Difference between revisions of "Episode222"

From Security Weekly Wiki
Jump to navigationJump to search
Line 25: Line 25:
  
 
[http://ha.ckers.org/blog/20101201/mod_security-and-slowloris/ Mod_Security Solves Slowlaris problem] - For now?
 
[http://ha.ckers.org/blog/20101201/mod_security-and-slowloris/ Mod_Security Solves Slowlaris problem] - For now?
 +
 +
[http://www.securitygeneration.com/security/proftpd-1-3-3c-briefly-backdoored-by-hackers/ ProFTPD backdoored by hax0rs]
  
 
= Other Stories of Interest =
 
= Other Stories of Interest =

Revision as of 00:11, 3 December 2010



Announcements

PaulDotCom Security Weekly - Episode 222 Ron Gula Pool Party" - for Thursday December 2nd, 2010.

Roundtable Discussion Topic:

Thanks to Jack Daniel for a sampling of discussion topics:

  1. A perennial good one for a discussion: Privacy vs. Security. Can you have both, is there a balance, etc. This can get deep into human psychology and cultural anthropology very fast with the right crowd.
  2. A few years ago at Shmoocon, the closing panel discussion was around the responsibility of hackers, responsibility to each other, society, etc.
  3. In my speed debates in Las Vegas and Ottawa, the question "do vulnerabilities matter" sparked lively discussions- and the consensus was opposite at the two events.  (in LV, Corman, Dennis Fisher, HD and I all took the "no" position, audience agreed. In Ottawa I was alone in that position on the panel, and the audience was against me, too).
  4. Another one from the debates- Security Metrics- are the real and actionable?  Recent studies into medical science have shown that even the scientific methods we hold up as the standards are plagued with errors and outright fraud- where does that leave a new and rapidly evolving industry like ours?

Stories For Discussion

Software Monocultures

Transparency in Infosec

Stop Killing Innovation

Mod_Security Solves Slowlaris problem - For now?

ProFTPD backdoored by hax0rs

Other Stories of Interest