An Information Security Place

Hey everybody.  Here’s podcast episode 7.  There’s some great stuff in here, and some great interviews.  Enjoy!

BTW, iTunes is downloading episode 6 for episode 7 for some friggin’ reason.  I will look into it, but I have to finish a proposal tonight.  Sheesh.

Link to MP3

Show notes:
Segment 1 – InfoSec News Update

• ClickJacking Demo’s poping up everywhere
• Voip and the SIP Protocol Demysitified – Wes Brown does a great article over on the Matasano website
• ATM Skimmer kit with SMS Texting
• Our new segment, but still under the News Segment for this show is Filed under DUH! - China Monitoring Skype Text Messaging
• Judge Suppresses Results of E-voting System Audit
• Scanning you network for default passwords: Depant

Interview Segment:

• Interview A – Michael and Von Nguyne – SE @ Palo Alto Networks (next Gen Firewall)
• Interview B – Jim and Dan Kuykendall talk about NTO Spider (Jim)

Geek Toys: Jasager on the FON Router – Watch Episodes 403 and 405 of Hak5 or hop over to DigiNinja’s Jasager page

Consultants Corner: Discussion on doing some due diligence on checking vendor claims. Open discussion on the recent Evil Bits Darkreading blog post

Music Notes:

• Intro/Outro – Digital Breaks – “Therapy”
• Segway 1 – Jimmie Bratcher – “Bad Religion”
• Segway 2 – The Erotics – “Walk All Over You”
• Segway 3 – Megaphone – “Not Your Enemy”
• Segway 4 – Kickstart – “Theme Song”

Vet

This post has no technical value.  Just experimenting with how much traffic I can get by putting the term “clickjacking” in a post.

But seriously, if you want to know anything about it, go listen to Martin’s podcast interview with Jeremiah and Rsnake.  You can also go over to Computerworld and take a look at the Q&A.

So…

clickjacking…

clickjacking…

clickjacking…

Rsnake

Robert Hansen

Jeremiah Grossman

Whitehat Security

SecTheory LLC

OWASP

Vet

Here’s episode #6.  Jim was in a hotel room in California, so forgive any degradation in quality and the shorter-than-usual length.  Just another risk when you are a world-traveling consultant like Mr. Broome.

As usual, we welcome feedback of any kind (we reserve the right to delete profanity).  Please let us know how you like / dislike the show.

Also, I know the feed is broken via feedburner.  Not sure what is going on there.  I am looking into it.  For now you can download the podcast via the link below.

OK, here are the show notes:

InfoSec News Update:

• Rsnake and Grossman’s talk on clickjacking pulled due to lack of feed back by some vendors and a request from Adobe to pull the OWASP USA talk until they issue a patch.
• Apple and Cisco Release Patches
• Followup – VMware Fusion 2.x not all that good!!!
• Palin hack – We don’t give a crap anymore!

Discussion on Remote access and employee termination – Open discussion on the recent articles
and whitepapers:

• Watchguard’s Whitepaper on employees working from home
• Former Intel Employee working Charged with IP theft – works for AMD and used former intel VPN access that wasn’t disabled.

Segment 2:

• Geek Toys – Lock pin set disguised as a writing pen
• Consultants Corner – Dealing with with vendors – From the Services side (Jim) and from the Reseller side (Michael)

And the wonderful music picks from Jim:

• Intro/Outro – Digital Breaks – “Therapy”
• Segway 1 – Climax – “OnTheEdge”
• Segway 2 – Climax – “Eternity”

Link to MP3