Well it's official. I've made it: Gregory D Evans has ripped off my work!

Risky.Biz's pal Jericho from Attrition.org recently drew my attention to a book published by Evans and LIGATT Publishing called "Hi-Tech Hustler Scrapbook".

From what I can tell, it's just a collection of news and feature articles written by other people. Three of my articles from years ago made it into Evans' "scrapbook":

"Cyber Terrorism 'Merely a Theory'," November 11, 2003, ZDNet Australia

"Beware the Crime Lords of the Internet," May 31, 2005, The Age

"Computer Crime: Methods and Techniques," June 01, 2005 Sydney Morning Herald

When asked how he could justify cutting and pasting other peoples' work into a book and selling it for $39.95, Evans claimed that he got permission to use the articles he included.

He also says he didn't put his by-line or name on the book, so he's in the clear. Indeed, my by-line remained on my articles as reproduced in his book. You can read his ridiculous ramblings on the subject here.

Anyhoo, I thought I'd make 110% sure that permission wasn't given to Evans to use my articles in his book. I asked ZDNet Australia if someone over there gave Evans permission to reprint my work. Here's the response I received from the house of Z's Editorial Director Brian Haverty:

After checking with the global offices of ZDNet, I have found that the ZDNet content that appears in Gregory Evans' 'Hi-Tech Hustler Scrapbook' was not used with the permission of any authorised employee. If Mr Evans purports to have any evidence of permission being granted, we would very much like to see it.

So, just for the record, Gregory D Evans did not have my permission or the permission of my publisher to reprint "Cyber Terrorism 'Merely a Theory'," November 11, 2003, ZDNet Australia.

If you don't know who Gregory D Evans is, you're in for a fun hour's Googling.

This week's show is jam-packed! We'll be chatting with Andrea Barisani about a presentation he did with Daniele Bianco at CanSecWest this week. They're both from Inversepath, and the title of their talk was "Chip and PIN is definitely broken". Is it? Find out after the news.

On this week's show Peter Gutmann drops by to talk about Solid State Drives (SSDs) and digital forensics. Depending on which report you saw over the last week you may have read that it's impossible to reliably delete data from an SSD, or that SSDs are a forensic nightmare because they DO delete so much data.

On this week's show we're having a chat with the editor of Wired.com's Threat Level blog, Kevin Poulsen.

Earlier today I had a very interesting chat with veteran information security journalist Kevin Poulsen about his new book Kingpin.

Kingpin is a ripper read and the full interview should be up some time tomorrow with this week's podcast. But it was Kevin's comments around Wikileaks that I found particularly interesting.

It's been my long held belief that Wikileaks is somewhat similar to Napster; both entities are symptoms of a larger issue, they're not the cause. The ease with which Bradley Manning allegedly downloaded all the material leaked to Wikileaks is, in my mind, the real issue at play in the whole Wikileaks saga.

With Napster, the issue was the rising popularity of the Internet and consumers' newfound ability to infinitely and freely replicate digital files like mp3s across a network. Which particular software was used to do this was of little consequence.

Napster was shut down by US courts, but that did little to curb online piracy. In the same way, I very much doubt the closure of Wikileaks will do much to stem the flow of sensitive information on to the Internet.

In addition to other, similar sites like Daniel Domscheit-Berg's OpenLeaks operation, Anonymous has proved you don't need millions in donations and a massive public profile to air an organisation's dirty laundry on the Internet.

Those who stole information security company HBGary Federal's e-mail, under the flag of Anonymous, seem to have had no problem hosting the mail on public websites, for example.

The domains of said sites do get yanked every now and then, but another site soon pops up. It's proof that once the genie is out of the bottle it's impossible to get back in. I thought we all knew this already.

But Poulsen believes the HBGary Federal thing is an interesting development for another reason.

"We could see a whole new crop of insta-Wikileaks sites that are based not on leaked information but on stolen information," he said. "I do wonder if the next big leaking incidents we see... might come from outside hackers who are politically motivated or revenge motivated or inspired by what Wikileaks has done."

"There are a lot of companies and organisations out there that are no more secure than T J Maxx was when it got hacked, but who have been spared because they have nothing of value to the criminal underground. Now if they start being targeted for ideological reasons they're going to find themselves just as vulnerable [as T J Maxx]."

It's a pretty difficult argument to poke holes in, and it should be a wee bit worrying for organisations with dirty laundry to air.

The HBGary Federal leak certainly got a lot of attention, and it's hard to see how the "operation's" success won't encourage further activity of this type. Maybe the best defence against this thing really is running an ethical, transparent operation.

Interesting times in infosec indeed...

One interesting little organisation to come to the attention of the information security industry since HBGary Federal got popped is a US-based company named Endgame Systems.

It's a slightly shadowy information security company based in the US that appears to offer its services almost exclusively to the US military and intelligence apparatus.

It was founded in 2008 by a bunch of senior ex-ISS execs and founders like Chris Rouland and Thomas Noonan.

Well, thanks to the "liberation" of HBGary's e-mail by Anonymous and the leak-sifters over at Cryptome, we've now all got access to everything from a high-level overview of Endgame's "capabilities" to its pricelist and a sample report.

All three documents are instructive reading.

It seems Endgame does everything from selling stacks of 0day for use in "information operations," as well as unspecified tools used in "information assurance". The company tracks botnets, too, with some interesting results that are linked to below.

But what caught my eye was slide seven of a presentation, which you can find here [.zip], in which the company boasts of "active vulnerability assessment" and "identification of known vulnerable systems".

Massive, international vulnerability recon and intelligence for US military and intelligence applications, all done in the private sector.

The service sounds a lot like Metlstorm's "low hanging kiwi fruit"* project from a couple of years ago, only these guys charge millions for it [.pdf]. Have a look at a sample report from the company here [.zip].

This sort of information comes in handy. You never know when you'll need to know version of Apache Aeroflot's facilities at Moscow Sheremetevo Airport are running. (1.3.33 on Win32, in case you're wondering.)

HBGary's spools just keep coughing up interesting stuff. I'll be fascinated to see what else surfaces.

* A brief blurb on Metl's project can be found on this page. It's referred to as "low scuttling chilli crab". It's a Singapore thing.

This week's edition of Risky Business is brought to you by NetWitness!

This week's feature interview is a chat with Didier Stephens about his work in bypassing Windows-based whitelists.

This week's edition of the show is brought to you by Tenable Network Security. We'll hear from Tenable's Paul Asadorian in this week's sponsor interview.

This is the last Risky Business podcast for 2010, and it's a cracker!

On this week's show we're taking a look at a nifty little presentation by Mark Piper delivered to the recent Kiwicon conference.

Australia's largest independent information security consultancy, Stratsec, will be acquired by British defence contractor and arms manufacturer BAE Systems.

The company operates defence-accredited facilities here in Australia, runs common criteria certification labs and employs around 60 consultants nationwide. Risky.Biz understands the announcement of the sale is imminent.

The company has been aggressively hiring new consultants all over the country since merging with a smaller infosec outfit, SIFT, in May this year.

That deal that valued SIFT at A$3.5m and the new, merged company at A$15-$20m. The BAE deal is thought to value Stratsec at the upper end of that range.

The proposed acquisition seems a sensible fit for all involved. Military contractors are increasingly ramping up their information security capabilities as government fears of "cyber war" grow to fever pitch.

And when there's a buck to be made out of war of any kind you can bet your ass there's a military contracting firm scuttling around under a nearby rock, ready and willing to take advantage.

Still, ethically speaking I'm fairly confident selling penetration tests at extortionate, military-grade prices beats manufacturing cluster bombs and using creative accounting to shift billions in profits off your books to evade tax... so who am I to complain about this wonderful new direction our industry is heading in?

What do you think? Care to comment?

On this week's show we're joined by Stephen Glass of the OP25 project.

Silvio Cesare has been on the Australian information security for yonks. He's a talented vulnerability researcher, worked as a scanner architect for Qualys back in 2002, and has generally been kicking around being a smart guy for a long time.

Brian Snow worked for the USA's National Security Agency from 1971 until a few years ago. By the time he retired from the agency he had risen through the ranks to the position of technical director, information assurance.

Today's podcast is a special edition -- I'm basically on holidays and travelling for work for the next three weeks so there will be no news section for a little bit, but don't worry, we'll be back to regular programming in three weeks.

Firesheep is a Firefox plugin that automates the hijacking of http sessions over unsecured wifi access points. While sites like Facebook, Twitter and so on use https to protect login credentials, after successful authentication nine times out of ten you drop back to a http session.

In this week's feature interview we're catching up with David Litchfield.

In this week's show we're taking a look at a new technology from Immunity Inc. It's called El Jefe and it's actually pretty interesting.

On this week's show have a chat about critical infrastructure. The Auditor General in the state of Victoria has released a 56 page report into an investigation is conducted into the security of transport and water-infrastructure control systems.