GT - The Semantic Age - or - A Young Ontologist's Primer - Unknown

hopefully one of the smartest people you'll meet out here if you can get through as saucy British exterior so with much ado about nothing Conrad Constantine before I get into any of this I mean my whole point on putting this all together is the last five years I've been working on right here I want other people to go this might be a good idea take it run with it and do something cool with it yourself a couple of times when we diving into what I think why this [ __ ] is important why it's useful and why it's practical and I'm gonna try and give you a few things on how you can actually go and do the

stuff practical yourself this morning's talking it was all about skull and bones and scary crap so I think I needed a little more flowery introduction for this one yeah it's you gotta balance it all out two years ago here I did a squawk called the leverage of language how information theory might save information security I've been working on this thing myself personal projects and open source framework I'm trying to make happen but I've talking to rob i realized i needed other people that were gonna sit around and hack away on this tech tech themselves this is that torn i love this quote we are information security people yet we spend most of our time working with data not information

but most of us in our day jobs and a lot of our time being human extract transform load engine agents this is insane why do we spend all the time doing it because the things we actually come up with in terms of information there in our heads we don't have a good formal way of encoding the information we from the greatest patent recognition engine on the planet the human brain goes to experience from my skills and experience I think I have a hunch about this this is why I got started with this and I said I want to be unable to encode this I want to be able to capture that kind of tribal knowledge I don't want to

have to keep explaining how to do stuff to new kids in the business few other things my first set was realizing that we're stuck in the sequel world we do everything with CSV sequel databases all these structured data sets but essentially they're all so fundamentally broken for the nature of how security works for us and so five years ago I started getting to the side here looking for a better technology to handle security information security data with next 40 minutes I'm going to give you some of the basics on how to go out hack with the stuff yourself up until about last six months I thought I was the only person on the planet really messing with

us by all means after i'm done here get a hold of me talk about this [ __ ] the only reason I'm here today is to give some other folks the idea that this might be a good idea play around with themselves and give me some other people to talk to play with them so yeah [ __ ] [ __ ] [ __ ] and that's a good way to get a hold of me and by the way that's actually nope no I didn't [ __ ] that up that is actually correctly structured semantic information total format wow I actually did something right that's kind of a rarity so I've done years working in VF

ir Incident Response instant management vlada farias companies doors close I mean I am the [ __ ] that discovered the RSA breach by the way and if you buy me up here I will tell you all the shed but they didn't tell you in public working up to that point and working on systems that I was putting together to give them a fighting chance for that trip it's kind of the basis for where I am today we were trying to work on things in terms of structure databases tracking information sim systems GRC everything I work with was essentially it was compromised it was not a good compromise I can talk about this for hours but essentially I got to

the point where I realized I was unhappy with every security product out there because they all wanted me to do my job in that security project and I realized that my job is larger than any single control the people i work with the team's i manage their job is larger than any single security control I wanted to capture the information they were creating that the discoveries they were making doing their job and we just could not do that in fixated structured databases disclaimer time I think I already gave you this one I got talked into doing this because I've been working on for a while I know this [ __ ] I know Meredith I am NOT an

academic I do not have any kind of green but apparently in the last couple years of working on stuff practically I found myself hanging around with these [ __ ] which is why for some reason I'm on this track right now with an audience full of people that are far all qualify to talk about the stuff than me so fair with me I am going to get [ __ ] wrong I'm non-academic I i am going to use the terms that I think work best and to help you understand how to make the stuff practical granted in the last like couple years terms like first order transitive axioms become things that are turned into my day-to-day vocabulary

this scares the hell out of me but what i can do is i can give you all the stuff I've been working on get past though the weirdness of how to make that make this tech work and if you guys use it and do something cool with it this is totally worth my time because the this is the only thing I really want to do I want to see other people working on the [ __ ] I'm working on I say so I've got someone else to compare notes with that's [ __ ] lonely I got started like everyone got started re BMS systems relational databases unfortunately you get to the point where you realize that

for any relational database to design it properly to make full database closure you have to understand the full scope of the medium you are describing ahead of time we work in security every single day we wake up and the goalposts have changed making a database that describes what we do is impossible by definition it changes all the time I started looking for an excuse for some kind of way of describing data tracking and recording things we're working on that worked on the system from the ground up there was happy with the idea that tomorrow the universe is going to change on you so I got to this whole idea of semantic data Semantic Web the first

thing that appealed to me on it was that relationships are first-class concepts semantic data is based around relationships between entities not properties of those entities right here relational databases every time you want to make a link to another table another entity you have to add another not another column another foreign key you have to build all that in it is difficult that was the first closing moment for me going there has to be a better way so I got into this idea of going semantic data graph databases graph databases are all about relationships the information is there that the information is not what describes what we actually do it is the relationships the context between things

that describes doing security work doing security investigation is not anything on its own that is important is that thing in relationship to the other things around it I look back and realize tables taxonomy 'he's hierarchical systems were all fundamentally broken with us so end up coming across the Semantic Web which was just created by a certain dude called Tim berners-lee you might have heard of him he created like HTML and [ __ ] like that out here yeah Semantic Web never really caught on there's a couple of things out there that sort of use it but it's it's it's one of those technologies that's still waiting for a killer application but when I saw is searching for something

that actually represented what security world looks like I come from because the Semantic Web the still to this day nobody really uses there are a couple of people now against them later but it looked like the right solution or at least the least worst solution out of all the other available the splash web is based on a simple simple technology already a resource descriptive framework it's ugly as hell if I do my job today I'll help you all realize it's still ugly as hell but it's you can still feel your way through it semantic web ontologies language based information is all based on this idea of graft erisi directed graphs where you have nodes and connections it's

incredibly simple I'm sure damn near everyone in that you know the this building today has at least mess around with multi go and a few other things the stuff is out there but it just does not go far enough that's what I want to hope to encourage you all to the technology is really simple no massive tables no foreign keys just the triple subject predicate object thing a is related to thing be thing a has property this value but once you start building up that simple basis of the these SPO triples you can start constructing some very complex tongue really simply this IP address is unknown bad IP very trustable calm owns the domain that IP is on

something like that appears on this executable was installed on CEO bob's bc co bob's pc connected to their shitty IP you know i like about this this is a story this isn't data this isn't pulling [ __ ] out of a database table and running complex queries this is a story of what happened on my network this is the story of how our CEO downloaded that porn app and [ __ ] the entire company in four lines so what are these things once you stopping this triples together you have to go what is a thing so we have subject predicate object subjects and objects for left and right most are these things semantic data is very very object

oriented thing is not strange this is a line I stole from google because they have their own knowledge graph and they come in two forms there are nodes which are locations which are intended to be unique and then there are literals literals are actual data values I mean when we when we put a good database together we expect it to be full of these literal actual data values most databases are mostly full of literals and then a few relationships foreign keys to other tables now note itself we use the Semantic Web the default version for these things is as a CP your eyes but also you are ends their intended to be globally unique and they are intended

to be deconstructed all there is when we say some data thingy there should be some content there but it's not necessary I'll show you why later the other half of these things are the things we don't know we know they exist but we don't know what their name is we don't have a proper name for these are called anonymous notes so the subject and object we have two nodes named identifiable and anonymous they are there but we don't have something to call them the intention with named nodes is that there should be some content that there should be that the node describes something not necessary though for the Semantic Web is Bursley imagined this is a natural web page and the

Semantic Web is a way to describe the relationships between content we don't necessarily need this but in terms of what we're looking at this you are I could actually be a specific URI from one of our security controls and output a report this is something we have here is how to relate it to other things your IDs system your sim give it a node I defy it this is what I'm looking at but this is how it relates to other things doesn't necessarily matter though especially in terms like getting into this and implementing it for literals so these actual values quickly there are two versions plane I've just described a straight language text plain text

strings with a little appendage here for what language there so i can describe something add a label to it and go this is the one its label in english this was labeled in german then there are typed languages type literals that describe what the actual data type is so here we have a regular string a deep time Sam and here this is a positive integer so it describes now any rational number above zero the predicates are the middle point subject predicate object being a has relationship to thing being the predicate is that has relationship part three varieties object properties data properties and mention is there annotations that are really important right now object properties describe

those know those links on the graph when I have a note on the graph an unknown graphical wine linking them that's an object property a data property is from I have a node and a little bit of extra text describing it that's the data property kind of simple really disturbingly simple anyone here writes code you should all be familiar with namespaces names faces are exactly that a a prefix to indicate that no matter what the main we use it is only unique within this namespace so you and I can write the same kind of stuff we can name things the same way but as long as we have different namespaces they are still globally unique for how we do this in

terms of actually writing this kind of information for ethics some data are you have server example home someday oh there we go so whenever I use the prefect's some data and actually referring to there absolute canonical name so when we get to a little example there someday the thing a translates out we're expanding a canonical name from relative named to a namespace if anyone doesn't get that come like harass me later so what we end up is our actual data set is just a single table of three columns subject predicate object each one of them is a location the location or or a literal thing a has relationship to thing be thing a has data property I am a data

property this is actual valid semantic data it's all written in RDF soul expand it out so you have the absolute names and everything here this is what the actual data look looks like in practice when you're writing it when you turn it into a nice graph object here we go that set us at their terms in this nice simple graph of this thing a thing I made related to related to but all of this is built out by adding a line at a time we never have to go back and recreate things we're just expanding out the world of the things we know redone with namespaces and a straightforward isn't that a lot more readable at the

top we have our preferences the RDF scheme in the audio test schema our things namespace and my schema which is our example skimming it much more readable and this is the kind of the key the semantic data is the things we write in the data are readable to us as humans if you're writing good semantic data it doesn't require extravagant queries to turn back into something that a human can make sense of I've sent so much time teaching people how to do basic sequel queries as part of their job the team at semantic data is it is understandable by de facto it should come out to all words so you've got the things here thingy what the hell is thing has

relationship to what does that actually mean this is what we get the point of well we actually have to like create some schemas for this stuff and these schemas are interesting because from a language point of view they don't describe structure they describe grammar how you actually create one of these things from the ground up yeah yeah things area food all right writing a schema offers from off the bat again we define our namespaces and then we start defining the things we aren't describing so we start describing a thing a thing has a type of well it's a class of object the label it's a thing but a quick comment on that it's things and we

started finding this this predicate is related to its an object property when you're rendering this object property in the software you're creating what you want to render this on screen as a webpage as Matt it doesn't matter when you want to say when you want to put this on screen and explain it to the people that are using the data you are creating the label is is related to this is kind of interesting like the presentation is contained within the data there is no data layer no presentation layer they're one and the same here's the important part domain and range this is how to actually build real long colleges the domain is the left board the subject what does this

relationship described from the range the right part what does this relationship described to a guy went ahead of myself what's important with this is that the same triples that describe our data describe our schema we're all used to writing sequel schemas and you know you gon dump the dump the database that starts out with a bunch of table creates and once it's done the table creates you start defining the data that goes into those with semantic data you can expand the schema as you go you can dump data in and then halfway down the file go yeah there's another relationship type here that I was not aware of previously i am now going to define it the data the

schema the information and the information about the information are indistinguishable the actual language you do for describing these things I've talked about RTF but the current standard is something called owl web ontology language but wall just didn't and run right it's w3 standard it is actually just another bunch of rdf data and it like we described there is a bunch of triples describing what these things mean what is an object property well here are a bunch of triples that an object property is a type of property an object property can connect a class to another class so how'd it go build one first you start out with what are things were actually describing so I want to

build 9 ontology about IP addresses well for the today's world we're going to go while I have this thing called an ipv4 address I also have this thing called an IP version 6 address but then you go well these things are actually kind of the same thing they're both subclasses of IP address if i want to write a property that describes any IP address then probably i want to include both of these things and then you start thinking about it more know what is an IP address an IP address is is a thing within the set of an IP subnet and you start describing the world more and more in more detail and then once you have this first run of

what are the things we're looking at what are the elements we're trying to describe and record we go what are the relationships what are the possible interactions is on subnet an IP address is on subnet of a subnet object it doesn't get any easier it all expands out from here this is what ontology design is about along the way you have to of course record some actual information yes I have an IP address but what is the actual value of the side he addresses the 191 6 8 10 doc 10 personally if any of you record IP addresses as plain text strings I hate you all you are the problem I face every day IP addresses are 32-bit integers so

you can sort describing the interactions adding actual tags of information if you can start building out this graph of here I have this information now you're right that's data but the information is the interactions of relationships between them this is where we get fun an academic from here on out you can start to spawn these things called cardinalities i am not going to get cardinalities here today these things are complexes all get-out but it is simply stuff going what are the limits of things in reality an IP address has only one subnet it can belong on there may be super nets but it belongs to one subnet a specific subnet has only one netmask it can't have more than one that masks

an email address may have several people in the to field several people in the VCC and see see see see fields but it can only have one sender and you start getting these ideas of cardinalities this idea that an IP address can be on one subnet but it can be on multiple super nets an email can only have one sender but it may have multiple destinations and you start thinking about the nature of reality of these things we work with day today the ontology of them if you were and by building us this formal grammar of the relationships between them you can start putting together a schema that describes the actual work we do then we had two

transitive axioms yeah this stuff makes my brain hurt the fun thing about translated accents is you can start inferring things that don't exist in your data so for everyone that works with sequel I want to all tell me how you make a foreign key reference to a row that does not exist now you know it exists you just haven't found it and you want to record that I know that this row exists and I know that this row i'm looking at is related to this row that does not exist when I find it I will put that row in the database but I want that relationship to already exist you cannot do that with our DBS structured data

because it assumes that the world is already known ahead of time before schema design with semantic data that's part and parcel we can do these things called materializing transitive axioms and the fact that that phrase comes up in my day-to-day vocabulary is the only reason feel comfortable being here in front of you today so we started defining the rules of reality our reality the things we know the things we've work on and because of those we can say if I have these things here and these things here I know that because of how they work there's other thing I don't know about must exist their system is infected the system's infected they're both vulnerable to vm this one this

vulnerability but there is no workable exploit for it but they've both been compromised something as it so this exploit must exist even though I don't know about it yet real simple example Robert is your avuncular relative it's really similar it's an easy property change described if someone has a parent and that parent has a brother and I know their forms my uncle then I know that there is a parent there for me and Robert has a sibling and that sibling has a brother because his name is Bob we don't know who this person is but we know he exists we can infer that this is an entity in our data set because of the transitive axioms we have described we

have described semantically the nature of our data set and so when things are missing in our data set we can reason against them to show us the things we have not yet observed at any you'll do TFI our work do security investigation you know what this looks like there are things you know exists you haven't seen them yet so how to write up some of the stuff the easy thing is most of its plain text a couple of formats [ __ ] XML and triples is kind of complex really I like turtle as far as describing this stuff curls the best way it works on you our eyes but primarily it works on those namespaces and they don't mean to be

resolvable yet as far as getting a this is one of the toughest things it's hard like actually hacking away with the stuff is you see a URI and you think it must exist does not necessarily need to be it's a reference to a URI this is actually valid semantic data everyone knows vcard address us we have a set of bunch of prefixes set up we describe our ontology then we start describing classes here's a vcard its type class label is vcard real quick comment if you want to display this in your application on your webpage what are we using that's your little pop-up text where is it defined fine there's the official location or necessary though here we got

a property probably has named it describes a relationship between this class object a vcard and the actual name friend who's the ansible name attached to it again defy my label cetera et cetera you can do all the stuff via HTTP you can actually put semantic data ODF up resolvable retrievable acp locations you don't need to do it though to start messing around with it you can put it together in a single text file it does need a base address again doesn't need to resolve resolvable they are completely valid you are eyes and in fact you can actually use you RN so I'm not going to cover that they need to end in a slash or a hash sign if it's /

their individual files it's a hash sign then it's HD HTML anchors how to get actually like running around and building an ontology do it in turtle seriously you'll thank me build a header section this stuff's kind of easy start defining the things you want to track build these classes these are these just like object-oriented code these are the the classes of things you are going to describe the things you can describe you're going to be instances of classes given labels give them comments give them annotations annotations are using commonly seen comment label here they're annotations they're describing the schema they're describing the data they're not actually data themselves really really simple just describing a simple host and an Active Directory

domain host is class it's a subclass of a thing because everything is a thing it's a host a simple relationship an object relationship yep nope that's nice that's a Active Directory domain Microsoft Active Directory there we are object property described the relationships between things we taught touch on this before domains less light range only a host can be on a domain and on the right side the range on domain can only refer to a domain this is again a grammatical thing you can't use the term on domain to describe anything other than the relationship between a host and a domain it just does not make linguistic sense other than in that context data properties simple and at

actual information actual data this one here interesting as i said on terms of cardinality it's also a functional property any host or any domain can only have one name this functional property says that for any left side here a host or domain that could only be one triple host has named bob CEO pc can only exist once as a cardinality of one pill together a few named individuals and valid data we have a domain we have to host here and there described as being members of this domain what makes a simple Frampton so the text fun but why actually infosec exactly this I'm lazy and stupid i am not a math guy I kind of actually write code for living

right now but that's going to end in but the one thing I can do is describe the stuff I do for a living in terms of plain language and that's what got me started us is how do i take the things i know and talk about and include them and share them with other people and even if they don't know what i'm talking about pass on the grammar for what i'm talking about so they can understand it in their own interpretation spend so much time working on in intelligence gathering information sharing everyone has their own shitty schema of how they put together the CSV and we get it like Thank You FBI here's a list of IP

addresses how do we actually use that again we spend most of our time working between human extract transform load engines I want something that describes what I'm actually looking at and I want the system's i'm working with to be able to understand that and use it because if you say apt and i say really [ __ ] old school hacking i can describe the grammar that says they're actually talking about the same thing these two things mean the same thing and I want my data systems I want my data set I want the information I'm working with to be able to understand that I spent a lot of time trying to figure out how to make

kids fresh out of college without the 10,000 hours effective like my mission right now in security is lower the bar to effectiveness for folks getting into this field when the president says we're a great 5,000 you security professionals this year I'm going kill why don't you create 5000 you brain surgeons while you're at it because yeah that doesn't take any time whatsoever you sit down read a book you're an expert what I found is I've spent a lot of time looking over the shoulder of junior infosec analysts and they'll be looking at something and they say I know something's going on here but I can't figure out why can you take a look at this I also I'm so I mean you

know what if you look over here like check out the systems from like favorite logs like this DNS server or just Webster or something I bet you you are gonna find something there that references what you're looking at right now and they go look at logs from a dns server and they see a resolution look up and then they go oh you're right we shouldn't take the dns server for the entire company offline to be infected with malware because it's not actually connecting to the cnc system it's just resolving the name for the cnc system not kidding I've seen that happen too many times I feel like that that's amazing okay so from what I'm looking at

right now so I don't have to waste your time later what in the alert I'm working on right now tells me to go look over that I have looking up not a damn thing I knew to look over there because unlike you I worked on a [ __ ] ton of cette semaine stration work and programming all the other [ __ ] you need to do security work because this is the reason the cops don't hire folks fresh out of the Academy to go work on homicide they need the time on the street they need that 10,000 hours but I also realized that's not right we have to fix that if these kids have the context of that I

mean once I showed them to it was like that makes total sense now now I understand where i'm looking at i'm sitting there going why doesn't the system show you that that's what got me into the whole semantic data thing the idea that we can encode our experience in a fairly natural language format make it machine processable machine learning machine reasonable but essentially the key thing is giving context to the folks doing the job in the entry level you know I already talked about this the whole cyber kill chain thing this is the new hotness has been for a couple years we do a bunch of we do a bunch of hiring kids out of college and putting them in

in front of what's essentially a tech support queue security work is not tech support it is not demand driven it is discovery driven what we do is more like bug hunting and quality assurance and it is not the individual element that is important it is the relationships between those elements there's important that is how you do detective work and more specifically it's not about connecting the dots a lot of times about finding the dots so what's the matter abuse will take to work on this hopefully you're all going I want to like muck around this because it sounds fun maybe I don't know the first thing you need to know is text files that's great but I want an actual equivalent of

the server the stuff you're looking for is called a triple stall allegro graph is kind of a de facto current I really like Sesame it takes five minutes to install it is just a simple simple war archive forget thank i remember that apache java thing apache channels kind of kick ass does a whole bunch of stuff Forstall really nice linux-based all command line wonderful get into what these things all do is produce a sparkle end point I talked about creating data really what the hell's the point in creating data if you can't query it the language you're looking at is called Sparkle yes there is an implementation of this called sparkle motion anyone seen that movie yep yep note that

that is a thing really stupidly simple you really only need three three major the innovators of syntax select construct and ask select is bring me the triples back construct is select from as where you can build your own output ask is just a simple true or false does this exist described is kind of a bastard because it describes the things that define the stuff you're looking at we've looked at ontologies hope the idea that these neighboring items are what's important it's not the stuff I'm looking at but is what is connected to the things I'm looking at that is important the context described as intended to be show me the contact to the things I'm

searching for the syntax really not that tough a little less brain dead than sequel I like to think simple select for one column one construct allows us to construct our own triples that we can then dumped back into the data store ask is just a simple true or false does this thing according to my filter selection exist as far as getting into the stuff I like neon toolkit I don't trust its output protege is this huge Java app it works really well but it is of juices all hell to get into there is a nice simple notepad soil RDF editor for windows written and net rdf if C sharp is your thing and I won't hold it

against you because I've written a whole crap ton sup in c-sharp what getting into pop raise kind of commercial obviously you can start getting and stuff with with just a text editor we need something to validate it I write [ __ ] pipe in for a living that's actually kind of my day job working on semantic data i'm going to say right now most of stuff out there sucks these are the least sucky ones you've mucked around with Django cubic weather's kind of fun cubic Weber is kind of like Django as an MVC common bc framework but it works entirely as an ORM for semantic data instead of our TV NS if you're one of those horrible

people that really thinks that Java is good you are a lucky bastard because most of the good [ __ ] for this stuff is actually written in Java owl API for doing reasoning ontologies all up there photo/j home home it's a good reason I works in command line Apache Jenna written in Java so is Allegro graph these the major players I hate my life you're going to want to start out with looking for some of the key standard ontology Xand schemas to give you like how to work outward you've seen that rtn RDF schema these are just triples as I keep hiring down the the things that define the information are the information themselves this is the key

point of power I have like three hours of material or why this stuff is actually important to security all i wanted to you right now is get people interested in mucking around and tinker themselves great data set wikipedia dbpedia all semantic data massive amount of data set of this thing is a thing is related to this has these properties these cardinalities as far as getting into this stuff you you really can't like get easy access to a larger dataset but there are no good security ontology there are a couple of terrible ones that are very managerial based and kind of like cve and everything but they're not based on the the core atomic level of

stuff we deal with our day-to-day work but you know if the job i'm working on currently works out then we might have a couple published in a while that's another story we want to be able to have a data set that we can run reasoning against to individually crowd swarm the damn thing record the stuff we know that record the things we see and then machine learn process reason over them to show us the things that we are either too clueless or too drunk to remember leave no stone unturned you know what if you all come up with your own ontology it doesn't matter the whole theme out semantic data is if you describe your view of the world and you

tell me where I can find that view of the world then I can use my information I can use your information and I can say okay what what you describe is apt I describers don't school hacking but we know we're talking about the same thing because we've shared our grammars we can describe what is different between them what is common and we can use our own view of the world but still share information talk with other people and see that you see what they're describing what they're recording without having to sit there and write another god damn pipe and passer take a CSV file and dump it into our database there are no good security tools doing this today you're

probably no multi or multi go is not even scratching the surface I spent last couple years working on my own framework that's another talk and ain't ready yet the important thing is I and I think a lot of other people are sick of having to explain the things we did years ago to other people time and again I want to put the stuff i know in with the data i'm working on so when you look at an IP address when you look at a host in your workflow systems when you're doing your job the things i know about it not only a recording annotate but interactions the things that are possible the things that are reality the

things that are ontology are there for them to use because when you can describe what is real when when you have eliminated the impossible whatever remains no matter how improbable must be the truth this ship's confusing his [ __ ] it took me a while to get into it imagine if sequel was defined in sequel and all you needed to do to understand sequel was read a bunch of sequel scripts welcome to semantic data as I said until recently I thought I was the only person running on this I'm at CP Constantine on Twitter caught out at mostly logic this is mike like current obsession with making happen i want more people [ __ ] around with their [ __ ]

and going i found something cool i'm like i did not thought of that before you're quite correct I think it's a good idea it came out of me being just incredibly just satisfied with the tech we had and the more I got into it the more possibility for things we hadn't even thought possible they came possible I'm just one guy I need some other folks coat hanging around with a [ __ ] and if it doesn't make sense to you I'll be happy them go that it confuses the hell out me too [Applause] yeah I did it'll be up on dropbox and i'll definitely publish this one like I say this is this this is one it for what

it's worth the current job i'm working on I was at the Pentagon about a month ago where I got detained by the head of counterintelligence by DARPA I knew that the intelligence community had been working on the stuff for a while as a decision support system and many other things I knew that all I was doing was recreating work that had been done before behind closed doors 20 years ago in the last six months because I'm now sort of working on the star per contract I've been meeting a lot of those people like just like ran into the guy who created camel a dolphin markup language which was the the forerunner to owl and a lot of other things and i know i'm all

i'm doing is clean room re engineering stuff but the intelligence community the government has had at their disposal for years all i care about is getting some of those ideas putting them in your hands and going can we cut with something cool with it I think it's possible that's that's my whole [ __ ] talk basically [Applause]