Firewall Company Palo Alto Buys Stealthy Startup Formed By Ex-NSAers

alphadogg writes "Next-generation firewall maker Palo Alto Networks today announced its first acquisition, an intriguing buyout of a stealthy Mountain View start-up called Morta Security whose founders hail from the NSA. The price of the purchase was not disclosed. Morta that has been in stealth mode since 2012 and describes its founders as 'executives and engineers from the National Security Agency.' CEO Raj Shahsays he worked in the Air Force Reserve supporting the NSA. 'We have deep experience in protecting our national infrastructure,' he says. (Curious to see if more startups will start marketing their NSA heritage...)"

I don't think so.

[Frosty Piss]

Hmmm, maybe I'll *not* buy their firewall...

Re:

[Hunter-Killer]

Sonicwall offers a Network Security Appliance firewall. I can hear their marketing department: "NSA? That spells security!" Good luck with that today.

Re:

[LordLimecat]

Sonicwall sells a lot of irrelevant crap.

Re:

[Jeremiah Cornelius]

"In Roman mythology, Morta was the goddess of death... She is responsible for pain and death that occurs in a half wake half sleep time frame."

https://en.wikipedia.org/wiki/Morta_(mythology) [wikipedia.org]

Re:

[MobSwatter]

Actually I think Dell took care of that one for the spooks, they probably didn't like the option available to the end user to run in FIPS mode or not.

Re:

[mwvdlee]

NSA Firewall; where nothing short of a disgruntled employee will expose all your secrets.

Re:

[TheGratefulNet]

maybe I'll convince people I DON'T LIKE to buy their firewalls....

Re:

[Aighearach]

Most of my clients need to buy these things. Lots of them. So me and my friends have $ to buy some open hardware.

Re:

[Obijon70]

Now, now, Im sure the products they offer will be 100% safe and backdoor proof. Boy that was hard to type with out it getting stuck in my throat...

Re:

[MobSwatter]

Why not? It probably comes stock listening on TCP port 32764.

1. Buy firewall.
2. Setup sniffer.
3. Make questionably threatening statements on phone.
4. Capture traffic on firewall WAN.

Wallah! Instant keys to palace to credit card, banking industry, anything that uses RSA security, probably oil company's too!

Re:

[Stormwatch]

Wallah!

It's "voilà".

Re:

[MobSwatter]

But it's gotta be better than trolling the NSA about an email you accidentally deleted and know they have a copy of!

Re:

[sconeu]

That's what he said. He's just Chekov.

Re:

[skegg]

Wallah!

It's "voilà".

He could have been quoting Arabic ... in which case that word fits quite well.
(However I agree he probably meant "voila".)

Re:

[MobSwatter]

Walla! definition
[w l]
and Wala!; Wallah!; Viola!

Voila!
And there you have it! (All versions are misspellings or misunderstandings of the French The Viola! is a well-meant spelling error.) : exclam. , And walla! There it is. Cooked just right!

Wallah comes from the phonetic pronunciation of the french word viola. Wallah is an exclamation, it simply means “look at this”.

Now if we could just get the NSA to put this level of critical thinking

Firewalls with integrated...

[Anonymous Coward]

remote access for the NSA

From the NSA? or just kinda near them...ish?

[exomondo]

> whose founders hail from the NSA

> CEO Raj Shahsays he worked in the Air Force Reserve supporting the NSA

They aren't really the same thing now are they?

Re:

[Frosty Piss]

CEO Raj Shahsays he worked in the Air Force Reserve supporting the NSA

They aren't really the same thing now are they?

Either way it's not really a good selling point.

Re:

[ArchieBunker]

Maybe he knows something we don't and plans to capitalize on it?

Re:

[Aighearach]

Sure, it might say we've moved beyond knee-jerk racism based on names.

By "we" I mean, Americans.

Re:

[jalopezp]

Racism? Social regression?

Re:

[recharged95]

Nope. Keyword is supporting.

For instance, I know a lot of BAH employees that are Reserve troops, they don't support, but basically are contractors.

Heck in the end, it's a silicon valley company. They'll say anything to get a buck or free advertising nowadays.

Re:

[recharged95]

Also, I like the 'wildfire' play on likely the main competition, which is Sourcefire [sourcefire.com]. Which really started stuff like Snort and Ethereal...

Re:

[Aighearach]

Yep. All PR is good PR... right?

Re:

[Anonymous Coward]

according to this article
http://www.nytimes.com/2013/08/23/technology/the-pentagon-as-start-up-incubator.html [nytimes.com]

he was an air force pilot, iam sure some of the real Air force guys here can verify that he did indeed serve, wonder what company he was in ?

so many liars and fakers you gotta be careful

Re:

[hubie]

he was an air force pilot, iam sure some of the real Air force guys here can verify that he did indeed serve

300,000 people in the Air Force. That's like finding out what state someone is from, then saying "hey, my friend Bill is from that state. Maybe you know him?"

Re:

[VortexCortex]

> whose founders hail from the NSA

> CEO Raj Shahsays he worked in the Air Force Reserve supporting the NSA

They aren't really the same thing now are they?

Hmm, you've landed upon Slashdot rather roughly. Yep, you've entered English text, so that works, but it's plainly obvious you're not from this planet. Right?
No worries, you're among friends -- takes one to know one, and all that -- better luck next time, though.
Now, if you do want to survive you'll need to read this crasher-course [bell-labs.com] to get acquainted with some basics about UNIX, compilers, and the state of Earther computer security.

Quite a painless tutorial, as acceptance speeches go, eh? Now, in addition

Re:

[Anonymous Coward]

Hang out in Maryland sometime and you will find out that yes, they really are the same thing. Many of the NSA civilian employees are former Air Force. They are trained by the government and then "move up" to the civilian positions where there aren't the same pay grade restrictions. Anyone who has worked in U.S. government in the last decade knows the real money is in "consulting".

Buy the cronies to get a right to bid on contracts

[dbIII]

When there is corruption you need to employ a former "insider" before your bids on contracts are even looked at.
Why do you think people like the person that lost the White House emails is employable by a data recovery company?

Re:

[MobSwatter]

NSA live this one down? The people will not have it.

Re:

[couchslug]

I'm not indignant, just amused.

Re:

[Johann Lau]

It's not our fault that just about anything coming from that general direction makes everybody else seem like a super intelligent saint. Your jealousy is duly noted.

Re:

[Anonymous Coward]

I know I risk troll feeding, but another cretin who can't tell Indian from Arab names. There should be a space between Shah and says. The CEO's name would be Raj Shah

Waitwhat.

[Johann Lau]

We have deep experience in protecting our national infrastructure

I beg your pardon? This coming from the fuckwits who insist on just about everything having unfixed holes and/or backdoors? Unless by "deep experience" they are referring to having their heads up their asses, I call BS.

What do you think would increase security more, in the long run - firewalls by the NSA, or firing squads for the NSA? Sad thing is, what starts out as a polemic rhetorical question is actually not that easy to answer, now is it.

Re:Waitwhat.

[ArchieBunker]

I'd call that deep experience. Most people suspected them of having some hidden backdoors or listening powers but no one had proof. I'd call their campaign pretty successful until Edward Snowden blew the doors open.

Re:

[Johann Lau]

Would you call that deep experience in securing systems, or rather deep experience in not securing them, even actively making them weaker, and not talking about that fact? It's like saying a butcher has deep experience about what animals need to be alive; technically true, but that doesn't make a butcher a great veterinarian.

Re:

[ZouPrime]

The NSA does both. Beyond their SIGINT operations, they also support industries in various security initiatives.

Re:

[sir-gold]

They only "supported" those security initatives so that they could install backdoors in them. Stuff like the Dual_EC_DRBG random number specification from NIST that isn't actually random.

"....the Dual_EC_DRBG, like many algorithms, relies on parameters labelled P and Q for security. These could be randomly generated; however, the actual choice of P and Q were dictated by those involved in the design of the algorithm — the NSA."

Re:

[ZouPrime]

While what the NSA did with Dual_EC_DRBG is shit, no, it's not the only way they support civilian infrastructure. NSA provide all kind information security expertise, not just with encryption.

Re:

[sir-gold]

Asking the NSA for advice on information security is like asking a convicted burglar for advice on locks. Sure, he is probably expertly qualified to tell you which locks are the hardest to break, but will he act in your best interest?

Re:

[Vitriol+Angst]

I'd say if you can sneak in that back door -- you are going to have a good talent for preventing back doors.

Only, with ethics like this -- I don't have any sympathy for anyone procuring the services of this company if they find they've got a backdoor engineered into their system.

Providing and protecting from the same threats is a profitable business model; just ask the weapons industry.

Re:

[Vitriol+Angst]

One of the number one software purchases for people who use Windows computers is something to protect them from viruses and trojan horses.

If the number one source of profits for exploits and protection from exploits is from former NSA employees, it stands to reason that there will be a feedback mechanism maintaining exploits and backdoors at the NSA. For "security" reasons of course -- not just for profit.

Re:

[Anne_Nonymous]

>> Silicon Valley-based Morta Security has been operating in "stealth mode," meaning it has not disclosed much information about itself in order to avoid alerting competitors about a product or other activity.

From here [yahoo.com]

Any network startup

[Swampash]

That has any past connection, through staff or projects, with the NSA is now about as popular as cancer.

"Next-generation firewall maker..."

[oldhack]

Well, that's better. Why bother pretending to be something other than a paid-off PR/click-bait site?

well-named company. that Morta Security

[PopeRatzo]

"Morta" in Italian means, "dead man".

Draw your own conclusions.

Forget Left and Right, Liberal or Conservative, Republican or Democrat. We are all enemies of the State now. It's starting to look like those divisions have just been artificially put in place in order to make us easier to control. When we're fighting each other, we're not paying attention to the real bad guys. And the bad guys goal is to take everything. If you're not part of the financial/political elite, you're not in the car, you're standing on the side of the road.

Nothing can really get better - not one thing - unless we deal with this security apparatus in a lasting way. It makes us less secure, poorer and sliding down the economic scale. And today, Janet Yellin was installed as the new bursar for this apparatus, in charge of siphoning wealth to the very few.

Re:

[TrollstonButterbeans]

" We are all enemies of the State now. It's starting to look like those divisions have just been artificially put in place in order to make us easier to control. When we're fighting each other, we're not paying attention to the real bad guys."

I disagree and strongly. People argue as much as ever. The NSA doesn't give a crap about your Facebook page or your dramatic political rant on Slashdot with conspiracy sprinkles and mint frosting. There are more political rants than ever and the availability and fr

Re:

[Bert64]

Because if you deny people the freedom to rant, then they will still do so but hide their actions and you lose track of them...

If you give people the freedom to rant in public then you know exactly who is saying what, and you can keep track of them as well as anyone who listens to them. Also the apparent freedom acts to placate some who might want to rant.
If anyone's opposing views ever become too widespread it is much easier to keep them under control and discredit them if you know exactly who they are.

Re:

[PopeRatzo]

I disagree and strongly. People argue as much as ever.

Sure, but isn't it interesting that the US, for example, has become so precisely a 50-50 nation? Every election is close, congress so evenly split, all political media promoting division.

I think the biggest worry of the 1% is that the Occupy people and the Tea Party people and the union people and the poor people will all realize that they have very similar interests in the things that matter most: economics.

It's also interesting the way all the big div

Re:

[3.5 stripes]

Actually, morta would be referring to the feminine, dead man is uomo morto.

Re:

[tomhath]

There's an old saying: "Dead men tell no tales".

Cost Saver

[hagrin]

What a great way to save on $10 million dollar backdoor fees - have your ex-employees build the devices themselves!

They still work for the NSA

[Anonymous Coward]

Not fooled.

ITT

[Luke has no name]

People who don't actually work in cybersecurity.

NSA and the firewall ..

[DTentilhao]

Surely the NSA have a number of means of bypassing the firewall by now ...

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[McGruber]

An Air force pilot? really ? no history ? nothing anywhere on the web including the seclists /waves hand....charlatans everywhere

AC's allegation about Raj Shah being a charlatan really intrigued me, so I just wasted two hours doing a little digging... and I now suspect Raj Shah is lying about having been a USAF F-16 pilot. Here are a few different versions of Raj Shah's CV:

Khabar: Georgian Raj Shah Wins Soros Fellowship for New Americans (April 2007) [khabar.com]

Raj Shah is among 31 finalists in the 10th annual competition for the Paul & Diasy Soros Fellowships for New Americans (immigrants and children of immigrants). They were selected from over 800 applicants representing 141 nationalities and 360 colleges and universities. Shah is currently the Special Assistant to the Deputy Undersecretary of Defense for International Technology Security in the US Department of Defense. He plans to attend Wharton in the fall to study business. Shah holds an AB from the Woodrow Wilson School at Princeton University. Upon graduating from Princeton, he took a job at McKinsey and Company but left 4 months after 9/11 to join the United States Air Force. Shah flew eighteen combat missions in Iraq as a captain and F-16 pilot. After four years of active duty, he transitioned to the reserves and rejoined McKinsey & Co.; from there he embarked on his present work.

Times of India: Business honcho bombed Iraq for US Air Force [indiatimes.com]

He flew US Air force F-16 over Iraqi air space in 2006 and as recently as in March to May in 2010 for nearly 200 hours in 38 combat missions at a speed of Mac 2 (twice the speed of sound). Thirty-three-year-old Gujarati American Raj Shah, then a combat pilot, said, "The biggest fear in a pilot's mind is the fear of making a mistake. If we err, innocent people die." This Wharton School MBA, now vice-president of a defence focused investment firm, is a battle hardened soldier turned business executive.

"From 500 feet above the sea level to 50,000 feet, I flew as per the requirement. The altitude depended on the targets and in Iraq we flew very low for precision target hitting," said Raj, who joined the US Air Force in 2000 and took his first flight school in December, 2001.

He flew every third day on missions in Iraq and volunteered himself at Airport Theatre Hospital at Bagdad to help out the medical teams.

"In January 2006, it was 3 am in Bagdad when the US Air Force base sirens went off. I was sleeping in my flight suit. I ran to the jet and and in five minutes was flying 500 feet over Bagdad where a number of people were trying to block the path of US-Iraqi troops, who were on rescue mission," he said.

Those quotes about his missions are really strange.... and the the timeline in the 1st article (joined USAF 4 months after

Supported the NSA?

[Anonymous Coward]

"Good evening Mr. Sir, I am being your Microsofts supporting person. My name is being Raj Shah and I am being afraid I must inform you that your Windows is being having a virus..."

Re:

[Anonymous Coward]

Hey you forgot to include "Oh blimey, goodness gracious me!" to round out the racist stereotype.

Bad ex-bosses

[Stormwatch]

What's the big deal? I mean, do you think Wernher von Braun's later work was bad just because his former boss wasn't the nicest guy in the world?

bad analogy

[circletimessquare]

you can build rockets for hitler, or you can build rockets for truman. they're both still rockets. you can test the rocket, make sure it works, you can separate the creator of the tech from the tech

but security is not like that. it's an ongoing trust relationship. you have to trust the people involved

and if your previous job was secretly sabotaging all security to a govt, this is probably not someone you want to trust your company's security to. when the NSA breaches your system, they have an ally already i

Re:

[3.5 stripes]

I thought the primary reasoning behind firewall "appliances" was the reduced amount of non essential software they run, compared to your average server.

Re:

[Bert64]

So now you have the small amount of software running on the firewall, PLUS all the software running on the server (unless you advocate removing the server and having only the firewall?)... You've not decreased the amount of software you're running, you have increased it.

Re:

[datapharmer]

I think a review of the meaning of "attack surface" is due here. The idea here is to keep the bad guys out. If you can't physically secure your infrastructure (including some level of trust in your employees) you are guaranteed trouble. For that reason most networks are guaranteed trouble, but that aside a proper firewall does reduce the attack surface on the WAN by limiting traffic to what you want exiting and entering your network. Does a security guard also make a bank less secure because it increases th

Re:

[Bert64]

If your hosts are sensibly configured, then a firewall only serves to prevent external users from sending traffic to closed ports on your server... There isn't a huge risk involved with users being able to send traffic to closed ports.

If a port is open then it should be open for a reason, and you will configure your firewall to allow that service through anyway.

By adding a firewall you've increased your hardware costs, increased your hosting (rackspace, power) costs, increased your maintenance costs, decrea

Re:

[davidhoude]

>If your hosts are sensibly configured, then a firewall only serves to prevent external users from sending traffic to closed ports on your server. I had a real LOL at this. What about virus protection? What about identifying an infected client and blocking communication with command and control servers? What about web browsing policy, and blocking L7 traffic on known good ports (Think SSH Tunnel on port 443)? While I completely understand your arguments when talking about Layer 3 firewalls, this is no

Re:

[davidhoude]

So you think each internal device should be responsible for its own access control on the network? You want the application server to implement layer 7 filtering? What about ASIC's? Are you adding custom silicon to your application servers so they can filter at high speeds? Are you going with a hardware loadbalancer? Your arguments don't make sense in the real world.

Re:

[davidhoude]

I know you are posting as Anonymous, so chances are you will not read this. I am just curious where you get this idea of dodgy network compatibility? I also have a hard time believing that in 20 years of administration, you don't see the good side of firewall appliances. I too am a BSD administrator, running countless pf, ipfw, ipfilter, iptables systems. Just because you like and/or use one thing doesn't mean it is the be all end all of the networking world. If you knew anything about these Palo Alto fire

Re:

[davidhoude]

And by customer I mean customer..doh I mean custom.

Chaper than $10M

[eli384]

So now, instead of paying 10 mil to "security companies" and having all those nasty paper trails, the NSA just implants its ex-employees in those same "security companies" so that they can add backdoors by hand? That... is actually a pretty good idea, because it gives them a broader reach and is more cost effective.

Re:

[davidhoude]

Hey look, this anonymous guy on the internet says that Palo Alto doesn't know what they are doing based on something he read on the internet. Can't argue that...

Stealthy?

[BisuDagger]

Not stealthy enough apparently. Rumor also has it that they are going to sell human sized fly-paper traps that way the ex-NSA-ers could stick it to the man.