FeedI’m Spencer. This is my site where I post things about stuff. You probably came to this site either looking for an answer to a question or looking for me. If you are looking for an answer I hope you find one. If you are looking for me I’m not here right now, leave a message. I encourage you to comment in my blog, respond in your own blog with trackbacks and pingbacks, or send me an email using the footer of each page.
Meanderings About Me
Personally
I’m Spencer Shimko and this is my site. Most of the time I’m off doing other things. I enjoy music, games (board and video), cars, power tools, and new gadgets. I enjoy debating about pretty much anything. I’m not always right. I keep forgetting about hobbies I really enjoy like making music and the visualization project I’ve been meaning to start for years. I know I have the time for these things but I just can’t remember where I put it. I’m color blind (Deuteranopia or strong Deuteranomalia). I love being challenged intellectually. What really surprises me is how little I know about the things I know the most about. I’m interested in pretty much all aspects of computer security and that spills over into my job.
I was pretty much raised in Catonsville, Maryland, outside of Baltimore City. I now live and work in Columbia, Maryland.
Professionally
I started learning DOS when I was old enough to type. I remember my first UNIX shell account on one of JHU’s Solaris servers in the early 1990s. Back in 1994 or 1995 I downloaded and installed Slackware and I’ve been using Linux in one way or another ever since. Graduated college. Got a job in computer security field.
I’ve had the pleasure of work with Tresys Technology for over five years. We contribute to the open source security community, do some research and development, we are deeply involved in the development of SELinux, and have a few products we’ve developed along the way.
Working in a small company offers great role flexibility and has exposed me to amazing variety of tasks. On any given day I could be working on security architecture development, research, coding, technical writing, security consulting and assessments, and I even get out of the office and do a decent bit of technical sales since I’m rather sociable. I’ve been managing our internship program for about a year and I’m technical lead (systems engineer) on a few projects.
While not everything I’ve worked on has been made public here are some things I’ve been participating in at Tresys that have been put in a public forum:
-
2005
-
2006-2007
-
2008
-
2009
-
2010
- SETools
- TBA
I will post about things I am interested in here. Some of this may be on the subject of computer security in which I have both a personal and professional interest. Keep in mind that it is my personal site. It is not endorsed, sanctioned, reviewed, or enjoyed by my employer. If you’re a moron little slow and can’t tell, these thoughts are my own, not my employers. I don’t run these posts by my employer. I will never work somewhere that required pre-pub review for personal interest blog entries. If you’re going to respond to a post or rant that appears here take that into account.
Professional Resources
I’m starting to gather my professional references and resources here. I’ll start pulling in papers, presentations, etc as time goes.
- Patent describing a method for creating and managing co-operative Mandatory Access Control policies in network environments.
- Patent describing a method of constructing a secure Inter-Process Communications channel using Mandatory Access Control.
- Two additional patents in the field of mandatory access control have been submitted and are pending public release from the USPTO. I’ll post a link when they reach that phase.