Select Page

Last week, CastleCops celebrated its 5th anniversary. This was widely covered on the web, and the event even included a writeup in the Washington Post’s Security Fix blog.

I want to join everyone else in congratulating CastleCops on their anniversary. But I thought I would add a few comments on the people behind CastleCops: The husband and wife team of Paul and Robin Laudanski.

P1010112I first got to know them both a couple of years back when CastleCops took on the task of managing our consumer forums for Kerio and Counterspy. This was just around the time that Paul decided to quit his full-time job and do CastleCops with all of his energy.

I had many of the legendary “Paul and Robin” teleconferences, where Robin and Paul alternately finish each others thoughts. It’s something one has to experience, and it shows how extraordinarily well-matched this couple is. I have rarely met a couple more totally compatible with each other. And what parents they are — their son Peyton is lucky to have them (and another child is on the way!).

Later, Paul and I started PIRT, a volunteer group dedicated to taking down phishing sites. Paul later evolved PIRT to become MIRT — the Malware Incident Response and Termination group. MIRT broadens the activities of PIRT to the takedown of actual malware sites, along with sharing of malware samples with vetted security companies and researchers. (They also submit results to VirusTotal, and what they now have is a kind of running tally as to the effectiveness of antivirus engines against new threats.*)

Now here’s the truth: We may have started PIRT together, but the whole operation has been Paul and Robin’s and they ran with it with such incredible enthusiasm and gusto that they have both earned my life-long admiration.

CastleCops is the kind of organization that would make some web 2.0 MBA-type all atwitter with glowing palaver about community, etc. But Paul and Robin (while I’m sure they’d never reject having big bucks) aren’t in it for the money. They are passionate about security and helping people. The amount of personal time and energy Paul has put into PIRT’s back-end systems, without any compensation, is something to behold.

Paul and I have had some memorable experiences together, like the incident that got us talking about starting PIRT — a takedown of a phishing site hosted on a financial company’s website where the contact at the company (a mindless idiot) told both of us that she could not track the responsible person down (apparently, the responsible person had given her strict orders not to contact him when he was offsite). When I blogged the incident later, one of the partners of the company complained of defamation.

Or the memorable late-night incident where a truckdriver in Miami (who barely spoke English) had a phishing site on a server that he hosted in his home office (some local guy, “Ernie”, had set it up for him, the truckdriver himself was computer illiterate). This fellow, who was very nice and well meaning, believed that phones were objects that were yelled into at the highest possible decibel (“OK I GONNA GET ERNIE TO FIX IT RIGHT AWAY BUT CANNO REACH HIM!!). Hearing Paul patiently explain how to hack into the server (the fellow didn’t know the user name or password) was an object lesson in the art of patience. However, after endless aggravating instructions, we finally said “TURN OFF YOUR SERVER”. That fixed the problem at least for the night until “Ernie” could show up (and it was yet another example of a poorly maintained Apache configuration).

Paul, who majored in math, is the sharp engineer behind CastleCops. But Robin is the “iron fist in a velvet glove”. I remember Robin telling me matter-of-factly how she drove from Western Canada in the middle of winter to Pennsylvania, alone and with something like $25 to her name. And when she takes a stand, watch out. I really do feel sorry for those people who try to get away with things with Robin watching.

So to Paul and Robin: Congratulations. And to the rest of all the CastleCops volunteers, thank you for all your help. The work you do for the community is extraordinary and well worthy of praise in itself.

Alex Eckelberry
* Before I get complaints, I have to put in the disclaimer that VirusTotal results are not the be-all-and-end-all of judging effectiveness, as they do not take into account what a fully-fledged AV product would do. The results are merely one type of way to test AV engines.