Podcasts

In this sponsored podcast we chat with both Arbor Networks' Nick Race and Matt Hollis of Vocus.

We discuss the state of both application and volumetric based DDoS techniques.

As you'd no doubt be aware, Arbor makes DDoS mitigation equipment -- there's the enterprise stuff that blocks application-based attacks, like attacks that exhaust resources on the target, then there's the telco stuff that blocks the volumetric attacks -- a.k.a. bandwidth exhaustion attacks.

I started off by speaking with Matt Hollis of ASX - listed connectivity provider Vocus. These guys have some serious tubes, so they're used to seeing a lot of volumetric attacks. Then I got on the line with Arbor Networks' Nick Race to discuss app-based attacks.

In this interview we chat with Juniper Networks' chief security architect Christopher Hoff. I posted the audio of Chris's plenary talk yesterday... it was very interesting stuff, so check it out if you get a chance. He basically outlined his vision for security automation -- security at scale.

A part of that vision is advocating a more communication and integration between apps and infrastructure. He says apps should be able to interact directly with networking infrastructure through APIs. It sounds great, but could it be a disaster?

The following is a full recording of a presentation by the University of Auckland's Peter Gutmann discussing contactless payment systems.

It's a nice overview that points out some of the dumber implementation mistakes that have been made by card brands and issuers.

There's a reference to a Shmoocon talk in this recording. You can find the whole thing here.

This is an interview with Robert Clark, the operational attorney for the US Army Cyber Command. I posted audio of his talk yesterday... he spoke a lot about international law as it applies to cyber war. But I wanted to pick his brains about something he briefly mentioned.

During his presentation he mentioned that espionage is actually legal under international law. I asked him to expand on that and we had a great chat about the legal aspects of online espionage.

In this sponsored Arbor Networks founder and CTO Rob Malan.

If you're lucky enough to have met Rob, you'd know that not only has he built a crazily successful business, but he's one of the most technologically savvy people you will ever meet. He lives and breathes his business, and lately he's been focussing on what he sees as a future problem area: Denial of service attacks against mobile 3G and 4G/LTE networks.

As you'll hear, Rob says the average mobile network is a bit of a disaster and there'll be plenty of opportunities for miscreants to wreak havoc on them.

The following is a complete recording of Mikko Hyppponen's opening keynote to the AusCERT 2012 conference. Mikko is the chief research officer for the Finnish antivirus firm F-Secure.

It takes him a few minutes to pick up steam, but I definitely recommend sticking with his talk. It starts out good and winds up fascinating. The title of his talk is The Enemy, and in it he examines three groups of attackers -- Criminals, Hacktivists and Nation States. It sounds like well worn material, but Mikko's take is definitely worth listening to.

The following is a complete recording of Christopher Hoff's AusCERT presentation. He's the chief security architect with Juniper Networks. He has a vendor-heavy background, but don't hold that against him -- he's got some very interesting ideas around virtualisation, cloud computing and deperimiterisation. His talk is about automating security at scale, but he starts off, off all things, with a history innovation in toilets, which surprisingly works pretty well.

Here he is: Christopher Hoff, chief security architect of Juniper Networks. Enjoy.

In this sponsor podcast we chat with Paul Ducklin of Sophos about the recent spate of Mac Malware. In light of malware like Flashback, is it fair to say the public perception that Mac computers are more secure has been busted?

The following is a complete recording of an absolutely fascinating presentation by Robert Clark -- the operational attorney for the US Army Cyber Command.

His presentation examines the legal regime surrounding cyberspace operations.

He looks at the legal underpinnings of computer network security; defense; exploitation; and, attack. It is absolutely riveting stuff and I hope to be catching up with Mr. Clark at some point during the conference to ask him about six million questions.

In this sponsor podcast we chat with Richard Byfield, co-founder and general manager of Datacom TSS.

Datacom TSS is a relatively new Australian company backed by the Datacom group, the large integrator. They're an independent company offering the usual stuff, like penetration testing and app review, but what makes them a little different are its founders.

They used to work in the security and intelligence community for the Australian government, which means they've spent a lot of time viewing the threat environment with a slightly different perspective to the rest of us. With that in mind, I thought it would be interesting to ask Richard what it was like for him to transition from his previous place of employment into the private sector. Here's what he had to say.