June 20, 2010 – Episodes 147 and 146

Episode 147 is the this week’s full episode of The CyberJungle.  Episode 146 is the su root edition for advanced listeners – too technical for the radio.

Episode 147-

This week’s show is 1 hour and 14 minutes long. You can hear it by clicking on the flash player below, or you can go to the listening options page and browse for other ways to hear the show.

To listen to Episode 147 via the flash player:

Interviews:

David Perry, Global Director of Education for TrendMicro. David just flew back from the international Anti-Phishing Working Group Conference in Sao Palo Brazil. David became really animated when I asked him about details regarding a huge cybercrime armies in China.  David recommends the Counter-Measures Blog by TrendMicro. This conversation is about 9 minutes long, and starts about 21 minutes into the show.  For the full 36-minute interview, which was too long and technical to air on the radio, scroll down to Episode 146.

ALSO – Security Software entrepreneur Phil Lieberman President of Lieberman Software, who has been serving as an adviser to members of the U.S, Senate on the cybersecurity bill…. sweeping new legislation that could impact every department in the Federal Government, and data security at the Ssate level.  That interview begins about 58 minutes into the show.

Tales from the Dark Web:

A 21-year-old cybercriminal parlayed his talent into  a Porsche, expensive watches and £30,000 in gold bullion. He’s been arrested.

Our Take on This Week’s News:

The rush to deploy smart meters:  Federal stimulus money can get you high, and it makes decision-makers really stupid.  The smart meters are among several advanced systems being deployed before they’re really ready, in terms of their vulnerability to cybercrime. BTW — Kudos to cnet’s Elinor Mills who wrote the article above. Well researched and thorough.

Buy a Chevy Volt – Get a Free Government Surveillance Device! Yes, if you’re one of the first to purchase, you’ll receive a super-fast charger for your garage… and it reports back to big brother on the details of your daily driving.

And if you like reporting to big brother about your driving habits, maybe you should move to the UK, where the cops have stored 7.6 billion images of cars moving through the streets.  HMP Britain is an interesting blog that’s posted the response to its FOIA request about the use of the data taken from CCTV —  a surveillance method ubiquitous in Britain.  HMP stands for “Her Majesty’s Prison” and it’s a prefix in the name of the slammer in every jurisdiction.  HMP Nottingham, etc…. The name of the website suggests the entire nation is a prison, according to its proprietor.

Sorry, wrong number:  Another week, AT&T and Apple team up for another giant blunder. Customers who logged onto their AT&T accounts to order the new iPhone 4 were greeted with someone else’s account information. Has anyone at these companies heard of web application security?

Goatse Security published a serious security flaw in Safari browser that impacts on the iPhone/iPad back in March. Apple has still not patched that flaw, and the code is available on the internet for any attacker to see.

The Disgruntled Employee Chronicles, Chapter 359:  How many times does this story have to play out before managers begin to realize that when you fire someone,  you have to terminate their user name and password.  This former employee was creating havoc inside the hospital’s network after he no longer worked there.

A serious flaw in Windows XP – No patch available. Bad guys taking advantage of the situation. Time to upgrade to Win 7 already? (Come on, Tommy Turtle… do it.)  Go here for information about some other measures you can take.

At last! A data breach story with a happy ending!  Department of the Interior lost a CD containing personal data for 7500 federal employees… but wait a minute…. The data was encrypted and password protected.  And the department reviewed its procedures to make sure it doesn’t happen again.  And they disclosed the loss of the disk within 10 days.  And then pigs started flying out the windows of the Department of the Interior building.  (Just kidding.  We salute the Department of the Interior. If only other federal agencies would implement and follow best practices.)

The good folks at EFF offer yet another great privacy and security idea!   HTTPS everywhere. It’s a Firefox plug-in that encrypts popular search engine and social media sites.  Also allows you to customize sites you visit frequently. Check it out.

More about the Google StreetView debacle.  The roaming hacker cars grabbled user names and passwords, including for email accounts.

Everything Old is New Again. The USB typewriter, for instance.  Cute, but can you imagine hauling it onto an airplane?

Episode 146- su root Edition:

This is our unedited interview wth David Perry, Global Director of Education for TrendMicro. We had a long conversation about iPhone security, web application security, and malware attacks. ALSO — David discusses an army of 300,000 Chinese cybercriminals.  The interview is 36 minutes long. Click on the flash player below, or go to our listening options page and browse for other was to hear the show.

To listen to Episode 146 via the flash player:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: