ventrally (Becker 1983). It is mostly found in Lake Michigan and Lake Superior drainage basins. It thrives in large lakes and rivers, living in the deepest mid-river areas in the inland (Enblon 6-8). The sturgeon begin their spawning migration in May, with the spawning taking place over late April and early in March, in the St. Croix River (Eddy and Underhill, 99).This may vary during some seasons, but it is a rare occurrence.

The Shovelnose Sturgeon

It has a body more elongated than that of the Lake Sturgeon, with the upper lobe of tail elongated into a threadlike extension.  The adults are gray dorsally and lighter ventrally (Becker 1983). It is only found in the Mississippi drainage basin, though it is already depleted in Alabama and South Dakota. They spawn during early May and June in Red cedar Chippewa Rivers (Miller 87-102). They swim up to the St. Croix as the Lake Sturgeon, where the conditions best suit the spawning.


Protection of the Wisconsin Sturgeon

From the ancient times, the sturgeon was an enemy of the commercial fishermen. They were considered a nuance, with instances of the fish breaking the nets of the fishermen, so that the fishermen disregarded them and threw them away (Becker 1983). Over time, however, the value of these species has gone up, with there being markets for their caviar and meat (Van Eenennaam, Chapman and Jarvis 277-311). With the threat of extinction, measures are being taken to protect those that are still remaining as well as help them reproduce.

The Sturgeon species live long, and due to this, it takes longer for them to mature, and they further spawn only once every 2-5 years (Mims et al. 2-6). Sturgeon has been added to the Appendix II list of the United Nation’s Convention on International Trade of Endangered Species of Wild Fauna and Flora (CITES), restricting importation or exportation of the species without a permit. For Wisconsin, they are calling for the ‘reestablishment of the species in their original range, where natural production would develop self-sustaining populations. In the Upper Flambeau, for example, efforts to collect and spawn fish from North Fork are undergoing (LeBreton, Beamish, and McKinley). Also, there are efforts to prohibit and limit harvesting (Johnson 60-65), though largely depressed lakes cannot recover through this method, calling for a combination of methods.


The Wisconsin waters hold a precious species of fish, one which has recently proved economically beneficial. Scrambling for a piece of this fortune undermines the self- sufficient reproduction of the fish, calling for protective measures. Since one method will not save the situation, a solution is in the combination of methods such as aquaculture, limited harvesting, and regularized selling. All of this can, however, work only if protective measures are taken from a long-term perspective. Hope you are able to visit the next Sturgeon Fest to help protect these amazing fish right here in Wisconsin.

~Michael Goetzman





References/Work Cited

Becker GC (1983) Fishes of Wisconsin. The University of Wisconsin Press, Madison, WI, 1052 pp

Anderson, E. R. “Lake sturgeon (Acipenser fulvescens) management and culture in Minnesota and Michigan.” Proceedings of a Workshop on the Lake Sturgeon. 1987

Johnson, James Edward, and Beth D. McAleer. Protected fishes of the United States and Canada. American Fisheries Society, 1987.

Enblon, John. A Biological Reconnaissance of the Upper Mississippi River. Minnesota: Minnesota Department of Natural Resources, Division of Fish and Wildlife, Ecological Services, 1997. Print.

LeBreton, Greg T. O, F. W. H Beamish, and R. Scott McKinley. Sturgeons and Paddlefish of North America. Dordrecht: Kluwer Academic Publishers, 2010. Print.

Miller, Michael J. “The Ecology and Functional Morphology of Feeding Of North American Sturgeon and Paddlefish.” Sturgeons and Paddlefish of North America 87-102. Web. 3 Feb. 2018.

Mims, Steven et al. Production of Sturgeon. Mississippi: Southern Regional Aquaculture Center, 2002. Web. 2 Feb. 2018.

Peterson, Douglas L., Paul Vecsei, and Cecil A. Jennings. “Ecology and Biology of the Lake Sturgeon: A Synthesis of Current Knowledge of a Threatened North American Acipenseridae.” Reviews in Fish Biology and Fisheries 17.1 (2006): 59-76. Web. 3 Feb. 2018.

Robins, C. Richard et al. A Field Guide to Atlantic Coast Fishes. Boston: Houghton Mifflin, 1999. Print.

Stelzer, Robert S. et al. “Carbon Sources for Lake Sturgeon in Lake Winnebago, Wisconsin.” Transactions of the American Fisheries Society 137.4 (2008): 1018-1028. Web. 2 Feb. 2018.

Van Eenennaam, Joel P., Frank A. Chapman, and Peter L. Jarvis. “Aquaculture.” Sturgeons and Paddlefish of North America (2004): 277-311. Web. 2 Feb. 2018.

Wisconsin. Department of Natural Resources. The Shovelnose Sturgeon, Scaphirynchus platorynchus (Rafinesque) In the Red Cedar-Chippewa River System, Wisconsin: An Interim Report. Madison: Department of Natural Resources, 1975. Print.

February 8, 2018

Wisconsin’s War Efforts: WW II


America’s political neutrality in World War II dissolved in the early morning of December 7, 1941, when over three hundred Japanese aircraft roared over the island of Oahu. Their mission was direct and succinct—to take Pearl Harbor by surprise and inflict as much damage as possible. Due to the unpreparedness of the naval base, and the sheer unexpectedness of the attack, the end result proved to be devastating. The event, in which the US suffered 2,335 military casualties, immediately incited a response on behalf of America, and on the following day, Franklin D. Roosevelt officially declared war. My grandfather from Platteville, Wisconsin lied about being 18, like many others, after the attacks on Pearl Harbor and signed up to defend our country by fighting in the Pacific.

After Pearl Harbor, America’s participation in World War II shifted the very foundation of the country. The states focused its attention on defeating the root axis powers of Germany, Italy, and Japan. The American economy became retooled for war, and there were integral changes occurring at societal and industrial levels. The war effort became unceasing, as did the motivation for victory, which was ultimately achieved by September 2, 1945 after the fall of Nazi Germany and the subsequent surrender of its allies.

America is often viewed as a holistic superpower throughout the entirety of World War II’s history, but there is one major concept that is often overlooked. The US was still operating at a state level, and each state was unique in regards to its contribution to the war. Nebraska’s large airfields, for example, were vital for training pilots and crew members. Coastal states such as California and Florida provided the foundation for a strong navy. However, there is one Midwestern state in particular whose importance in the war proved to be multifaceted—the Badger State, Wisconsin.


By the time the war had concluded, over 300,000 Wisconsin residence involved themselves in the armed forces, of which roughly 8,000 lost their lives. In addition, nearly 13,000 Wisconsin soldiers were wounded in the conflict.  The 32D ‘Red Arrow,’ an infantry division which composed itself primarily of National Guard soldiers from Wisconsin, participated in World War II from the very conception of America’s involvement. The Red Arrow is noted as the first unit to be sent overseas in its entirety, as well as one of the first US divisions to experience ground combat. Their efforts were momentous, comprising of four separate campaigns throughout the war. Not only were they the first, they were the last as well—the division fought to the very end of the war, even after the official surrender of the Japanese. By the time they returned, the 32D Red Arrow division decorated itself with eleven Medals of Honor, 157 Distinguished Service Crosses, and thousands of other awards including Silver Stars, Purple Hearts, and Legions of Merit.

Wisconsin’s endeavors did not pertain only to overseas combat. Most of the Badger State’s contributions to the war were happening, quite literally, on their very own soil. The agricultural industry skyrocketed as the US military prepped itself for combat, and Wisconsin farmers received millions of dollars in order to keep up with the demand for fresh produce and other goods. This demand was spurred on by Wisconsin’s labor force as well. Through the efforts of the farmers, citizens could focus less on food availability, and more on wartime production.

The facet of production proved to be Wisconsin’s strongpoint during World War II, as the state was capable of turning out a variety of goods. Due to its geographical location—bordering to two of America’s deepest lakes—some of the largest naval production facilities existed here, and ship and submarine building became a primary focus. Munitions were also made in historically large quantities in Wisconsin during this time. The city of Baraboo gave rise to the Badger Ordinance Company after a $65 million dollar authorization on behalf of Franklin D Roosevelt himself. The construction of this manufacturing plant preceded America’s involvement in the war by a few months, but as soon as war was declared, this facility became the largest singular producer of ammunition in the entire world. It contributed millions of pounds of smokeless powder, rocket propellant, and rocket grain, which were used primarily in hand grenades and M1 rifle cartridges.

Wisconsin, as well as many other states, entered a time of economic prosperity during (and following) the war. Women entered the workforce en masse as soldiers left the country to fight, driving down unemployment rates and ushering in a new era of industrial production. By the end of World War II, Wisconsin businesses had received nearly five billion dollars’ worth of orders pertaining to the war effort.

There is one aspect of Wisconsin’s World War II involvement that is often hidden away by its many layers of history. It is something that even the citizens of Wisconsin themselves were made unaware of at the time due to its secrecy. By the end of the war, Wisconsin had intermittently housed around 40,000 prisoners of war throughout the state (nearly ten percent of all POWs in America). The transferal of England’s war captives to American soil originated from a rumor, which suggested Hitler had plans of sending weapons via airdrop to various camps in order to spark retaliation. At the time, the decision—although driven by fear—was best for both countries.

Major pre-existing military camps, such as Fort McCoy, served as housing facilities for these prisoners of war, which consisted primarily of Germans, Koreans, and Japanese. Most of these POWs “paid their keep” by helping production efforts, especially in regards to agriculture, and in some instances they would work side-by-side with Wisconsin’s labor force. This further benefited the state’s ability to produce food and military goods, and helped bolster their economy.

The state’s decision to not disclose these POW camps to the citizens was due in part to the uncertainty of their response. Because tensions were so high, the possibility of violence on behalf of those who lived in Wisconsin was a definite possibility. That said, those who did know, and those who worked alongside them, treated these prisoners of war respectably. Many people donated goods, and in most cases, these POWs lived in relative comfort. There are several firsthand accounts from Wisconsinites, such as Alice Schmidt, that their interactions with these prisoners were always positive, and never met by fear.

Following the war, several POWs, especially those from Germany, did not want to return back to their country. Wisconsin’s economic stability and vocational opportunities were highly desirable to those whose home countries were in shambles from the conflict. Indeed, several eventually returned to settle in Wisconsin post-war, and establish their lives there. Many who did move back stayed in contact with the citizens they befriended and worked with.

World War II in its entirety was a time of indescribable destruction and uncertainty on a global scale, however, it simultaneously allowed America to ban together in pursuit of a common goal. Each state and its respective citizens put forth their unique strengths and proved to the world what America was capable of. Wisconsin stood at the forefront of this effort, and solidified itself as a very important cornerstone of the United States’ involvement in the war.

~Michael Goetzman





October 17, 2017

Windows 10 Security Tools

As more organization migrate to Windows 10, Security is important as ever, here are some thoughts on Windows 10 security:

Windows defender advanced threat protection protects, investigates, detects and responds to data breaches and advanced threats on your network (Kevin beaver 2017). It provides an all-rounded post-breach protection, prevention, detection, and its ability to respond altogether within a single end to end solution. Its protection is built in the cloud as well as deep into windows. It provides the best performance in class while eliminating the need for complex infrastructures and 3rd party agents. It fuses in data science, deep OS expertise and the power of Microsoft intelligent security graph to adapt and protect the orchestrate remediation and changing threats.

Windows 10 now has a foothold in the software enterprise. It’s therefore important to learn the tools that are available for their day to day security. The rule 80/20 depicts that 80 % of the problems are created by 20% of the weaknesses. The problem mostly comes somewhere in patches, passwords and user behaviors. When vulnerabilities are found on the windows 10 system by IT, they are then sure that the same vulnerabilities exist everywhere. There are open source tools that assist the IT in understanding the systems security gaps so as to gain greater controls over the windows 10 desktops. To do this Windows 10 security tools must meet the enterprise needs.

Vulnerability testing and analysis: in windows 10 deployment management vulnerability scanners can be the company’s greatest asset. This is because they work well on the ongoing and the periodic basis for internal benefits that come between the security reviews.

Microsoft baseline security analyzer v2.3: this is a Microsoft software tool that determines the security state by assessment of the less secure security setting and the missing security updates within the Microsoft Windows, and the windows components such as the IIS Web server, internet explorer, SQL Server and Microsoft office macro settings. Vulnerability assessment also referred to as the less secure setting are evaluated based on the hard-coded set of file checks and registry. The Microsoft baseline security analyzer v2.3 is not necessarily created for windows 10 but it provides great insights into the vulnerabilities in the system. (Kevin beaver 2017)

File locator pro: mythic soft file locator pro is a search tool that is extensive enough to dig among the contents and the variety of files to find a specified piece of data. It’s available in both the 64-bit and the 32-bit versions. Its basic user interfaces consent using DOS expressions, Boolean searches, exact word matches and regular expressions to find content and particular file names within those files.  The real strength of the File locator pro is in its expert user box located upper right. By clicking it opens five more tabs with the search options which include created and last assessed dates, date ranges for the modified checking files with the hidden, search within the archived and compressed files and read-only system. It also has a help file that is well laid out, and a wizard that constructs the search terms.

Metasploit: this is penetration testing software that allows one to use the attacker’s weapons against them. It utilizes the database of exploits that is ever growing and safely stimulates real attacks on your own network then uses it to train their security team to stop and spot the real attacks. Metaspoilt pro makes it way easier in the collection and the sharing of the information required in in the conduct of an efficient and successful penetration test. (Microsoft ,2017)

Netscantools pro: this  according to Microsoft (2017)  is an assimilated collection of internet information network and gathering utilities for research IPv4  addresses, network professionals, IPv6 addresses, domain names, hostnames, email addresses and manual tools.

Nessus vulnerability scanner: also referred as expose. It specializes in the vulner5ability assessment and continuous monitoring of the products. The Nessus vulnerability scanners line of products includes Nessus manager which is an on-premises virtual and physical appliances for the management of the vulnerability, Nessus cloud a service offering software, Nessus professional which is a software that runs on the laptops or the clients device, and Nessus home a free version that’s aimed for consumer use. Other than vulnerability scanning Nessus includes cloud environment, web application, and mobile device scanning. It also provides auditing of control systems, malware detection, compliance checks and configuration auditing.

Soft perfect network scanner: this is a universal IPV6/IPV4 scanner with an extensive range of advanced features and options for general users and system administrators that have interest in computer security. It scans ports, pings computers has flexible filtering, it discovers shared folders and has display options it can easily retrieve any information concerning network devices through SNMP, WMI, HTTP and PowerShell. It also scans registry, remote service files and performance counters latter transporting the results either through JSON and XML Kevin beaver (2017)


~Michael Goetzman



Microsoft (2017) intelligent security retrieved from

Kevin beaver (2017) Windows 10 security tools to have handy retrieved from


August 27, 2017

The Coco Blockchain Framework

Can Coco Framework Allow The Use of Blockchain Technology in Enterprises?

Microsoft is one of the companies that have embraced the need for blockchain technology in modern business. In fact, in the past, Microsoft has tried to integrate blockchain friendly business-as-a-service platforms in Azure. Bill Gates even mentioned as early as 2014 that Bitcoin is actually better than currency. And Microsoft is far from stopping in exploring the potential of Bitcoin technology.

Microsoft is involved in yet another blockchain tech related project. This time around, Microsoft announced the newest blockchain protocol in the Confidential Consortium (Coco) Framework. It is an open source system that aims to provide large-scale blockchain networks for businesses and other organizations.

Its ultimate goal is for enterprises to be able to adapt the blockchain technology and the distributed ledger technology seamlessly into their system. The Coco framework aims to minimize the complexity of implementing blockchain protocols.

What it aims is to make transactions faster and increase their overall confidentiality in the blockchain. According to Mark Russinovich, technology chief at Microsoft Azure, he mentioned that Coco has been designed for confidential consortiums wherein nodes and actors are not only declared but also controlled.

He also mentioned that “ Coco presents an alternative approach to ledger construction, giving enterprises the scalability, distributed governance and enhanced confidentiality they need without sacrificing the inherent security and immutability they expect”.

The Coco Framework is expected to work with any blockchain ledger protocol. Among the initial implementations will include Ethereum, R3’s, Corda, Hyperledger Sawtooth, and JP Morgan’s Quorum. Coco is also expected to work with hardware-based trusted execution environments. This includes Intel’s Software Guard Extensions and Windows Virtual Secure Mode (VSM).

1,600 transactions per second

Coco is expected to be capable of going beyond 1,600 transactions per second once it has been integrated with the blockchain network. Also, an interesting feature about the Coco Framework is the fact that it aims to have members to vote on everything that matters when it comes to the blockchain software. This means that it allows simplification of governance decisions on the part of its users.

Is it a game changer?

“We’re going to remove a lot of barriers, the scalability barrier, the privacy barrier and the security barriers, so now companies that are building blockchain technologies can focus on what adds value to their business.” Microsoft

What exactly makes it a game changer? One common problem for companies is the reality that there is no unified approach when it comes to the blockchain technology when applied by enterprises. For instance, there are many kinds of blockchains. Unfortunately, not all blockchains are interoperable to one another.

Though a lot of businesses are looking to adapt existing blockchain protocols, unfortunately, many of these options still fail to meet business requirements. A lot of blockchain protocols would require complex development techniques in order to fit in the operational and security needs of these companies.

Basically, what Coco Framework offers is its ability to connect existing blockchains. Mark Russinovich mentioned that “We have listened to the needs of our customers and the blockchain community and are bringing foundational functionality with the Coco Framework”.

Is Coco bringing Blockchain closer to real world use?

Given the common usage of cryptocurrencies in today’s world, it is undeniable how a lot of companies are now looking to tap into the adaptation of blockchain technology. Between the years 2015 and 2016 Gartner mentioned that client inquiries about the blockchain technology increased by 600%.

Though there is a growing interest in the blockchain technology, successfully adapting it is another story. Microsoft is one of the few companies that is slowly becoming blockchain-ready. Could Coco make the adaptation of blockchain technology by businesses a reality? What could be the next steps for Microsoft after Coco?

~Michael Goetzman

August 20, 2017

Microsoft & Stratis Platform


Blockchain tech is still relatively new but big companies are already taking notice. Since Bitcoin has recently reached the $3,000+ mark and more cryptocurrencies are becoming popular among speculators and long-term investors alike, it is safe to assume that people are curious to what blockchain has to offer in the future.

One of the companies that is already taking notice is Microsoft and this isn’t really something surprising. Microsoft has posted job descriptions for new team members investigating blockchain technologies. Bill and Melinda Gates Foundation is looking to use distributed ledger in order to assist two billion people worldwide with no bank accounts. In addition to this, Bill Gates is a strong believer digital currencies. He even mentioned in 2014 that “Bitcoin is better than currency”.

Microsoft BaaS

As for Microsoft, they are now looking to build a business-friendly blockchain-as-a-service (BaaS) platform. Given that blockchain is relatively new, there is always that element of surprise that market leadership is still up for grabs.

Microsoft has been integrating BaaS modules into Azure, which is its cloud computing platform. Looking at its exterior, it is a cloud-based, modular, and has been based on an open-source code. Though it can work with different kinds of protocols, it has shown preference towards the ethereum blockchain. In fact, it has been soft-launched during an Ethereum event in 2015.

A lot of partnerships have been made with startups that made use of ethereum. In addition to this, Microsoft has been a founding member of the Enterprise Ethereum Alliance which is a move towards exploring business adaptations of blockchain technology.

Unfortunately, experts have seen Microsoft’s involvement with Ethereum as a risk. Ethereum, which was developed by the Ethereum Foundation, is something that Microsoft is not a part of. This means that the Ethereum Foundation can change the underlying code without any input coming from Microsoft. In fact, a bug can entirely shake up the confidence on companies that have used an ethereum-based system.

Public vs. Private Blockchain

Because of these potential problems that might occur dabbling with public blockchains, IBM, on the other hand, has a different stroke when it comes to its Blockchain-as-a-Service Platform. The IBM blockchain leaned towards Hyperledger’s Fabric codebase. Unlike Ethereum and Microsoft, IBM played a major role in writing a large part of its code.

Aside from being a private blockchain, IBM is a member of the steering committee that governs Hyperledger’s codebase. This means that IBM’s consent and contribution plays a major role in case they make certain changes.

Microsoft-Stratis Partnership

Given the possible problems with Ethereum, enter Stratis into the picture. One of Stratis’ board members, Mahesh Chand, is a 12-time Microsoft MVP (Most Valuable Professional). As the recipient of the Microsoft MVP, it is possible that Mahesh Chand’s technical knowledge of Microsoft Products can be considered an advantage how both Stratis and Microsoft can work together.

In addition to this, Mahesh Chand is also the founder of C# Corner, which is the most popular online community for Microsoft programmers and developers. With his participation on Stratis, it provides them Microsoft access to a great number of C# programmers that can potentially build advanced decentralized apps.

Stratis in Azure Marketplace

By the end of June, Stratis announced that they’ve completed the Microsoft Azure Certification for the Azure Marketplace. The Stratis Full Node is now public for both Windows and Linux users. What it does is help businesses that run on both Windows and Linux environments to run their blockchain related apps smoothly.

The goal of Stratis is to allow the financial sector and businesses create their custom blockchain applications in a simpler and faster way than how other blockchain projects are developed.  What Stratis offers is the creation of a private blockchain that can be launched by third party organizations. These blockchains are then secured on the main Stratis Blockchain.

Among its advantages include synchronizing a full Stratis Node in just a few minutes. Also, it offers combination with other Azure resources in order to improve performance and reliability for its users. This will also allow developers to use their C# and .net knowledge since Stratis is based on these two technologies. And since it makes use of C#, it becomes simpler than the traditional C++ Bitcoin Source Code.

According to Stratis supporters, despite Stratis entering relatively new, it has been showing great potential. Having all the tools that can be used by both small and large businesses, it has the ability to create blockchain based apps that are custom made for its users.  How do you think Major Corporations like Microsoft will bond with blockchain and stratis platform into business competitive advantages?

I’ll discuss in an upcoming article Microsoft playing with an Ethereum-Based Protocol called ‘Coco’.

~Michael Goetzman


August 12, 2017

Human Body Bacteria & My Experiment

The human body and bacteria

Despite common knowledge, bacteria is something the human body cannot live without.

The false belief that bacteria is always bad is mostly propagated by the advertising industry, who try to promote the idea that we’re constantly at risk of getting infections because of bacteria. This scares us, and we end up buying antibacterial soaps.

The truth is that not all bacteria is bad. Without good bacteria, our digestive systems cannot break down food properly. This puts us at risk of low Biotin and Vitamin K levels.

A study concluded that guinea pigs raised in a sterile environment are malnourished and die young because they aren’t exposed to bacteria.

Bacteria is one of the primary teachers of our immune system. When our body is exposed to bacteria, it tries its best to fight it. Regular exposure can straighten out our immune system and teach it how to suppress infections more effectively.

However, bacteria can be harmful too. Let’s take for example the staph bacteria that can be found on your skin.

As long as you don’t get any cuts, the staph bacteria won’t attack your body. But if you do, you set yourself up for a battle against a bacteria that can undergo mutations and become resistant to antibiotics.


How our eyes use bacteria to fight infections 

Not so long ago, specialists were certain that our eyes lack a bacterial community. This idea is rooted in the defense mechanism of the eyes. Human tears contain compounds that are deadly to microbes.

In recent years, however, scientists found traces of bacterial DNA in human tears. But it doesn’t stop there. Soon, more tests were done and a modified version of Corynebacterium mastitis was found.

Why are these findings relevant?

Research shows that even though we previously thought the superpowers of our tears are due to lack of bacteria, we find out that bacteria itself is part of the defense mechanism that helps kill microbes.

A study done on mice put this theory to the test. After removing the Corynebacterium mastitis in mice, their eyes became more vulnerable to infections.

In conclusion, a modified version of bacteria survives in our eyes. It not only survives, but it’s now collaborating with our bodies to keep infections at bay.


How your gut is linked to your immune system and brain

A bit over 60% of your immune system’s cell tissues can be found in your gut. It just so happens that your gut is the part of your body that is most exposed to unfriendly bacteria.

Unwashed vegetables, bad meats, and old foods are just among the few ways pathogens can attack your gut. Perhaps, this is why the immune system keeps its headquarters in your gut.

The immune system in your gut doesn’t just protect you from pathogens. It also produces specialized cells that help your body defend itself from viruses.

In conclusion, your gut’s health greatly influences your immune system. Without enough good bacteria in your gut, your body becomes weaker.

But your gut’s bacteria not only influences your digestion, but it also impacts your metabolism and immune system. Researchers at the University of California believe that bacteria can even influence the way we think and feel.

Emeran Mayer, a gastroenterologist at the University of California, believes there’s a link between autism and your gut.

It seems that both mice and humans who suffer from autism benefit from Bacteroides Fragilis.

In a studyBacteroides Fragilis was given to both humans and mice suffering from autism, and the results were astonishing. Both mice and humans experienced a change in behavior, with less repetitive behavior and an increased desire to socialize.

But autism is not the only ailment that can be helped with a healthier gut. Studies also show that depression and anxiety may be linked to changes in the gut bacteria.

Studies conducted on chimps demonstrate how interaction helps us “grow” good bacteria.The logic behind it is quite simple, the more we socialize, the more we expose ourselves to germs. Therefore, the relationship between brain and gut is a two-way street.

The brain influences the gut and the gut influences the brain, and ultimately our behaviors. Someone who is depressed will deepen their issues by choosing isolation. Less exposure to others means less good bacteria.


How to hack your gut and restore balance

There are many ways by which you can restore balance to your gut. But the first step is to remove all toxins from your diet.

You’ve probably guessed some of the usual suspects. Yes, grains, sweets, and artificial sweeteners can all irritate your gut. It’s also a good idea to avoid antibiotics when you can, or start taking a probiotic soon after you finished the treatment.

Anti-inflammatory medication such as Advil and Ibuprofen can also bring negative changes in your gut bacteria.

To make sure your gut’s bacteria flourishes, you need more than just the removal of inflammatory foods. Adding fermented foods can speed up the healing process since it introduces a number of good bacteria into your body.

Fermented veggies and products made from whole milk can help you populate your gut with “good” bacteria.

Sometimes, the problems you might have with your gut could be caused by stress. As I mentioned before, the relationship between your brain and your gut’s bacteria is a two-way street. This is why stress management is so important.

Stress takes its toll on all of your body’s function, and even though it might be impossible for some of us to find a way to control it, we all have something we enjoy doing.

Instead of thinking about doing yoga to manage stressful periods in your life, think about the things you love doing. It might be spending time with your pets or even playing a video game. Don’t eliminate all the fun activities from your life. Make time for them, and your body will thank you for it.

In conclusion, the way we eat and how we manage stress has a bigger impact on our immune system and brain than we thought before.


My Experiment:  #1 Control,  #2 Stress (DEFCON), &  #3 Antibiotics

Antibiotics have saved millions of lives over the years. They’ve killed many microbes and pathogens and increased the quality of our lives.

However, studies show that antibiotics also attack our gut flora, not to mention that the irresponsible use of antibiotics can lead to antibiotic resistant pathogens.

There are many contradictory claims. Some researchers say that antibiotics don’t have a big impact on gut flora, or that the impact is merely temporary.

On the opposite end of the spectrum, there are researchers who believe that antibiotics can cause irreversible damage to our gut flora in large doses over extended periods of time. The damage caused by antibiotics can sometimes lead to dairy and gluten intolerances.


My experience with antibiotics and its effects on my gut flora


I did this experiment using Ubiome to sample my gut’s flora, compare it with other samples and track any changes in my own flora.

I’ve introduced into Ubiome’s system three sets of testings samples, the first set was taken with no changes in my diet, lifestyle, stress levels or any type of antibiotics. This sets our control group of bacteria.

The second set of my bacteria sampling was immediately after DEFCON, a six day stressful event with little food, sleep and tons and tons of exercise.

With the 2nd group sampling, let’s start with the good news, likely due to the changes during DEFCON. My gut flora changed completely. Some of the changes were actually positive. For example, Firmicutes were lowered by at least 40% while Bactoroidedes were doubled. Both changes decrease the chances of obesity.

A study done on mice revealed that mice who had more Firmicutes and less Bactoroidedes had a higher body fat percentage by 15% despite not having a different diet from mice with a healthy gut flora.

This means that my gut flora will now be more likely to defend my body from gaining weight.

The bad news is that I also saw an increase in Kluyvera ascorbata, a bacteria that is associated with a large range of infections.


The third set of my bacteria sampling was taken after I’ve 10 days of antibiotics. During these 10 days I took Amoxicillin 875mg, one tablet per day, for 10 days. This led to some good and some bad news.

Antibiotics, which are normally intended to treat infections, stimulate a bacteria that is associated with a large range of infections. This is what happened in my case.

Also, the bifidobacteria population went down after I used the antibiotics. This type of bacteria is associated with aging, or at least diminishes with age.

At birth, humans have their highest bifidobacteria population. As they age, the population of this type of bacteria diminishes.


In conclusion, DEFCON and antibiotics did changed almost every aspect of my gut flora. However, not all changes were negative. My body is now better at managing weight gain, but I might have some issues with infections in the future. This ended up being true, as I had a month of sickness… although my child went to a new school around the same time. Yikes.

~Michael Goetzman

August 12, 2017

Ecosystem Re-Balance: Native Prairie, Native Plants, Seeds & Rewilding


You probably heard about rewilding before. The process is actually quite simple. Humans have destroyed, and are in the process of destroying, many ecosystems. Rewilding is the process in which individuals or organizations reverse and fight for the conservation of these destroyed ecosystems.

Rewilding is not only about conservation. It’s also about action based on knowledge and physical strength of planting seeds of plants that used to live in a certain place or trying to reintroduce both predators and key species to a certain area are also part of the rewilding process. There are a few organizations around the world that deal with the conservation of the environment. One great example is The American Chestnut Foundation in which I’ve been a member of for many years. In reality though, you can begin your own rewilding process if you have a bit of land.

How does the rewilding process begin?

Use research to try to find out the key species that can live in certain areas, as well as their key predators. Next, determine how damaged a certain area is. If damaged, try to determine the numbers of predators and key species by contacting local authorities.Sometimes, due to pollution or changes in the environment, some species go extinct. For example, if predators are hunted for their fur, the population of wild rabbits will grow wildly, and some of the population will migrate since they need more space.

When it comes to plants, using native seeds is extremely important because the regular seeds found in stores are genetically modified and might not have the same nutrients that native seeds have. This is particularly important for herbivores who will need as many nutrients as possible from their food.

Why should we care about rewilding in Wisconsin?

According to Greenpeace, the Amazonian forest will disappear by 2100 if we continue at this rate. The earth strongest lung will fade due to the illegal deforestation that occurs in Brazil. Despite the fact that many forests are protected on paper, hundreds of trees are being chopped down and sent to highly industrialized countries. We read tons of articles about corals and fish populations disappearing in the great barrier reef, but why should we care here at home? Rewilding is the only way we can save certain species from extinction that do not get press, look at the list . Introducing animals that once lived in captivity back into the wilderness again is the only way we can help them adapt and survive. This also applies to Wisconsin insects and plants that are threatened by the human activity, either through our abundant farming with pesticides or deforestation.

Unlike what most people think, rewilding doesn’t affect commercial activity that much. For example, whale watching is a more profitable business than hunting whales and selling their body parts. Fascinating travel activities like safaris can also be monetized without doing much harm to the ecosystem itself. Lake Michigan does not need to be over-fished for business to thrive. The best part about rewilding is the creation of self-sustainable systems. Once an area is protected from pollution and the right animal and plants are introduced, nature finds a way to keep the ecosystem balanced. You won’t have to worry about planting new seeds or constantly watching them if the ratio predator-prey is imbalanced.

Biodiversity is another concern that makes rewilding so important. Damaging habitats and overhunting can have disastrous effects. We all know what happened to the famous Dodo bird, which surprisingly survived the volcanic activity in Madagascar but went extinct 100 years later after Spaniards discovered Madagascar. Unfortunately, the Dodo bird is not an isolated case. Over 14 major species went extinct during the last century.

How you can contribute to the rewilding process

If you want to make a positive change and help the Wisconsin environment, there are few steps you can take, even if you aren’t part of a large organization.

One of the first things you should do is protect the animals by not feeding them bread, especially birds. What few people know is that doves and ducks do not thrive on a diet high in carbohydrates. Therefore, bread that both old and young people give to their favorite animals on the lake is actually harmful. Also, littering is often associated with environmental harm. However, few people know that animals are most impacted by it. When you throw food out the window while driving, you attract animals to the road. This why so many animals get hit by vehicles. Often times, they’re just searching for food.

Even simple things such as choosing paper over plastic can have a huge impact on the wildlife as well. On the coast, thousands of marine animals die every year because they mistake plastic bags for jellyfish. Whales, turtles, seals, and birds suffer a slow and painful death because they end up consuming the plastic, which can’t be digested by their gut. Pesticides are harmful both to the insects and plants. Also, pesticides used in agriculture can lead to serious health issues in humans who regularly consume vegetables on which pesticides were sprayed.

Recently it was discovered that the widely used pesticide Glyphosate may cause cancer. It’s also known to block the hormonal pathways in women, among many other issues. Fighting against pesticides not only saves the environment but our health as well.

What else can you do? Restore a Wisconsin prairie. 

How to restore a prairie? First, you need to make sure that your area was even a prairie 100 years ago and make sure that it wasn’t recently deforested. If your site of choice was recently deforested, you’ll still have trees competing with whatever you choose to plant. Besides, a recently deforested area is not a native prairie. When trying to restore a prairie make sure you use native seeds, no exotic plants, no genetically modified seeds. The whole point of restoring it is to recreate the ecosystem that was once damaged and to encourage the same type of insects and animals that one left the prairie to come back.

Prairies in Wisconsin

Over 400 types can be found in the prairies of Wisnconsin, however the prairies in this state, especially the tall grass prairies are in danger of disappearing. It takes a lot of research to find exactly what you should replant in your particular area. However between 1950 and 2017 plants specific to prairies started to be replaced by generalistic plants, like the ones you could find near roads or in a ditch. Many plants such as Ratlesnake master can absorb large amounts of water, protect communities against drought and absorb carbon dioxide. One of the easiest forms of making an impact is planting oak trees for forest land or native milkweed for fields. The amount of wildlife that uses both oak and milkweed is well over 1500 native species and would cause a major ecosystem impact in four years. Doing so is relatively cheap costing about $200 for 30,000 milkweed seeds covering about 10 acres.

Hope you enjoyed some random environmental thoughts, go plant oak trees!

~Michael Goetzman

July 16, 2017

Biohacking and Transhumanism at DEFCON 25


Our bodies are wonderful biological machines. Sadly, they’re also flawed. Issues like neurodegenerative diseases and aging are difficult to ignore. The reality is that we’ve yet to become the best versions of ourselves through evolution. Biohacking is all about improving our bodies beyond what evolution offers. In some cases, it involves tweaking our diet and actively measuring the results of our efforts, whereas in others it involves using prosthetics to replace missing limbs or even computer/electronic systems imbedded into our bodies. Rooted in transhumanism, biohacking is all about helping humans reach their full potential and preserving the most valuable asset on the planet: the human brain and the memories within. While we’re far from having the technology to upload or conscientiousness and achieve immortality, humanity is taking small steps in that direction.

While there are many definitions, transhumanism is simply a philosophy focused on improving our biological functions through the use of technology. Transhumanism aims to reach certain technological advancements that will inevitably defeat death itself, and it’s based on the belief that one day we can separate our consciousness from our biological bodies and download it as digital information that can be uploaded into cyborg-like bodies that will never die. This is rather a simplistic explanation of the transhumanist philosophy, but I believe it’s a good start for those who want to understand its core principles. While it might sound like your favorite sci-fi television/streaming series, technological advancements are now made at a such a rapid pace that we can only wonder how long we have left until we can really say that we can improve our body functions trough implants or even robot-like parts. Biohacking is just the next step in learning more about our bodies and how to improve their performance. There are many approaches to biohacking, from using nootropics to improve brain performance to steroids to increase body strength.

Biohacking is already happening! Before you jump to conclusions about how radical the biohacking movement is, you should know that you probably use several biohacks yourself. Anything that you put in your body and that improves your performance can be considered a biohack. You can’t start your day without the energy coffee gives you? Caffeine is your biohack of choice. Biohacking doesn’t have to be a radical treatment. It could be something more subtle, such as creatine for muscles or nootropics for an improved brain performance. Any substance that you use to increase your body’s performance can fall into the biohacking category. But biohacking sometimes comes with a twist. It empowers regular people who don’t have access to studies in medicine and engineering to study their own bodies and experiment with them. For instance, some biohackers try to improve their body by adding small magnets near their fingertips in order to “feel” magnetic fields. This type of improvement of the senses helps make us aware of magnetic fields that otherwise can’t be observed by our senses.

Biohacking majority impacts the health industry too. From nootropics to tracking down changes inside your body after adopting a new diet or taking a new supplement, biohacking is empowering people all over the world to find out more about their bodies and experiment with them. For example, you now have the opportunity to find out to what genetic diseases you’re predisposed to, what genetic diseases you’re currently suffering from, what your ancestry is, and many other useful pieces of information, just by mailing in your saliva in a tube.

The company I’ve brought up time after time is 23andme, a service that analyzes your DNA and delivers the results of 240 tests. These results let you truly understand one’s self. You can easily find out if you’re predisposed to ailments such as cancer, neurodegenerative diseases, diabetes, and much, much more. There are also many websites that help you keep a record of your medical history as well as websites that can help you get an idea what supplements should you use based on your height, weight, gender, and current dietary intake.

What’s so revolutionary about all this? For the first time ever, anyone can take these tests in a very comfort of their own home, at a very affordable price. The company can even “guess” your hair color and eye color. But biohacking doesn’t end there. Hormonal treatments for aging and prosthetics for the disabled can help us both live longer and improve the quality of our lives. Many people who are interested in biohacking just get regular tests. They measure the impact of certain supplements, and they generally try to improve their health some like our friend’s at DEFCON’s Biohacking village go way beyond the fringe with body modifications.

These friends at DEFCON’s Biohacking Village take body modifications one step further, many members of these biohacking communities are looking forward to incorporating new technology in their bodies each year. Magnets that can help user detect magnetic fields, and LED’s have the potential to make life even easier. Optimists say that in a few years the LED’s inside one’s body will allow you to communicate with your smartphone, giving commands. For example, you’ll have the ability to open your car door with LED’s. Nanotechnology is also on biohackers’ minds when it comes to body modifications. What if we could perform “surgeries” from the inside of the body? What if nanobots can help us detect cancer cells in early stages? What if these nanobots constantly examine our health state and report data to our laptops or smartphones? As technology advances, biohackers hope that they will accomplish the ultimate transhumanist dream: merging the human body with machines that not only enhance its capabilities but also transfer the human conscience in digital form to an undying body.

We’re living in a time where we can no longer deny their weakness or ignore death. But instead of giving up, we fight using technology. The ultimate goal of transhumanism is to defeat our biggest enemy: the flawed human body. While it’s undoubtedly a biological masterpiece, it has many shortcomings as well. Biohacking is not just about incorporating technology in our bodies. How far you wish to take it also depends on your goals and how you want to experience life. Some biohackers are more concerned about their mental performance, while others try to fight or prevent certain diseases. Biohacking is not limited to a small segment of people. It comes in many forms. However, the pursuit is all about changing your body and your human experience for the better, and always aiming to become a better human.

Come check us out at DEFCON’s Biohacking Village DC25

~Michael Goetzman

October 28, 2016

IoT Security Testing Types

With the recent DNS denial-of-service attacks originating from compromised Internet of Things (IoT)/ Connected Devices, I thought it would make sense to break down all the various areas companies are struggling to keep these devices safe. The Internet of Things (IoT) can be defined as Cisco well states “a pervasive and ubiquitous network which enables monitoring and control of the physical environment by collecting, processing, and analyzing the data generated by sensors or smart objects.”

The problem with these devices is the perimeter of software and hardware realms that could be compromised. Security professionals working with product development can build better IoT ecosystems, but a full scope IOT security testing program encompasses MANY disciplines and volumes of knowledge – this is not something we can fix overnight. Here is a list of areas to consider when you are looking into IOT hardening.

Testing types:

  • Code Security Assessment “Code Review”: Security code review is the process of auditing the source code for an application to verify that the proper security controls are present, that they work as intended, and that they have been invoked in all the right places. Code review is a way of ensuring that the application has been developed so as to be “self-defending” in its given environment. Covers both Automated or Manuel Reviews
  • Binary Testing: we create various ways to dynamically exploit the code on the phone like it would be in the real world
  • Hardware Testing: Not knowing the application details can be frightening, encryption and protection are important, here we use hardware-based attacks such as power-timing or side-channel to compromise the application.
  • Host Forensics: What does the application leave on the host that could make it vulnerable? Does any leftover data give attackers insight?
  • iOS/Android Environment Assessment “APK”: Digital Rights Management, Content Protection
  • Authentication/Authorization Review: How credentials are transmitted and stored. With authentication and authorization components, a trust relationship is established between IoT devices to exchange appropriate information.
  • Vulnerability Assessment/ Penetration TestingProcess of identifying and quantifying security vulnerabilities in an environment then simulate the actions of an external and/or internal cyber attacker that aims to breach the information security of the organization.
  • Automated FuzzingSoftware testing technique that involves providing invalid, unexpected, or random data to the inputs of a computer program.
  • System Architecture Security Analysis: Early assessment for General Hardening will reduce tons of additional work in the development process.
  • Cloud or Systems/Network Architecture Security Analysis: Does the application communicate with a back-end? If so, that should be in scope. We analyze the network traffic and how it relates between host and server, particularly with encryption, there are typically vulnerabilities.
  • Backend Systems/NetworkTraditional areas should not be forgotten.
  • Protocol Analysis: BLE/ WiFi, 802.15.4/Zigbee, USB, and Ethernet.
  • Database Security Review: Trust Modeling & Verification
  • Key management systems (KMS) / Cryptanalysis “cryptography”: Addresses problems associated with the design and security analysis of network protocols that use cryptographic primitives. Examples: public-key protocol, TLS, probabilistic, computational soundness, polynomial-time process, game-based verification
  • Malware Analysis: The number of malware threats targeting the segment is rising
  • API Analysis: Application program interface (API) is a set of routines, protocols, and tools for building software applications. An API specifies how software components should interact and APIs are used when programming graphical user interface (GUI) components.
  • Configuration Assessment: Reducing configuration drift and unauthorized changes with static analysis/methodology.
  • Security Documentation Review: A document that establishes standards for Information Security documentation – What risks were calculated and how to monitor/protect against.

The defenders have the difficult job to get it right every time, whereas the attackers/criminals only need to find one seemingly small weakness to bring the whole thing crashing down.

Regarding DNS attacks, the creator of DNS, Paul Mockapetris, said “DDoS threatens our values and freedoms, as well as our surfing”. Therefore, I believe security researchers, businesses, and government will learn from previous attacks and keep healing our system into a bigger, better, and stronger global network.

~Michael Goetzman “Korgo”