Friday, May 30, 2014
Tracking News Related To TrueCrypt
Here are some links to stories about TrueCrypt shutting down:
- Reddit's SysAdmin
- Reddit's NetSec
TrueCrypt is a key tool in our toolkit for protecting data and we use it everyday. If it is actually going to go away then it will leave a big whole in end-user security options for data encryption.
Monday, August 12, 2013
DEFCON 21 (and 20 oops!)
We have a detailed report (PDF) from the sessions attended if you are interested. Just drop us an email to get the full report or a request via message on Twitter. A podcast summary is planned but not promised at this time.
Things that we are "worried about" from an Enterprise computing perspective:
- Social Engineering against users is like a hot knife cutting butter. Only defense seems to be training and awareness. Traditional information assurance (IA) protections: virus scanning, IDS, firewall, etc are not effective.
- You can't secure what you don't manage.
- Basic system administration tools and infrastructure services in the Microsoft Windows world can be used for evil: PowerShell, .NET, DNS, browsers, PKI, and SCOM.
- USB is not your friend.
- Mobile computing and Bring Your Own Device (BYOD) are really not your friend.
- Cloud computing could be your friend but probably won't.
- Developers writing code for an organization without a security focus is just asking for trouble.
- If you think your stuff is secure just because you have it behind a lock and a key you are in denial.
- In a year or less, penetration testing is going to include inexpensive mobile assault options via semi-autonomous very-small drones and robots.
Saturday, September 10, 2011
Updates from Twitter - iPad, DEFCON 19, Podcasts, Mobile, Amazon, Etc
The following items were recently posted on @technewsradio:
- USB hub allows simultaneous syncing of 49 iPads http://t.co/OO9H7HW
- DEFCON 19 Podcast Review #security #news #research #hacker #conference http://t.co/rbCr7hK
- SpokenWord.org gets about 1000 new programs every day & they are looking for curators of categories to make the content more organized
- BigBlueButton is a open source collaboration and training system that integrates a bunch of open source projects http://t.co/mEL5dDS
- PC World has more details on the recent news from Qualcomm about their planned updated Snapdragon mobile processor http://t.co/lQQO8y4
- YouTube has a great overview presentation on how "Prezi for iPad" works http://t.co/sHFJBSo
- Amazon EC2 is now supporting Virtual Machine (VM) Import to Amazon EC2 instances http://t.co/35n2UtJ
- IObit has announced a freeware version of Game Booster v2 for Windows that is geared for improving game performance http://t.co/Q0lWB4D
- Via Box.net ... you can get e-signatures features via DocuSign services integrated with documents stored on Box.net
- Getting started with project management? - "scope, time & "cost" - a good reference at Wikipedia http://t.co/oVIzQIX
- "Heroes of the Computer Revolution" original book looked at hackers & nerds from the late 1950s to the early 1980s http://t.co/H4Vz2kM
- arborjs.org - a graph visualization library using web workers and jQuery http://t.co/Zao0gyv
Monday, August 22, 2011
DEFCON 19 Podcast Review
DEFCON 19 was in Las Vegas, NV from August 4-5, 2011. This yearly computer network security and hacker conference is full of cutting-edge research, detailed demos, awesome presentations, and a lot of partying. The podcast coverage was pretty good also. Here are my recommendations:
- Network Security Podcast
- Southern Fried Security Podcast: #59 Defcon Review
- Social-Engineer.Org: Live at Defcon 19
- PaulDotCom Security Weekly - Episode 254 Part 2 (08-11-2011) [wiki]
- Exotic Liability: #78 Con-dom
- Eruo-Trash Information Security Podcast
If you are interested in hearing my thoughts about DEFCON 19 then check out the PaulDotCom.com podcast (08-11-2011). I am the boring "IT Guy" trying to avoid the topic of "hot" women visiting the PaulDotCom.com booth. If you'd like to see a copy of my notes (13+ pages) then drop me a personal email to: "s h o l d e n @pobox.com."
Another Week Of Recommended Podcasts Worth A Listen
- MacCast 2011-07-26: Review of Apple Mac OS X Lion Release (News, Tips & Tricks)
- Author Debriefing (August 16, 2011) - The Triple Agent: The al-Qaeda Mole Who Infiltrated the CIA
- Southern Fried Security Podcast: Interview with Andy Ellis @CSOAndy [#58] & Interview with Rich Mogull [#57]
- IT Pro Show by Same3Guys: Detailed look at OpenStack
- KPBS Midday Edition: Social Media - Can It Keep You From Getting A Job?
- This Week In Google (TWIG) #108: Excellent coverage of the Google & Motorola News
Saturday, August 20, 2011
TECH NEWS RADIO PODCAST #372 | 2011-08-20 | Browser Phishing, National Cyber Range & Microphone Hijack
Listen! (Size 2.9 MBs, Running Time 2m57s)
Today's podcast examines three stories about computer network security:
- New browser tab and window phishing attack threats.
- Barry Rosenber at Federal Computer Week examines DARPA's National Cyber Range plans.
- Tim Wilson at DarkReading.com has coverage of new microphone hijacking attack options.
Saturday, May 07, 2011
@technewsradio Roundup Posts for May 7th, 2011
The following is a summary of @technewsradio posts to Twitter:
- ASIS Bookstore (security pro organization) has announced over 26 new books via their online store
- SWFTools is a collection of open source utilities for working with Adobe Flash files (SWF files)
- Amazon online cloud services has a bunch of demos available - including Travel Log (Sample Java Web Application)
- Google has fixed a SketchUp 8 "dreaded shadow bug"
- Franklin Covey's PlanPlus for Outlook (version 7) is now on sale for $80 (vice $100)
- Looking for a open source mind mapping tool? Then check out Free Mind
- Microsoft Press has announced 3 more books in their Step By Step series: Microsoft Word 2010, Excel 2010 & Project 2010
- Wired.com has an interesting article "Wired—Geek Power: Steven Levy Revisits Tech Titans, Hackers, Idealists"
- Listening to "A Witness to a the Egyptian Revolution" by Doug Kaye (Executive Director, The Conversations Network) via http://bit.ly/i35GC7Delete
- Per Kevin Devin at FriendsInTech.com - A good tool for finding Creative Commons (CC) images on Flickr is here http://bit.ly/gOtgMPDelete
- the Microsoft & Nokia deal seems to leave HP WebOS, BlackBerry, and Intel out of the loop with Apple (#2) & Android (#1) being top dogsDelete
- red5 is an open source audio/video (FLV & MP3) server that also supports H.264
- Steven Levy's classic "Heroes of the Computer Revolution" has a new 25th Anniversary Edition
Tuesday, July 13, 2010
TECH NEWS RADIO PODCAST #369 | 2010-07-13 | OpenOffice.org News
Listen! (Size 3.0 MBs, Running Time 2m58s)
Today's podcast examines some recent news from OpenOffice.org that Petroleo Brasileiro SA is rolling out a big BrOffice.org deployment to over 90,000 systems; and that v3.21 of Open Office has been release with v3.3 expected this Fall 2010. Two additional links mentioned in this podcast include: Open Document Format (ODF) and Oracle.
Friday, July 09, 2010
TECH NEWS RADIO PODCAST #367 | 2010-07-09 | Amazon's Improving Cloud of Computing
Listen! (Size 3.1 MBs, Running Time 3m04s)
Today's podcast is a couple of tech tidbits that examine recent news from Amazon S3 with regards to:
- Reduced Redundancy Storage (RRS);
- Amazon Cloudfront HTTP & HTTPS; and
- S3 Bucket Services (via ReadWriteWeb).
Thursday, July 08, 2010
TECH NEWS RADIO PODCAST #366 | 2010-07-08 | Web & Wireless Security
Listen! (Size 2.6 MBs, Running Time 2m33s)
Today's podcast covers two quick pointers to some information security related news.
First up, Dan Goodin based out of San Francisco recently wrote an interesting article entitled "Google tutorial lets developers play malicious hacker" for the UK's The Register.