auscert – Page 3 – Stilgherrian

03 June 2012

Weekly Wrap 104: Worms, smartphones and television

My week from Monday 28 May to Sunday 3 June 2012 was complex, busy and stressful, yet there were also some memorable highlights.

I won’t be telling you anything about the latter.

I will say that spending the night in six different locations in one week is probably stress-inducing.

Podcasts

Patch Monday episode 140, “Cybercrime: it’s just too easy”, the second of two episodes based on material recorded at the AusCERT 2012 information security conference. AusCERT general manager Graham Ingram explains why cybercrime is here to stay, and F-Secure chief research officer Mikko Hypponen details a complex transnational criminal operation that saw goods bought fraudulently in Denmark being resold in Moscow, as well giving his views on hacktivism and the level to which antivirus companies should cooperate with governments.

Articles

The dawn of the cyber posse, ZDNet Australia, 28 May 2012.
In Iran, Flame heats up the cold war online, Crikey, 29 May 2012. This was my Day 1 story on the Flame worm, “the most complex malware we’ve ever seen”.
Why Flame can’t be the world’s most complex malware, CSO Online, 30 May 2012. This is the Day 2 story. Yes, taking time to discuss and reflect upon the news does bring clarity. As I post this, the story is still CSO Online Australiaâ€™s most-read.
Samsung Galaxy S III’s ‘iPhone-killer’ potential, Technology Spectator, 1 June 2012. Please don’t blame me for the headline.

Media Appearances

On Wednesday I spoke on ABC Gold Coast about the Flame worm, but I screwed up the recording so it hasn’t been posted.
On Friday night I spoke about internet worms and cyberwar with Dom Knight on ABC Local Radio.
I was a guest, along with News Limited’s national technology editor Jen Dudley, on Marc Fennellâ€™s Download This Show, broadcast on ABC Radio National at 8.30pm Sunday night but posted first as a podcast some time on Friday afternoon.
On Sunday morning I appeared on ABC News 24’s Weekend Breakfast to discuss the so-called Dark Web.

Corporate Largesse

On Thursday I attended the launch of the Samsung Galaxy S III smartphone at the Sydney’s Capitol Theatre, where I was given food and drink — and later a review unit of said smartphone.
Even though I didn’t go paintballing with Eugene Kaspersky last week, I still got the media pack from Kaspersky Lab. The army-style khaki satchel contained: a t-shirt emblazoned with my callsign “Seagull 17”; a packet of Austcam “Paint, face, camouflage NSN 6850-66-130-0172”; blank dog tags attacked to a Kaspersky-branded USB memory key, containing the media kit of course; a Mars Bar 2-pack; and a can of V, that terribly dangerous drink that should be banned, which I gave away.

The Week Ahead

Monday, as always, is a busy day of media production as well as the discussion I’m leading in Katoomba, Surviving and thriving as a freelancer in a globalised market. And it’s a Full Moon, so that’ll help.

The rest of the week will be easier, in theory — at least as far as work goes — and I even hope to spend Friday with a friend and then head to Sydney as an early start to the Queen’s Birthday long weekend.

I’d originally intended to be in Sydney on Tuesday evening. Intel has a launch event for their 3rd Generation Core processor chips. But to be honest I find it difficult to excited by new widgets — they’re faster and better that the previous widgets, right? — so I think I’ll give it a miss. Plus at the start of a new month no-one has yet paid for last month’s work, so it’s hard to justify the expense — especially since I’ll be paying for accommodation away from Bunjaree Cottages for the long weekend.

Elsewhere

Most of my day-to-day observations are on my high-volume Twitter stream, and random photos and other observations turn up on my Posterous stream (or they used to before my phone camera got a bit too scratched up) and via Instagram. The photos also appear on Flickr, where I eventually add geolocation data and tags. Yes, I should probably update this stock paragraph to match the current reality.

[Photo: Sydney’s Saturday night fashion. These young women were spotted alighting at Wynyard station, Sydney, around 11.30pm Saturday night. While I’m obviously no fashion guru, I think it’s fair to say that this look does not flatter them. What made it worse was that neither of the women were steady with their operation of those heels. As they walked down the platform there was considerable swaying and undulation. And it didn’t seem to be because they were drunk. Can someone explain to me when undergarments became acceptable Saturday night partywear? I want to say something about yellow and black being the colours of warning, but I’d better not.]

27 May 201227 May 2012

Weekly Wrap 103: Cold, cockatoos and codeine

My week from Monday 21 to Sunday 27 May 2012 saw me return to my usual writing levels — despite continuing pain from my shoulder and a lingering cold which, as I write this, threatens to turn into bronchitis. It’s been rather cold and windy here at Wentworth Falls.

Sadly that meant I didn’t make it to the planned paintball session with Eugene Kaspersky on Wednesday night. It seems that I’m fated not to spend any quality time with Mr K on this Australian trip. I daresay I’ll catch up with him another time. Is that a hint? Der. Of course.

Podcasts

Patch Monday episode 139, “War talk dominates AusCERT 2012”, the first of two episodes based on material recorded at the information security conference. The overall theme is that infosec is becoming militarised. We no longer talk about “information assurance” but “defensive cyber operations”. Click through for the full list of speakers.

Articles

AusCERT 2012: NSA, FBI split on comms intercepts, ZDNet Australia, 21 May 2012.
Twitter mapping and how we choose our own adventure, Crikey, 23 May 2012. I thoroughly recommend that you watch and listen to the full 38-minute presentation by Prof Axel Bruns.
Kaspersky’s right: Apple, lift your security game, CSO Online, 24 May 2012. I seems that Mr Kaspersky appreciates my description of him as “glorious global megatroll”. Yes, I do think it’s a compliment. I genuinely admire his ability to grab the headlines.
Optus’ innovation directive, Technology Spectator, 25 May 2012. These are my first written observations from Optus’ Future of Business Report, another thing I suggest you might read.

There’s one more long story emerging from ideas presented at AusCERT 2012 that was filed late Friday. It will appear tomorrow morning at ZDNet Australia.

Media Appearances

None. Which makes up for last week’s heavy media load.

Corporate Largesse

On Thursday I went to a media briefing by Optus Business at Australian Technology Park. They provided lunch, and afterwards a couple of coffees. They also gave me an autographed copy of Peter Hinssenâ€™s book The New Normal: Explore the limits of the digital world. No, me neither.

The Week Ahead

It looks like the coming week will be significantly less intense for me, with a more gentle workload and, with luck, better health.

The only fixed-schedule items will take place during an overnight trip to Sydney on Wednesday. That evening there’s a Sydney Talks seminar entitled It Won’t Happen to Me: Cybercrime Myths and Concepts at the University of New South Wales. (Does anyone want to join me?) Then on Thursday morning Samsung is launching… well, they won’t tell me what, but I suspect it’s their new Samsung Galaxy S III smartphone.

I may well be in Sydney on the weekend too, because Bunjaree Cottages is full up both for that weekend and the following Queen’s Birthday long weekend. Stand by.

Elsewhere

[Photo: A young Yellow-tailed Black Cockatoo (Calyptorhynchus funereus) swoops low overhead at Bunjaree Cottages near Wentworth Falls.]

21 May 201203 June 2012

Weekly Wrap 102: Infosec and interference

My week from Monday 14 to Sunday 20 May 2012 was mostly about the AusCERT information security conference and a blur of returning pain thanks to my dodgy shoulder.

As I finish compiling this post, I’ve still got lots of AusCERT material to produce and Monday looks like being intense. So let’s just list everything and see what happens.

Podcasts

Patch Monday episode 138, “Anonymous ‘crippled’: where to for hacktivism?”. Following last week’s conversation with Israeli information security researcher Tal Be’ery about hacktivists’ tactics, I spoke with former journalist and commentator Barrett Brown, who has worked with Anonymous for about a year and a half. He discusses Anonymous’ position in the wake of revelations that Sabu, a core member and informal leader of the offshoot hacking group LulzSec, had become an FBI informant.

Articles

These are just the first two articles from my AusCERT coverage. More will follow.

AusCERT 2012: Russian crims evade transaction profiling, ZDNet Australia, 17 May 2012.
AusCERT 2012: DNS poisoning the ‘thin end of a wedge’, ZDNet Australia, 17 May 2012.

Videos

5 Conference Tips for PR Professionals, an impromptu video message from Gold Coast airport.

Media Appearances

On Monday I spoke about Facebook charging for highlighted posts and the company’s stock market float on ABC 702 Sydney.
On Tuesday I spoke with journalism student Tom Davey about various attempts to regulate the internet. Here’s his resulting radio report.
On Friday night I spoke about AusCERT, cybercrime, cyberwar and claims that Apple is behind the pace on ABC Local Radio.
On Sunday afteroon I spoke about the surveillance society at the Sydney Writers’ Festival. Here’s the audio recording.
On Sunday night I spoke about using Twitter to generate ideas with James O’Loughlin on ABC Local Radio. Here’s the audio recording.

Corporate Largesse

AusCERT 2012 conference organisers and sponsors paid for various meals and drinks, but I didn’t keep track of that. While that means I can’t disclose who paid, it also means I can’t be influenced because I can’t remember who’s meant to be doing the influencing. Complete market failure, that.

The Week Ahead

There’s a couple of days of intense writing and production ahead. At the very least there’s two or three articles about AusCERT 2012 and the Patch Monday podcast. Then there’s a piece to do for CSO Online, and one for Technology Spectator.

I should be returning to Wentworth Falls this evening, but I plan to be back on Wednesday night to go to a paintball session with Eugene Kaspersky and other journalists. That could be weird. And I’ll probably be in Sydney again at the end of the week, but that hasn’t been planned out yet.

Elsewhere

[Photo: Airbus A320-232 VH-VGY at Gold Coast airport, the aircraft I traveled in on Saturday. Check out the complete history of VH-VGY at FlightAware.]

[Update 26 May 2012: Links added to last weekend’s audio recordings, added earlier today as separate blog posts. Update 3 June 2012: Link added to Tom Davey’s radio report.]

19 May 2012

Talking AusCERT 2012 and cyberwar on ABC Local Radio

My full output from the AusCERT 2012 information security conference has yet to appear. Stand by. But last night I did a half-hour conference wrap with Dom Knight on ABC Local Radio.

We spoke about the conference atmosphere itself, cybercrime, cyberwar, the risk of Cybergeddon (yes, I know), and the claim by Eugene Kaspersky that Apple is ten years behind Microsoft when it comes to security.

Not that Mr Kaspersky would ever, like, troll the entire planet.

Podcast: Play in new window | Download (15.5MB)

What we didn’t talk about, really, was the two stories that have been published so far:

Russian crims evade transaction profiling, which details a trans-national organised crime operation profiled by Mikko Hypponen.
DNS poisoning the thin end of a wedge’, in which domain name system pioneer Dr Paul Vixie supports my argument that fiddling with the internet’s fundamental navigation systems probably isn’t such a great idea.

15 May 201216 May 2012

AusCERT 2012: What’s changed since 2011?

I’m currently on the train down from the Blue Mountains to Sydney, en route to the AusCERT 2012 information security conference on the Gold Coast, and I’m thinking about what stories might emerge.

Here’s what I wrote last year when, just like this year, I was on the ZDNet Australia team:

AusCERT 2011: Firms ignore ID theft risk, in which Bennett Arron explains that police forces don’t yet take this stuff seriously enough. Has this improved? I’m seeing talk but no action.
AusCERT 2011: Son of Stuxnet within a year: expert, in which Eric Byres explains why the Stuxnet worm — the presumed US-with-Israeli-help anti-SCADA attack on Iran’s nuclear program — would spawn a wave of copycats. This didn’t happen. Why not?
AusCERT 2011: Black hats and whitegoods, a story which was provided with the year’s best headline by CBS Interactive’s Brian Haverty where I discussed how the Internet of Things and a billion smart appliances would be the vector for a new wave of attacks. This hasn’t happened — yet — but is it still just around the corner?
AusCERT 2011: Bank theft goes truly mobile, in which Amit Klein, chief technology officer at Trusteer, predicted third-generation anti-banking malware on smartphones by Christmas. Did this happen? Well, not really. Why not?
AusCERT 2011: Silent victims thwart cybercops: Qld Police, in which Detective Superintendent Brian Hay, head of the Fraud and Corporate Crime Group of the Queensland Police Service, bemoaned the lack of hard data. I know how he feels. Do we have any yet?

The feeling I get from scanning those headlines is that there’s always a lot of scaremongering but the threats often don’t materialise. Are the threats over-stated? Does pointing out the threats trigger an effort to counter them, thus defeating them? Is it all just a bit too screechy?

And over the last year there’s been so much talk of imminent cyberwar. Is that just this year’s fashionable scary thing on a stick? I intend to ask a few questions. And I’ll plug it again: Thomas Rid says we shouldn’t believe the hype.

I haven’t yet looked in detail at the conference program but will do so over the next few hours. What do you reckon I should be investigating?

[Update 16 May 2012, 0625 AEST: Changed second paragraph to emphasise that I am covering the event for ZDNet Australia this year as well as last.]

29 May 201113 June 2011

Weekly Wrap 51

A weekly summary of what I’ve been doing elsewhere on the internets. This week returned to something a little more normal after the crazy fortnight of travel and conference coverage.

Podcasts

Patch Monday episode 89, “Stuxnet, routing hacks and a seized iPad”, based on material connected with the AusCERT Conference on information security. Security analyst Eric Byers warns of imminent Son of Stuxnet copycat malware. APNIC chief scientist Geoff Huston warns of the security problem in the internet’s routing protocols. And a whole bunch of people talk about the demonstration of a Facebook hack that led, eventually, to the arrest of a journalist.

Articles

NBN: ACCC wet dream, security nightmare, for ZDNet Australia. Network strategist Paul Brooks from Layer 10 reckons that consumers won’t know how to set up a home network in the NBN’s multi-provider world. I reckon he’s right.
Harvey should have stayed at home, for Technology Spectator, being a rather scathing review of Harvey Norman’s BiG BUYS website.
Facebook for under-13s? Whoâ€™s kidding whom here? for Crikey, responding to “outrage” that Facebook want to admit younger kids as users.

Media Appearances

I was part of the first ZDNet Tough Talk panel discussion, recorded on video at the AusCERT information security conference, along with Longhaus and Business Aspect board member Sam Higgins, IBRS analyst James Turner, NetWitness chief security officer Eddie Schwartz and Kaspersky CEO Eugene Kaspersky. The moderator was ZDNet Australia’s editorial director Brian Haverty. The topic was: Is cloud secure enough for business? I still haven’t watched it yet. What do you think?
On Wednesday I was interviewed by ABC Radio 891 Adelaide about changes to the internet’s top-level domain names. I can post the audio here should you care.

Corporate Largesse

On Tuesday I attended a briefing on various information security issues hosted by Sourcefire. They served a light breakfast and handed out a notebook and a toy pig.

Elsewhere

Most of my day-to-day observations are on my high-volume Twitter stream, and random photos and other observations turn up on my Posterous stream. The photos also appear on Flickr, where I eventually add geolocation data and tags.