Network Security Blog

We close out the year with a somewhat irreverent show that includes sexy security professionals, discussions of security and  underwear, and a special guest appearance by Jack Daniels. Zach, Martin and Rich are all present this week as we mix a bit of the lighthearted with the regular security news.

Have a happy New Year!

Network Security Podcast, Episode 179, December 29, 2009
Time:  33:57

Show Notes:

• Jack Daniel, the number 1 sexiest infosec security geek of 2009, joins us to discuss this highly-respected award. (Zach was so jealous he made his own list, and put himself on it).
• Post-underwear-bomber TSA security directives leaked. They are more stupid and worthless than expected.
• GSM encryption cracked in the open. The GSM alliance responds as expected by pretending, “it really isn’t that bad… an attacker needs special skills and equipment, and it’s really hard.” Er… haven’t we heard that one before?
• Twitter bans commonly-guessed passwords. Have fun by combining them!
• Brian Krebs leaves the Washington Post. Dumb move by the post letting him go, but it might mean even better stories for the rest of us!
• Tonight’s music:  Keep it Clean by Mike McGill

A Tonight’s show is a bit longer than usual thanks to a segment with our wayward contributor Zach and an interview with Metasploit founder HD Moore. HD is now also the CSO of Rapid7, making him quite the busy boy. And, since we can’t help ourselves, Rich and Martin still cover some of this week’s top stories.  And everyone managed to be on a high speed internet connection, so the audio quality is great this week.  Don’t worry, we’re sure it will return to normal soon.

Have a Merry Christmas and we’ll talk to you next week.

Network Security Podcast, Episode 178, December 22, 2009
Time:  53:27

Show Notes:

• Military UAV communications are not encrypted.
• Twitter’s DNS changed via account credentials being compromised.
• DECAF anti-forensics tool was a hoax.
• Howard Schmidt named White House Cyberczar.
• Tonight’s music:  I’d Rather be Naughty by A Don’t Hug Me Christmas Carol

Like ships in the night we pass in the night.  Or at least like the road warriors we are, we find a few minutes to record a podcast in between calls and running to the airport.  2009 may be winding down for some, but I don’t think any of us on the podcast feel even remotely like things are getting calmer.  Luckily we have an interview of Wade Baker from Verizon Business talking about the 2009 Data Breach Investigations Supplimental Report to take up some of the slack.  You may find Wade’s voice familiar, Martin talked to him at the RSA Conference 2009 earlier this year when the original Breach Report came out.  Zach is still MIA, though we have it on good authority he’s trying to make it back from where he is for next weeks show. 

Network Security Podcast, Episode 177, December 15, 2009
Time:  39:01

Show Notes:

• National data breach notification bill passed in U.S. House – Not a law yet, thankfully.
• Verizon Business 2009 Data Breach Investigations Supplemental Report
• Tonight’s music:  Really, really weird by The Simple Carnival

It’s getting close to Christmas, so you might think things would be slowing down a little.  You might think that, but you’d be wrong of course.  Rich is hip deep in alligators, and while Martin is home this week, he’s got wildlife of his own to contend with.  Depending on your point of view, you might therefore consider it lucky that Rich snagged an interview with Carl at 1Password and let his fanboi roots show again.  The good news is this keeps the patter between hosts down to minimum, but the bad news is it means we have a slightly long podcast this week.  And we’ll be back with another interview next week as well.  Anything to take a little of the pressure off the hosts.

Network Security Podcast, Episode 176, December 8, 2009
Time:  48:11

Show Notes:

• Note to self:  2009 Holiday Gift List – Our friend Amrit at his snarkiest.
• TSA Spills the beans:  Security manual posted online – Did they put whiteout on their display as well?
• Tonight’s music:  Waves of Confusion (Acoustic) by Gerard Smith

How fast can you pull a podcast together?  Pretty darn fast when you’re properly motivated!  Rich is pulling recorder duty once again, Martin is on the road in Southern California and Zach is … somewhere.  So we pulled a few stories together last minute and recorded one of the shorter podcasts recently.  Things are promising to slow down for the rest of the holiday season and we should be able to get back into the normal swing of things for at least a few weeks.  But I’m not holding my breath.

Network Security Podcast, Episode 175, December 1, 2009
Time:  25:39

Show Notes:

• Microsoft:  Patches did not cause Black Screen problem
• Clientless SSL VPN products break web browser domain-based security models – That’s right, they’re all broken (almost all)
• Hackers attempt to take $1.3 million from DC firm
• IBM buys database security firm Guardium
• Tonight’s Music:  The Road I Travel by Benny Bruce