Episode222

From Paul's Security Weekly
Jump to: navigation, search
Palo Alto Networks
Tenable Network Security
The SANS Institute
Pwnie Express
Black Hills Information Security
BlackSquirrel
Onapsis

SANS Las Vegas from October 26-27th will debut a new course titled "Embedded Device Security Assessments for the Rest of Us" which will teach students how to assess embedded systems of all varieties on pen tests and in your duties as a security professional. Register Here



Announcements

Security Weekly - Episode 222 Ron Gula Pool Party" - for Thursday December 2nd, 2010.

Episode Media

MP3

Roundtable Discussion Topic:

Thanks to Jack Daniel for a sampling of discussion topics:

  1. A perennial good one for a discussion: Privacy vs. Security. Can you have both, is there a balance, etc. This can get deep into human psychology and cultural anthropology very fast with the right crowd.
  2. A few years ago at Shmoocon, the closing panel discussion was around the responsibility of hackers, responsibility to each other, society, etc.
  3. In my speed debates in Las Vegas and Ottawa, the question "do vulnerabilities matter" sparked lively discussions- and the consensus was opposite at the two events.  (in LV, Corman, Dennis Fisher, HD and I all took the "no" position, audience agreed. In Ottawa I was alone in that position on the panel, and the audience was against me, too).
  4. Another one from the debates- Security Metrics- are the real and actionable?  Recent studies into medical science have shown that even the scientific methods we hold up as the standards are plagued with errors and outright fraud- where does that leave a new and rapidly evolving industry like ours?

And one from Larry...

  1. We've argued on the podcast that privacy is dead. What about security? Is security dead too? I ask, and would argue in one direction after seeing much more of the tender underbelly of SMBs, State and Local governement, and seeing the state of security there...

Stories For Discussion

Software Monocultures

Transparency in Infosec

Stop Killing Innovation

Mod_Security Solves Slowlaris problem - For now?

ProFTPD backdoored by hax0rs

Other Stories of Interest