Episode 0x1F — The Confusing Part Starts NOW
Can’t wait till next week when Dave can start reading the episode numbers again!
I’m going to go ahead and apologize for this episode. We really couldn’t seem to get it together last week so we bolted together some recording materials from last week and some that we put together last night. It’s an unholy mess. Enjoy!
The show keeps getting longer. Even when 2/5ths of the hosts are absent, we’re still in the hour long range. What’s a podcast to do? Should we start trimming content? Not according to at least one of our listeners who really misses the Deep Dive Segment. Should we split into two episodes and release twice a week? Could we start recording any earlier so that those of us who live on the eastern side of the continent aren’t yawning before the end? What’s the best part of the show? What could we do less of? Should we just stick to what seems to be working?
These are all questions that you dear listener can answer. Let us know at firstname.lastname@example.org. Did you know that you can also send us tips and links and things that you wish got a little more coverage? Yes you can! Now back to the show.
- Upcoming this week…
- Lots of News
- SCADA / Cyber, cyber… etc.
- finishing it off with DERPs/Mailbag and
- THE RETURN OF THE DEEP DIVE
- Our new weekly Briefs – no arguing or discussion allowed
And if you’ve got commentary, please sent it to email@example.com for us to check out.
DISCLAIMER: It’s not that explicit, but you may want to use headphones if you’re at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don’t need to speak for anyone except themselves. Ok? Good.
In this episode:
- News and Commentary
- HTTPS everywhere for IE
- NYT hacked for 4 months (and WSJ and WaPo
and Ha’aretz and and and)
Symantec didn’t help (gasp!)
As Per Symantec, You need more than AV. (DERP)
- Tuesday is the 10th annual safer internet day
- Twitter got p0wned (“not the work of amateurs”)
- Was the Superbowl Hacked?
Entergy doesn’t think so…
And there’s something to be said for resilient system design
- SANS gets some things very right and some very wrong – this is CIP 002 done WRONG
- Eric Byres weighs in on the “broken by design” issues in ICS/SCADA
- Hackers breach U.S. Energy Department
- Postel’s Principle needs modification. Good stuff.
Go see Shotgun Parsers at Shmoocon
- Vuln Hub (not like github) – it’s metasploitable and friends
- Security engineering book – free!
- Recon-ng (thanks /r/netsec)
- Kim Dotcom puts up 13,500 bounty for Mega
- John Melton’s Year of security for Java (PDF)
- The Security Conference Library
- Contribute to the Strategic Defense Execution Standard (#SDES) and you’ll be Doing Infosec Right in no time.
- If you’re interested in helping out with openCERT.ca, drop a line to info@openCERT.ca
- Upcoming Appearances: James and Dave at RSA e10+, also attending Shmoocon but not speaking, James speaking at Thotcon
- We’re thinking about doing a live podcast with audience participation – drop us a tweet or a line if you’re interested
- Movie Review SOMETHING
- everyday is CTF! go set up a team
- Signing up for a SANS course? Be sure to use the code “Liquidmatrix_150” and save $150 off the course fee!
- Seacrest Says: TOUCHDOWN. Something about Football.
Download the MP3
Creative Commons license: BY-NC-SA