back to article Ex-GCHQ chief now heads up infosec firm's advisory board

Sir Iain Lobban, the former chief of GCHQ, has joined a British company's advisory council and has said he finds the prospect of a hands-on role "a scintillating propostion". Glasswall Solutions formally launched on Friday. The company claims that its tech will thwart all potential phishing attacks by deconstructing and …

  1. elDog

    And we're absolutely certain Sir Iain won't profit by this move

    Sort of goes along with this earlier story: http://www.theregister.co.uk/2015/11/16/uk_gch1_1900_staff/

    "Yes, GCHQ is hiring 1,900 staffers. It's not a snap decision"

    Here in the fine ole USofA, we have all sorts of laws and oversight to make sure that government officials can't just go into a private company and benefit by their connections.

    Wait, what's that you're telling me? Oh, I misunderstood. That only applies to low-level functionaries.

    1. Anonymous Coward
      Anonymous Coward

      Re: And we're absolutely certain Sir Iain won't profit by this move

      I am struggling to understand why they think having a former GCHQ big-wig on board helps. Rightly or wrongly, there are plenty of customers who will positively avoid any product tainted by even the suspicion that they could be pwned by GCHQ or NSA.

  2. Doctor Syntax Silver badge

    If I've understood this PR speak correctly what they plan to do is rebuild the attachments with any nasties removed. But if a file's only purpose is to hide the nasty & persuade the victim to open it, why bother? Just throw the file away.

    1. This post has been deleted by its author

  3. allthecoolshortnamesweretaken

    "In Glasswall’s world, viruses and malware do not exist."

    Small world, tall order.

  4. cbars Bronze badge

    Known Good's?

    So, rebuilding an Excel macro will be totally safe? And rendering a font has never caused any damage*.

    I'm not sure how this works, it will rebuild the file but only includes what is *known* to not be an overflow argument, or a system call? What about rebuilding a file which exploits some clever 'codeless' injection methodology**; that will be impossible....really? Or are we just ripping out the Macros altogether, I can't see that being accepted.

    Just because the code doesn't make a system call, or to an external box, doesn't mean you can rebuild it without fear. Sounds like Marketing and wishful thinking to me.

    I reckon, anyway.</skepticism>

    *http://www.theregister.co.uk/2015/06/24/killer_character_hoses_smallalmostsmall_all_versions_of_reader_windows/

    **http://www.theregister.co.uk/2015/10/14/vxers_eyeing_undetectable_codeless_codeinjection_technique/

  5. Christoph

    "Glasswall breaks down every file to byte level, searching only for 'known good' and matching the files against manufacturers' standards. A fully-compliant, completely clean file is regenerated in real-time, giving businesses total confidence in security."

    This appears to be gibberish. It might work on, say, Word Macros by removing any suspicious commands - but then the macro wouldn't work, even if it was innocent. But how is it supposed to work against say an unknown vulnerability hidden in a jpeg?

    "In Glasswall’s world, viruses and malware do not exist."

    And in the real world, they do exist. Hi Glasswall, what colour are the skies in your world?

  6. Anonymous Coward
    Anonymous Coward

    Plausible enough to shake some budget out of management types. Maybe that's the point, because it sure as fuck won't work in RL.

    Encrypted nastiness? Calls to external resources? Hitherto unknown zero-days? In every version of every file from every manufacturer; and that's just exe files. Nah.

  7. Anonymous Coward
    Big Brother

    *cough* backdoored *cough*

    The USP is it sends all the good stuff it finds to GCHQ. No wait, that's an unadvertised feature!

    In unrelated news, man with gold-plated, index-linked £M pension can't resist trousering a few extra quid by allowing his name to be used on company notepaper.

  8. NonSSL-Login
    Meh

    All the problems of AV

    Adding more software adds more surface for infection. Malware will target Glasswall's extraction technique in a similar way to how it has been done with AV's parsing for various formats such as ZIPS. No user interaction needed.

    1. Lyndon Hills 1

      Re: All the problems of AV

      Malware will target Glasswall's extraction technique in a similar way to how it has been done with AV's parsing for various formats such as ZIPS

      My reading of this is that what they intend to do is to examine the file and compare it at byte level to what the spec for the purported file type says it should be. Wasn't there once a problem with deliberately mal-formed jpegs, or was it a video format? Something like bytes 10-12 indicate the length of the content, and you could cause a crash by fiddling with these bytes. I guess their analysis would calculate what these bytes ought to be and then generate a new file with the corrected values.

      I can imagine this would provide some extra level of protection, assuming that AV programs don't already do this. It ought to mean that your attachment that seems to be a pdf, actually is a pdf, and it meets the published spec. I don't reasonably see how they can do much for executable files or macros, but the article doesn't say that's what they're trying to do.

  9. Will Godfrey Silver badge
    Unhappy

    It won't work

    ... unless he has found a way to stop breeding a higher class of idiot.

  10. amanfromMars 1 Silver badge

    Don't let that revolving glass ceiling door hit you on the way out, spooks chiefs.

    And what does the meat/meet in that tale ... "Ex-GCHQ chief now heads up infosec firm's advisory board. Walled gardens are 'scintillating proposition' for ex-spy" .... tell you of Sir Iain Lobban and friends', and GCHQ's grasp of the nature of the virtual reality they now face and struggle so publicly to defeat and embrace and to come to terms with?

    And it has all descended, for both minions and peons and crazed psychotic executive elementals alike, into the grab for virtual money/QE funds has it not, in the dumb capitalist monetarist system where Great Game Grand Mastering Power and Round Table Top Knight Energy is wrongly presumed to be easily led and bought with fiat script/paper wealth rather than with fat scriptures/fundamental secrets and Advanced IntelAIgent Move, and assumed.

    In such worlds and real time and in these and those times with intellectually supplied provision and media hosted events and presents be controlled remotely and commanded anonymously in spaces which energise both viable creative and absolutely fabulous fabless and unbelievably destructive and vindictive imaginanation, does the Postmodern Templar reign sublime and supreme in the Free Radicalised Madness of CHAOS to XSSXXXXStreams .... Novel Magna Flows?

    And shared as a cold comfort question for both the infidel and doubting Thomas alike to ponder and enjoy or deny exists and flourishes refreshed and quite perfectly enough prepared to deliver SMARTR SCADA Hedges in Incredible Future Derivatives to Markets in Mayhem and Collapse.

  11. HAL-9000
    Childcatcher

    Hi Dave

    What was that thing you said about revolving doors? I see ... Yes

    Remember anyone: "the next big scandal waiting to happen."

    1. amanfromMars 1 Silver badge

      Re: Hi Dave

      What was that thing you said about revolving doors? I see ... Yes

      Remember anyone: “the next big scandal waiting to happen.” …. HAL-9000

      And we all know the perverse result of incestuous relationships, HAL-9000, don’t we. It is quite telling that supposed intelligence bods in capitalist ventures with proposed intelligence delivery services are not aware of the corrupting practice, as would appear to be fully evidenced by their acceptance and payments for the blinkering closed shop arrangement.

      No wonder their real time record in cyber is so fundamentally abysmal and radically reactionary and virtually ineffectual.

      If one hasn’t got it in IT, one hasn’t got it in IT, and there’s no point in pretending it be otherwise and easily fixed with a crash and a flash cash market injection.

      1. HAL-9000
        Pint

        Re: Hi Dave

        Big corps buying influence and/or insider knowledge when they hire former senior civil servants/politicians?! Nothing new there. The sad thing is that's exactly what theyr'e getting, lamentable human nature I'm 'fraid, and our corrupt(ing) tendency.

        Can't wait till the 'droids takeover ;)

        In the meanwhile have a beer, and chillax

  12. amanfromMars 1 Silver badge

    Quite a pertinent impertinent rhetorical question, HAL-9000 and El Regers

    Whenever former senior civil servants and politicians go private sector, do they go rogue and be persons of interest to national security organisations?

    Methinks virtual machine takeover and makeover of hierarchical establishment bodies is exactly what their systems are presently combatting so vainly with austere chaos and collapsing narrative phormations.

  13. James 36

    Optional

    I eagerly await Glasswalls first appearance in the CVE databse

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like