Podcasts

The following is a full recording of a presentation by the University of Auckland's Peter Gutmann discussing contactless payment systems.

It's a nice overview that points out some of the dumber implementation mistakes that have been made by card brands and issuers.

There's a reference to a Shmoocon talk in this recording. You can find the whole thing here.

This is an interview with Robert Clark, the operational attorney for the US Army Cyber Command. I posted audio of his talk yesterday... he spoke a lot about international law as it applies to cyber war. But I wanted to pick his brains about something he briefly mentioned.

During his presentation he mentioned that espionage is actually legal under international law. I asked him to expand on that and we had a great chat about the legal aspects of online espionage.

In this sponsored Arbor Networks founder and CTO Rob Malan.

If you're lucky enough to have met Rob, you'd know that not only has he built a crazily successful business, but he's one of the most technologically savvy people you will ever meet. He lives and breathes his business, and lately he's been focussing on what he sees as a future problem area: Denial of service attacks against mobile 3G and 4G/LTE networks.

As you'll hear, Rob says the average mobile network is a bit of a disaster and there'll be plenty of opportunities for miscreants to wreak havoc on them.

The following is a complete recording of Mikko Hyppponen's opening keynote to the AusCERT 2012 conference. Mikko is the chief research officer for the Finnish antivirus firm F-Secure.

It takes him a few minutes to pick up steam, but I definitely recommend sticking with his talk. It starts out good and winds up fascinating. The title of his talk is The Enemy, and in it he examines three groups of attackers -- Criminals, Hacktivists and Nation States. It sounds like well worn material, but Mikko's take is definitely worth listening to.

The following is a complete recording of Christopher Hoff's AusCERT presentation. He's the chief security architect with Juniper Networks. He has a vendor-heavy background, but don't hold that against him -- he's got some very interesting ideas around virtualisation, cloud computing and deperimiterisation. His talk is about automating security at scale, but he starts off, off all things, with a history innovation in toilets, which surprisingly works pretty well.

Here he is: Christopher Hoff, chief security architect of Juniper Networks. Enjoy.

In this sponsor podcast we chat with Paul Ducklin of Sophos about the recent spate of Mac Malware. In light of malware like Flashback, is it fair to say the public perception that Mac computers are more secure has been busted?

The following is a complete recording of an absolutely fascinating presentation by Robert Clark -- the operational attorney for the US Army Cyber Command.

His presentation examines the legal regime surrounding cyberspace operations.

He looks at the legal underpinnings of computer network security; defense; exploitation; and, attack. It is absolutely riveting stuff and I hope to be catching up with Mr. Clark at some point during the conference to ask him about six million questions.

In this sponsor podcast we chat with Richard Byfield, co-founder and general manager of Datacom TSS.

Datacom TSS is a relatively new Australian company backed by the Datacom group, the large integrator. They're an independent company offering the usual stuff, like penetration testing and app review, but what makes them a little different are its founders.

They used to work in the security and intelligence community for the Australian government, which means they've spent a lot of time viewing the threat environment with a slightly different perspective to the rest of us. With that in mind, I thought it would be interesting to ask Richard what it was like for him to transition from his previous place of employment into the private sector. Here's what he had to say.

In this week's show we take a look at the big burning issue of BYOD.

Neal Wise of Assurance.com.au joins us to discuss some common approaches. Neal says one reason companies are starting to address the issue is because staff are already bringing devices in and connecting them to corporate resources regardless of company policy. In other words it's happening whether you like it or not.

This week's show is brought to you by Tenable Network Security -- if you need some vulnerability detection and management software, or some whiz bang security information event management kit, you'd best get your butt into gear and head to tenable.com.

In this week's sponsor interview Tenable Network Security CEO Ron Gula also weighs in on the debate. He says the BYOD phenomenon is doing a fantastic job at resuscitating NAC and NAP vendors.

Adam Boileau, as always, joins us for this week's news headlines.

On this week's show we're taking a look at basic opsec with an incident responder friend of ours. We'll be talking about some sensible strategies people can use when they're up to illegal stuff on the Internets, because, you know, watching all these guys getting busted for owning FBI websites from their own IPs is getting boring.

This is useful stuff to understand on the defensive side, too.

Plus Adam Boileau joins the show with his take on the week's news.