In-depth interview: Felix Leder

24 Apr 2014 Leon van der Eijk

Felix Leder is the director for malware research at Blue Coat. Several malware analysis solutions, like Cuckoo box and Norman’s Malware Analyzer G2, have been initiated by and grown around him. After starting in the mobile space with companies like Nokia, he turned to his favourite field of research IT-Security. During the time he worked for Fraunhofer and the University of Bonn, he joined into researching botnet mitigation tactics and new methodologies for executable and malware analysis. The results were successful takedowns and a PhD. Felix Leder is a reverse engineer and tool developer by heart. He has given world-wide classes on malware analysis, reverse engineering, and anti-botnet approaches. Participants range from governmental institutions, financial & security industries, to military bodies. Read along to know more about him!

Tell us, why did you become a security expert?
Hmm, what does that mean “expert”? I just like to play and occasionally try to find out if stuff can be broken. There was never any intention to reach a specific skill level but rather the interest and drive for understanding security and its problems. It is all about wanting to learn more and trying to solve challenges.

And what will you talk about?
I will have something high-level and something low-level.
The public presentation will be about “Buzzwords”. The security marketing machine is very active at the moment. Companies come up with new terms just to be hip. Unfortunately, that confuses people more than it helps. I am talking about relevant “Buzzwords” and put them into context about what they really mean for our daily security operation.
If you want to go beyond buzzwords, then join my training on malware reverse engineering on Wednesday. It is very hands-on and will be plenty of fun.

What do you love the most being a security expert?
I don’t like the term “expert”. Everybody with passion and interest in how to break or secure IT systems is an expert. What I really enjoy about security in the never-ending cat-and-mouse game. For every detection, there is evasion. For every evasion, there is anti-evasion. And for every anti-evasion there is anti-anti-evasion, …
I love the constant challenges that come up. It requires a lot of out-of-the-box thinking and creativity.

So, what do you think the future security threats will be like?
We see that usability/convenience and security are often orthogonal goals. Fortunately, there are good initiatives and progress to try to bring these together, like we see around mobile platforms.
Unfortunately, they are not fast enough to keep up with technology development and the social implications. Attackers will always use this in form of social engineering or exploiting complexity. Who is really looking at App permissions?
The near future security threats will come from mobile devices. People want to use IT conveniently and everywhere. Tablets and smartphones allow that. But the flexibility they bring comes with a price. The price is the difficulty to control data access and the threats they carry with them.
What if you lose a tablet that has all major company documents on it?
What if your mobile phone is infected and records all you say in meetings?

And what is your best tip for (upcoming) security professionals today?
Enjoy what you are doing and never give up on challenges. If you don’t know where to start, find a group like-minded people and simply join an open project. The Honeynet Project is a great place to start for that.

Last question, maybe a little subjective, why should people come to orsponsor the upcoming (and awesome) HP workshop in Warshaw?
The Honeynet Project consists of a very diverse group of people interested in security. From psychologists to reverse engineers - everybody will be there and there will be great discussions around current and future security challenges. And the best is that it is not just theoretical but will result in new tools and initiatives.