September 25, 2010 – Episode 175
This week’s regular episode of The Cyberjungle is 1 hour and 25 minutes long. You can hear it by clicking on the flash player below, or you can go to the listening options page and browse for other ways to hear the show.
To listen to Episode 175 via the flash player:
Lance Spitzner from the SANS “Securing the Human” project joins us to discuss the final (and largest) hole in network security. It’s the users, stupid. Millions of hours and billions of brain cells have been spent securing computers and networks. The job will never be done until we secure the humans. Our interview with Lance is about 5 minutes long, and it starts about 25 minutes into the show. Lance’s blog posting with slides from his presentation at SANS Las Vegas.
Tales from the Dark Web
We all love to give our opinions. Apparently, the bad guys know it. The latest dark web scam involves online and email surveys.
Our Take on This Week’s News
Teacher fired for posting a blog that included references to various students. The article in the Austin Statesman is unclear, but the reader comments help us piece together the story. Apparently this teacher, who was last year’s teacher of the year, wrote a blog on which she contemplated how to approach teaching challenges presented by some of her individual students. Her mistake was probably posting photos. One comment indicates that she did not identify any of the students by name. We are inclined to blame the administration for failure to make clear the policies regarding federal student privacy laws (FERPA).
“Respondent May NOT Use Internet in Any Manner to Communicate About Petitioner Ever Again.” An order handed down in a divorce case. The question on the Volokh Conspiracy is whether the order in constitutional. (Remember free speech?) You can’t libel someone, and maybe you can be gagged during litigation, but the government can’t permanently keep you from trashing your ex.
Wonder how many jobs this created or saved? Federal stimulus dollars are being used for an RFID program to track preschoolers. ACLU and EFF open a can of whip-ass.
Lawyers heart Facebook! Best not to post photos of yourself looking healthy and robust on Facbook if you’re in litigation for a personal injury. A judge has ordered the private portions of plaintiff’s Facebook are discoverable, since the public portions suggest she’s having more fun that she claims her physical condition permits.
U.S. Cybercommand proposing an internet “safe zone” for government and such critical industries as utilities and banking. A super-safe segregated network might raise as many questions as it answers. Read various versions below for a variety of angles.
Worm attack on Iranian nuke facility. Is this malware part of a nation-state attack?
Top ten internal threats to network security – This how the risks stack up according to researchers at Fortinet.