Episode224

From Security Weekly Wiki
Jump to navigationJump to search



Announcements

PaulDotCom Security Weekly - Episode 224 - for Thursday December 16th, 2010.

Guest Interview with Dave Aitel

Dave Aitel is the CTO of Immunity, Inc., where he he is responsible for R&D of the CANVAS exploitation system. He joined the NSA as a research scientist at age 18, then later became a consultant for @stake.

Dave's has co-authored several books:

  • The Hacker's Handbook: The Strategy Behind Breaking into and Defending Networks. ISBN 978-0849308888
  • The Shellcoder's Handbook. ISBN 978-0764544682
  • Beginning Python. ISBN 978-0764596544

He is also well known for writing several security tools:

  • CANVAS, the automated exploitation system
  • SPIKE, a block-based fuzzer
  • SPIKE Proxy, a man-in-the-middle web application assessment tool
  • Unmask, a tool to do statistical analysis on text to determine authorship

Questions:

  1. What was it like to be contacted by the NSA at that age?
  2. What was the culture like for you there?
  3. What were the early days of @stake like?

Stories For Discussion

Gawker Fail? - Gawker hacked and 1.3m accounts compromised. Lots of bad passwords being used, and lots of password reuse identified.

Other Stories of Interest