Sign up FAST! Login

Sources: Security Firm Norse Corp. Imploding — Krebs on Security

Stashed in:

To save this post, select a stash from drop-down menu or type in a new one:

I've read this story so many times today, I've almost got it memorized. So many things are wrong, I barely know where to begin.

1. The pre-Norse history is misleading. Tommy and Sam were victims of Urrea's malfeasance and it's just plain not fair to conflate them.

2. Mary Landesman was always a sales/marketing employee, not an engineering or product employee. Which means, rightly or wrongly, she was never going to gain as much access to the internal workings of the platform or of the data as she would have liked. She was also a remote employee, meaning she was never anywhere near enough to the inner workings of the team to justify her defamatory statements.

Some others have posted lamenting that they wish they had done more due diligence about Sam and Tommy before joining Norse... Well.. I joined Norse before _any_ of you, and I _DID_ do background checking on Sam and Tommy and several other people. I found Nexicon and Richard Urrea and the torrent snooper and the sketchy reverse mergers and all of it. All of it. Far more than Krebs even touched on. And in NONE of it, did I find any duplicity or complicity in Sam Glines or Tommy Stiansen. I would never have joined Norse if I had.

That's not to say Tommy isn't a paranoid and needlessly secretive monumentally abusive asshole. He is. It's not to say that Sam and Tommy (and many others) didn't blunder through a multitude of mistakes. Oh they definitely did. Definitely in far over their heads.

So many mistakes were made. Some of them by Sam and/or Tommy..Some of them by me.. Some of them by others. So many basic aspects of running a business and building a product were overlooked, business schools could make a course just on how frequently we managed to cock it up.

But I stand behind everything we built and everything we accomplished. No one has the data collection capability that we built. No one has the correlative, actuarial, data analysis capability that we built. And no one is able to do so, not just in real-time, but live, not even the 3 letter agencies.

I'm proud of that, more proud than any agenda-driven hit piece can ever hope to crush. Even with the insane, pedantic, childish, and sometimes abusive bullshit we all had to slog through, I WOULD DO IT ALL AGAIN.

The Norse technology continues to run, right?

Every business makes mistakes. Some mistakes hurt more than others. 

Yes it does. The technology is sound, and I stand by it... But the article isn't actually about anything except unverifiable insinuations

Yeah, it seems like the article is trying to make Norse look bad.

Brian Krebs's webmaster is taking too long to approve my comment there, so i'll put it here for posterity:

I have a few serious problems with this article.

Firstly, let me introduce myself to the others. I'm Jason Belich, former Chief Architect, first engineering employee of Norse, and the highest ranking person let go during the mass layoff. There are no ex-Norse employees more intimate with the core of the company than me, not even my friend Kurt, or other ex-Norsers who have posted here, Anthony and Bev.

I hope i've established my credibility w/r/t this story. Anyway....

1) conflating Nexicon/Urrea with Norse is fundamentally dishonest, not by you Brian, but by who's fed this to you.  Tommy Stiansen and Sam Glines were /victims/ of that debacle... just as much as we are victims of this one. Tommy himself met personal financial ruin, to the tune of several million dollars.

Imagine if you were a designer at GM and a drunk driver hit you with a car you designed, then after you finish therapy, you get into another unrelated accident and a bystander drags up your history as an automobile designer to insinuate that both accidents were really the result of your design, rather than the drunk driver.  That's what you've done here.  Not only is the info not relevant, but it's also /wrong/.

I did all of this research myself before I agreed to be hired onto Norse.  Since my interviews were at Tommy's house rather than an office, I made a point to perform extra due diligence. I even found things which had fallen off of public record and which wouldn't have been all that public to begin with: his military records, his intel history, his professional successes and failures, the famous events he was a part of directly and tangentally... none of it showed any dishonesty or impropriety on his part or Sam's.

2) Cylance is a competitor, not a partner of any kind. I remember when the their people came to the office.  They literally had nothing and they were far more interested in gaining access to our data, for free, for their own Iran report than anything about Sony or our findings.  Debate over the findings is fine, and totally appropriate, but complaints that we wouldn't give free data to a competitor isn't just ludicrous, but petty.  We gave all of our findings, including actionable evidence, to the FBI and the White House, and at their request, eventually shut down Kurt's PR campaign.

3) Mary Landesman is not a credible source.  She was employed by the sales/marketing team as a media tool, due to her blogging reputation, not as any sort of production employee. Her title was never anything more than an affectation, as no one on that side of the house was ever allowed access, rightly or wrongly, to core data or to production processes.  Every piece of data that she ever had access to was carefully curated, mostly by myself at Tommy's direction (again, rightly or wrongly).  

Also, being a remote employee, who never appeared in the office more than a handful of times, she never had any sort of pulse on the production teams nor the day-to-day operation of the company, nor anything other than the sales efforts. In short, this woman never saw the full story and isn't qualified to speak on it, and her uncovering of Tommy & Sam's previous failures is a poor substitute for reality, genuinely indicative of her professional skills, and additionally indicative of why the productive analysis, data, and engineering teams wanted nothing to do with her when she was hired.

What is genuinely frustrating about this story, is there is literally nothing in it about the actual problems and failures which led to Norse's current situation: /Why/ is Tommy Stiansen such a secretive bastard?  Why has Norse garnered so much hate? How did such a toxic corporate culture develop that caused so many former employees to want to speak out? What were the blunders which caused a finance underrun?

This story doesn't touch any of those real questions, let alone answer them.... and I /want/ answers to these questions. Literally no one is more damaged by these events than I am. I put in more time and work into building Norse than literally anyone else, including the CxOs or Sam or even Tommy.

I fucking want answers, and this article doesn't give me any.  It's just a bullshit hit piece full of insinuation and defaming quotes.


Well said, Jason. I guess it's unlikely we get answers?

Not from Brian Krebs

You May Also Like: