On Proof: A Confession about Satoshi?
The monster paragraph below, which is titled “On Proof”, was taken from a website/blog I found while searching for a paper authored by CSW. The site I found appears to be some sort of confessional-tell-all CV authored by CSW to prove his identify. The text doesn’t prove anything about CSW’s work in bitcoin if true, but its possibly relevant to his ability to design bitcoin, his overall genius, and credibility. I have no position on whether Craig Wright is Satoshi at the moment.
I have no information about whether the wall-o-text contains anything true, who runs the site I found, or what the site is exactly. However, the text-wall contains plenty of info about CSW that can be cross-checked with official records.
In addition to the text (the wall is his, not mine), I’ve provided a link to the site, taken and an imgur album of my screen-captures. Some of the pictures show the browser tabs I had open when they were taken for time-stamping purposes.
WARNING. There is a downloader thing on the site, and I’m not sure about the funky URL. Be careful if you do visit.
http://bvde.cba.pl/9178.html (Text below)
It seems that I have to do this every couple years and each time it is generally worse as I have added to the list. In recent months I have been causing trouble again and as such there are always those who choose not to believe me or to engage in an attack on my character as a solution to not addressing the issue at hand. Let us start with career and that I am the VP of GICSR in Australia. Other than using an email address at GICSR, I am listed on the board as a director. Next, I am a trustee with the Uniting Church Trust Fund and am otherwise involved with the UC. That is me on page two of the funds newsletter where I had been accepted in the appointment.
I have shaved, but it is still me in the photo. My role at Charles Sturt University is noted below and I have staff ID 11293457 if you want to actually check that. On certifications. I hold the three platinum certifications GSE, GSE-Malware and GSE-Compliance from GIAC.
I will add my SANS/GIAC certs. I have more than any other person globally (not a boast, it is a fact). This is 37 Certs from GIAC alone. Click the link if you do not believe me. The answer is not just to believe this, validate it. All up, with Cisco and others I have over 100 certifications. Now, do you really care if you believe the total? Not really, and does it matter, not really. Some of those will start to disappear as I cannot maintain them and actually have a life anymore.
I have 27 recertification’s next year that I will do at a cost of over $11,000. I will let some lapse. Degrees and more I am not going to cover all of my degrees any more. I will not discuss more than post graduate and a list of the papers associated with my doctoral work and I will simply cover those related to my profession here. I will not discuss my role as a lay pastor or theology degree other than face to face and only whit those I choose to discuss it with.
There is enough to know I am involved with the Uniting Church and I am not here to convert people. If you are an atheist, that is your choice and I will not try to sway you at all. The thing is, atheism is also a belief. It is not and cannot be proven with science and hence is in a way also a religion even if in the negative. I do not wish to debate this (unless it is face to face, I like you and there is wine involved). If you are not happy with my post graduate qualifications, adding undergraduate qualifications right down to the associate degree level will add little. Then, does my having an Associate degree in Science (Organic Chemistry, Fuel sciences) add anything to my role in digital forensics and information security. If you really want to know what these are, there are old posts that searching will eventually uncover. As for the bio and claim that I am “a perpetual student with numerous post graduate degrees including an LLM specializing in international commercial law and ecommerce law, a Masters Degree in mathematical statistics from Newcastle as well as working on his 4th IT focused Masters degree (Masters in System Development) from Charles Sturt University where he lectures subjects in a Masters degree in digital forensics. He is writing his second doctorate, a PhD on the quantification of information system risk at CSU.” Charles Sturt University The masters degrees from CSU are: MMgmt(IT) – Masters of Management (IT) MNSA – Master of Network and System Admin MInfoSysSec – Master of Master Information Systems Security MSysDev – Master of System Development (nearly complete… I am just running out of subjects to do at the University. I even needed to take one where I was the author of the text just to have the credit points).
year I complete my second doctorate. I also have two other Masters degrees not from CSU (the 4 they note in the link are those listed above), a Masters in Statistics (Newcastle AU) as well as a Masters in Law (Northumbria, UK). I am also doing the SANS Masters degree and have one more thing to complete this. That will give me 2 doctorates, 7 masters degrees and 8 other degrees. It is not too difficult to check that I am enrolled in the MSISE at the SANS Technology Institute (Master of Information Systems Engineering). Other than having presentations on the site (see this link) it would be crazy for me to state this. I have 37 GIAC certifications (which is most of either of the STI masters degrees. If I was to misrepresent my status at SANS/GIAC, the ethics policy means I will lose them all. So, first it is simple to actually check AND I have too much to lose in lying.
I do this every couple years. Here is a link to a past time I had to do the same. Northumbria University I completed a Masters in Law in a UK based University. This is: LLM Northumbria – Master of Law (International Commerce Law, Ecommerce Law with commendation). PG Diploma in Law My dissertation was on “Internet Intermediary Liability”. I received a commendation. If you need to check, I had Student Number: 05024288 Newcastle University MSTAT – Master of Statistics I was student number 3047661 at the University of Newcastle here in Australia. My thesis that I wrote to complete this degree was on “The homogeneity of Variances”. I analysed and tested many of the common statistical methods used in homogeneity tests in statistics (such as the Levene tests). Why? The links are associated with universities and others, so it is not too difficult to check me out. I am not stopping you.
The only thing I do not wish to discuss openly is my role with the Uniting Church. My theological belief is one of the few things that remains personal and more than the stuff the church posts publically about me (which I attempt to minimise) I will not discuss. If you believe that my trying to maintain one personal and private thing in my life means I am lying, believe as you will. It does not impact my chosen career in information security and nor does it detract from this. Contrary to the believe structure some hold, one CAN be a doctor of the church as well as a scientist. Religion and Science do not overlap and nor should one seek to make them do so. We can never prove nor disprove the existence of any religion or other spiritual belief structure. This is why I also preach tolerance. I believe I am correct as far as I can be (and that is about zero as the human mind is too small to comprehend the infinite in any extent and any person who tells you differently is a liar or a fool). I comprehend and believe in my way, others in their own. Is Islam, Catholicism, Judaism etc right? Yes and no. Am I right, yes and know. Basically, we see a small aspect of the infinite and that is all we ever will. We can be right and wrong at the same time and will never be completely right as we cannot hold the concept of an infinite in our heads (and I have studied large number theory). In a way, I hate having to do this each few years. In this, I have scratched the surface of what I have done and that leaves many in disbelief. That stated, I fail in humility for this as well as other reasons. On Sanity I guess that the final aspect of this is on sanity. I have been accused of being insane for doing all I do. To take a quote from one of my doctoral supervisors: “Craig, you have a doctorate, why on earth would you want to go through this again. It is insane.” I love study. I can do it and I am good at it. I do not need to do formal study, but I like it. I enjoy the structure. I like the process and it means that I do more. I do not watch sport (I do play sport but there is a distinction) and I do not watch TV. Formal study is MY form of relaxation. To those people (usually without degrees) who keep attacking me and saying I cannot have done this, I offer you the chance to validate all of it. Now, the answer is that you can do something. Instead of engaging in an exercise designed to cut down tall poppies and to attack those who have done something, why not do something yourself? I will (and have in the past) helped others. I will do this for nearly anyone (none of us are not perfect and that includes me). There are ways that anyone can study these days. In fact, I am more than happy to help all I can to have people achieve this. Instead of attacking the character of others you see as frightening (and this really is what this is about), how about you spend the time doing a qualification yourself? Really, my email is public. I keep offering, instead of attacking the accomplishments of others, add to your own. I offer this and from time to time, people take me up on it. This is, I offer to help others improve their education. Not for money, not for fame, but as I want to have a better aware and education world. In this, I also benefit as a more educated (practically) world is one that will have fewer (though always some) issues and which could be more tolerant. Certification and membership numbers A limited subset of certifications I hold is listed below: CISSP # 47302 (ICS)2 Certified Information Systems Security Professional ISSMP # 47302 (ICS)2 Information Systems Security – Management Professional ISSAP # 47302 (ICS)2 Information Systems Security – Architecture Professional CISA # 0542911 IS Audit and Control Association – Certified Information Systems Auditor CISM # 0300803 IS Audit and Control Association – Certified Information Security Manager CCE # 480 ISFCE – Certified Computer Examiner ISSPCS # 051 International Systems Security Professional Certification Scheme MCSA # 3062393 Microsoft Certified Systems Administrator MCSE # 3062393 Microsoft Certified Systems Engineer MCSE # 3062393 Microsoft Certified Systems Engineer (Mail) MCSE # 3062393 Microsoft Certified Systems Engineer (Security) MCDBA # 3062393 Microsoft Certified Database Administrator MIEEE # 87028913 Member IEEE AFAIM # PM133844 Associate Fellow Aust Inst. Management (lapsed now as I have been culling memberships – they cost too much to maintain) MACS # 3015822 Senior Member Aust Computer Society GIAC… NOT ALLL GSE-Compliance #0001 [Platinum] GIAC Security Compliance (GSE-Compliance) GSEC # 10506 [Gold] GIAC Security Essentials Certification (GSEC) GCIH # 06896 [Silver] GIAC Certified Incident Handler GCIA # 02913 [Silver] GIAC Certified Intrusion Analyst GCFW # 01891 [Silver] GIAC Certified Firewall Analyst GCWN # 01234 [Silver] GIAC Certified Windows Security Administrator GAWN # 00894 [Silver] GIAC Assessing Wireless Networks GCUX # 00587 [Silver] GIAC Certified UNIX Security Administrator GNET # GIAC .Net GSLC # GIAC Security Leadership Certification GHTQ # 00368 [Silver] GIAC Cutting Edge Hacking Techniques G7799 # 0039 [GOLD] GIAC Certified ISO-17799 Specialist (G7799) GCFA # 0265 [GOLD] GIAC Certified Forensics Analyst (GCFA) GSNA # 0571 [GOLD] GIAC Systems and Network Auditor (GSNA) GSAE # 00141 [Silver] GIAC Security Audit Essentials (GSAE) GLEG # 0006 [GOLD] GIAC Legal Issues (GLEG) GLEG Incorporates GIAC Business Law and Computer Security (GBLC) GLEG Incorporates GIAC Contracting for Data Security (GCDS) GLIT GLEG Incorporates GIAC Legal Issues in Information Technologies (GLIT) GLFR # 0016 GIAC Law of Fraud (GLFR) GREM # 0586 GIAC Reverse Engineering Malware (GREM) GPCI # 0086 GIAC Payment Card Industry (GPCI) GSPA # 0101 GIAC Security Policy and Awareness (GSPA) GLDR # 0101 GIAC Leadership (GLDR) GWAS # 0535 GIAC Web Application Security (GWAS) GIPS # 0036 GIAC Intrusion Prevention (GIPS) SSP-MPA # 0416 Stay Sharp Program – Mastering Packet Analysis (SSP-MPA) SSP-GHD # 0246 Stay Sharp Program – Google Hacking and Defense (SSP-GHD) SSP-DRAP # 0171 Stay Sharp Program – Defeating Rogue Access Points (SSP-DRAP) Papers / Publications: Peer Reviewed Papers Right now, I have a further 8 papers in peer review. The following are all accepted and/or published. 2012 (Accepted) 1. Wright, C. (2012, February). Hacktivism, terror and the state: The Importance of Effectively Enforcing Cyber Security Legislation. Paper to be presented at the 10th Anniversary National Security Australia Conference. 2011 2. Wright, C. (2011, December) Who pays for a security violation? An assessment into the cost of lax security, negligence and risk, a glance into the looking glass. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering. . 3. Wright, C. (2011, December) Current issues and liability facing Internet Intermediaries. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering. 4. Wright, C. (2011, December) Criminal Specialization as a corollary of Rational Choice. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering. Wright, C. (2011, December) A preamble into aligning Systems engineering and Information security risk measures. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering. 5. Wright, C. & Via, T. (2011, December) Modeling System Audit as a Sequential test with Discovery as a Failure Time Endpoint. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering. 6. Wright, C. (2011) “Exploiting format Strings with Python” Hakin9 7. Wright, C. (2011) “More Exploits with Python” Hakin9 8. Wright, C. (2011, September)Of Black Swans, Platypii and Bunyips. The outlier and normal incident in risk management. Paper presented at CACS2011 Australia. 9. Wright, C. & Zia, T. (2011, July)Compliance or Security, what cost? (Poster)” Australasian Conference on Information Security and Privacy. 10. Wright, C. (2011) “A comparative study of attacks against Corporate IIS and Apache Web Servers” Sans Technology Inst, USA 11. Wright, C. (2011) “Rationally Opting for the Insecure Alternative: Negative Externalities and the Selection of Security Controls” Republished and extended Paper, Sans Technology Inst, USA 12. Wright, C. (2011) “Rationally Opting for the Insecure Alternative: Negative Externalities and the Selection of Security Controls” Republished and extended Paper, Sans Technology Inst, USA 13. Wright, C. & Zia T (2011)”Rationally Opting for the Insecure Alternative: Negative Externalities and the Selection of Security Controls” CISIS Spain 14. Wright, C. & Zia T (2011)”A Quantitative Analysis into the Economics of Correcting Software Bugs” CISIS Spain 2010 15. Wright, C. (2010) “Software, Vendors and Reputation: an analysis of the dilemma in creating secure software” Intrust 2010 China 16. Wright, C. & Zia T (2010) “The Economics of Developing Security Embedded Software” SecAU Australia 17. Wright, C. (2010) “The not so Mythical IDS Man-Month: Or Brooks and the rule of information security” ISSRE USA 18. Wright, C. (2010) “Packer Analysis Report – Debugging and unpacking the NsPack 3.4 and 3.7 packer.” Sans Technology Inst, USA 2009 19. Wright, C. (2009) “Effective Patch Management – Saving Time and Getting Better Security” MISTI USA 20. Wright, C. (2009) “Database Auditing” Testing Experience, Germany 21. Wright, C. (2009) “SaaS Security” MISTI USA 22. CISecurity (Multiple) (2009) CIS BIND Benchmarks” Centre For Internet Security, USA 2008 23. Wright C, Kleiman D & Sundhar R.S. (2008) “Overwriting Hard Drive Data: The Great Wiping Controversy” Lecture Notes in Computer Science (Springer Berlin / Heidelberg) 24. Wright, C. (2008) “Detecting Hydan: Statistical Methods For Classifying The Use Of Hydan Based Stegonagraphy In Executable Files” Sans Technology Inst USA 25. Wright, C. (2008) “Using Neural Networks” Google 26. Wright, C. (2008) “Ensuring secure data transfer and data sharing” DQ Asia Pacific 27. Wright, C. (2008) “Record and Document Destruction in a Digital World” IT Security World, USA 28. Wright, C. (2008) “Managing Security in a Global Company” IT Security World, USA 29. Wright, C. (2008) “A Quick and Nasty overview of finding TrueCrypt Volumes” Sans Technology Institute 30. Wright, C. (2008) “Exploring Data Visualisation” Strategic Data Mining 31. Wright, C. (2008) “Statistical Methods to Determine the Authenticity of Data” CACS2008, Au 32. Wright, C. (2008) “Text Data Mining, the future of Digital Forensics” Hex Journal USA 33. Wright, C. (2008) “Compliance, law and Metrics: What you need to meet and how you prove it” SANS ACT 34. Wright, C. (2008) “Current Issues in DNS” Sans Technology Inst, USA 35. Wright, C. (2008) “Advanced Methods to Remotely Determine Application Versions” NS2008 LV, USA 36. Wright, C. (2008) “An in-depth review of the security features inherent in Firefox 3.0 Compared to IE 8.0” iDefense, USA 2007 37. Wright, C. (2007) “The Problem With Document Destruction” ITAudit, Vol 10. 10 Aug 2007, The IIA, USA 38. Wright, C. (2007) “Requirements for Record Keeping and Document Destruction in a Digital World” Sans Technology Inst, USA 39. Wright, C. (2007) “Electronic Contracting in an Insecure World” Sans Technology Inst, USA 40. Wright, C. (2007) “The Problem with Document Destruction” IRMA UK (Republished) 41. Wright, C. (2007) “Ethical Attacks miss the point!” System Control Journal ISACA 42. Wright, C. (2007) “Where Vulnerability Testing fails” System Control Journal ISACA 43. Wright, C. (2007) “Application, scope and limits of Letters of Indemnity in regards to the International Law of Trade” Internal Publication, BDO Aug 2007 44. Wright, C. (2007) “UCP 500, fizzle or bang” Internal Publication, BDO July 2007 2006 45. Wright, C. (2006) “Port Scanning A violation of Property rights” Hakin9 46. Wright, C. (2006) “A Taxonomy of Information Systems Audits, Assessments and Reviews” SANS Technology Inst USA 47. Wright, C. (2006) “RISK & Risk Management” 360 Security Summit AU 48. Wright, C. (2006) “A QUANTITATIVE TIME SERIES ANALYSIS OF MALWARE AND VULNERABILITY TRENDS” Ruxcon AU 2005 49. Wright, C. (2005) “Analysis of a serial based digital voice recorder” Published 2006 SANS Technology Inst USA 50. Wright, C. (2005) “Implementing an Information Security Management System (ISMS) Training process” SANS Darling Harbour AU 51. Wright, C. (2005) “Beyond Vulnerability Scans — Security Considerations for Auditors” ITAudit, The IIA, USA 52. Wright, C. (2005) “PCI Payment Card Industry Facts” Retail Industry journal, July 2005 2001 53. Multiple Authors (1999) “Windows NT Security Step by Step” SANS Technology Inst USA 2000 54. Ashbury A & Wright, C. (2000) “DNS Security in Australia” Net Security, June 2000. 1999 55. Wright, C. (1999) “A Comparative analysis of Firewalls” in “The Internet Hot Sheet” ATT Sept 1999 Books / Book Chapters 1. Wright, C. (2008) “0123456789The IT Regulatory and Standards Compliance Handbook: How to Survive Information Systems Audit and Assessments0123456789” Syngress USA 2. Litchko, J; Lang, D; Hennell , C; Wright, C & Linden, M V (2011) ““0123456789Official (ISC)2 Guide to the CISSP(R)-ISSMP(R) CBK0123456789” CRC Press, ISC2 USA 3. Kleiman, D; Wright, C; Varsalone, V& Clinton, T (2007) “0123456789The Official CHFI Study Guide0123456789” (Exam 312-49) (Paperback)” Syngress, USA 2007 This book is used as a text for ITE-513 at Charles Sturt University 4. Multiple Authors (2009) “0123456789Cisco Router and Switch Forensics: Investigating and Analyzing Malicious Network Activity0123456789”, Syngress Press 5. Multiple Authors (2009) “0123456789Mobile Malware Attacks and Defense0123456789”, Syngress Press 6. Multiple Authors (2008) “0123456789Check Point NGX R65 Security0123456789” Syngress, USA This book is used as a text at Charles Sturt University 7. Multiple Authors (2008) “0123456789Mobile Malicious Code0123456789” Syngress, USA 8. Multiple Authors (2008) “0123456789Best Forensic Book0123456789” Syngress, USA In 2012 the following book will be published by Taylor Francis Academic press: SCADA Security. I am the author of the Forensic chapter Chapter 16: Forensics Management