Posts Tagged Security

8 results.
May23

Evangelism and Projecting your dislike of religion

by Michael Farnum on May 23, 2012 at 10:35 am
Posted In: Bull Shiitake

Wake up people, you are falling into the same old theistic behavior that we all as evolved sentient beings should eschew, neigh, …loathe. INFOSEC is not a religion and YOU are not the FUCKING POPE ok?

That’s a quote from Krypt3ia on his blog entitled “Infosec is not a religion”. He says this in his rant about the use of the term “evangelist” in security.

Krypt3ia is even nice enough to define the term for us. Now I know Krypt3ia is smart enough to know that a term can be used creatively so that it does not fall into the traditional use of the term. But his obvious hatred of religion (displayed by the quote above) doesn’t allow him to get around this, and it is unfortunate.

Is the term overused? Yes, I think it is. That is why I chose the title “Advocate” instead (thanks to Michael Santarcangelo for the help with the title). Has it turned into a buzzword or sorts? Maybe. But should people who have the title of evangelist be ashamed somehow? No, they shouldn’t. Should people who “take” that title for themselves be ashamed? No. It might be a little corny to take it for yourself, but it is not something to be ashamed of.

If someone is using the term “improperly to suit your needs of being center stage and telling everyone from the fucking mount what “they” should be doing” as Krypt3ia says, then why is he throwing his bile against only this term? Plenty of people put themselves forward as experts who are far from it, and they don’t always call themselves evangelists. Plenty of people want center stage (I’m not immune to that, and I’m pretty sure Krypt3ia is not immune either if his diatribes are any indication).

This is really just a case of projection. Krypt3ia doesn’t like religion, and he can’t stand to see the term used so much. It irritates him, so he blows up (he does that a lot, which is part of his charm). And while my use of the term “psychological projection” is not an exact fit for the clinical definition, I think I can use it here to fit my desired message, which is: Get a grip dude. It is just a term.

└ Tags: ,
1 Comment
Jun02

An Information Security Place Podcast – Episode 36

by Michael Farnum on June 2, 2010 at 10:33 pm
Posted In: Podcasts, Security

 

So do we suck or what? Sorry that its taken so long for us to get another episode out… things have been crazy busy for all of us.

Anyway for this episode, Dan and Jim found themselves with 30 minutes or so of spare time, not much of a script, and working mics (Michael was working on a couple of proposals and an RFP that is due in two days); so they sat down and simply recorded an unscripted show of rambling about things that are going on for the moment.

Info Sec News Moments:

  • Kudos to MS’ IE 8 Add Campaign – Link Here
  • Jim’s 4.5 Seconds of fame – DenverGov website Hack – Link Here
  • Android and the SMS Rootkit Hack – Link Here
  • Google Ditching Windows due to Security Concerns – Link Here
  • Denver OWASP – SnowFroc Con – Link Here

Music Notes:

Link to MP3

└ Tags: , , , , , , , , , , , ,
Comments Off
May03

An Information Security Place Podcast – Episode 35

by Michael Farnum on May 3, 2010 at 9:00 am
Posted In: Podcasts, Security

 

Episode 35 is here. The format is different today. Instead of you listening to Dan, Jim, and me yap about news and pontificate about security topics, you are going to hear a talk I gave at the Texas Technology Summit in early April 2010. The talk title and synopsis are below, along with a link to the slide deck.

Title: Breaking Down the Enterprise Security Assessment

Synopsis: Many enterprise security assessments look at too few attack vectors or do not dig far enough into the attack vectors once a vulnerability has been discovered. Come join a discussion on the breakdown of a security assessment, explore the essential attack vectors, and debate the depth to which the assessment should go.

Link to MP3

Link to slides

└ Tags: , ,
Comments Off
Jul09

An Information Security Place Podcast – Episode 21

by Michael Farnum on July 9, 2009 at 6:50 am
Posted In: Security

 

Link to MP3

Episode 21 is up and going. Looks like Jim and I are back on a regular cycle again. Hopefully it stays that way! Here are the show notes:

InfoSec News Update -

  • Goldman Sachs looses its secret sauce online – Link Here
  • Fed gets and F on Physical Security – Link Here
  • North Korea Blamed in Cyber Attacks over July 4th – Link Here
  • Juniper Pulls ATM hacking preso from BH – Link Here
  • Month of Twitter Bugs – Link Here
  • 10 Things Your Auditor Isn’t Telling Your – Link Here
  • New head of MI6 wears Speedos on Facebook – Link Here
  • Algorithm for Predicting and guessing SSNs – Link Here
  • Iphone SMS Vulnerability – Link Here
  • Study – Oracle Users struggle with patch management – Link Here

Discussion Topic - Cloud Computing – is it a security nightmare waiting to happen? – Link Here

Consultants Corner - Developing an offering before going public!

Music Notes:

Vet

└ Tags: , , , , , , , , , , , , , , , , , , , , , , , , , ,
Comments Off
Jan29

An Information Security Place Podcast – Episode 14

by Michael Farnum on January 29, 2009 at 4:02 am
Posted In: Security

 

Link to MP3

Episode 14 is here.  First off, let me thank everyone that is listening to Jim and me spout off about everything.  Fourteen shows does not seem like a big number, but it involves a lot of work getting this going (especially on Jim’s part – thanks Jim) and keeping it going, and Jim and I appreciate everyone sticking in there with us.

Second, we have made some changes with my setup, so there might be a sound difference and some issues with this episode.  Forgive us as we get some new kinks worked out.

Third, this episode includes an interview with Mike Rothman from eIQnetworks.  You might know him better as that guy from Security Incite that has a yankee accent and tells everyone what he is thinking.  Either way, Mike is a great guy and a great friend, and I was honored to interview him.  I think you will enjoy that portion of the show.

And lastly, there is a programming note.  The geek toys segment that is brought to you by Jim every show is now going to be made more of a quarterly thing.  The reason is because Jim has to find something to talk about every time, and it is getting a little more difficult to find something for every show.

Here’s the breakdown of the show.

Show Notes:

InfoSec News Update: there’s been a lot happening the last two weeks

DiscussionNew president declares his plan for US Cyber Security (more cynicism from Michael)

Vendor Interview – Michael interviews Mike Rothman from eIQnetworks

Consultants Corner -Combining compliance initiatives and what that means for security practices

Music Notes:

└ Tags: , , , , , , , , , , , , , , ,
Comments Off
Oct15

An Information Security Place Podcast – Episode 7

by Michael Farnum on October 15, 2008 at 11:35 pm
Posted In: Podcasts, Security

Hey everybody.  Here’s podcast episode 7.  There’s some great stuff in here, and some great interviews.  Enjoy!

BTW, iTunes is downloading episode 6 for episode 7 for some friggin’ reason.  I will look into it, but I have to finish a proposal tonight.  Sheesh.

 

Link to MP3

Show notes:
Segment 1 – InfoSec News Update

Interview Segment:

Geek Toys: Jasager on the FON Router – Watch Episodes 403 and 405 of Hak5 or hop over to DigiNinja’s Jasager page

Consultants Corner: Discussion on doing some due diligence on checking vendor claims. Open discussion on the recent Evil Bits Darkreading blog post

Music Notes:

  • Intro/Outro – Digital Breaks – “Therapy”
  • Segway 1 – Jimmie Bratcher – “Bad Religion”
  • Segway 2 – The Erotics – “Walk All Over You”
  • Segway 3 – Megaphone – “Not Your Enemy”
  • Segway 4 – Kickstart – “Theme Song”

Vet

└ Tags: , , , , ,
Comments Off
Sep29

An Information Security Place Podcast – Episode 6

by Michael Farnum on September 29, 2008 at 9:21 am
Posted In: Podcasts

Here’s episode #6.  Jim was in a hotel room in California, so forgive any degradation in quality and the shorter-than-usual length.  Just another risk when you are a world-traveling consultant like Mr. Broome. :)

As usual, we welcome feedback of any kind (we reserve the right to delete profanity).  Please let us know how you like / dislike the show.

Also, I know the feed is broken via feedburner.  Not sure what is going on there.  I am looking into it.  For now you can download the podcast via the link below.

OK, here are the show notes:

InfoSec News Update:

  • Rsnake and Grossman’s talk on clickjacking pulled due to lack of feed back by some vendors and a request from Adobe to pull the OWASP USA talk until they issue a patch.
  • Apple and Cisco Release Patches
  • Followup – VMware Fusion 2.x not all that good!!!
  • Palin hack – We don’t give a crap anymore!

Discussion on Remote access and employee termination – Open discussion on the recent articles
and whitepapers:

Segment 2:

And the wonderful music picks from Jim:

  • Intro/Outro – Digital Breaks – “Therapy”
  • Segway 1 – Climax – “OnTheEdge”
  • Segway 2 – Climax – “Eternity”
 

Link to MP3

└ Tags: , , ,
Comments Off
Aug19

An Information Security Place Podcast – Episode 3

by Michael Farnum on August 19, 2008 at 8:24 am
Posted In: Podcasts, Security

Here’s the latest installment of the podcast.  Jim Broome talks about some of the BH / DC talks he was interested in and rubs in the fact that I didn’t get to go (he also rubs in the fact that he was in Hawaii last week – thanks Jim).

We get some closure on the Dan Kaminsky / DNS issue (well, it was closure for us anyway).

We talk a little about Alan Shimel’s adventures in pwnage.  We are not giving any details about the issue, but we give the big guy a little sympathy and some major props for his renewed sense of security importance and writing about the whole thing so we can all see how the process doesn’t work.

Then Jim busts into his favorite two segments.  One is the Geek Toy segment, where he talks about the SanDisk Sansa TakeTV device.  Very cool stuff for the traveler.  And the other segment is the Consultant’s Corner, where Jim gives some advice for writing up and presenting an executive outbrief for a project.

The rest of the podcast is just general bantering and virtually poking each other in the ribs.  We had fun with this one.  Leave some comments on what you think.  We’ll discuss some of them in the next podcast.

Music for this podcast is:

  • Digital Breaks – “Therapy”
  • Digital Droo – “Minor Things”
  • Laika Cres – “Miles and Miles”
 

Vet

└ Tags: , , , , ,
Comments Off