Ex-NSA Boss Defends Patenting His Totally Brand New, Not Developed On Gov't Time, Patent-Pending Cybersecurity Brilliance

from the yeah-that's-believable dept

Wed, Aug 6th 2014 9:09am — Mike Masnick

We recently wrote about Keith Alexander claiming that he's worth as much as $1 million a month (actually, the number is now being lowered to $600k) because he's magically come up with a totally brand new anti-hacking concept that will have many patents. As we noted, this story raised all sorts of questions. First, if he had such a brilliant idea to stop hackers, why didn't he use it back when he was in charge of the NSA and the US Cyber Command? His answer to that was that he magically came up with it after he left office in March. Of course, if that's the case, it's difficult to see how it can be worth many hundreds of thousands of dollars per month because it's a totally untested and totally brand new idea. He can't both be claiming that his years of NSA experience make it worthwhile and that this idea has nothing to do with his work at the NSA -- but he seems to be doing exactly that.

Either way, he's given an interview to the Associated Press in which he tries (and fails) to defend himself concerning the new operation, IronNet Cybersecurity:

"If I retired from the Army as a brain surgeon, wouldn't it be OK for me to go into private practice and make money doing brain surgery?" he asked. "I'm a cyber guy. Can't I go to work and do cyber stuff?"

The "brain surgery" analogy is not even close to be analogous. This is more like he was the administrator of an army hospital who has now retired and says, despite never having personally done a brain surgery, he's now invented a miraculous new way to do brain surgeries so powerful people have only dreamed of them before. Naturally, most people should be skeptical of such claims.

And, of course, most actual cybersecurity folks I know don't consider Alexander to really be a "cyber guy." He's not. Yes, he managed various groups that could hack into systems, but that doesn't make him any sort of expert on cybersecurity. Just the fact that he's diving into the murky waters of "behavioral modeling" as his anti-hacking technique should raise some flags. It's an area that has been talked about a lot, but solutions haven't been any good at all.

Is it possible that Alexander has broken through on an idea that has stumped many people who actually do spend all their time hacking away at systems, looking for security holes and how to fix them? Sure. It's possible, but it's improbable. And the claims by themselves should require significant proof before they're taken seriously. As we've said for years, ideas are one thing. Execution is another, and Alexander has shown no evidence that his solution is actually any good. So why are companies paying him upwards of six figures a month? Good question. It seems unlikely that they truly believe he has found the holy anti-hacking grail. It seems more likely that they like his government connections.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: behavior modeling, cybersecurity, hacking, keith alexander, nsa, patents
Companies: ironnet cybersecurity

36 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

John Fenderson (profile), 6 Aug 2014 @ 9:13am

How we know he's not a cyber guy
Actual computer security people would rather die than call themselves "cyber" anything.
[ link to this | view in chronology ]
- Rich, 6 Aug 2014 @ 9:24am
  
  Re: How we know he's not a cyber guy
  True. "Cyber" is only for bad science fiction and fear-mongering.
  [ link to this | view in chronology ]
  - Anonymous Coward, 6 Aug 2014 @ 12:38pm
    
    Re: Re: How we know he's not a cyber guy
    Actually, I've heard people use the term "cyber".
    As shorthand for "cybersex", specifically.
    Which makes me even more curious as to exactly what Mr. Alexander is charging $1 million for...
    [ link to this | view in chronology ]
    - Anonymous Coward, 6 Aug 2014 @ 5:48pm
      
      Re: Re: Re: How we know he's not a cyber guy
      No need to be curious. We all know they're all a bunch of cocksuckers...
      [ link to this | view in chronology ]
- Anonymous Coward, 6 Aug 2014 @ 9:25am
  
  Re: How we know he's not a cyber guy
  the correct term is "hacker", but I guess Keith Alexander would not like to call himself that.
  [ link to this | view in chronology ]
  - weneedhelp (profile), 6 Aug 2014 @ 9:50am
    
    Re: Re: How we know he's not a cyber guy
    Engineer.
    [ link to this | view in chronology ]
    - Anonymous Coward, 6 Aug 2014 @ 10:15am
      
      Re: Re: Re: How we know he's not a cyber guy
      Poser.
      [ link to this | view in chronology ]
  - Anonymous Coward, 6 Aug 2014 @ 11:36am
    
    Re: Re: How we know he's not a cyber guy
    It’s UNIX! I know this!
    [ link to this | view in chronology ]
    - Sunhawk (profile), 7 Aug 2014 @ 9:12am
      
      Re: Re: Re: How we know he's not a cyber guy
      Amusingly, even as a youngster looking at that I was thinking "... that's not any flavor of UNIX I'm aware of..."
      [ link to this | view in chronology ]
- Dave Xanatos, 6 Aug 2014 @ 10:05am
  
  Re: How we know he's not a cyber guy
  He may very well be a 'cyber' guy. It's something to keep in mind if he ever invites you to a private chat room.
  [ link to this | view in chronology ]
- Andy Boyd, 6 Aug 2014 @ 10:10am
  
  Re: How we know he's not a cyber guy
  Dang, beat me to it. Nobody who works in IT would refer to themselves and the word "Cyber" in the same sentence. This guy does it twice.
  [ link to this | view in chronology ]
- BAALZAKK (profile), 6 Aug 2014 @ 3:14pm
  
  Re: How we know he's not a cyber guy
  Agreed, that is a term that my grandmother might use, like my uncle uncle trying to act like he's hip with the new times.
  [ link to this | view in chronology ]
Anonymous Coward, 6 Aug 2014 @ 9:16am

"It seems more likely that they like his government connections."

Or they fear his government connections.
[ link to this | view in chronology ]
Berenerd (profile), 6 Aug 2014 @ 9:25am

To the banks hiring this guy...
"I'm a cyber guy."

YOU'RE HIRING A GUY NAMED "CYBERBOB"

Also, I know many "cyber guys". Just because you know how to use yahoo messenger to hit on bots with pictures of half naked chicks does not mean you know anything about cyber security.
[ link to this | view in chronology ]
Anonymous Coward, 6 Aug 2014 @ 9:33am

The 'behavioral modeling' he has come up with is the willingness of big business to pay ex senior government employees because of their contacts.
[ link to this | view in chronology ]
- Anonymous Coward, 6 Aug 2014 @ 1:02pm
  
  Re:
  Between calling himselv a 'cyber guy' and the behavioural modelling... I'm wondering if he's developed a new fembot that targets financial C-levels.
  [ link to this | view in chronology ]
Anon, 6 Aug 2014 @ 9:44am

Actually...
My stepbrother did retire as a brain surgeon from the military (close to age 65 with a pension), and according to my nephew, he got a $500,000 signing bonus when he started working with a private clinic.

But the difference is, he has a demonstrated track record at what he does, he produced demonstrable results before and after he retired, and (AFAIK) the clientele in his private clinic in general have zero connection with his prior work for the US military.

I have trouble imagining an administrative level executive being a technical whiz at anything. My general experience was the type who enjoyed technical work usually weren't the sort who wanted to be or were equipped to be administrators. A few years being an executive usually ensured you were totally removed from current tech.
[ link to this | view in chronology ]
- Dan J. (profile), 6 Aug 2014 @ 11:55am
  
  Re: Actually...
  This is more like he was administrative head of a cancer hospital, he retires and six months later announces he has miraculously discovered a cure for cancer.
  [ link to this | view in chronology ]
  - Anon, 6 Aug 2014 @ 12:58pm
    
    Re: Re: Actually...
    >"This is more like he was administrative head of a cancer hospital, he retires and six months later announces he has miraculously discovered a cure for cancer."
    
    No, more like he ran an asbestos mine or tobacco company for a decade and now announces a cure for cancer.
    [ link to this | view in chronology ]
- BAALZAKK (profile), 30 Sep 2014 @ 12:42am
  
  Re: Actually...
  Your stepbrother doesn't need to prove his worth: no one becomes a brain surgeon for any length of time without at least 10 years of school, and I'm assuming LOTS of work experience with him being in the military. Army guys tend to get pieces of metal lodged in their skulls at an alarming rate...lol. This guy is just a typical Washington, D.C. professional bullshitter con artist.
  The whole city is packed with them, good place for a tsunami to hit in my estimation.
  [ link to this | view in chronology ]
steell (profile), 6 Aug 2014 @ 9:54am

Administrator with an inflated opinion of himself.
[ link to this | view in chronology ]
Keith Alexander, 6 Aug 2014 @ 10:13am

(Parody)
"actually, the number is now being lowered to $600k"

No no no, I'm actually still worth well over a million dollars a month. This $600K figure is merely a promotional. but you must act now!!! I'll even throw in some spyware (strikethrough) some extra hardware and anti-virus software written by the NSA (strikethrough) that will protect your systems even more.
[ link to this | view in chronology ]
Anonymous Coward, 6 Aug 2014 @ 10:22am

This and other related articles strongly suggest that Alexander is an inventor or co-inventor of certain techniques/methods. I have perused all links and found nothing other than a reference to technology being provided by an unidentified third party.

Do you have a cite to any article where Alexander unequivocally states that he is an inventor or co-inventor of whatever techniques his company says it will be using?
[ link to this | view in chronology ]
- Anonymous Coward, 6 Aug 2014 @ 11:34am
  
  Re:
  If he's applying for a patent doesn't that imply he invented something novel?
  [ link to this | view in chronology ]
- John Fenderson (profile), 6 Aug 2014 @ 11:49am
  
  Re:
  Alexander doesn't claim that he thought the stuff up. He claimed that he's partnered with someone who did. Only now, he's talking like he was the inventor, despite his early representation.
  
  All confusion on this point is Alexander's doing. Which is part of what makes me 90% certain that he's got nothing.
  [ link to this | view in chronology ]
scotts13 (profile), 6 Aug 2014 @ 10:40am

One way or the other
He either developed his "special techniques" with government resources, OR developed them himself (hah!) and withheld them from his agency. Not sure which I like less.

Doen't matter - IMHO what he's really selling is his knowledge of how the government does their surveillance, which is even more reprehensible.
[ link to this | view in chronology ]
Anonymous Coward, 6 Aug 2014 @ 10:43am

Special Techniques
Such as corruption, extortion, etc.
[ link to this | view in chronology ]
Anonymous Anonymous Coward, 6 Aug 2014 @ 11:21am

Patent Applications
I am just drooling with anticipation of the coverage the actual patent applications are gonna get. I mean there's gonna be 9 or 10 of them. All open and available for viewing, analysis and ridicule, and ridicule, and ridicule.

Is there some sort of scoring system or scale for how far out of the park the Patent Office misses on prior art or obviousness, or those little words 'on a computer' or 'on the Internet' that are now patently useless?
[ link to this | view in chronology ]
Anonymous Coward, 6 Aug 2014 @ 11:27am

He can't both be claiming that his years of NSA experience make it worthwhile and that this idea has nothing to do with his work at the NSA
Why not? He's had years of experience saying obviously-false things like this. He probably doesn't even realize he's doing it anymore.
[ link to this | view in chronology ]
Whoever, 6 Aug 2014 @ 11:29am

Not Alexander's ideas
His firm is developing as many as 10 patents, he said, and has secured contracts with three clients he declines to name. The technological innovations in the new patents came from an unidentified partner,

The ideas behind the patents are not his. Perhaps the partner is the same data analysis firm that Alexander employed without any measurable success while at the NSA?
[ link to this | view in chronology ]
Anonymous Coward, 6 Aug 2014 @ 12:15pm

http://www.youtube.com/watch?feature=player_detailpage&v=kBSOhODoch0#t=135
[ link to this | view in chronology ]
Anonymous Coward, 6 Aug 2014 @ 1:21pm

Come on everyone. He did stay at a Holiday Inn Express.
[ link to this | view in chronology ]
Anonymous Coward, 6 Aug 2014 @ 9:41pm

Um, Keith? Remember all of those times you helpfully explained to us what it means to be a "real" patriot? Wouldn't a patriot just publish all these revolutionary ideas as FOSS, rather than patenting them so that you can license them only to those who are willing/able to pay?
[ link to this | view in chronology ]
Get off my cyber-lawn! (profile), 7 Aug 2014 @ 10:47am

Those Monkeys have been busy!!!
The infinite monkey theorem means he may have used COCO the gorilla to develop this massively miraculous technology! Or the primate is just using him to get his banana fix and promised the technology is on it's way...either way Keith has a monkey on his back and they like to throw poop so I'd keep my distance.
[ link to this | view in chronology ]
Anonymous Coward, 26 Nov 2014 @ 1:52pm

Now That's A Good Question...
Hmmmmm.
Patent Reg's for NSA (& other Govmt agencies) require all patents be submitted through NSA. If/when NSA feels it is not a patent they need AND it does not divulge classified information then the owner of the patent can pursue use of the patent outside the agency.
[ link to this | view in chronology ]
- Anonymous Coward, 26 Nov 2014 @ 1:54pm
  
  Re: Now That's A Good Question...
  So... Where is the Inspector General?
  [ link to this | view in chronology ]