Collaboration means more than a beer together once a year...
May 20th, 2010 --
Our coverage of AusCERT's 2010 conference is sponsored by Microsoft, and there's a few Microsofties floating about here. Two of them, Karl Hanmore and Steve Adegbite, prepared this presentation, titled "Engagement between National and Government CERTs and the vendor community -- benefits and challenges." It is, in part, a criticism of the way vendors and CERTS are actually dealing with each other.
Whitfield Diffie words us up on the 11 secret herbs and spices...
May 18th, 2010 --
In this interview we check in with a bit of a legend, Whitfield Diffie. He's universally credited as one of the creators of public key infrastructure, and he was the opening keynote speaker at the AusCERT conference. I grabbed Whit for an interview in the hotel lobby bar and started off by asking him if he's disappointed that PKI hasn't been universally adopted yet.
Understanding how it all goes wrong...
May 18th, 2010 --
In this podcast you'll hear a presentation by Frank Stajano of the University of Cambridge. In it he discusses seven principles for systems security derived from understanding scam victims. He argues that by understanding the recurring behavioural patterns of victims that hustlers have learned to exploit, we can create systems that are more resistant to fraud.
Apparently you *can* be de-radicalised...
May 18th, 2010 --
In this sponsor podcast you'll hear an excerpt from Crispin Cowan's talk. Crispin works for Microsoft, but he used to be a vocal Microsoft critic and Linux fundamentalist. These days he spends his time trying to retrofit Windows with decent security. He works for the Windows core team. I'll drop you into the talk here where he's explaining how certain bad things happened to Windows and the Microsoft ecosystem, namely, how interoperability concerns hampered the software company's ability to secure Windows.
Modern mobiles are actually securable, these guys claim!
May 18th, 2010 --
In this podcast we chat to two guys from Australian-based security firm Stratsec. Ben Bromhead and Ken Hendrie spend their lives up to their armpits in Windows mobile devices -- they actually do the worldwide common criteria evaluations for Windows mobile devices right here in Australia. As a result, these guys know a thing or two about mobile device security. In their presentation, titled simply "mobile security", the two looked at the common threats to mobile devices and some mitigations. I caught up with them after their presentation for this interview.
You heard me. Seven!
May 18th, 2010 --
In this podcast you'll hear me speaking with Assurance.com.au's Neal Wise about the seven deadly sins of mobility. Neal's a penetration tester and a complete and utter wireless nerd. He's a regular on the show and as it turns out he's a standby speaker for this year's AusCERT conference. If anyone winds up too hungover on Wednesday to speak, Neal will step in. You'll have most likely heard that Google has been busted collecting payload data from wireless networks as its vans drove around doing Google Street view videos... so I asked Neal for his take on that also. Enjoy.
The Belgians do things a bit differently...
May 14th, 2010 --
This week's show is sponsored by Check Point Software. In it we check in with Belgium-based security guy, spare-time researcher and noodler Didier Stevens. We're talking to Didier about a weird little project he unveiled a couple of months ago. He's taken the source code from the command interpreter from ReactOS and compiled it into a DLL that he can shove into memory. That way he gets shell without launching a new process. I got him on the show to ask him what the hell's wrong with Meterpreter for that sort of thing.
Sourcefire releases new NRT detection framework...
May 7th, 2010 --
This week's feature interview is with Matt Olney of Sourcefire's vulnerability research team. These guys have put a bunch of work into a new open source tool that can grab files, like PDFs, off the wire, scan them for dodgy stuff and trigger Snort alerts. It's called Near Real Time detection and it might just have legs.
The first "metal pipes" podcast...
April 30th, 2010 --
In this RB2 podcast, sponsored by Symantec, Lateral Security's Adam Boileau and Mark Piper talk Web application hacking tools. What's hot? What's not? Web Scarab, Burp or CAT? Which for what? Play to find out!
Risky Business is apparently really, really good.
April 23rd, 2010 --
H D Moore is this week's feature guest. The company he works for, Rapid7, will soon release a commercial version of Metasploit. Risky Business asks HD about the new product and discusses the controversy that may arise from the commercialisation of the open source project. Vitaly Kamlyuk from Kaspersky Lab is this week's sponsor guest. In the interview Vitaly expresses concerns that some legitimate research -- his, at times, included -- is playing into the hands of the bad guys.
Is a trojan created by a university any better than one written by a bad guy?
April 16th, 2010 --
On this week's show we have a chat to Paul Ducklin about what he sees as questionable ethics behind some mobile malware research.
Carrot versus stick: stick wins
April 13th, 2010 --
In this edition of the RB2 podcast we're chatting with Declan Ingram from Securus Global about an interesting report that was recently released by analysis house Forrester. It was commissioned by Microsoft and was intended to assess the data security practices of North American, European, and Australian enterprises by surveying CISOs.
Blunt tools can be useful too
April 13th, 2010 --
Risky Business 2 is sponsored exclusively by Symantec. This week we're chatting with the company's vice president of security response, Vincent Weafer. In this interview, Vincent and I discuss the relative complexity of modern malware. Gone are the days of 214-byte malware that could spread via a single UDP packet. They were good days, but now they're gone and we're dealing with some really diabolically complicated stuff.
STOP PRESS: Turns out most software sucks balls, security wise...
April 9th, 2010 --
This week we speak to iDefense analyst Kim Zenz, who's currently based in Moscow. We'll be getting an update on what the bad guys are up to in the former USSR, after all it's usually a good indicator of what they'll get up to in Western countries in the not too distant future.
Anyone for phishing? Trend "pulls a McAfee"...
April 6th, 2010 --
Security vendor Trend Micro accidentally e-mailed a planned outage notification to over 1200 of its Australian customers with their e-mail addresses in the open CC field. While not the worst kind of data leak, the mistake has left the vendor somewhat red faced and contrite. Following enquiries from Risky.Biz last week the company e-mailed the users affected by the blunder.
Special news segment plus an interview with Ron Gula...
April 1st, 2010 --
There's no feature interview in this week's show -- it has an empty middle, just like an Easter egg! Between me getting bumped out with a cold for a couple of days last week and this being a four day week, I just couldn't pull one together in time. Apologies. So on this week's show we've got an extra long news segment with Adam Boileau, which is a bunch of fun. In it we discuss: Aurora not all it's cracked up to be RIP SCO Claims of a Vietnamese government sponsored botnet. (WTF?) The march of China's great firewall
Special guest, AFP Assistant Commissioner Neil Gaughan, joins the show!
March 26th, 2010 --
This week we chat with Assistant Commissioner Neil Gaughan of Australia's Federal Police about trends in fraud. We'll also have a bit of a chat about all things Gumblar with Vitaly Kamlyuk of Kaspersky Lab in Japan in this week's sponsor interview. Vitaly's been having a bunch of fun with the creators of Gumblar. In fact, it seems the guys behind the system have gotten so sick of Vitaly and his buddies profiling the Gumblar systems from their Japanese offices that they've blackholed the entire country of Japan to slow him down.
PKI couldn't deliver a pizza despite billions in investment...
March 19th, 2010 --
This week we've got Brian Snow on the show again. Brian had a 34 year career with the NSA in the States -- when he retired just a few years ago he was the technical director of Information Assurance there. He's joining the show this week to talk about PKI, and specifically, why PKI hasn't taken off like we all thought it would. Brian actually has a pretty decent explanation for why things like federated identity never took off in the early to mid naughties like we all thought it would. That's after the news.
Abusive e-mails target Sourcefire partners in Asia Pacific...
March 17th, 2010 --
Sourcefire partners in the Asia Pacific region have been bombarded with abusive e-mails purporting to come from Ammar Hindi, the company's APAC and Japan managing director. Hindi isn't sending the mail. The company suspects the messages are the work of a disgruntled ex-employee based in Singapore. "We have strong suspicions who it is, but haven't been able to establish it definitively," a source close to the matter told Risky.Biz. "It was our hope that they'd lose interest and move on, but after every period of quiet, another wave goes off."
Are your electron-tubez cloudy?
March 12th, 2010 --
On this week's show we're having an extended chat with our good mate Greg Shipley. Greg's best known as the CTO of Chicago-based information security consultancy Neohapsis, and he'll be joining us to talk about what was on the agenda at the RSA conference. Apparently it's cloud, cloud, cloud... but what does that actually mean, mean, mean? Greg will be along soon to discuss, he's always good.