Podcasts

This week's podcast is brought to you by Check Point Software. On this week's show we've got a bit of an exclusive. Adam Boileau has released the software he developed to unlock Windows workstations with Firewire trickery. With all this talk of Cold Boot attacks, Boileau's old attack is suddenly new again.

On this week's show:

• ZDNet Australia's Munir Kotadia discusses this week's security news headlines with host Patrick Gray
• Immunity Inc's Adam Boileau talks Firewire, TPMs, Cold Boot attacks and more
• Check Point's Fred B\xc3\xb6rjesson talks data breach disclosure laws

Links:

Metlstorm's project page for the firewire attack
Arbor Networks blog post on Pakistan's accidental nuking of YouTube
More reading on Cold Boot
More reading on Winlockpwn
SoundFoundation.com.au's purchase page for this week's featured song

On this week's show we look at the James Bond-style attack on BitLocker involving frozen RAM. We also chat about Microsoft's "good worm" brainwave, the Australian Institute of Criminology's cyber-crime survey and more. This week's show is brought to you by Sophos and hosted by Vigabyte.

On this week's show:

• ZDNet Australia's Liam Tung discusses the week's news with host Patrick Gray
• "Homeless hacker" turned legit computer security consultant Adrian Lamo gives his take on the frozen RAM attack
• Sophos' APAC head of technology, Paul Ducklin, talks good worms in this week's sponsor interview
• The Australian Institute of Criminology's principal criminologist Dr. Russell Smith discusses Australia's largest every computer crime survey, which is coming soon!

This week's SoundFoundation track is Geek Manifesto by the Winnie Coopers.

This week's Risky Business is brought to you by Symantec, so a big thanks to the big yellow box! On this week's show we're looking at a different type of information security threat: listening devices and bugging.

Corporate espionage is real a problem in Australia, with incidents going unreported for obvious reasons. Risky Business spoke to bug-hunter and counter intelligence expert Les Goldsmith about Australia's bug problem.

On this week's show:

• Munir Kotadia discusses the week's news with host Patrick Gray
• ESD Group's Les Goldsmith discusses listening devices, counter-intelligence and encrypted telephony
• Senior systems engineer with Symantec, Rogan Mallon, joins us for this week's sponsor interview

This week's special, longer and stronger podcast is all about intrusion detection and prevention systems (IDS/IPS) and is hosted by the fine folk at Vigabyte virtual hosting.

By now you've been Powerpointed to death by vendor sales reps who insist their latest system can block attacks that haven't been invented yet. Of course that's utter BS, as Declan Ingram points out in his must-hear presentation on IDS and IPS.

Between 24 X 7 monitoring staff -- yours or outsourced -- slacking off and playing Xbox instead of reading real-time logs, to the inherent flaws in self-learning IPS, there's something in this talk for everyone.

On this week's show:

• ZDNet Australia's Munir Kotadia discusses the week's news with Risky Business host Patrick Gray
• Hear Securus Global consultant Declan Ingram's IDS/IPS presentation, edited for your aural pleasure

This week's edition of Risky Business is brought to you by Sophos.

On this week's podcast:

• ZDNet Australia's Munir Kotadia discusses the week's news
• Patrick Gray asks CSO Adam Pointon if robust security practices could have prevented Societe General's $8.2 billion loss to a rogue trader
• Paul Ducklin, head of technology for Sophos in the Asia Pacific, discusses multi-stage malware

The music heard at the end of this week's podcast is by Afro Dizzi Act. You can buy the track at soundfoundation.com.au.

This week's podcast looks at a few interesting topics. Apparently the bad guys are about to ditch IRC as a command and control channel for botnets and start using RSS, blogs and steganography to communicate with their zombie armies... sneakily!

The show is brought to you this week by the fine folks at Check Point Software Technologies and hosted, as always, by Vigabyte.

On the podcast:

• ZDNet Australia's Munir Kotadia discusses the week's news
• Immunity Inc's Adam Boileau talks about exploiting Windows' IGMP bug and botnet C&C
• Steve MacDonald from Check Point joins us for this week's sponsor interview

The music heard at the end of the podcast came from Sound Foundation.

This week's edition of Risky Business is brought to you by the folks at the big Yellow Box -- Symantec! Big thanks also go out to Vigabyte for providing the bandwidth for the podcast. On this week's show:

• Our favourite newshound, ZDNet Australia's Munir Kotadia, discusses the week's news
• This week's feature interview is with Graeme Neilson of Aura Software Security and we're talking BlackBerrys. Aura's developed a trojan for the gadget that Neilson uses in security audits -- he describes it as BackOriface (remember that?) for the BlackBerry -- and if you thought getting badware to run on the mobile devices is hard, you're sadly mistaken
• Symantec's Rob Pregnall joins host Patrick Gray to talk about a new banking trojan that side-steps two factor authentication in this week's sponsor interview
• Risky Business takes a quick look at some questionable marketing tactics being used by an anti-spyware software manufacturer during a chat with Netregistry CEO Larry Bloch

Your weekly security podcast, Risky Business, is back. We'll be ramping things up properly over the next couple of weeks and should return to regular format shows by February. On this week's show:

• ZDNet Australia's editor Munir Kotadia joins Patrick Gray to discuss this week's security news.
• New Zealand-based Security consultant Morgan Marquis-Boire, from the company formerly known as Security-Assessment.com, talks X.25 security. Sweet as, bro!

Australian band Marshall and the Fro supplied the music heard at the end of this week's netcast...

Here it is, the last Risky Business for 2007, with thanks to Verizon Business Security Solutions, our sponsor, and Vigabyte virtual hosting, our hosting partner.

In part two of this fascinating keynote by crypto-legend and New Zealand-based academic Peter Gutmann explains why the people designing computer software are fundamentally different -- psychologically speaking -- to the people who actually use the software. It turns out that's a bit of a problem!

Part one of this talk can be found here.

In this recorded presentation, crypto expert and University of Auckland academic Peter Gutmann outlines the bugs in the human mind that make the average person susceptible to scams and cons.

In this podcast you\xe2\u20ac\u2122ll hear Gutmann\xe2\u20ac\u2122s fascinating keynote presentation at the Kiwicon security conference, held in November at Victoria University in Wellington.

Gutmann is well known in crypto circles \xe2\u20ac" he co-wrote PGP 2.0 in the early 90s \xe2\u20ac" and in this talk he argues the human brain was not built with data security in mind.

This podcast is part one of his talk. You can download part two here, or you can wait until I push out part two as a separate podcast in a couple of days.