Welcome back to one of our favourite blog series, where a different member of the team is introduced on the second Monday of each month. In these posts, you can find out more about the hoodies behind Zerocopter!
This month, we have talked to our Technical Product Owner, Adrianus, who is responsible for listening to the wishes of the product owner and translating those into the tech language for the developers!
Please tell us a bit about yourself, who is Adrianus Warmenhoven?
I am just this guy, born in the 1970s.
I grew up before people had any digital things at home, but my father always repaired things. We never bought things like televisions because we just got broken ones and then repaired them. I spent many weekends in the company of my father repairing stuff, repairing the car, or soldering small electrical circuits.
Around the mid-1980s, I got my first computer, a ZX Spectrum. That absolutely changed my world. I could ‘pour’ myself into it. Well, whenever my brother did not have use for his small portable tv.
From that, things grew; I got more computers (I still have most of them in running condition) and my own monitor, got acoustic couplers and modems, and, well, kind of rolled into the 2600/BBS/internet communities.
Then I got to do a lot of fun things like building one of the biggest ISPs at the time, setting up one of the first ISPs in Africa (Tanzania), mucking around with Mwh batteries, doing extremely fun things with airplanes and airports, being CISO of a large dutch cybersecurity company, designing an anti-virus that millions of people are now using (and it doesn’t even compare half bad against the established brands) and now I am having a ton of fun at Zerocopter.
Describe your job title in a couple of words?
Sole ruler of the galactic empire. Oh, wait, my job at Zerocopter. That would be ‘Technical Product Owner’. Basically, I listen to what the product owner wants and translate that to technospeak for my developers.
What do you like about working as a Technical Product Owner?
My team is awesome, I have people from all over the world, and they all know what they are talking about. It is cool to work with people who know their trade.
How did you end up at Zerocopter?
Edwin and I danced around each other for some time. Due to one thing and another, at MCH2022, we decided it was the right time to do something together.
If you could trade positions with anyone in Zerocopter for a day, what would it be and why?
Nobody. I like all of my colleagues in their positions that they have.
What have you learned from working at Zerocopter?
How to buy more stuff that I do not need, but now really cheap and plentiful. But also, that there are people that let their whole being flow into keeping things secure.
What resources would you recommend to someone (new) in this industry/job function?
I have mentored quite a few people who have become more or less successful in their professional lives, and one piece of advice that I always give, no exception, is:
Learn to read RFCs. The internet standards. They are written by people who go through great lengths to write down things as unambiguously as possible, as concisely as possible. These RFC’s then going through multiple reviewing rounds before they become an actual standard.
And the reason I tell people to always start by trying to read RFCs (and better yet, try to implement one from scratch) is that you can get a feeling for why security is hard.
These texts, with all their care and pith, still have room for alternate interpretations. And when you read an RFC, you get a feeling for where a developer might have taken a wrong turn or just skipped an essential part because it was not in her use case.
And my second piece of advice: no tricks, no shortcuts until you ‘could’ do it entirely by hand. So no frameworks, no ‘Mr. Superwonderful business guy has said do things this way’ methods. Be an artisan first and understand your craft. Then replace your methods bit by bit with faster and more productive ways of working. But always understand what the output actually does.
When was the first time that you heard about the term “Bug Bounty” or “Coordinated Vulnerability Disclosure”?
Somewhere in the 1990s, I think. Netscape was a big player, and I think I read a Usenet post on something they did. But to be honest, I can not really remember. To me, these things just are part and parcel of an online company.
What is your favourite stereotype about the hacking industry and why?
Not a stereotype per se, but rather something I find very curious about the industry. The tendency to dehumanize our work, especially in the malware sector.
People act and study malware, viruses, and exploits as if they were entomologists and the malicious software of some newly discovered beetle that just crawled out of the jungle.
Security is about people fighting each other. It is about who is the most clever (not necessarily the smartest). It is an evolution of the ‘beating each other with a stick,’ but the sticks have evolved into a digital world encompassing incantations.
Face it, cybersecurity is just conflict-by-proxy with other human beings that can be just as smart as you, can be just as nice as you, that have families and friends and love. They just chose a path in life that makes them your opponent.
Do you have a (hacker)handle? And what is the story behind that name?
This persona does not have a hacker handle.
My handles changed over the years, and they always kind of reflected my style in doing things. My earliest one was a pretty hacktivistic one that reveled in the fight against large (in my eyes back then) wrongdoers.
At one company, a few people knew about that handle and talked about its exploits. The CEO wanted to know that handle and put a bounty of 1 BTC on it. I asked him to please retract that bounty because I am not alone nowadays, and I want nobody else to become doxxed because of what I did in my blunder years. He did because he was a nice guy.
I still have the email address associated with it, so if you think you know, send an email, and if you are right, I will verify it.
Any current handles would probably have a mental control connotation to them as I have grown older and possibly a bit wiser. But any such handle would not belong to this persona.
We hope you enjoyed the blog and got to know more about Adrianus. Stay tuned for the new blog in June, and find out more about the hoodies behind Zerocopter!
