Monday, May 9, 2016

María José Montes: "I would add a subject, TICs security"

María José Montes. Security Consultant and Securízame´s Training Manager.


I discovered María José Montes, as many others, when I was writing for "Hackers & Developers Magazine" a short but intense life magazine", an idea from the Argentinian Hacker Eugenia Bahit in which the writers were mostly women, something very unusual in this professional area. I kept watching her to see this woman from Cordoba, app development Technician, was as active as loved in the most leading Andalusian communities, as the Hack&Beers collective, the ConectaCon  and Qurtuba conventions or the National Ethical Hacking Professionals Association, in which she is a founder member. 

I saw she did not only take my interest but also the interest of cracks far away from her land, as the Flu-Project, the HigSec project, in which she is a member, and the interest of the Securízame company, which hired her last year and she is still working there. Knowing that María José is mother of two child, 8 and 4 years old, was the final straw of my curiosity: How can somebody who is in minority, not only for being a woman, but a mother too, to stand out on the absorber world of infosec and, having time to speak at congresses and solidarity events.


-  Where did the Solidarity Hacking project, in which you give conference in exchange for food for the needed, came from?

- I was giving talks on schools and high schools about the security and the risks of the net. And talking with Miguel Arroyo he had the idea of we could give these talks in exchange of food. We use to do it through an association. They look for the place and we are in charge of the presentations. The first Solidarity Hacking was composed by Miguel Arroyo, Eduardo Sanchez and my self. We have made it in Cordoba, Malaga, Hinnojosa del Duque (Cordoba), Granada and the AlbahacaCon.

- You have also given many free talks about Internet for kids and parents. Do they have a clear consciousness about cybersecurity? 
It´s quite relative. Many parents are interested in knowing the risks whichexist on the net and their child are exposed to and they want to know what can they do to educate and protect them
Talking about the kids, they need to know the risks they are exposed to, as it happens on  the street, if they don´t know them, they are even more vulnerable. Unfortunately, a big portion of this parents, even children, are interested in the matter only when they have had a problem, directly or with relatives or people they know.

Long time ago I started with talks on schools about the Internet risks for underage people, oriented for students and parents. At first, they came only a few adults, the kids use to come more frequently. At the end of the presentation, it was usual that kids realized that some of their habits could be negative and, in many occasions, they ended asking help to erase social media accounts they had not still the legal age to be part of.

- Which are ordinary people most important cybersecurity gaps?

- Actually, talking about social networks, the loss of privacy derived problems. Everything in the world of social networks, sharing your live in real time, etc. has gone so quick that there are still a lot of people who don't realize that they are exposing their lives publicly and that, once it's been published, couldn't be completely removed.

In addition, the lack of knowledge about what are the metadata embedded in the pictures we share, about how dangerous could be making geolocated publishings... In many occasions, they are made public just by the lack of knowledge about how the used tool works and not knowing how to limit the audience.

On the other side, the problems related with "stealing" the neighbor's wifi, with being robbed and the use of wifi public networks. In general, they are matters about which, until they have not found a problem, they use to think "nothing happens".
The awareness about privacy is growing step by step, but the matter of security when using insecure networks is something which doesn´t use to receive the same attention. It´s similar to what happens with some "free" downloads of software which has no free version…

- Imagine you receive an unlimited public grant the help families to be more secure when using Internet. What would you do?

- I will start to educate parents, kids and grandparents. And above all I'll ad a subject in the education system: "TICs security". I think education is very important at every stage and the best way to protect us is the knowledge about what are we using.
As we teach road safety education, we should teach TICs security, if not as a subject, at least in a transverse way.

- You give every impression of being a great teacher. Is it what you like the most about your job?

- Being able of sharing and transferring knowledge is extremely satisfactory. But on the other hand, having environments to test vulnerabilities at our disposal and, once they are founded, searching and exposing how to solve them. It allows us to deepen in the skills, learning and applying them.

- How did you reach this world?

- I loved computing since I was young. I started being F.P.O teacher (office automation, programming, etc.). Then i got interested in free software and I started to write about ArchLinux distribution in my blog. Then I was invited in the Hackers&Developers project, focused on security and free software. I got interested in cybersecurity, a world which always fascinated me and I decided to go to my first conference, RootedCon. I was lucky to meet big sector professionals there and I focused on getting training on this field.

-  What do you do to survive in an environment where people is recycling themselves on their free time, when a mum does not use to have free time?

- The truth is it's really complicated. You have to take out sleeping ours to being able to keep learning... security becomes in the only hobby I can afford. Luckily It's a hobby which I'm very passionate about.

- Which advice will you share with women who could feel attracted by this world? 

- The computing and technology worlds have been, until now, mainly formed by men. But this has not to be this way anymore. If you like it, you will need studying, reading a lot, making tests. You have not to surrender. It´s truth that, just for being a woman, the are going to demand you much more, so it's necessary you never stop training yourself. Maybe it is one of the most had parts of computing, but it is also one of the most exciting ones.

- "Hackers & Developers" magazine was kind of a quantum anomaly, because it was done by women, were you looking it? 

- At first we were only women, but not because a positive discrimination, it just came up that way. The poject´s founder got in touch with some girls via social networks, o because she already knew them and she posed starting to write a magazine.
Later, men started to write for the magazine as well, even if women were a majority.  The experience was quite good. It allowed me opening myself to the free software world and the fact of having to write an article or two for each publishing made me investigate, test and study a specific subject and, later, writing it and verifying I knew what was I talking about.

- It´s okay with you if in environments in which men are a majority some things were made only for women?

-  Due to the male chauvinism we have carried in the course of the history, sometimes it's necessary a temporary positive discrimination to reach a balance and getting more visibility, for example in countries in which male chauvinism is quite rooted, not only micro male chauvinism, but capital letters one. But I think that generally we should work as a team and not let this discrimination taking effect.

- Would you give us a quote you like, for our readers?

- The hackers duty is not destroying, but using their knowledge  in favor of liberty and social equality. The hacker is wise, the hacker gives no troubles, is ethic, these are the things which make the difference. If you help on the net, the others will help you too" Johan Manuel Méndez.


Text: Mercè Molist

0 comments:

Post a Comment