The 9pm End of the World, Definitely

Photo of Ivanka Trump

North Korea launched yet another ballistic missile in the general direction of the ocean. So stick a nuke on it, and we’re fucked. Well, Japan is fucked. Or the oceans is fucked. Whatever.

There’s also stories from my recent travels, cybersecurity, spooks, terrorists, and something from the Dough Anthony All Stars. And of course Nicholas Fryer with a look through The Arch Window.

But overall, the message is that we’re fucked, the man running America is a goose, so we’re really, really fucked. Plus other stuff.

Continue reading “The 9pm End of the World, Definitely”

“Corrupted Nerds” on privacy engineering

Cover image for Corrupted Nerds: Conversations episode 10: click for podcast pageAfter a gap of some six months, I’ve finally produced another episode of the Corrupted Nerds podcast.

Earlier this month, during Australia’s Privacy Awareness Week, I had the very great pleasure of meeting McAfee’s chief privacy officer, Michelle Dennedy.

Not only did I end up writing a ZDNet Australia column a few days ago, Developers, ask your users about data privacy, I so thoroughly enjoyed the conversation that it inspired me to bring Corrupted Nerds back from recess.

In brief, privacy engineering is the process of turning various policies, from privacy laws to the needs of the business’ plan for data, into something that programmers can work with — indeed, something they’ll want to work with because it’s now an engineering problem.

I think you’ll agree that this conversation with Michelle Dennedy is rather fun.

Corrupted Nerds is available via iTunes and SoundCloud.

Do McAfee’s new cyberstats really represent a shift?

Composite image of ZDNet column headline and McAfee report title: click for ZDNet columnAs brokers of reliable information about the scale of online crime and espionage, most information security vendors would make great used car salesmen — but McAfee’s latest research finally seems to be taking the right path.

In my column at ZDNet Australia this week, I give McAfee some praise for the most recent research they’ve funded, a preliminary report from the Washington-based Center for Strategic and International Studies titled The Economic Impact of Cybercrime and Cyber Espionage that dismantles the daft idea that cyberstuff costs the global economy a trillion dollars a year.

McAfee now admits that you can’t run a small-N survey in a couple dozen large, wealthy nations — often a self-selected sample of known crime victims at that — and extrapolate the data globally.

Their new figure is “probably measured in the hundreds of billions of dollars”, although they never quite commit to one specific number…

“In the context of a $70 trillion global economy, these losses are small, but that does not mean it is not in the national interest to try to reduce the loss, and the theft of sensitive military technology creates damage whose full cost is not easily quantifiable in monetary terms,” McAfee writes.

True, but as McAfee themselves point out, this supposed cybercrime explosion is really down at the level of shoplifting. Retailers generally budget between 0.5% and 2% for pilferage and other such “shrinkage”.

I also mention my previous critical comments about various infosec vendors’ dodgy statistics — but I don’t link to them, because they were mostly published at non-CBS mastheads. So here’s a selection of stories I’ve written on this subject over the last couple of years.

Continue reading “Do McAfee’s new cyberstats really represent a shift?”

Talking cyber threats on ABC NewsRadio

The Australian Federal Police were talking up the risk of “cyber threats” in the Fairfax news yesterday morning, so I ended up talking about it on ABC NewsRadio.

Now the AFP was bouncing off a report from McAfee, which from the title I assume is yet another of those “The internet is dangerous, m’kay?” fear pieces. 2012 Threats Predictions. I won’t bother linking, because all these reports from the major infosec vendors are much the same, jumbling together everything from minor vandalism to “cyberterrorism” — whatever the fuck that is — with little critical analysis.

But I suppose it is actually getting this stuff onto the agenda.

Slowly.

For six minutes.

At this point I reckon I should re-link to two of my pieces from the eCrime Symposium held in Canberra in November 2011. eCrime Symposium: Harden up, warns Aussie crime fighter and eCrime Symposium wrap: Satisfaction tinged with frustration.

The presenter was Cathy Bell (who seems to be missing from the station’s page of presenters), the producer Jared Reed.

The audio is ©2012 Australian Broadcasting Corporation. While the audio was posted shortly after broadcast at the ABC NewsRadio website, I’m going to post it here anyway. It’s easier for me than trawling their automated daily audio archive.

This is being posted a full day after the actual radio appearance, even though the post was ready within an hour of the broadcast. Why? Because I didn’t want it on the website before I’d posted last week’s Weekly Wrap. Is that good editorial judgement? Or just a little bit too anally-retentive?

Weekly Wrap 73: The Mysteries of the Desert

A weekly summary of what I’ve been doing elsewhere on the internets — finally posted on Sunday like it’s meant to be.

On a personal note, it was great to finally get the dental work done so that my jaw is no longer infected. Now, to wait for my shoulder to heal…

Podcasts

  • Patch Monday episode 111, “Cybercrime 2016: a view of the future”. Recorded in Las Vegas, it’s mainly Michael Fey’s view of 2016. He’s McAfee’s worldwide senior vice president of advanced technologies and field engineering. Also, an explanation of how advanced persistent threats are a three-stage attack, and a chat with the bloke who taught me how to create malware and construct botnets in just one hour.

Articles

I wrote another two stories apart from these, one for CSO and one for ZDNet Australia, but they won’t be published until Monday.

Media Appearances

Corporate Largesse

  • On Tuesday I covered the ISACA conference in Sydney, so of course I got free food and drink.
  • On Friday I went to the launch of Intel’s Ultrabook standard for laptops at BAR100, The Rocks in Sydney, so naturally there was more free food and drink. They also gave me an Air-Tech Turbo Blimp radio-controlled indoor airship, which I gave away — to someone who then discovered that the blimp itself wasn’t in the box.

Elsewhere

Most of my day-to-day observations are on my high-volume Twitter stream, and random photos and other observations turn up on my Posterous stream. The photos also appear on Flickr, where I eventually add geolocation data and tags.

[Photo: A mysterious oval-shaped object in the desert somewhere between Las Vegas and Los Angeles. This might be in Death Valley, but more likely somewhere else. I wasn’t paying much attention until I saw this. Any idea what it is? You can click to embiggen. Oh, and yes this photo was taken last week, not this week, but I’m sure you can live with that.]

Visiting Las Vegas for McAfee Focus 11 security conference

Four weeks from now I’m flying to Las Vegas for McAfee’s Focus 11 security conference, 18 to 20 October 2011. On their tab, obviously.

Vendor conferences must have a keynote speaker that has nothing to do with the industry. Focus 11 is no exception. We have… Richard Branson. WTF?

At this stage the plan is that I’m heading to San Francisco first, since McAfee want me to visit their corporate headquarters in Silicon Valley before heading to Vegas. Then once the conference is over I intend to spend a couple more days in Vegas and do the day trip to the Hoover Dam and perhaps the Grand Canyon, and then spend Saturday night in Los Angeles since the only part of that city I’ve seen is the airport.

Mind you, I’m told that Los Angeles is shit.

Any other suggestions for things to see and do near Las Vegas?