Risky Business

Risky Business #138 -- Dan Geer on the future of computing

February 3, 2010 -- Risky Business is back for 2010!

On this week's program we chat with information security legend Dan Geer.

Dan's the Chief Information Security Officer for In-Q-Tel, which is, in essence, the technology investment arm of the CIA. He's not appearing in Risky Business is his capacity as an In-Q-Tel employee, however, he joins us as a veteran of the information security industry.

Dan helped create Kerberos during his tie with project Athena at MIT and was the chief technology officer at @Stake for a time.

Risky Business #137 -- Year in review special!

December 23, 2009 -- This week's edition of Risky Business is brought to you by Check Point Software.

It's our last episode for the year -- Risky Business will be back in February 2010.

Until then, here's our year in review special. It's a light hearted look back on 2009, the year that was.

Check Point's Steve MacDonald stops by for this week's sponsor interview.

Risky Business #136 -- 14-byte Cisco 0day exploit! ZOMG!!

December 18, 2009 -- This week's episode of Risky Business is the second last for the year!

In this week's feature interview we're chatting with Neal Wise about his "one finger punch".

Neal's done some really interesting work in hacking Cisco firmware and the exploit he's developed is literally a two word command that gives you unrestricted access to a whole bunch of Cisco kit. It's not a massive story or anything. It's just funny.

Risky Business #135 -- Climategate and hacking scientists

December 11, 2009 -- This week's show is brought to you by the fine folks at Sophos.

This week we're looking at what the mainstream media is calling "climategate".

As world leaders meet in Copenhagen to try to hammer out a coordinated response to global warming, the blogosphere and indeed the mainstream press are all in a tizz over thousands of hacked e-mails from the Climate Research Unit of the University of East Anglia.

Risky Business #134 -- Adam Boileau wraps Kiwicon

December 4, 2009 -- This week's show is a bit different -- we're giving you a double dose of our regular guest Adam Boileau.

Following Kiwicon last weekend I checked in to Chez Boileau for a few nights, so we were able to do the news in his kitchen before I buggered off back to Australia.

While I was there we also had a chat about Kiwicon and discussed some of the presentations we saw. Adam is a key organiser of Kiwicon so it made sense to discuss it with him. Topics covered include GPS security, shared hosting insecurity, Linux kernel rootkit detection, hacking scientists and much, much more.

Risky Business #133 -- SSL/TLS flaw now useful, 9/11 pages and more

November 26, 2009 -- This week's show is brought to you by Microsoft.

We've got a couple of great stories in this week's show. We'll be chatting with our semi regular guest Adam Pointon, who's taken a bit of a look through the leaked 911 pager messages that popped up on Wikileaks overnight.

While everyone's been trawling through them looking for evidence that the aliens did it, Adam's been taking a look at the automatically generated messages that network equipment was sending out. It's interesting stuff.

Risky Business #132 -- ADSL MITM and fun with Microsoft Mobile ActiveSync

November 19, 2009 -- We've got two feature interviews in this week's show. We'll be chatting with Security-Assessment.com's Carl Purvis, who's found a way to man-in-the-middle ADSL connections by spending only $1,000 on kit. Want to own a branch office of a major corporation? No problem!

Carl's due to give a talk at the upcoming Kiwicon conference in which he'll show everyone how it's done, so the interview's a bit of a preview.

Risky Business #131 -- Interview with iPhone worm author Ikee

November 11, 2009 -- This week's feature guest is the creator of the iPhone worm, Ashley Towns, aka Ikee. This guy is either a cheeky kid or a cyber terrorist, depending on who you ask, and yup -- we've got him on the show.

We also check in with Paul Ducklin of Sophos in this week's sponsor interview. You've never heard two interviews that clash more, it's hilarious.

In one corner is the heavily pierced kid from Wollongong with the funny haircut, in the other is the middle aged AV guy who's a real stickler for the rules.

Risky Business #130 -- Are non-ASCII domain names a security risk?

November 6, 2009 -- This week's show is sponsored by the wonderful people from Tenable Network Security.

This week's feature interview is with Chris Disspain, the CEO of Australia's domain name regulator auDA.

This week we're discussing the move to Cyrillic domain names -- some media commentators have gone a bit berserk on this one, saying that the move will introduce massive risks because people will be able to do phishing campaigns with domains made up partially of Cyrillic characters.

Chris will be along to talk about why he thinks that's wrong.

Risky Business #129 -- Smart meters a stupid idea?

October 29, 2009 -- This week's podcast is hosted by Vigabyte virtual hosting but sponsored by Check Point.

On this week's show we're taking a look at smart metering. It's all the rage these days -- it will usher in an era of automated billing for electricity, gas and water as well as letting the utilities companies do all sorts of intelligent grid management stuff. Utilities across Australia and indeed throughout the world are rolling this technology out as we speak.

But as you'll hear, there are opposing views on whether or not this stuff is ready for roll out.