Martin, Rich and Zach are joined tonight by none other than Josh Corman from the 451 Group to talk about the recent RSA breach. Actually, he was on more to talk about the industries reaction to the breach more than the breach itself. The reality is that we still know almost nothing about what happened, though Rich has a little insight that goes beyond the press release, since he’s actually talked to folks at RSA. Which means we know just a little more than nothing, which is not a significant improvement.
Another reason Josh wanted to join us was to talk about one of Rich’s recent articles, called Table Stakes. We clarify what Rich meant in the original post as well as talking about some of the more touchy feely aspects of the industry. Except Zach, who doesn’t do touchy feely so much. And finally we end up with a little rant about those hacks over at the Southern Fried Security Podcast and how they’re always imitating us. They even have they’re own Bizarro Zack, @jsokoly.
Network Security Podcast, Episode 234, March 22, 2011
My friend Adrian Lane, over at Securosis, finds the best toys to play with. This one, called Spokeo, lets you search on a name and see what sort of personal information is out there about that person. Like Adrian, I always search on myself first, wanting to see what sort of information is out there about me. And there’s a lot of it; even someone like myself who wishes they had some privacy leaks a lot of information, even if its just in public records. Luckily I have a father with the same name, so our information is a little mixed up, with a sprinkling of misinformation added in. If I can’t have privacy, having false information available to search engines is a good second.
The funniest part of looking up myself was finding my house in Streetview, which is offered directly in the Spokeo interface, then turning the camera around to see myself getting out of the car. The picture’s about two years old, but it still jogged some memories of seeing the Google car drive by. The picture is blurring and it’d be hard to recognize me from it, but there it is. Being in a public place (the road), I’m not surprised to be photographed, but it does serve as a reminder of how often we’re being photographed in public, even if we are seldom aware of it. That is to say that people who don’t live with a mild form of paranoia are seldom aware of.
Unluckily, the only time I was able to make it down to SF Bsides was for the Great PCI Debate, part 2. Luckily, all the rest of the presentations that went on there are available via Ustream. Of course, I still say the Great PCI debate was the most important presentation, partly because it contains guest spot by me (and several examples of me yelling from the sidelines). There was a momentary glitch where the video stream was lost for a minute or two, which is why it’s in two separate parts. In any case, watch my friends, Jack Daniel, Josh Corman, Andy Ellis, Michele Klinger and Anton Chuvakin discuss compliance in general, not just PCI.