Risky Business

Risky Business #343 -- Special news guest HD Moore

October 30, 2014 -- HD Moore is filling in for Adam Boileau in the news seat this week. In the news segment we chat about Facebook's OSquery tool, chip and pin relay attacks, Russian and Chinese haxx and more. You can find links to all the items discussed in this week's show notes.

Risky Business #342 -- The NSA Playset, cloud woes and more!

October 24, 2014 -- Despite some technical challenges we have a great show for you all this week. We'll be chatting with Mike Ryan of iSec Partners and his pal, independent hardware hacker Joe Fitzpatrick, all about the NSA Playset! It's a hobbyist project that aims to recreate all the awesome tools in the leaked NSA ANT catalogue. Such fun!

We'll also be hearing a tale of cloud woe from the trenches of enterprise IT. A friend of the show had his entire global email infrastructure pulled offline by Symantec with what he says was inadequate warning. And he might just have a point there. Have a listen to the interview and make your own mind up.

Risky Business #341 -- Beware of the poodle

October 16, 2014 -- In this week's show we're chatting with Matt Solnik of Accuvant Labs about his stellar presentation at Breakpoint last week. In this interview he describes how he can leverage crappy carrier management client software into full remote compromise attacks against most smartphones, including fully patched iOS8 and Android. It's savage stuff and if you work in telcoland you'd be nuts to miss it.

Risky Business #340 -- BPX droppin' iOS8 remote jailbreaks like it "ain't no thang"

October 9, 2014 -- This week's show was recorded on site at the Ruxcon Breakpoint conference in Melbourne. There have been a handful of absolute jaw-droppers among the presentations here, including a demo showcasing remote code exec against *most* mobile devices, including fully patched iOS8.

Risky Business #339 -- Neel Mehta on Heartbleed, Shellshock

October 3, 2014 -- On this week's show we're chatting with Neel Mehta, a security researcher with Google. Neel is best known for finding the Heartbleed bug, and he joins us this week to talk about Heartbleed, ShellShock, the security of SSL stacks and where he expects vuln research to go in the future.

Funnily enough this is Neel's first interview about Heartbleed, so I guess we can call this a scoop!

Risky Business #338 -- BASHPOCALYPSE 2014

September 26, 2014 -- In addition to covering the end of the world, this week's Risky Business features Don Bailey of Lab Mouse Security on his excellent IoT blog post, written largely in response to a Daily Dave post by Dave Aitel on so-called "junk hacking".

Risky Business #337 -- The Grugq and John Brooks on invisible.im and Ricochet

September 19, 2014 -- In this week's show we chat with The Grugq about the latest invisible.im announcement and we'll also meet the creator of the Ricochet anonymous messenger software, John Brooks.

Risky Business 336 -- Too many cons

September 12, 2014 -- On this week's show we've got a great interview with Haroon Meer of Thinkst. Thinkst has a paid service that analysis the output of security conferences and puts together reports. Now, some of you might wonder why such a service would be needed, so let's put things in perspective: there were 2,700 conference presentations in the second quarter of this year at 116 events over 140 conference days. Yikes!

Risky Business #335 -- Whaledump hacker could change NZ government

September 5, 2014 -- I'm back from a two week holiday in beautiful Indonesia, so we'll be spending most of this show catching up on what I missed while I was away! So there's plenty of news to talk about with Adam Boileau, and also a chat about some very interesting politicking going on in New Zealand.

Risky Business #334 -- Brian Snow reflects on 34 years at NSA, Snowden

August 14, 2014 -- On this week's show we're having an extended chat with 34-year NSA veteran Brian Snow. During his career he rose to director level -- he acted as technical director of three divisions within the agency -- before he retired in 2006.

Brian joins us to talk about the Snowden disclosures and how the NSA's culture changed post 9/11.