Network Security Blog

It’s our last show for the year, folks. We’re taking about a month off, and we’ll be returning in 2013 for Episode 300! Happy Holidays from Network Security Podcast!  No Rich this week, but Martin and Zach make up for the lack somehow.  Maybe experience has taught them something.

Network Security Podcast, Episode 299, December 11, 2012

Time:  32:10

Show notes:

• Hackers Behind Tumblr Worm Say They Warned Tumblr of Vulnerability Weeks Ago
• Patriot Act can “obtain” data in Europe, researchers say
• Hacktivist Speaks Out About DDoS
• Russia backs down on proposals to regulate the Internet
• Hacker Group Touts 1.6 Million Password Dump To Protest UN Internet Regulation
• Inj3ct0r Team has hacked ExploitHub.com
• Tonight’s Music:  Santa Claus is Freaking Me Out by Lord Weatherby

It’s Rich that’s out this holiday week, so Martin and Zach talk turkey (no pun intended) about Skype SNAFUs, LTE going all a-splode-y, and a Linux rootkit that will make you go “That’s…neat…?”

Happy Thanksgiving!

Network Security Podcast, Episode 297, November 20, 2012

Time:  31:00

Show notes:

• Skype password flaw made stealing accounts easy
• Obama signs secret directive to help thwart cyberattacks
• One Simple Trick Could Disable a City’s 4G Phone Network
• FreeBSD.org intrusion announced November 17th 2012
• HTTP iframe Injecting Linux Rootkit
• Tonight’s Music:  Nalts with Ax Chase Turkey

This week we start by discussing Martin’s ear wax and Rich’s cough, and it’s all downhill from there. Zach is out this week, but Rich and Martin open with a discussion of the Cloud Security Alliance conference and some things we both learned between there and the events Martin has been at. Then we delve into the week’s news.

Network Security Podcast, Episode 296, November 13, 2012

Time:  37:17

Show notes:

• Many large companies sued for using (a version of) SSL/TLS by a patent troll. This is an important story you really need to keep an eye on.
• Petraeus outed by Gmail. Email location data was used to identify the people behind the accounts.
• DDoS marketing stunt goes bad.
• Google implements Do Not Track in Chrome.
• MasterCard rolls out credit card with built in PIN pad and display.
• Tonight’s Music:  Edie Carey with Under a Sky

Rich is M.I.A. again, and we’re left do discuss Russia, “the biggest problem in computer security”, and the perpetual badness of industrial control systems.  And hopefully by the time you read this, all of the Presidential excitement will be over, or you’ll have a drink in hand and won’t care any more.

Network Security Podcast, Episode 295, November 6, 2012

Time:  35:06

Show notes:

• The Biggest Problem in Computer Security
• Proactive defense prudent alternative to cyberwarfare
• How Georgia doxed a Russian hacker (and why it matters)
• Russia deploys a massive surveillance network system
• Unprotected backdoor into industrial control systems
• Digital Bond – 3S CoDeSys
• PayPal, Symantec hacked as Anonymous begins November 5 hacking spree
• B-Sides PDX
• Tonight’s Music: Proof I Exist with Ghost Rider

Rich is playing super-secret secret-squirrel in an undisclosed
location (actually he’s teaching multiple talks at a conference in
Arizona), so Martin and Zach run the gamut from their own recent
conference tomfoolery, to China’s “goodbye Cisco!” move, to “how do i
shot honeypots”, and a few other things in between. Also, Zach takes a
few moments to fawn over Alec Empire.

Network Security Podcast, Episode 294, October 30, 2012

Time:  44:17

Show notes:

• China Unicom replaces Cisco devices over security concerns
  
• Launch of the UNODC/TPB technical assistance tool on The Use of the Internet for Terrorist Purposes
  
• Deep Inside a DNS Ampliciation DDoS Attack
  
• Do any of you use Honeypots? are they still worth it?
  
• COUNTERMEASURE 2012
  
• Tonight’s Music:  Jack Erdie with Pumpkin

I got to catch up to a couple of friends of mine, Sherri Davidoff and Jonathan Ham, a few weeks ago.  They recently released a book called Network Forensics: Tracking Hackers Through Cyberspace.  The pair talk about what goes into creating a lab in preparation for a book like this, about Internet Pigeon Protocols and about how their team set up the forensics challenge at this year’s Defcon.

We’ll return next week with a normal podcast.  Or something like a normal podcast, since I’ll be on the road again.

NSP Microcast – Davidoff and Ham, October 9, 2012

This week’s show went a little long, as all three of us had a lot to say on the stories we covered.  We also spent more than a few minutes at the beginning of the show talking about some of the resources people can use to get mentorship when entering the security field.  We also ramble a little bit and Rich gives us an assessment of one of his co-workers technical skils.

(All three of us made the show this week, and to be honest it was a little wittier than usual, if we do say so ourselves).

Network Security Podcast, Episode 291, October 2, 2012

Time:  38:30

Show notes:

• A trollish title for an iOS 6 article, but good advice hidden inside.
• IEEE password analysis.
• Process control system vendor hacked. Damage level unknown. As usual.
• Adobe hacked and malware signed with their certificate. You might have heard about this already.
• White House hacked. But not really.
• Akamai analysis of the recent DDoS attacks.
• Tonight’s Music:  Edwin Holt with You’re in for a Big Surprise

It’s a bit frustrating sometimes, working for a company like Akamai.  When you hear stories about DDoS and other attacks on large institutions, we’re often involved in the mix somewhere, simply because we deliver so much of the Internet’s traffic.  But we long ago decided we don’t want to be sensationalist or ambulance chasers, we don’t want to reveal too much about specific customers and we don’t want to reveal too much of the secret sauce that allows us to protect our customers.  The result has been that it’s easier to let other people tell the stories rather then get involved in the conversation, even if we often know the person who was interviewed for an article knew very little about what’s actually going on.  Plus it’s been a little annoying to have to recuse myself from the discussion on the podcast when I can’t talk without revealing what I know about the story in question.

That being said, it’s been nice to be able to be a bit more active in some of the current stories that are happening on the Internet, especially for my teammate, Mike Smith.  Last week I was able to post about the recent SSL vulnerability tool (Take a Byte out of CRIME) and how it affects our company (not much, soon not at all).  But more importantly, Mike was able to write a post about the recent spate of DDoS attacks that have been in the news (Information, not Hope, is the Key to Surviving DDoS Attacks) and has been interviewed for a number of articles by news outlets (Bank attackers more sophisticated than typical hactivists, expert says and US Banks Hit by More than a Week of Cyberattacks).  There’s probably a few more to come out, but that’s a start.

It’s nice to have information that can be freely shared and is public about news stories.  Having to keep quiet about things like this is frustrating, especially since as part of my role at Akamai I’d like to do is sharing as much information about what’s happening on the Internet as is possible.  The fine line to walk is between being a source of valid information and being a media whore who just wants attention.  Though, as a blogger, it’s probably too late for me.

All three of us managed to make our recording time this week, and we had so much good stuff to talk about that we even skipped an interview Martin has in the can.  It went a little long, but hopefully folks will be willing to forgive us if the quality is good enough.  The quality of the discussion that is, since the quality of the audio is about the same as ever.

Network Security Podcast, Episode 290, September 25, 2012

Time:  41:49

Show notes:

• Bromium released… it’s very cool and innovative.
• Microsoft releases patch for IE )-day… no reboot required!!!
• iOS pwned by researchers… interesting hack with a silly quote in the article.
• Iran attacks US banks? Maybe, probably.
• Track who is tracking you with Collusion.
• Rich’s Inflection article.
• Tonight’s Music: Big John Bates with Scarecrow Close

I got to attend my first SOURCE event last week, thanks to a lucky confluence of events which freed up my time.  Mainly, I didn’t have to go to the PCI Council’s Community Meeting and was able to take advantage of SOURCE Seattle instead.  I know many of the people involved in SOURCE and I’d been wanting to go for a long time.  This was the 10th SOURCE event, and I walked away very happy I’d finally been able to attend.

The Seattle conference is very different than any other event I’ve been a part of; with under 100 people in attendance, it’s small and personal.  I had the opportunity to talk to almost every person there, which is something you rarely get to say at any event these days.  During lunch on both days the team running the event led interesting discussions and helped encourage people to talk to other security professionals they’d never met before.

My favorite talk was by Tony Rucci, giving a detailed account of what it was like to be part of the White House staff on 9/11/2001.  It was interesting to hear the first hand account of someone who’d been on the ground at the time.  I liked getting to go to talks by friends like Adam Shostack and Zach Lanier, even if Zach did lose me about 15 minutes into his talk (I’m not an Android debugger by trade, so shoot me).  Robert M. Lee’s talk on the maturity of security was good to hear, but I feel he may be a bit optimistic.  The Base Rate Fallacy talk by Florer & Lowder made my brain hurt; my wife is currently taking a statistics class, maybe I should ask her for help.

I haven’t been to the larger SOURCE Boston, but if you’re in the Seattle area, look at coming to the con when it happens next year.  Hopefully it stays small and intimate for a few more years.  And hopefully it can stay in the Maritime Museum for a few more years as well.