About me (Ron)

Welcome to SkullSecurity! This “about” page was last updated February 9, 2023. That might be really recently, or forever ago - I tend to update this page on a glacial scale. I guess it doesn’t change much. :)

You can see the whole site on Github. If you’re interested in contributing, let me know - I’m happy to take guest posts from folks in the community, but I’m not doing sponsored content. Never have, never will.

February 9, 2023

In December 2006, I registered this domain name. Why? For a Shadowrun campaign! We had a crew called “SkullCorp”, who used a chrome-plated skull as their trademark. We had a wiki here, where we tracked the status of our game world. Apparently we had a forum, as well, administrated by an old friend who went by Inscandescent. Unfortunately, all the contents are lost down the memory hole so far as I can tell.

In 2008, I decided to set up a homestead online (remember Geocities?), so I repurposed this as a blogging and wiki platform, for my group of security-nerd friends back in Winnipeg. I wrote about the open source work I was doing, published tools, and encouraged others to do the same. While I did get some guest posts over the years, it mostly ended up being my baby.

I worked for the Province of Manitoba in the late 2000s and early 2010s, where I got to do a lot of open source work and really enjoyed writing about it. That got me a gig at Tenable, where I continued to blog, with permission. Looking back at some of them, I probably published more information than I should have. I didn’t get in trouble back then, so let’s just keep that quite.

After Tenable, I started consulting at Leviathan Security Group, and suddenly my ability to write about my work cratered - I can hardly write about customer work! So through working at Leviathan, then Google, then Counter Hack, I couldn’t really write about what I was doing!

From 2017 and onwards, I ran the BSides San Francisco CTF, and ended up using the blog largely for writeups. It’s the safest thing to post, really, since it has nothing to do with my normal work.

Then, in 2022, I started at Rapid7 as a Security Researcher. Suddenly, I was doing work in the public eye once again and my personal platforms were at least somewhat in-game. During my Christmas break in 2022, I ported my blog off of Wordpress and made it into a Github Pages site as well, with a theme I hacked together from the free Wordpress theme I was using.

In 2023, I started working on moving all my other sites / pages to this same platform. Since I’m writing this in February/2023, that’s not done yet. I just added the pages folder, and I’m going to figure out how to move over the Wiki and other stuff, then finally shut down the old server once and for all.

I’m going to include the original About page and original updates below, because they still amuse me.

Original About Page

Welcome to SkullSecurity! If you’d like to email me, I’m ron-at-skullsecurity-dot-net.

I registered “skullsecurity.org” (along with .net and .com) a couple years ago, to host the site for a Shadowrun campaign that ended up with the same name (that’s a long story, but maybe I’ll tell it some day!). When I created it, I knew it’d be an awesome name for a security site or group or whatever, so I told myself that someday, I’d create a blog there. And here we are.

This blog is, as the tagline (currently) says, “just another security weblog”. I’ve been in the security field for awhile now, and am doing some work that I consider interesting, and thought I’d start sharing it. If you want to know what I’m working on, or what I do for fun, or what I need to access later, check out my wiki.

Anyway, with that aside, a little about myself. My name is Ron Bowes, I’m

24 25 26 27

38 (wow, what a gap in updates) and have a Bachelors of Computer Science (honours) from the University of Manitoba. I have a bunch of expired certifications, I’ve worked at big companies (like Google), moved from Candada to the US, and have had a pretty cool life.

These days, I do consulting for Counter Hack. I can’t write as much as I used to, since most of the work I do is customer-facing, but I do write an actual Capture the Flag challenge (for BSides San Francisco), so I try to spend time writing about that.

I cut my teeth, security-wise, on reverse engineering games for Battle.net, for the purposes of writing emulation bots, non-malicious hacks/plugins, and just plain educational tinkering. To my knowledge, I’m the first to have publicly released code for Warcraft 3 SRP, the Lockdown Modules, and Warden. One of my favourite things I wrote for Battle.net, in my programming infancy, was a Message Spoofer, which would allow users to send various control characters in their messages for effects like colours and alighment. To my knowledge, it was the first and only program that specialized in message spoofing.

My work in late 2008 and all of 2009 revolved around Microsoft’s NetBIOS and SMB (aka, CIFS) protocols. Using a fantastic book called Implementing CIFS, by Christopher R. Hertel, I learned how Windows systems talk to each other, on a low level, and how I can manipulate this to assist penetration testers. I wrote a large collection of Nmap scripts to take advantage of this protocol in some interesting ways. You can find lots of blogs on this site about them.

Updated on January 1, 2010

2009 was the first year I participated significantly in the security community. I met a lot of well known folks at Defcon in Vegas and gave my first real presentation at Toorcon in San Diego. I also finished SANS 504 and, toward the start of 2010, started learning the DNS protocol in detail and writing some tools for cute DNS tricks. You can look forward to some blogs about DNS coming up, and hopefully 2010 will be another great year!

If you have any questions, feel free to email me or post a response here!