Who are you?

I'm just this guy, you know?

What do you want?

Peace on Earth and good will to all men. Up to a point, obviously.

In your latest book in Chapter 4: Pharma Karma you state the following: "This chapter makes vague mention of a technology called Hard Disk Firewall but doesn’t refer to it by name. The reason for this is not to subject my publisher to legal liability. However, the technology is described in great detail on my website at www.wilallsopp.com if you’d like further information." What's that all about?

That section was excised because corporate lawyers don't want publishers to get sued. For the full story follow the link above entitled The Abatis HDF Fail.

But didn't Abatis win the "Most Innovative Product of the Year" at the 2015 Cyber Security Awards?

I once won the prize for "Most awesome guy in the universe" by some guy I met down the pub. So what? The opinion of a room full of idiots carries no more weight than one idiot. The so-called "Cyber Security Awards" are run by a company called Tatius who are also a boutique dating agency - could you make it up? Yes, but there's no need. They are not taken seriously in infosec either in the UK or elsewhere. Here's a list of the judges from 2015 though - not seeing anyone qualified to do anything but listen to marketing (which is of course exactly what happened).

Samantha Sanderson – Cyber Security Small Business Champion, tech UK Cyber Connect UK Programme

Mark Brown – Executive Director Cyber Security & Resilience, EY

Malcolm Brooke – Managing Director Head of Shared Services Operations Risk, Business Continuity and Technology Risk, Credit Suisse

Wayne Grundy – Managing Director Cyber Practice, Alvarez & Marsal

Karla Jobling – COO, BeecherMadden & Tatius Group (!)

Marco Morana – Member of the Board of Directors

Malcolm Tuck – Director Strategic Alliances Europe & Board Member, Kaspersky Lab

Karl DiMascio – Managing Partner, Executive Risk Magazine

Duncan Hine – Senior Research Fellow, University of Warwick

Neira Jones – FBCS, MSc, Chairman Global Advisory Board, Centre for Strategic Cybercrime & Security Science

I pre-ordered a copy of your book Advanced Persistent Threat Modelling but now it's not available, what gives?

Advanced Penetration Testing published by Wiley was originally going to be published under the title Advanced Persistant Threat Modelling by O'Reilly Media. However, Tim O'Reilly decided after being in possession of eight and a half chapters that it was too controversial a text for him. Wiley (being a much better publisher anyway and having published me in the past) picked up the manuscript, dusted it off and made it available in the current format.

For historical reasons though, this is what the cover would have looked like had Timmy not cancelled the project at the eleventh hour:


It's got a scorpion!

Should I acquire a copy of Abatis HDF and break it?

Getting hold of it is a fun social engineering exercise as they're very paranoid and you'll need to sign an NDA (so you can't tell anyone that it's expensive trash). Beyond that - sure, if you're bored enough.

Who is D. Kerry Davies?

Imagine L. Ron Hubbard without the charm or business acumen. He's a conman and a flimflam artist. That's not especially rare in the security industry of course but he stands out from the crowd for a few reasons. He's spent approximately a decade and a half trying to have me fired from various jobs, harassing my friends and members of my family and on one instance managed to have a security clearance temporarily revoked. I first encountered him when I worked for Echelon Consulting years ago as a junior, so I am intimately familiar with his disingenuous business practices. He's currently calling himself CEO of Abatis in the UK (where the term has no legal meaning) that employs four people (including him). That's the sort of mentality we're talking about here. This company makes a digital snake oil called Abatis HDF - you can read about it elsewhere on this website.

Abatis is interesting simply because it's a textbook case in Dunning-Kruger syndrome and tragic thwarted ambition. It was calling itself a startup at least as late as 2015 even though it was incorporated in 2005 as an incubator at a London university where it is still based in 2017. The software itself is written by one William Rothwell whom I do not know however from his Linkedin profile one can see that his entire career has been as a student at Royal Holloway (which he never seems to have left) while also completely coinciding with the founding of Abatis.


If you choose to do business with Abatis, you can't say I didn't warn you.

If I compile your code backwards, I can hear satanic messages!

No you can't.