DEFCON 22 2014 Conference Report

DEFCON22

A detailed conference report of the sessions attended has been posted: DEFCON22 (PDF).

In addition, here is a summary of DEFCON 22 related news articles of potential interest:

Here are pointers to previous reports: DEFCON 18, DEFCON 19, DEFCON 20, and DEFCON 21.


TECH NEWS RADIO PODCAST #373 | 2014-08-02 | NMAP #DDOP

 Listen! (Size 2.12 MBs, Running Time 2m10s)
 
Today's podcast is inspired by the Dog Days Of Podcasting (#DDOP).  It is a single focus recommendation on why I have NMAP in my security toolkit and why you should consider it.

Feel free to follow along with Steve Holden at: Twitter and/or Google+.  For technology news only updates follow TechNewsRadio @ Twitter.


Tracking News Related To TrueCrypt

Here are some links to stories about TrueCrypt shutting down:

TrueCrypt is a key tool in our toolkit for protecting data and we use it everyday.  If it is actually going to go away then it will leave a big whole in end-user security options for data encryption.

 


DEFCON 21 (and 20 oops!)

Defcon-21-badge+stuffDEFCON 21 was in Las Vegas, NV from August 02-04, 2013 and we were there.  Our real-time posts, references, and links are available over on @Technewsradio on Twitter.  

We have a detailed report (PDF) from the sessions attended if you are interested.  Just drop us an email to get the full report or a request via message on Twitter.  A podcast summary is planned but not promised at this time.

Things that we are "worried about" from an Enterprise computing perspective:

  • Social Engineering against users is like a hot knife cutting butter. Only defense seems to be training and awareness. Traditional information assurance (IA) protections: virus scanning, IDS, firewall, etc are not effective.
  • You can't secure what you don't manage.
  • Basic system administration tools and infrastructure services in the Microsoft Windows world can be used for evil: PowerShell, .NET, DNS, browsers, PKI, and SCOM.
  • USB is not your friend.
  • Mobile computing and Bring Your Own Device (BYOD) are really not your friend.
  • Cloud computing could be your friend but probably won't.
  • Developers writing code for an organization without a security focus is just asking for trouble.
  • If you think your stuff is secure just because you have it behind a lock and a key you are in denial.
  • In a year or less, penetration testing is going to include inexpensive mobile assault options via semi-autonomous very-small drones and robots.

P.S. x 1: We were also at DEFCON 20 and have that report available if you are interested. Just drop us an email or message on Twitter for a link.

P.S. x 2: There are also DEFCON 18 and DEFCON 19 reports.  They are surprisingly still relevant IMHO -- same bat channel.


Updates from Twitter - iPad, DEFCON 19, Podcasts, Mobile, Amazon, Etc

The following items were recently posted on @technewsradio:

  • USB hub allows simultaneous syncing of 49 iPads http://t.co/OO9H7HW
  • DEFCON 19 Podcast Review #security #news #research #hacker #conference http://t.co/rbCr7hK
  • SpokenWord.org gets about 1000 new programs every day & they are looking for curators of categories to make the content more organized
  • BigBlueButton is a open source collaboration and training system that integrates a bunch of open source projects http://t.co/mEL5dDS  
  • PC World has more details on the recent news from Qualcomm about their planned updated Snapdragon mobile processor http://t.co/lQQO8y4  
  • YouTube has a great overview presentation on how "Prezi for iPad" works http://t.co/sHFJBSo  
  • Amazon EC2 is now supporting Virtual Machine (VM) Import to Amazon EC2 instances http://t.co/35n2UtJ  
  • IObit has announced a freeware version of Game Booster v2 for Windows that is geared for improving game performance http://t.co/Q0lWB4D  
  • Via Box.net ... you can get e-signatures features via DocuSign services integrated with documents stored on Box.net  
  • Getting started with project management? - "scope, time & "cost" - a good reference at Wikipedia http://t.co/oVIzQIX  
  • "Heroes of the Computer Revolution" original book looked at hackers & nerds from the late 1950s to the early 1980s http://t.co/H4Vz2kM   
  • arborjs.org - a graph visualization library using web workers and jQuery http://t.co/Zao0gyv

DEFCON 19 Podcast Review

Defcon19-podcasts

DEFCON 19 was in Las Vegas, NV from August 4-5, 2011.  This yearly computer network security and hacker conference is full of cutting-edge research, detailed demos, awesome presentations, and a lot of partying. The podcast coverage was pretty good also. Here are my recommendations:

If you are interested in hearing my thoughts about DEFCON 19 then check out the PaulDotCom.com podcast (08-11-2011).  I am the boring "IT Guy" trying to avoid the topic of "hot" women visiting the PaulDotCom.com booth.  If you'd like to see a copy of my notes (13+ pages) then drop me a personal email to: "s h o l d e n @pobox.com."

Here is a Picasa collage from the Network Security Podcast meet-up at DEFCON 19 that was "infected" by Paul & Larry @ Pauldotcom.com's little red balls from one of thier sponsors:

DEFCON19-PodcastMeetup-2011-08-06


Another Week Of Recommended Podcasts Worth A Listen


Podcast-recommendations-01 Looking through my listened to podcast list for this past week, I'm going to recommend the following as potentially interesting:

 


TECH NEWS RADIO PODCAST #372 | 2011-08-20 | Browser Phishing, National Cyber Range & Microphone Hijack

 Listen! (Size 2.9 MBs, Running Time 2m57s)

Today's podcast examines three stories about computer network security:

Feel free to follow along with Steve Holden at: Twitter and/or Google+.  For technology news only updates follow TechNewsRadio @ Twitter.


@technewsradio Roundup Posts for May 7th, 2011

The following is a summary of @technewsradio posts to Twitter:

  1. ASIS Bookstore (security pro organization) has announced over 26 new books via their online store
  2. SWFTools is a collection of open source utilities for working with Adobe Flash files (SWF files)
  3. Amazon online cloud services has a bunch of demos available - including Travel Log (Sample Java Web Application)
  4. Google has fixed a SketchUp 8 "dreaded shadow bug"
  5. Franklin Covey's PlanPlus for Outlook (version 7) is now on sale for $80 (vice $100) 
  6. Looking for a open source mind mapping tool?  Then check out Free Mind
  7. Microsoft Press has announced 3 more books in their Step By Step series: Microsoft Word 2010, Excel 2010 & Project 2010 
  8. Wired.com has an interesting article "Wired—Geek Power: Steven Levy Revisits Tech Titans, Hackers, Idealists"
  9. Listening to "A Witness to a the Egyptian Revolution" by Doug Kaye (Executive Director, The Conversations Network) via http://bit.ly/i35GC7Delete
  10. Per Kevin Devin at FriendsInTech.com - A good tool for finding Creative Commons (CC) images on Flickr is here http://bit.ly/gOtgMPDelete
  11. the Microsoft & Nokia deal seems to leave HP WebOS, BlackBerry, and Intel out of the loop with Apple (#2) & Android (#1) being top dogsDelete
  12. red5 is an open source audio/video (FLV & MP3) server that also supports H.264 
  13. Steven Levy's classic "Heroes of the Computer Revolution" has a new 25th Anniversary Edition

TECH NEWS RADIO PODCAST #369 | 2010-07-13 | OpenOffice.org News

 Listen! (Size 3.0 MBs, Running Time 2m58s)

Today's podcast examines some recent news from OpenOffice.org that Petroleo Brasileiro SA is rolling out a big BrOffice.org deployment to over 90,000 systems; and that v3.21 of Open Office has been release with v3.3 expected this Fall 2010.  Two additional links mentioned in this podcast include: Open Document Format (ODF) and Oracle.

Feel free to follow along with Steve Holden at: TwitterFriendFeed, and/or Delicious.  For tech news only updates follow TechNewsRadio on Twitter.

This podcast is sponsored by SCOTTEVEST and Amazon.