Get your links! Links here!
February 8th, 2013 --
Here are links to this week's news items. I had to cut some of these from the segment for space but I left the links in. Enjoy!
A look back on 2012 in infosec, as reported by Risky Business...
December 13th, 2012 --
This week's show takes a look back at some of the big issues and stories of 2012: The arrest of the Lulzsec crew, the release of Stratfor's email by Wikileaks and the Australian government ban on Huawei participating in the NBN rollout. With bonus lulz. This is the final episode of Risky Business for 2012. We'll be back in February 2013!
A truly mixed bag of topics on this week's show...
December 7th, 2012 --
On this week's show we're talking ToR and BitCoin with Alice Hutchings, a Senior Researcher and Analyst with the Australian Institute of Criminology's Global, Economic and Electronic Crime Program. ToR helps dissidents in foreign countries access information their governments deem unsavoury -- but it also provides a layer of protection to the consumers of child porn. Combine it with technology like BitCoin and bang, you've got Silk Road. Given the illicit uses of such technology, is volunteering to run a ToR server moral?
Risky Business. Now in Hi-Fi STEREO!
December 7th, 2012 --
Here are a bunch of links to the news stories discussed with Adam Boileau in this week's edition of Risky Business. I've also thrown in a link to the story about the Austrian police arresting the operator of a ToR exit node, PLUS Senetas's hybrid quantum encryption product page... because YEAH SCIENCE! MR. WHITE!! YEAH! (And yes, I wrote that because there's a Heisenberg reference in this week's sponsor interview.)
Using Dr. Watson to uncover failed exploitation attempts...
November 30th, 2012 --
On this week's show were chatting with Rex Warren of Leviathan Security in the United States. Leviathan has been working with DARPA on an interesting new system that can reliably detect failed 0day exploitation attempts against hosts. Basically these guys are just grabbing Dr. Watson crash dumps at the gateway, but where it gets interesting is when we look at what they do with those crash dumps. Emulation FTW.
Links to this week's news stories!
November 30th, 2012 --
Here are links to all news articles discussed in episode 265 of Risky Business!
PLUS: How your iPad kicks your mainframe's ass...
November 23rd, 2012 --
On this week's show I'll being playing an excerpt from a panel discussion that took place at Kiwicon -- the session was called Three Guys with Ponytails Talk Security. The three guys are PGP Corporation co-founder Jon Callas, nCipher co-founder Nicko van Someren and the University of Auckland's Peter Gutmann.
Can't get enough can't get enough no, can't get enough...
November 23rd, 2012 --
Lots of fun news this week, plus a link to John McAfee's blog and some great old Kiwi music. Sweet as, cuz.
AFP Assistant Commissioner Neil Gaughan joins the show...
November 15th, 2012 --
In this week's feature interview we're chatting with the Assistant Commissioner of the Australian Federal Police, Neil Gaughan. He's the national manager of High Tech Crime Operations and he's joining us to discuss the ongoing national security review. As a part of that review the government is introducing laws that will force ISPs and other Carriage Service Providers (CSPs) to store information on Australian citizens for two years. It sounds scary, but as you'll hear the data covered by the proposed new law is actually pretty mundane stuff like DHCP and SIP logs.
John McAfee's bath salt shelving instructions not included...
November 15th, 2012 --
This week's show notes are chock-a-block! We've got the official, AFP/ASIO/AG definition of communications data, we've got music, we've got sponsored whitepapers! Go bonkers! Go nuts!
Peter Gutmann discusses a particularly sophisticated attack...
November 8th, 2012 --
On this week's show we're chatting with renowned megabrain Peter Gutmann about a paper on side channel attacks against crypto keys in virtualised environments. It's really complicated stuff, but very, very interesting. Peter didn't do this research or write the paper, but I always like getting his take on this stuff because... well... he's really smart and he doesn't overhype stuff. That's after the news. This week's show is brought to you by a new sponsor! NCC Group! Yay!
Extra news items this week!
November 8th, 2012 --
Here are this week's show notes. Normally we just include links to stuff we spoke about, but I wound up cutting a few of these items out of the audio during the edit... But I included them here anyway!
GPS receiver bugs have some unexpected consequences...
November 2nd, 2012 --
We've got a great feature interview in this week's show with a computer science undergrad in the US who worked on a paper dealing with GPS security. You'll find out how you can melt down power lines with GPS haxx! Fun for the whole family! This week's show is sponsored by Tenable Network Security. We'll be having Tenable product manager Jack Daniel on the line to talk about the death of periodical vulnerbility scanning. Apparently continuous scanning is all the rage these days!
You'll find the GPS software security paper here...
November 2nd, 2012 --
Here are this week's show notes; links to our news items, the paper discussed in the news segment and, of course, a link to our featured artist!
Travis Goodspeed on his new gizmo...
October 31st, 2012 --
This podcast is an interview I did at the Breakpoint security conference with security researcher Travis Goodspeed. He's come up with a hardware device called FaceDancer that allows him to capture USB device firmware by emulating the devices. What can you do with that? Well, you can start messing with those devices, loading up custom firmware, and even use modified USB devices to attack hosts.
Low level pwnage for the win!
October 31st, 2012 --
This podcast is an interview with Eric "Musclenerd" McDonald. Eric is a renowned iPhone jailbreaker and as such has a very detailed understanding of smartphone platforms. His talk at Ruxcon Breakpoint was all about the security of baseband chipsets. If you follow this stuff you might know that the baseband chipsets in these smartphones -- which handle all the basic communications functions of the phones -- are actually quite sophisticated. And where there's sophistication, there are potential problems.
Mixed bag this week...
October 26th, 2012 --
This week's show is brought to you by our benevolent overlords at Adobe! And this week's sponsor interview is a must listen. Adobe's director of product security and privacy Brad Arkin joins us to discuss the breach at Adobe HQ that lead to malicious binaries being signed as valid by their code signing boxes.
Links to news, feature topics and more!
October 26th, 2012 --
I've included links to all news items plus the three feature topics covered off with Paul Ducklin. Enjoy!
New research a real heartstopper...
October 25th, 2012 --
This podcast is an interview I did with Barnaby Jack, a security researcher with IOActive. Barnes is probably best known for his work on ATM security. He famously "jackpotted" an ATM live on stage at BlackHat in 2010, but if he were to do a live demo of his latest research he'd probably wind up in prison.
Why realtime prevention is fantasy...
October 25th, 2012 --
All our coverage of the Breakpoint security conference was made possible by our sponsor PacketLoop. PacketLoop is a new Australian business that applies big data analysis techniques to your packet captures... you can visualise your captures, drill down into them, and even spot successful 0day attacks against your organisation after the event -- that's a simple trick, that one, they just loop your packet captures through IPSs after the fact... when they get signature updates, they loop them through again. Hence the name, PacketLoop.