May 11, 2011, 9:59 AM — Remember HBGary, the security firm that was publicly spanked by Anonymous, given a nuclear wedgie, and stuffed inside its own gym locker? They’re baa-aack. And they want you to like them.
I got an interesting email last night from Jim Richards, Learning Programs Manager for HBGary. It appears his employer wants to untarnish its reputation by offering free security tools to the public “as part of HBGary’s ongoing initiative to give back to the community.”
The first tool was made available today: AcroScrub, a utility that scans enterprise networks looking for old and vulnerable copies of Adobe Acrobat Reader. A couple of quick thoughts:
1) The name. Did they really have to make it sound like a teen acne cleanser?
2) Maybe this is a useful tool for enterprises, I don’t know. As for me, my various copies of Acrobat update themselves at least every other day. It's kind of maddening. I’d rather have a utility that updates Acrobat without nagging me all the time.
[ See also: Did Anonymous hack Sony? Baloney. ]
It gets better – or worse, depending on your point of view. To get AcroScrub you must first set up an account with HBGary. That means giving them your name, corporate affiliation, location, email, and cell phone number. They use the cell number to send you a confirmation code via text, which you have to enter into the Web form before you’re given access.
All just to download a free software utility so HBG can “give back to the community.”
OK, pop quiz: How many of you out there have ever had to hand over your mobile number, a relatively static ID unique to your person, just to get a piece of free software? Anyone? I didn’t think so.
HBGary is saying essentially, “we’re good guys, trust us.” If you’ve followed the whole HBGary/Anonymous saga, you know why that’s a bad idea. Here's a quick recap.
* Last February, HBGary Federal CEO Aaron Barr boasted to the Financial Times that he had identified key members of "Anonymous," that shadowy band of Internet prankster vigilantes. One of his techniques: befriending the Anons using fake Facebook profiles.