Network Security Blog

Getting ready for the next week of conventions, with the end of Black Hat, all of Defcon and Linux World next week.  If you’re at any of these events, look me up, though I’m already pretty booked for the entire week.  I think I have some time still free Saturday and Sunday night, but I’m sure those will fill up once I get to the event.  Some day I’m going to do a blooper show of all the mistakes I make while recording a podcast; there was a lot of editing to do tonight.

Show Notes:

• Mozilla Foundation Security Advisory 2007-27 – Upgrade to Firefox 2.0.0.6 if you haven’t already
• ICANN wants your feedback on registrar reform – Here’s your chance to comment.
• ICANN starts consultation on how to protect registrants
• CA releases results of Red-team investigation of Voting machines :  All three systems could be compromised
• California Study:  Voting machines vulnerable; worse to come? – Ed Felten highlights the red-team report
• Ten things your IT department won’t tell you – And for good reason; they could get you fired!
• Tonight’s music:  Hell of a Boy by the Lascivious Biddies

Network Security Podcast, Episode 71

Time: 21:07

The guys over at Help Net Security have a video interview with Jeff Moss, the founder of DefCon and Black Hat.  Its fun to hear someone who was around and active when a 56K and a bulletin board were a big deal. 

Living in the San Francisco Bay Area, I’m lucky enough to have a lot of high tech companies in my backyard.  One company I’ve been wanting to visit for a while is DriveSavers Data Recovery, who are probably the best know data recovery services in the world.  If you ever have a drive crash with absolutely critical data on it, these are the guys who are can save your … life.

I’m getting a tour of their facilities and an interview with Scott Gaidano, the company President, which I plan on having up as a video blog entry before I head out to Black Hat and Defcon.  If you have any questions you’d like to ask Scott, send me an email (nsp_at_mckeay_dot_net) or leave me a comment on the blog. 

Wow, it’s not a good day in security.  First Paul from PaulDotCom IM’d me this morning to let me know about a vulnerability that is known to affect VMWare and may affect all virtual machines and now there’s news of a timing attack that could be used against any database to reveal sensitive information to an attacker.  This attack affects an algorithm that’s common to most commercial database systems. 

I’m headed to Black Hat and Defcon Thursday, but I really wish I’d been able to get there earlier.  It sounds like there’s going to be a lot of very interesting vulnerabilities discussed, which is standard for Black Hat.  I just hope the patches for these vulnerabilities are as quick to come out as the vulnerabilities are.  And I’m hoping the different security researchers are practicing ‘responsible disclosure’.  I wonder if David Maynor will be revealing anything at the event?

Halvar Flake, well-known speaker on reverse engineering, was denied entry into the United States this weekend for his presentation at Black Hat 2007. Halvar had given presentations at Black Hat for the last seven years, but when he tried to gain entry to the US after a 9 1/2 hour flight, he was sent back to Germany due to a mistake he made in the visa process. The chances of him getting a visa and being allowed back into the US in time for his presentation are slim to none.

This is what I look like at 6 in the morning, before the first cup of coffee. And I’m more coherent after that coffee too.

Okay, that might be a slight fib.  I think at one point or another we’ve all sent some sensitive piece of information to the wrong list from our email client of choice.  Or seen our senior management do something like send salary information to the whole company.  No, that never happens.

I’ve been more than a little leery of LifeLock from the start, especially when it turned out one of the founders had his own run in with the law concerning identity theft.  But now it appears that the company has mucked up an identity theft involving another of their founders.  When Todd Davis’ identity was stolen because he puts the information on LifeLock’s site, rather than leaving it to the police to deal with they went and confronted the thief and video tape the event.  They apparently brow beat the gentleman into signing a confession they had typed up before hand.  Their interference with the police investigation has put a severe crimp in the ability of the police to prosecute.

So what was this, pure stupidity or a well thought out publicity stunt?  I’m sure that someone in marketing at LifeLock thought this was a great opportunity to get a real identity thief on camera, but the real question is was the interference a accidental side effect, or did they plan on the botched confession to get them even more publicity?  After all, I’m talking about it, the folks at Threat Level are talking, and it’ll probably get SlashDotted or Dugg at some point, gaining them even more publicity.  While it’s not positive publicity, for a company the size of LifeLock, anything that gets their name out there is good publicity.

No need to listen to me ramble tonight, since I have an interview for you.  Okay, maybe I ramble a little, but I let Todd Feinman CEO of Identity Finder do most of the talking.   I’m posting a shortened version of the interview to Podtech if you just want the good stuff.  I’m looking forward to Black Hat and DefCon next week, especially since this is a great chance to meet people I’ve only talked to online.  I’ll have the NSP feedback phone with me at both events, so if you’re there, look me up. 

Let me know what you think of the new mic.  I’m still working out some of the kinks, like figuring out the correct compression.  The Heil PR-40 is a dynamic mic, while my old mic, an AT2020, is a condenser mic which is much more sensitive to background noises.   Let me know what you think, and if you really want to talk shop about mic’s, compression and limiters, contact me offline.

Tonight’s Music:  Evil Place by Stingray

Network Security Podcast, Episode 70

Time:  37:16

At least a couple of times every year my power goes out at home.  Most annoyingly, my neighbor’s power stays up, since they’re on a different portion of the grid.  But that’s nothing when compared to 20,000 people in down town San Francisco losing power, especially when these people are some of the most influential bloggers on the Internet.  I wonder if any of the PG&E management reads blogs.  It’s no good if your data center stays up, but the circuits that let people connect to it go down.   I hope everyone using TypePad, Technorati and Craigslist were able to go without for a couple of hours.

The Caitlin Raymond International Registry is a database of potential bone marrow and cord blood donors around the globe. The work they do helps save lives by finding donors for people who do not have blood relatives that can become donors. Their work saves lives. In June, the New England National Information Security Group (NAISG) sponsored a charity event, Securanoia, raising over $7000 for the organization.

Thanks to Jack Daniel and the rest of the NAISG group for inviting me to Securanoia.  This was my last event as the Cobia Product Evangelist, and one of the most fun to attend.  I’ll be posting a short interview I did with Mike Rothman, who was the speaker for the event, next week.