Liquidmatrix Security Digest Podcast – Episode 3B

Episode 0x3B

We Have Quorum!

Getting tired of hearing about the latest $problem. Can we do something different with our cognitive surplus?

Upcoming this week…

1. Lots of News
2. Breaches
3. SCADA / Cyber, cyber… etc.
4. finishing it off with DERPs/Mailbag (or Deep Dive)
5. And there are weekly Briefs – no arguing or discussion allowed

And if you’ve got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.

DISCLAIMER: It’s not that explicit, but you may want to use headphones if you’re at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don’t need to speak for anyone except themselves. Ok? Good.

In this episode:

• News and Commentary
1. Facebook Awards Largest Bug Bounty To Date for Remote Code Execution Vulnerability – $33,500
2. Gang Rigged Gas Pumps with Bluetooth Enabled Card Skimmers
3. US Courts uphold that you need an actual reason to search people’s stuff
4. F-35 Fighter Plans Intercepted In Shipping Container Destination: Iran
• Breaches
1. 20 million Korean learn about a trusted insider the hard way (and then the executives own it completely)
2. It wasn’t just Target (and the obligatory Krebs)
3. Is Your Twitter Password Secure?
• SCADA / Cyber, cyber… etc
1. VSAT terminals are on the internetz ready for the p0wn
2. CSEC Current Issues: Questions and Answers
• DERP
1. Network solutions ripping customers off to make them more secure
2. Snapchat, still not fixing the problem … but they do implement a bot stopping captcha system… … that gets broken the same day
3. The first rule of a totalitarian government is you don’t talk about hacking
   (just like an oppresive wannabe theocracy)
• Mailbag

We’re reaching a tipping point around the concept of Privacy. Here’s a few examples to discuss:

1. Rating Obama’s NSA Reform Plan: EFF Scorecard Explained
2. MPAA & ICE Confirm They Interrogated A Guy For Wearing Google Glass During A Movie
3. 79-year-old census resister has no regrets after conditional discharge
4. Google outed me
5. Here We Go Again: Canadian Recording Industry Calls on Government To Regulate the Internet
6. TrueCrypt’s Plausible Deniability is Theoretically Useless
7. Another Six Weeks: Muting vs. Blocking and the Wolf Whistles of the Internet
• Briefly — NO ARGUING OR DISCUSSION ALLOWED
1. Switch to HTTPS Now, For Free
2. RSA Conference Parties
3. WhiteHat Aviator for Windows Alpha
4. NF Tables (die die die IPTables)
5. Predicting attacks (cyber!)
6. ISO 30111 – vulnerability handling process
   
• Liquidmatrix Staff Projects — gratuitous self-promotion
1. The Security Conference Library
2. Contribute to the Strategic Defense Execution Standard (#SDES) and you’ll be Doing Infosec Right in no time.
3. If you’re interested in helping out with openCERT.ca, drop a line to info@openCERT.ca
• Upcoming Appearances:  — more gratuitous self-promotion
1. Dave: – Never To Be Seen Again
2. James: – BSidesSF, RSA, etc. Sigh.
3. Ben: – Putting his office tchochkes in a box
4. Matt: – Hiding behind his lustrous facial hair, speaking at AppSec California and BSidesSF/RSA/Metricon/etc.
5. Wil: – Too Pretty (&#9835 I’m too sexy for this show, too sexy for this show, so sexy it hurts… I’m an actor, you know what I mean and I do my little turn on the catwalk… &#9835)
6. Other LSD Writers: – Promised to write up S4 and hasn’t
• Advertising – pay the bills…
1. Signing up for a SANS course? Be sure to use the code “Liquidmatrix_150” and save $150 off the course fee! Or do the math and figure out if 5% off a course would be a better deal with “Liquidmatrix_5”
• Closing Thoughts
1. Seacrest Says: The NSA is in bed with EVERYONE – including me.

Download the MP3

Listen:

Subscribe to us using plain old

Also, we’re now available through

Creative Commons license: BY-NC-SA