I sat down with Lucas Zaichkowsky from AccessData to talk about his presentation at Black Hat this year. It’s a little depressing to hear about how poor the security is for small to medium businesses who take credit cards and what the consequences are for not knowing how to security yourself. His one piece of advice for SMB’s? Use two factor authentication (2FA) for the administration of your POS systems and you’ll be better off than 99% of the businesses out there.
“This is not the Last Hacker Standing: Episode IV – Part II Revenge of the @k8em0 that you’re looking for!”
To fill the void in your lives before we release the epic that is Episode IV Part II we got the crew together to chat about hacker summer camp and our personal recovery plans… In a break from the norm (not sure we have a norm yet, but I’m gonna stick with that) we chat randomly about BlackHat, BSidesLV, DEF CON and the burning hell that is Las Vegas.
If you like the show, make sure to click the “5 stars” on iTunes so less educated people can find us too
Sorry if this is a repeat for you, I’m putting it in the NetSec Podcast page as well.
Well, I told you I couldn’t go that long without recording a podcast. And a couple of weeks ago I got together with my friends Chris John Riley and Dave Lewis and started a new project, Last Hacker Standing. In the inaugural podcast, we talk news (straight up, with a twist), alongside our wonderful guest Katie Moussouris from Hacker One. I’m going to try to have fun with this one, not taking it too seriously. Not that I ever took the Network Security Podcast all that seriously, of course. Our format is going to be a podcast twice a month, with a guest who will join us to talk about news stories for the first half and talk about themselves for the second half. We do reserve the right to change this format whenever we please.
We’d suspected this day would come for quite some time, but it’s time to make it official: The Network Security Podcast will no longer be a regular, weekly podcast, Rich Mogull and Zach Lanier will not be a consistent part of the podcast. The podcast will continue in some form, but it’ll be Martin doing any of the publishing. Which isn’t really all that big of a change anyway.
Basically, all three of us have become incredibly busy in the last year. Zach has a wedding to plan, a new job and has moved again. Rich has more business and work than any time in living memory and has had to cut out anything not related to work or family. And Martin moved to Europe and is on the road close to 50% of the time, further complicating everything.
There will still be microcasts and occasional interviews published through the podcast site, but for the most part we’re shutting down production. It’s a sad day as we’ve been doing this podcast in one form or another for nearly almost 9 years. We’ll miss talking to each other and our audience, but the needs of life have intervened and require our attention elsewhere. You can catch all three of us at various conferences, either presenting or attending and know that we’ve always loved hearing feedback from you.
Keep an eye and ear open as there are already plans in process for what comes next. You didn’t think Martin could stop talking, did you?
- Google Embraces Docker, the Next Big Thing in Cloud Computing
- The CSO’s failure to lead
- Microsoft fights U.S. search warrant for customer e-mails held in overseas server
- Ars test Internet surveillance – by spying on an NPR reporter
- With new hack, cellphone can get data out of computers
- Tonight’s music: Amelia with Farewll
It’s been a while since we could last record a podcast, but at least we were able to get Rich and Martin together this week. Zach was supposed to join us as well, but got called away to fight a fire at the last minute. Such is life sometimes. But we got this episode recorded, so let’s celebrate the small victories. We don’t know when we’ll have the time for another one as most of the hosts are galavanting around the world and having fun.
This afternoon I had a chance to talk to two of the main organizers of one of the biggest security events of the year, BSides London. Paul Batson and Thomas Fisher have been working tirelessly (or maybe tiredly) for months to bring together all of the disparate elements required to make a conference come together. And it’s no mean feat when the people you’re working with are all volunteers and the money comes from sponsors, both of whom believe in your cause. This year will be my first chance to go to BSides London (this is the fourth) and I’m really looking forward to it.
It only took 4+ weeks, but Martin and Zach are back on the air. Rich is back to his “(Inter)National Man of Mystery” routine, so he missed out on the somewhat lively discussion about drones, “secure” browsers, PCI, and, of course, the NSA.
- WhiteHat Aviator Beta for Windows
- Obama’s move to relieve snooping fears
- This drone can steal what’s on your phone
- (see also: Snoopy and STALKER – Analyzing [Your] Wireless Data)
- Trustwave plans to fight “baseless allegations” over Target breach
- Exclusive: NSA infiltrated RSA security more deeply than thought – study
- Tonight’s music: Spartacus Jones with Homeland Security Blues
Most of the time my competitors are afraid to talk to me on the podcast. I’m a nice guy to the people I interview, so I don’t know why they’d be afraid. And this year at RSAC, Jag Bains the CTO at DoSArrest took a chance and talked to me. While I did bring up that we’re competitors, I let Jag explain to me how his company works and what they protect their customers from DDoS. I still think we do it better, but it’s good to hear what other people in the same field are doing.
I had a chance to sit down with BeyondTrust CTO, Marc Maiffret. I’ve had conversations with Marc before, but I haven’t seen him since he has been at BeyondTrust, so I took this time to find out what they do and how it would be used by the average enterprise. As with all my interviews at RSAC, I asked Marc how he felt the spying revelations of the last year have affected the security landscape, his company and him personally.
I caught up with John Dickson and Dan Cornell from the Denim Group to talk about creating secure coding environments within companies, the importance of having trainers who are themselves coders and, of course, a little bit about spying. Which turned into a lot of bit about spying. I should have asked them where the name ‘Denim Group’ comes from.