About Kromey

• CV
• LinkedIn

I solved my first cipher when I was 8. Well, that probably wasn’t the first such puzzle I completed, but it was the one that ignited my interest in encryption. I was simply fascinated, as I’m sure many kids are, with the idea of secret messages that nobody else could read, and with reading the secret messages I wasn’t supposed to! I learned what I could about Vigenère and Caesar Box ciphers, and even invented a couple myself (although I wouldn’t want to rely on them as anything more than mere toys).

Eventually, though, I became less interested in the methods themselves, and more interested in their application and proper use. Over time, that grew into a passion for security in general. So while I could still implement a Diffie-Hellman key exchange, for example, I’m much more interested in how that could be used to implement perfect forward secrecy or end-to-end encryption in applications like HTTPS or Signal to protect data in transit.

Of course, even the best encryption fails with poor key management. Which is why I am always keeping up with the latest trends in password use; in fact, within just a few months of NIST releasing their updated password guidance, I pushed for and then implemented a new password policy in line with those guidelines. It’s also why I was the only one willing to step up and say “No” when a vendor asked for our wildcard TLS certificate to be emailed to them – along with the password for the private key!

There’s so much more to security than just encryption; that was merely the initial draw for me. Today my personal network uses segmented subnets and VLANs to isolate guest and IoT traffic; my firewall limits traffic flow and even performs some basic IPS functions; and my DNS server blocks any attempts to contact known C2 and other malicious servers. All because security truly is my passion, and there’s always more to learn.

Specialties: Firewalls, iptables, Python, PowerShell, Linux, Bash