Archive for March, 2012

Mar 27 2012

Network Security Podcast, Episode 271

Published by under Podcast

Since Rich is on the road this week, Martin and Zach are joined by none other than friend of the podcast, Josh Corman.  Which is not that surprising, since there’s only one story we’re talking about tonight, the latest Verizon Data Breach Investigation Report.  There’s a lot to talk about again in this year’s report, as well as a few things that left us scratching our head (cough *activists* cough).  Despite our minor criticism, the DBIR is once again a great report, though folks like Mandiant and Trustwave also turn out some pretty good reports as well. Oh, and as expected when Josh is on, we go a little long this week.

Network Security Podcast, Episode 271, March 27, 2011

Time:  46:35

Show Notes:

One response so far

Mar 27 2012

TSA blocks Schneier from testifying

If you don’t know who Bruce Schneier is, I hope you’re coming to my site because I wrote about the TSA, not because your a security professional.  He wrote several books that are staples on almost every security professionals’ shelves.  You could literally say he wrote the book on applied cryptography, since that’s the title of one his book.  He’s been in the security community for a long time, he’s contributed a lot over the years.  And he’s one of the TSA’s biggest critics in the security field.

Last Friday, Bruce had been invited to a House Committee on Oversight and Government Reform to talk about the effectiveness of TSA security measures.  Perhaps unsurprisingly, someone at the TSA caught wind of the fact that he was supposed to be there in person, challenging TSA assertions and had his inclusion in the proceedings blocked.  For some odd reason, the TSA is leery of having someone on the panel who not only understands most of the visible security measures we experience at airports, but can also articulate that in a manner the public can understand.  Of course, the reason the TSA claims they had him blocked is because of a lawsuit he currently has going on against them.

The TSA (and the DHS) is well aware of their detractors and takes great pains to avoid directly confronting any of them or giving critics a chance to get real answers to charges of ineffectiveness.  And Bruce Schneier has been one of the voices that’s taken them to task many times, coining the term ‘security theater’ to describe security that looks like it’s making us more secure while really providing little or no actual protection.  In fact, security theater is often harmful, since it makes us think we’re safer than we really are. 

One thing people tend to forget is that the TSA is a political organization first and foremost.  The people who run the DHS, currently Janet Napolitano, are appointed politicians who’s primary goal is not security, is not safety, but is instead simply keeping their jobs and doing whatever it takes to appear effective.  I know it’s cynical, but politics have always been about appearances rather than the actual utility of the actions politicians take.  And since the TSA’s role is so well defined, it’s easier to measure that effectiveness, or lack there of, than it is with many governmental agencies.  Which is why in most airports, no one is keeping count of the number of people who opt out of backscatter x-rays; if we counted, there would be metrics that could be used as a yardstick.  But of course, we wouldn’t want to know how good or bad our security measures are, since that means we’d expect changes to be made to make them more effective.

I had the dangers of mixing politics and security at the TSA made painfully clear to me several years ago when I had a chance to interview Michael Chertoff, who was then the outgoing head of the DHS.  At one point I asked Mr. Chertoff if there was ever going to be a time when we don’t have to take off our shoes when going through a security checkpoint.  His basic answer was, “I’m a politician.  The shoe bomber happened and if I don’t make sure it never happens again it’s the end of my career, so you’ll have to keep taking your shoes off for the foreseeable future.”  Which told me that for a career politician, protecting his career is much more important than protecting the folks who are traveling through the airport.  And by the by, Mr. Chertoff went to work for one of the companies who build and sell backscatter x-rays to the TSA when he left office.  Let that one sink in for a while. 

All in all, this is just one more data point in the argument that the DHS and TSA are less about actually protecting the public than they are about perpetuating a political power base built on fear of a once in a lifetime event.  The TSA has created a situation where people have given up a number of personal freedoms for the very thin illusion that they may be safer while flying.  But the sheer amount of inconvenience and humiliation that the TSA has heaped upon travelers is gathering more and more momentum for change as the public gets tired of it.  Which tells me that we might see some sort of incident or another in the near future that will re-instill fear of terrorists in the public.  Or is that too much cynicism and paranoia?  It is security theater after all.

One response so far

Mar 13 2012

Network Security Podcast, Episode 270

Published by under Podcast

It’s a good thing we’ve started double-checking Rich’s work, because he hasn’t been that reliable as of late.  Luckily Martin is recording this week, so the audio quality is back to it’s normal levels, but that means the content is back to normal levels as well.  Which actually turns out to be a good thing, since we all seemed to be firing on most cylinders this week.

Network Security Podcast, Episode  270, March 13, 2012

Time:  36:51

Show Notes:

No responses yet

Mar 05 2012

RSAC 2012 Microcast: SecureWorks

Published by under Hacking,Podcast

Dell SecureWorks Chief Technology Officer Jon Ramsey took a few minutes out of his day at the RSA Conference to talk to me about a new study his team had recently written on series of attacks they dubbed Sin Digoo Affair.  In addition to being a detailed analysis of the tools and actions performed by the attackers, the paper also contains specific steps defenders can take to detect and respond to similar attacks.  This is part of an ongoing series that the folks at SecureWorks have been publishing.

RSAC2012 Microcast:  Jon Ramsey from Dell SecureWorks

No responses yet

Mar 04 2012

RSAC 2012 Microcast: AlertLogic

Published by under Cloud,Podcast

My first interview this year at the 2012 RSA Conference was with Urvish Vashi from AlertLogic.  We talked briefly about the recent acquisition of ArmorLogic, but my real interest was the State of Cloud Security Report issued by AlertLogic.  It’s an interesting report and gives us some fuel for the debate about which is more secure, cloud or on-premise.  But it’s a first effort and raises more questions than it answers and definitely doesn’t answer the ‘which is more secure’ question.  It’s hard when you’re comparing apples to cucumbers, which is what AlertLogic has done, unless they’ve normalized the data to take into account that desktops are included in the statistics.  Which they fully acknowledge, by the way.

RSAC 2012 Microcast:  AlertLogic

No responses yet