Podcasts

This edition of RB2 features Ben Hawkes' recent talk at Kiwicon. It was called A History Of Corruption, and it really is a historical recap of memory corruption bugs. It doesn't exactly sound thrilling from that description, but it's a great talk and it's really well delivered.

Hawkes is a young security researcher based in New Zealand who's well and truly on the way up. His work on hacking the Vista heap was pretty awesome. If you are familiar with it then you know why a talk about memory corruption as done by Hawkes is going to be interesting. He knows what he's talking about.

This week's show is brought to you by Microsoft.

We've got a couple of great stories in this week's show. We'll be chatting with our semi regular guest Adam Pointon, who's taken a bit of a look through the leaked 911 pager messages that popped up on Wikileaks overnight.

While everyone's been trawling through them looking for evidence that the aliens did it, Adam's been taking a look at the automatically generated messages that network equipment was sending out. It's interesting stuff.

We'll also check in with Mikhail Davidov from Leviathan Security in the USA. They've made the SSL/TLS flaw you've been hearing about MUCH more practical and they've written code that will let you -- yes, you -- perform a channel downgrade attack.

Adam Boileau is this week's news guest, and we're joined by Microsoft's Stuart Strathdee in this week's sponsor interview.

"Unu's blog" is back online and has claimed the high-profile scalp of a Symantec website.

The anonymous blogger, who goes by the pseudonym Unu, successfully extracted customer data including license keys, usernames and passwords from a Symantec website that "facilitates customer support for users of Symantec’s Norton-branded products in Japan and South Korea," the company acknowledged in a statement.

He or she published their findings overnight on the resurrected blog.

Overnight, Risky.Biz received an e-mail from someone claiming to be Unu. "My blog is back on Baywords," the e-mail reads. "With [a] new address and with a big article: Symantec, the creator of the famous Norton hacked with SQL injection."

Unu's blog has developed a cult following among security professionals, some of whom admire his brazen attacks and others who loathe his tactics.

The site mostly consists of a series of screen captures showing Web applications allegedly compromised by Unu.

The blog's victims have so far included bank and other high profile websites, including the Royal Bank of Scotland, HSBC France, the Italian Postal Service, Facebook and more.

Unu has already claimed the scalp of another computer security software maker, Kaspersky, publishing details of vulnerabilities in its websites.

In his or her latest posting, Unu praised Kasperky's reaction to his attack. "They quickly secured [the] vulnerable parameter, and even if at first they were very angry at me, [they] finally understood that I... saved nothing," Unu writes. "I have not abused in any way... the data found. My goal was, [and] is still, to warn. To call attention."

In the latest attack Unu says Symantec was storing user passwords in clear text.

"I was outraged when I saw... these users passwords are stored in CLEAR TEXT," the blog posting reads. "It seems quite strange how a company like Symantec, which sells software and security solutions... is not able to protect its own database."

A statement issued by Symantec says the company is "currently in the process of ensuring that the Web site is appropriately secured and will bring it back online as soon as possible".

The company did not offer further comment.

DISCLOSURE: Symantec is a sponsor of the RB2 podcast on Risky.Biz and Kaspersky has signed on as a sponsor of the Risky Business podcast, commencing in 2010.

Follow Risky Business on Twitter here.

Sign up for our weekly newsletter here.

RSS/iTunes podcast feeds are here.

This podcast features excerpts from Jose Nazario's session at the GovCERT Symposium in Rotterdam. The recording isn't fantastic, but you can understand what he's saying -- it's clear enough.

Jose works for Arbor networks and his talk at GovCERT was on BGP security -- security issues in core routing. He covers off some pretty interesting stuff, like why isn't there some sort of global route registry that actually authorises routes? Currently there's nothing like that.

If you're not into routing stuff you'll probably get lost with this one, but otherwise you'll likely enjoy it.

We've got two feature interviews in this week's show. We'll be chatting with Security-Assessment.com's Carl Purvis, who's found a way to man-in-the-middle ADSL connections by spending only $1,000 on kit. Want to own a branch office of a major corporation? No problem!

Carl's due to give a talk at the upcoming Kiwicon conference in which he'll show everyone how it's done, so the interview's a bit of a preview.

We'll also check in very briefly with Assurance.com.au's Oliver Greiter, who's been having a lot of fun with Microsoft's ActiveSync. He'll also be presenting his findings in a lightning talk at Kiwicon.

This week's episode is sponsored by Microsoft, and the company's strategic security advisor, Stuart Strathdee joins us for an interview about the company's latest Security Intelligence Report in this week's sponsor interview.

Adam Boileau is this week's news guest.

Sponsor RB's Movember Team here.

Follow RB on Twitter here.

In this podcast you'll hear a Q&A with Bruce Schneier of BT Counterpane, as moderated by Risky Business host Patrick Gray at the recent GovCERT Symposium in Rotterdam, Netherlands.

Topics covered include cloud computing, privacy, software manufacturer liability for defects, two factor authentication and more!

This week's feature guest is the creator of the iPhone worm, Ashley Towns, aka Ikee. This guy is either a cheeky kid or a cyber terrorist, depending on who you ask, and yup -- we've got him on the show.

We also check in with Paul Ducklin of Sophos in this week's sponsor interview. You've never heard two interviews that clash more, it's hilarious.

In one corner is the heavily pierced kid from Wollongong with the funny haircut, in the other is the middle aged AV guy who's a real stickler for the rules.

It's the naughty kid versus the school principal, both interviewed about the same series of events.

We're also joined by Adam Boileau for a discussion of the week's news.

"Unu's blog", a website chronicling one hacker's brazen compromises of high-profile web applications, has been yanked offline.

Visitors to the blog are now shown text suggesting Unu has shut up shop voluntarily. "This user has elected to delete their account and the content is no longer available," is the only explanation offered.

Unu's blog mostly consisted of a series of screen captures showing allegedly compromised Web applications. The blog's victims included bank and other high profile Web sites, including the Royal Bank of Scotland, HSBC France, the Italian Postal Service, Facebook and more.

Prior to hosting at BayWords, Unu's blog was hosted by Wordpress.com, until it was apparently pulled down after the blogger posted details of a vulnerability in a Yahoo site.

Most recently Unu made waves by claiming to have hacked BarackObama.com, a claim disputed by the Democratic National Committee's national press secretary Hari Sevugan.

While the actions of the blog author, if proved authentic would clearly be illegal, the Web site attracted a significant following -- and a modicum of privately expressed respect -- among many IT security professionals.

While Unu's motives were never expressly outlined, many assume the blog served to name and shame large organisations that failed to secure their web applications.

Follow Risky.Biz on Twitter here.

Sign up for a Risky.Biz account here to receive a weekly newsletter and join our forums!

This week's show is sponsored by the wonderful people from Tenable Network Security.

This week's feature interview is with Chris Disspain, the CEO of Australia's domain name regulator auDA.

This week we're discussing the move to Cyrillic domain names -- some media commentators have gone a bit berserk on this one, saying that the move will introduce massive risks because people will be able to do phishing campaigns with domains made up partially of Cyrillic characters.

Chris will be along to talk about why he thinks that's wrong.

We're also joined by Tenable Network Security's CEO Ron Gula in this week's sponsor interview. Ron gives us his take on Rapid7's acquisition of Metasploit.

Adam Boileau also pops in for a look at the week's news headlines.

PLEASE NOTE: We're having some technical problems with the site and the flash player below doesn't work at the moment. Just use the direct download link or pull the file through your podcatcher/iTunes... sorry for the inconvenience!

In this sponsored podcast, Risky.Biz chats with Symantec's Kevin Haley about rogue AV. More specifically, how can we measure the extent of the rogue AV problem? How can we know how much money is involved, and what can be done to shut down this nasty trade?