Liquidmatrix Security Digest Podcast – Episode 13

Episode 0x13 — the 20th episode for those of you that don’t have 16 fingers

The Pirate Bay is in the clouds, but we got here first, so suck it!!!

1. Lots of News
2. Breaches
3. SCADAs
4. DERPs!!!
5. and then our discussion topic – Responsible Disclosure

And if you’ve got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.

DISCLAIMER: It’s not that explicit, but you may want to use headphones if you’re at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 4 opinionated infosec pros who have sufficient opinions of their own they don’t need to speak for anyone except themselves. Ok? Good.

In this episode:

• News
1. HP asks researchers not to publish vuln data
2. GitHub 
   DDoS
3. Symantec research on 0days (that’s pronounced oh-dayz)
4. Privacy on work computers (court decision) 
   Globe and Mail on employee computer privacy
5. Four horsemen’ posse: This here security town needs a new sheriff
6. URL shortener used for spamming from the .gov
7. Pacemaker hack can deliver deadly 830-volt jolt
8. Twitter blocks Nazi account in landmark move
• Breaches – The never ending never ending story…
1. Blount Memorial Hospital – 27k patients
• The SCADAs
1. Kaspersky… what the fuck.
• DERP of the week award
1. It’s kaspersky!!!! The SECOND Cyberdouchery of Kasperskian Proportions

   I don’t even have words any more.

• Commentary
1. Foot In The Door-Time to get Responsible
• what is responsible disclosure?
• how do you disclose?
2. Hardcore – -Except when you can’t
• RFPolicy
• ISO Standard (No link available for normal people)
• Mailbag / Bizarro Land

1. Hi Security Nerds!!

   Does Canada need to spend more on cyber security??

   Ontario’s cyber douche warrior

   YES!!!!!

• In Closing
1. Matt’s Movie Review
2. We do research too – Ben’s running a survey and will publish results. Check it out!
3. The Security Conference Library 
   — is a copy of the conferences amassed by @helpmerob and we’re adding more. If you’ve got pix/pdfs/slides/code/video of a security conference and you want to add to an attempt at the largest/bestest/least dickish security conference library — send us a note (mailbag) and we’ll take your bits and file them. (NOTE: much is stored at http://myrcurial.com/conferences but you can totally trust that guy)
4. If you’re interested in helping out with openCERT.ca, drop a line to info@openCERT.ca
5. Contribute to the  
   Strategic Defense Execution Standard (#SDES) 
   and you’ll be Doing Infosec Right in no time.
6. Upcoming Appearances: James at COUNTERMEASURE 2012 in Ottawa, Matt at AppSecUSA in TEXAS, Ben and Dave at HackFest in Quebec City, James at SecurityZone in Cali, Colombia
7. BSidesDave – held immediately after Hackfest, Dave will not be sleeping before his flight home, so keep him company
8. Signing up for a SANS course? Be sure to use the code “Liquidmatrix_150” and save $150 off the course fee!
9. Seacrest Says:I have binders full of security!!

Download the MP3

Listen:

Subscribe to us using plain old

Also, we’re now available through

Creative Commons license: BY-NC-SA