Risky Business Podcast

This week's show is brought to you by RSA Security and hosted by Vigabyte virtual hosting.

We've got two feature interviews this week. The first story in this week's show is an interview with BreakingPoint Systems' Dennis Cox. He's been playing around with TCP Denial of Service attacks for something like 12 years, and he's got a few insights into this latest DoS that some researchers from a Swedish company are saying will melt the Internet.

We'll also chat about a new type of Trojan -- which uses WMI event filters and consumers -- unveiled at the Kiwicon security conference in Wellington. MacLeonard Starkey from AusCERT will be along to talk about that one.

This week's sponsor interview is with Greg Singh of RSA Security. With world markets in a tailspin, layoffs are sure to follow. What can we do to make sure disgruntled ex employees don't make a bad situation worse?

If you're looking for a link to the source for the Moth Trojan you can find it here. To read Macca's write-up on Moth, click here.

This week's edition of Risky Business is brought to you by Check Point and hosted by Vigabyte virtual hosting. Risky Business 80 was recorded at the second annual Kiwicon conference in Wellington, New Zealand.

In this podcast, you'll hear the panel I ran at Kiwicon. Panelists were Insomnia Security's Brett Moore, the University of Auckland's Peter Gutmann and Security-Assessment.com's Paul Craig.

You'll also hear an interview with Mark "pipes" Piper about his latest initiative -- secure-freedom.org. It's a site designed to funnel knowledge from corporate security guys into the delicate little brains of open source developers.

This week's sponsor interview features Check Point Software's Steve MacDonald discussing recent changes to Australia's EPL process.

This special edition of Risky Business was recorded in Rotterdam, in the Netherlands, at the GOVCERT.NL security conference. The conference organisers flew me there to host a couple of ask the expert sessions and record some custom interviews... but I got to record my own stuff too and prepare this special.

This podcast is essentially a bunch of interviews I did at the conference, glued together for your listening pleasure. Big thanks to our advertiser MessageLabs for making this week's show possible!

On this week's show you'll hear:

• Marcus Sachs of the Internet Storm Centre (Day job: Verizon) talks supply chain subversion and fun with USB devices. (Hint: Load them up with malware then leave them in the bathrooms of your target...)
• GovCERT's Carol Overes talks HoneySpiders -- they're basically client-side honeypots, but they could have some nifty commercial applications.
• Lance Spitzner looks back at his experience running the Honeynet Project over the years. Honeynets showed some early promise as potential products, ala "bait and switch honeynets". It never happened, so I asked Lance why.
• A quick interview with Bart Jacobs, the professor who wound up leading the research team that broke NXP Semiconductors' MIFARE RFID access cards. The whole thing has actually turned into a political catastrophe that has potential to divert votes away from the incumbent government...

Massive thanks to all the GOVCERT guys -- Eelco, Roeland, Tarik and especially Erik de Jong. Apologies if I spelled any of your freakish European names incorrectly... ;) Coming from Australia I know plenty of alcos, but not too many Eelcos!

For some inexplicable reason, when I posted this week's podcast my content management system (fancy way of saying WordPress) wound up sending out the wrong file with the post in the RSS feed. I'd linked to a presentation by David Rice at GovCERT which WordPress decided should be this week's podcast. Ugh.

So, apologies, listeners... you got David Rice's presentation to GovCERT in Rotterdam instead of my interview with David Rice!

So let's try that again... if you want to actually hear David's presentation you can grab it from link in the older post...

This week's podcast was recorded and prepared at the GovCERT Symposium in Rotterdam. This week's feature guest is David Rice, the author of Geekonomics.

Rice argues the pervasiveness of software and systems vulnerabilities are a symptom of a market failure, and the only way out is for governments to introduce economic incentives -- similar to those being considered to reduce carbon emissions -- to whip the vendors in shape.

This week's sponsor guest is Microsoft's Chief Privacy Strategist Peter Cullen. Peter joins the show to discuss, perhaps not surprisingly, privacy in the digital age.

If you're interested, you can also download David's presentation to GovCERT here.

This week's edition of Risky Business is brought to you by Tenable Network Security.

It's been a fairly quiet week so we've prepared a shorter than usual show. In this week's podcast we take a look at the depressing state of the Internet -- a recent 'net-wide scan by nmap creator Fyodor found Telnet is the second most commonly open port. Marcus Ranum pops in to discuss the possible role of backbone providers in mopping up this outrageously shite style of systems management.

ZDNet Australia's Munir Kotadia is also along this week to discuss the news. Nothing earth-shattering -- a few bugs in Google's newly-released Chrome browser, some Facebook application badness and a downright skeletal-challenging backflip on the part of MythBusters' host Adam Savage.

Enjoy!

We've got a great show this week, there's been plenty happening in the infosec world. Our feature topic this week is BGP insecurity. There's been some renewed hysteria around BGP and we'll be getting to the bottom of it with Danny McPherson, Arbor Networks' Chief Smart Guy. As it turns out, you really, really just can't trust Internet routing.

Seriously.

There's been a lot of news about RFID and contactless RFID insecurity over the last few months, and some very interesting video footage from the HOPE conference in New York has surfaced. It turns out a proposed MythBusters segment on RFID security was nixed when the credit card companies called in the lawyertrons to heavy Discovery Channel. Hear the show's own Adam Savage address HOPE back in July.

This week's show is sponsored by RSA security -- they slice, they dice, and they know Alice and Bob's dirty little shared secret. RSA Security's Greg Singh will be along in this week's sponsor segment to have a chat about the MIFARE snafu, key management and other geeky crypto stuff.

And as always, the greatest IT news editor in the world, ZDNet Australia's Munir Kotadia, will be along with the week's news headlines.

This week's edition of Risky Business is brought to you by Check Point Software.

In this week's news segment we take a long, hard, disapproving look at the "Red Hat incident". It seems the software-maker was fairly thoroughly pwned -- the attackers managed to compromise the package signing boxes for both Fedora Core and Red Hat.

Ouch.

We also check in with RaceToZero virus obfuscation contest organiser Simon Howard. Until now the focus has been on the performance of the contest entrants, but how did the actual anti-virus software hold up? What's good and what sucks?

Simon is back from hosting RaceToZero at DEFCON in Vegas and joined the show by phone from New Zealand.

Steve McDonald is this week's sponsor guest from Check Point Software, and Munir Kotadia joins us from ZDNet Australia HQ for a look at the week's news.

If you'd like to read the Popular Mechanics interview with the MIT "subway hackers," as mentioned on the show, it's here.

This week's Risky Business is brought to you by Microsoft and hosted, as always, by Vigabyte virtual hosting. On this week's show we take a look at e-passport security. After 9-11, Chimp W Shrub decreed that foreigners wanting to enter the United States would soon need to carry new-fangled, biometric passports with embedded wireless RFIDs.

The result was a rush job the likes of which you've never seen.

This week's guest, Peter Gutmann, has figured out how to modify the data on e-passport chips. He hasn't broken the encryption scheme responsible for signing the data but that doesn't matter -- no one checks to see if the signing key is genuine and even if they do the implementation is so bad it's easy to fool.

The recent theft in Britain of 3,000 blank e-passports in a van hijacking is starting to make a lot more sense.

ZDNet Australia's Munir Kotadia is back this week to chat about recent news, and this week's sponsor interview is with Microsoft's Jeffery Jones who talks comparative vulnerability analysis.

The music used at the end of this week's podcast comes from Marshall and the Fro. Australians can buy the band's album for $25 via Paypal (postage paid) here. Music used with permission.

This week's show is brought to you by Tenable Network Security and hosted, as always, by Vigabyte Virtual Hosting.

There's no news segment in this week's news section -- Patrick Gray is on holiday in Japan, so this is a pre-recorded show. But it's still a good one!

This week's feature guest is New Zealand-based security researcher Paul Craig. He's just launched iKAT, the Interactive Kiosk Attack Tool.

Ever wondered how to pwn one of those Internet kiosks in various lobbies and airports? Tune in to find out! Paul's spent over a year working on iKAT and has just launched it at DEFCON.

This week's sponsor interview is with Tenable Network Security's Chief Security Officer Marcus Ranum. For those who haven't worked in the security industry very long, Marcus is kind of a big deal(tm).

This week we're talking to Marcus about the impact the Payment Card Industry Data Security Standard (PCI DSS) has had on industry practices.