On this week's show we take a look at PRISM, the NSA's recently exposed massive surveillance program. Leaked PowerPoint slides from NSA describe a surveillance system that allows the agency to effortlessly capture a target's YouTube, Google, Facebook and Skype. This has been reported as these companies allowing the US government access to "back doors" on their systems.
In this week's episode we look at an alternative theory: The NSA is actually capturing information on "persons of interest" in real-time via fibre taps, decrypting it with private keys, then storing it. It's our theory and we're sticking with it. Listen to this week's episode to see if you agree!
Also this week we've got Tenable's chief of security, Marcus Ranum, stopping by in this week's sponsor interview to follow up on his keynote speech at AusCERT. The speech was called Never Fight a Land War in Cyber Space and it's really about the idea that conventional military thinking doesn't apply to the Internet.
I published a recording of his talk and it got a great reaction, but I was left with some questions after I saw it. So I rang him up and asked them! It's actually a really, really interesting interview so make sure you tune in for it.
****EDITOR'S NOTE: During the discussion on PRISM, I referenced 5Tb/s of traffic between "the US, Canada and US". That should have been "The US, Canada and Europe". Sorry about that!
Report: NSA Was Granted Order to Snag Millions of Verizon Call Records for 3 Months | Threat Level | Wired.com
Assange no concern of ours, says Carr
Google push for faster zero day fixes hits a wall: Other companies | Security & Privacy - CNET News
NetTraveler Espionage Malware Campaign Ties to Gh0st RAT | Threatpost
Oracle Java Security Enhancements Get Mixed Reviews | Threatpost
FDIC: 2011 FIS Breach Worse Than Reported - Krebs on Security
Peer-to-Peer Botnets Grow Fivefold | Threatpost
Systems are now secure: Govt CIO | Computerworld New Zealand
Windows 8.1 to let you secure folders with your fingerprint | Security & Privacy - CNET News
Two-Factor Authentication Options for Web Services | Threatpost
Pills and Tattoos to Replace Passwords for Authentication | Threatpost
Microsoft, feds disrupt massive Citadel botnet | Security & Privacy - CNET News
Schneider Patches 18-Month Old SCADA Bugs | Threatpost
Five Bulletins, One Critical in Microsoft's June Patch | Threatpost
Google Fixes Security Vulnerabilities with Chrome Update | Threatpost
Apple Patches Mass of Security Bugs in OS X and Safari | Threatpost
Internet Systems Consortium Resolves Critical BIND Flaw | Threatpost
STORIES DISCUSSED IN FEATURE SEGMENT:
U.S. intelligence mining data from nine U.S. Internet companies in broad secret program - The Washington Post
Verizon Breaks Silence on Top-Secret Surveillance of Its Customers | Threat Level | Wired.com
DHS Watchdog: 'Intuition and Hunch' Are Enough to Search Your Gadgets at Border | Threat Level | Wired.com
Teen Jailed for Rap Lyrics Posted After Boston Bombings | Threat Level | Wired.com
PRESENTATION: Marcus Ranum on militarisation trends | Risky Business
Oracle has really embraced the fact that they should be more careful with their security. They need to do that. - Kris Krohn Strongbrook