Episode272

From Security Weekly Wiki
Jump to navigationJump to search


Announcements & Shameless Plugs

PaulDotCom Security Weekly - Episode 272 for Thursday January 5th, 2012.

  • Subscribe to our only non-computer security related show dedicated to Cigar Enthusiasts Stogie Geeks with Paul Asadoorian and Tim "BugBear" Mugherini. Wether you smoke an occasional cigar or daily, this show is for you! Tune in as we review the latest cigars being relesaed and talk "Stogie Tech".

Guest Interview: Bruce Schneier

6:00 PM ET

We are extremely pleased to welcome Bruce Schneier to the show! Bruce is an internationally renowned security technologist and author. Described by The Economist as a "security guru," he is best known as a refreshingly candid and lucid security critic and commentator. Bruce has authored several books, including "Beyond Fear", "Secrets & Lies", and of course "Applied Cryptography" (which a signed copy sits on my own book shelf as one of my most prized possessions). Bruce is on the show to give us a glimpse into his upcoming book Liars and Outliers: Enabling the Trust that Society Needs to Thrive

When people want to know how security really works, they turn to Bruce Schneier. And when God needs a new secure certificate, he uses Bruce Schneier as the signing authority. Welcome Bruce!

General

  1. How did you get your start in information security?
  2. How has privacy been impacted by technology in the past 20 years? Was privacy always dead, or did we kill it even more with technology?
  3. Its well known that in both information and physical security that people respond to fear and "security theater". We see it all the time as we pass through airports or talk to executives, why is that people feel secure when they really are not?
  4. What can we do to change people's perception of security beyond "feeling secure"?
  5. What can we do to manage people's perception of risk? For example, our family and friends put their information on Facebook, companies tend to not put enough investment in security, etc..
  6. Do you believe that security will fall under public health? For example, states require that your wear your seatbelt, wear a helmet when you ride a motorcycle, and not smoke in public places. Will we see something that requires people to run anti-virus software? Do computers need to come with warning labels, or pictures of viruses infecting computers?
  7. On a federal level, do you believe the Government should regulate and/or enforce secure coding practices?

Breaches

  1. Recently several organizations have suffered major security breaches,including HBGary, RSA, and Sony, Stratfor what should organizations be learning from these breaches?
  2. Looking forward, what security trends, offensive or defensive, scare you the most?
  3. On the flip side, what trends, if any, in information security give you the most hope?
  4. Many people believe that if they are using crypto, they are secure. What do you say to those people?

Crypto

  1. Does the Comodo breach point to a much larger problem in the way we implement crypto in things like SSL?
  2. What will the future of cryptography bring? I think many people believe we are working towards "unbreakable" codes, are there really such things?

Misc

  1. Why Squid blogging?
  2. You seem to take the "Bruce Schneier" phenomenon in stride, the comparisons to Chuck Norris, T-shirts, countless images. What is your most favorite Bruce parody?

Guest Technical Segment: Robin "Digininja" Wood

DigiNinja is a senior security engineer based in the UK and is the creator of many well known open source security projects including Jasager, the Interceptor, KreiosC2, CeWL and the Metasploit DNS and DHCP Exhaustion. He's on tonight to discuss his latest project - ZoneTransfer.me

Information on the Project

Paul's Stories

Larry's Stories

Jack's Stories