Risky Omni(bus)iness #79 -- GOVCERT.NL special

Previously on Risky Business...
25 Sep 2008 » Risky Business

This special edition of Risky Business was recorded in Rotterdam, in the Netherlands, at the GOVCERT.NL security conference. The conference organisers flew me there to host a couple of ask the expert sessions and record some custom interviews... but I got to record my own stuff too and prepare this special.

This podcast is essentially a bunch of interviews I did at the conference, glued together for your listening pleasure. Big thanks to our advertiser MessageLabs for making this week's show possible!

On this week's show you'll hear:

  • Marcus Sachs of the Internet Storm Centre (Day job: Verizon) talks supply chain subversion and fun with USB devices. (Hint: Load them up with malware then leave them in the bathrooms of your target...)
  • GovCERT's Carol Overes talks HoneySpiders -- they're basically client-side honeypots, but they could have some nifty commercial applications.
  • Lance Spitzner looks back at his experience running the Honeynet Project over the years. Honeynets showed some early promise as potential products, ala "bait and switch honeynets". It never happened, so I asked Lance why.
  • A quick interview with Bart Jacobs, the professor who wound up leading the research team that broke NXP Semiconductors' MIFARE RFID access cards. The whole thing has actually turned into a political catastrophe that has potential to divert votes away from the incumbent government...

Massive thanks to all the GOVCERT guys -- Eelco, Roeland, Tarik and especially Erik de Jong. Apologies if I spelled any of your freakish European names incorrectly... ;) Coming from Australia I know plenty of alcos, but not too many Eelcos!