eric byres – Stilgherrian

15 May 201216 May 2012

AusCERT 2012: What’s changed since 2011?

I’m currently on the train down from the Blue Mountains to Sydney, en route to the AusCERT 2012 information security conference on the Gold Coast, and I’m thinking about what stories might emerge.

Here’s what I wrote last year when, just like this year, I was on the ZDNet Australia team:

AusCERT 2011: Firms ignore ID theft risk, in which Bennett Arron explains that police forces don’t yet take this stuff seriously enough. Has this improved? I’m seeing talk but no action.
AusCERT 2011: Son of Stuxnet within a year: expert, in which Eric Byres explains why the Stuxnet worm — the presumed US-with-Israeli-help anti-SCADA attack on Iran’s nuclear program — would spawn a wave of copycats. This didn’t happen. Why not?
AusCERT 2011: Black hats and whitegoods, a story which was provided with the year’s best headline by CBS Interactive’s Brian Haverty where I discussed how the Internet of Things and a billion smart appliances would be the vector for a new wave of attacks. This hasn’t happened — yet — but is it still just around the corner?
AusCERT 2011: Bank theft goes truly mobile, in which Amit Klein, chief technology officer at Trusteer, predicted third-generation anti-banking malware on smartphones by Christmas. Did this happen? Well, not really. Why not?
AusCERT 2011: Silent victims thwart cybercops: Qld Police, in which Detective Superintendent Brian Hay, head of the Fraud and Corporate Crime Group of the Queensland Police Service, bemoaned the lack of hard data. I know how he feels. Do we have any yet?

The feeling I get from scanning those headlines is that there’s always a lot of scaremongering but the threats often don’t materialise. Are the threats over-stated? Does pointing out the threats trigger an effort to counter them, thus defeating them? Is it all just a bit too screechy?

And over the last year there’s been so much talk of imminent cyberwar. Is that just this year’s fashionable scary thing on a stick? I intend to ask a few questions. And I’ll plug it again: Thomas Rid says we shouldn’t believe the hype.

I haven’t yet looked in detail at the conference program but will do so over the next few hours. What do you reckon I should be investigating?

[Update 16 May 2012, 0625 AEST: Changed second paragraph to emphasise that I am covering the event for ZDNet Australia this year as well as last.]

12 July 201112 July 2011

Weekly Wrap 57

A weekly summary of what I’ve been doing elsewhere on the internets. Last week I said something’s gotta give. This week it gave.

Stress and exhaustion and a much lower productivity level than the previous two weeks has led to this post being two days late.

Podcasts

Patch Monday episode 95, “Malware? It’s just business!” Malware, these days, is so good that it simply has to be produced by professional development teams. As Yuval Ben-Itzhak, chief technology officer of AVG, explains, malware is distributed automatically, and runs on millions of target computers without causing any visible signs that something bad is happening.

Articles

Air-gap security an “enduring fairy tale”: Byres, for CSO. Further commentary on the security of industrial control systems from Eric Byres, essentially a follow-up to my Son of Stuxnet within a year: expert for ZDNet Australia.
Cyber threats the focus for Quintet of Attorneys-General, for CSO.

Media Appearances

None.

Corporate Largesse

On Monday 4 July I had an extremely long lunch with people who are continuing their interest in having me work with them on a forthcoming media project. I still can’t say much, except I will drop in one word: Television.

Elsewhere

Most of my day-to-day observations are on my high-volume Twitter stream, and random photos and other observations turn up on my Posterous stream. The photos also appear on Flickr, where I eventually add geolocation data and tags.

[Photo: The Wilds of Lilyfield, the view eastwards towards the Sydney CBD from the corner of Lilyfield and Balmain Roads.]

29 May 201113 June 2011

Weekly Wrap 51

A weekly summary of what I’ve been doing elsewhere on the internets. This week returned to something a little more normal after the crazy fortnight of travel and conference coverage.

Podcasts

Patch Monday episode 89, “Stuxnet, routing hacks and a seized iPad”, based on material connected with the AusCERT Conference on information security. Security analyst Eric Byers warns of imminent Son of Stuxnet copycat malware. APNIC chief scientist Geoff Huston warns of the security problem in the internet’s routing protocols. And a whole bunch of people talk about the demonstration of a Facebook hack that led, eventually, to the arrest of a journalist.

Articles

NBN: ACCC wet dream, security nightmare, for ZDNet Australia. Network strategist Paul Brooks from Layer 10 reckons that consumers won’t know how to set up a home network in the NBN’s multi-provider world. I reckon he’s right.
Harvey should have stayed at home, for Technology Spectator, being a rather scathing review of Harvey Norman’s BiG BUYS website.
Facebook for under-13s? Whoâ€™s kidding whom here? for Crikey, responding to “outrage” that Facebook want to admit younger kids as users.

Media Appearances

I was part of the first ZDNet Tough Talk panel discussion, recorded on video at the AusCERT information security conference, along with Longhaus and Business Aspect board member Sam Higgins, IBRS analyst James Turner, NetWitness chief security officer Eddie Schwartz and Kaspersky CEO Eugene Kaspersky. The moderator was ZDNet Australia’s editorial director Brian Haverty. The topic was: Is cloud secure enough for business? I still haven’t watched it yet. What do you think?
On Wednesday I was interviewed by ABC Radio 891 Adelaide about changes to the internet’s top-level domain names. I can post the audio here should you care.

Corporate Largesse

On Tuesday I attended a briefing on various information security issues hosted by Sourcefire. They served a light breakfast and handed out a notebook and a toy pig.

Elsewhere

22 May 201103 May 2013

Weekly Wrap 50

A weekly summary of what I’ve been doing elsewhere on the internets. This week was mostly about the AusCERT information security conference on the Gold Coast, although a few things relating to the previous week dribbled through.

Podcasts

Patch Monday episode 88, “Social business + cloud != revolution”, based on material recorded at NetSuite’s SuiteWorld conference the previous week.

Articles

What a lot of articles we have this week! I was covering AusCERT as part of the ZDNet Australia team, and the Technology Spectator article was actually written the week before. There’ll be more AusCERT articles next week.

AusCERT 2011: Firms ignore ID theft risk, for ZDNet Australia, which is based on some of Bennett Arronâ€™s comments during the conference’s opening keynote.
AusCERT 2011: Son of Stuxnet within a year: expert, ZDNet Australia. The source code for Stuxnet is out there. Security analyst Eric Byres reckons that’ll show everyone how to make sophisticated malware, and the “Russian business network” will be first off the rank.
Privacy is a commodity, for Technology Spectator, in which I bite the hand that feeds me by criticising the comment they use.
AusCERT 2011: Black hats and whitegoods, for ZDNet Australia. We’re creating the Internet of Things by turning everything into a network device. But when was the last time you heard an appliance manufacturer talking about network security? CBS Interactive’s Brian Haverty came up with the OARSUM headline.
AusCERT 2011: Bank theft goes truly mobile, for ZDNet Australia.
AusCERT 2011: Silent victims thwart cybercops: Qld Police, for ZDNet Australia.
Qld cops denounce ‘ethical hacking’, for ZDNet Australia. This headline is a bit of a misdirection. Ethical hacking is generally when the target has given permission, such as when someone is hired to do penetration testing. The kind of hacking games at black hat conferences, which is what Detective Superintendent Brian Hay was talking about, probably don’t fit into this category.

Media Appearances

I was asked to do a bit of trickery before Bennett Arron’s keynote at AusCERT. It didn’t go quite as planned. When Munir Kotadia produced the Day 1 Highlights video, he made sure that no-one forgot.

Corporate Largesse

I travelled to the Gold Coast for the AusCERT Conference on information security. My air fares, accommodation and breakfast were covered by CBS Interactive, ZDNet Australia’s parent company, as is normal for freelancers so that doesn’t count as largesse. AusCERT provided free conference entry, as is normal for any media attending, and that included meals and drinks at the social events. In the goodie bag was: webroot Personal Security and Mobile Security for Android from, erm, webroot; notebooks from webroot and Juniper Networks; PostIt-style thingies from Symantec; pens from RSM Bird Cameron, Citrix, Netgear and M86 Security; a Rubik’s Cube from WatchGuard; 3D glasses from SecurityLab; a yoyo from McAfee; and, via a voucher, an AusCERT conference t-shirt. I’ll have more to say about this later. I was also given a t-shirt by Sophos and a stubbie holder from Splunk.

Elsewhere

[Photo: Sunrise over the Pacific, Surfer’s Paradise, taken from my room at the Crowne Plaza Hotel in 17 May. I didn’t really bother trying to take a good photo, it’s just a snapshot from my phone. Sometimes I wonder why I bother.]

[Update 3 May 2013: Edited to fix broken link to Patch Monday podcast.]