Weekly Wrap 261: Two conferences, two states, many cybers

Sunset on the Gold Coast: click to embiggenMy week of Monday 1 to Sunday 7 June 2015 has been both productive and exhausting, covering two conferences in two states.

It’s a long time since I’ve written five articles in week. It’s at least six months since I’ve done four, which is as far back as I could be bothered scrolling let alone five. But of course, there’s podcasts and other projects that have generated revenue, including random geekery and technical consultancy, so “number of articles” isn’t a fair measure.

Still, this has been one of my most productive weeks in a while. Excellent.

Articles

Podcasts

None. The next episode of The 9pm Edict is scheduled for Monday 15 June, or the day after.

5at5

There were two editions of 5at5 this week, on Monday, and Sunday. To save me having to tell you this, you could just subscribe.

Media Appearances

  • On Monday, I spoke about Chinese ATMs with face recognition on ABC 891 Adelaide.
  • On Friday, I took part in the AusCERT Speed Debate. The Livestream recording has bad audio, so I’ll link to the YouTube version when it becomes available.
  • Also on Friday, I was interviewed by the University of Melbourne student newspaper Farrago. I’ll link to that story when it goes live.

Corporate Largesse

  • On Tuesday, I went to the Check Point Cyber Security Symposium in Sydney, or at least part of it. The goodie bag included a signed copy of Brian Krebs’ book Spam Nation, a Check Point branded notebook, a chocolate from A10 Networks, and of course copies of Check Point’s promotional material. Food and drink were supplied.
  • From Tuesday night through to Friday, I was at the AusCERT Information Security Conference as AusCERT’s guest. They provided return flights from Sydney to the Gold Coast, airport transfers, three nights accommodation at RACV Royal Pines Resort, and of course all the conference food and drink — and there was plenty of that. For taking part in the Speed Debate, I was given a bottle of Jim Barry The Lodge Hill Shiraz 2012 from the Clare Valley. And everybody got a copy of Bruce Schneier’s book Data and Goliath, an AusCERT-branded shirt, and a rather well-made courier bag. From CyberArk: A macaron, delivered creepy-like into my hotel room while I wasn’t there. From Firemon: A branded glass-cleaning cloth. From Mimecast: a keyring bottle opener. From NCC Group: a golden bath duck. From the US Naval Criminal Investigative Service: an NCIS cap — yes, from the real NCIS, not the TV show.

The Week Ahead

Monday is a public holiday for the Queen’s Birthday, but nevertheless I’ll be working. I’ll be writing a feature for ZDNet, as well as returning to Wentworth Falls after a week away.

From Tuesday to Thursday, I’ll be working on another feature for ZDNet, as well as my “regular” column, as well as the running so late it’s embarrassing ebook. I see there’s an Apple keynote at 0300 AEST on Tuesday, so that may feed into something. [It didn’t.] And I’ve got an interview to do on Thursday afternoon.

On Friday, I’ll be heading down to Sydney for a media briefing by Cisco. Friday is another writing day.

I’m not sure how the weekend will go, but I see that there’s Poetry in the Pub in Katoomba on Sunday afternoon. I happened to be there last month, and I thought it might be interesting for The 9pm Edict podcast. We’ll see.

Update 11 June 2015: Edited to reflect the abandoning of the Friday trip to Sydney.

[Photo: Sunset on the Gold Coast, Photographed from the 16th floor of the RACV Royal Pines Resort on 3 June 2015.]

AusCERT 2012 and the militarisation of cyberspace

AusCERT 2012 logo: click for conference websiteI didn’t make it to information security conference AusCERT 2013 this year. I’m about to read what’s been written and compile a list — but first, a reflection on what happened in 2012.

When I look back two years to what I wrote from AusCERT 2011, I’m reminded that we were just getting our head around the implications of the Stuxnet worm. Not only was malware being written by organised criminals, and we were facing an explosion of anti-banking malware and mobile malware, and looking ahead to when an angry child might deploy malware against their neighbours — we were now made well aware that malware was also being written by nation states with budgets in the millions of dollars and beyond.

But looking through the list (below) for AusCERT 2012, what jumps out is the emphasis on the militarisation of information security, as well as the emphasis in the scale of criminal activities. I won’t expand on that, because the conversation with AusCERT general manager Graham Ingram speaks for itself.

Articles from AusCERT 2012

Podcasts from AusCERT 2012

  • Patch Monday episode 139, “War talk dominates AusCERT 2012”, the first of two episodes based on material recorded at the information security conference. The overall theme is that infosec is becoming militarised. We no longer talk about “information assurance” but “defensive cyber operations”. Click through for the full list of speakers.
  • Patch Monday episode 140, “Cybercrime: it’s just too easy”, the second of two episodes based on material recorded at the AusCERT 2012 information security conference. AusCERT general manager Graham Ingram explains why cybercrime is here to stay, and F-Secure chief research officer Mikko Hypponen details a complex transnational criminal operation that saw goods bought fraudulently in Denmark being resold in Moscow, as well giving his views on hacktivism and the level to which antivirus companies should cooperate with governments.

Bonus Extra Video

After the conference, my flight back to Sydney was delayed. With the need to kill some time, this video was the result.

My compilation of reports from AusCERT 2013 will be posted later today. My compilation of reports from AusCERT 2013 is now online.

Weekly Wrap 104: Worms, smartphones and television

My week from Monday 28 May to Sunday 3 June 2012 was complex, busy and stressful, yet there were also some memorable highlights.

I won’t be telling you anything about the latter.

I will say that spending the night in six different locations in one week is probably stress-inducing.

Podcasts

  • Patch Monday episode 140, “Cybercrime: it’s just too easy”, the second of two episodes based on material recorded at the AusCERT 2012 information security conference. AusCERT general manager Graham Ingram explains why cybercrime is here to stay, and F-Secure chief research officer Mikko Hypponen details a complex transnational criminal operation that saw goods bought fraudulently in Denmark being resold in Moscow, as well giving his views on hacktivism and the level to which antivirus companies should cooperate with governments.

Articles

Media Appearances

Corporate Largesse

  • On Thursday I attended the launch of the Samsung Galaxy S III smartphone at the Sydney’s Capitol Theatre, where I was given food and drink — and later a review unit of said smartphone.
  • Even though I didn’t go paintballing with Eugene Kaspersky last week, I still got the media pack from Kaspersky Lab. The army-style khaki satchel contained: a t-shirt emblazoned with my callsign “Seagull 17”; a packet of Austcam “Paint, face, camouflage NSN 6850-66-130-0172”; blank dog tags attacked to a Kaspersky-branded USB memory key, containing the media kit of course; a Mars Bar 2-pack; and a can of V, that terribly dangerous drink that should be banned, which I gave away.

The Week Ahead

Monday, as always, is a busy day of media production as well as the discussion I’m leading in Katoomba, Surviving and thriving as a freelancer in a globalised market. And it’s a Full Moon, so that’ll help.

The rest of the week will be easier, in theory — at least as far as work goes — and I even hope to spend Friday with a friend and then head to Sydney as an early start to the Queen’s Birthday long weekend.

I’d originally intended to be in Sydney on Tuesday evening. Intel has a launch event for their 3rd Generation Core processor chips. But to be honest I find it difficult to excited by new widgets — they’re faster and better that the previous widgets, right? — so I think I’ll give it a miss. Plus at the start of a new month no-one has yet paid for last month’s work, so it’s hard to justify the expense — especially since I’ll be paying for accommodation away from Bunjaree Cottages for the long weekend.

Elsewhere

Most of my day-to-day observations are on my high-volume Twitter stream, and random photos and other observations turn up on my Posterous stream (or they used to before my phone camera got a bit too scratched up) and via Instagram. The photos also appear on Flickr, where I eventually add geolocation data and tags. Yes, I should probably update this stock paragraph to match the current reality.

[Photo: Sydney’s Saturday night fashion. These young women were spotted alighting at Wynyard station, Sydney, around 11.30pm Saturday night. While I’m obviously no fashion guru, I think it’s fair to say that this look does not flatter them. What made it worse was that neither of the women were steady with their operation of those heels. As they walked down the platform there was considerable swaying and undulation. And it didn’t seem to be because they were drunk. Can someone explain to me when undergarments became acceptable Saturday night partywear? I want to say something about yellow and black being the colours of warning, but I’d better not.]

Weekly Wrap 102: Infosec and interference

My week from Monday 14 to Sunday 20 May 2012 was mostly about the AusCERT information security conference and a blur of returning pain thanks to my dodgy shoulder.

As I finish compiling this post, I’ve still got lots of AusCERT material to produce and Monday looks like being intense. So let’s just list everything and see what happens.

Podcasts

  • Patch Monday episode 138, “Anonymous ‘crippled’: where to for hacktivism?”. Following last week’s conversation with Israeli information security researcher Tal Be’ery about hacktivists’ tactics, I spoke with former journalist and commentator Barrett Brown, who has worked with Anonymous for about a year and a half. He discusses Anonymous’ position in the wake of revelations that Sabu, a core member and informal leader of the offshoot hacking group LulzSec, had become an FBI informant.

Articles

These are just the first two articles from my AusCERT coverage. More will follow.

Videos

Media Appearances

Corporate Largesse

  • AusCERT 2012 conference organisers and sponsors paid for various meals and drinks, but I didn’t keep track of that. While that means I can’t disclose who paid, it also means I can’t be influenced because I can’t remember who’s meant to be doing the influencing. Complete market failure, that.

The Week Ahead

There’s a couple of days of intense writing and production ahead. At the very least there’s two or three articles about AusCERT 2012 and the Patch Monday podcast. Then there’s a piece to do for CSO Online, and one for Technology Spectator.

I should be returning to Wentworth Falls this evening, but I plan to be back on Wednesday night to go to a paintball session with Eugene Kaspersky and other journalists. That could be weird. And I’ll probably be in Sydney again at the end of the week, but that hasn’t been planned out yet.

Elsewhere

Most of my day-to-day observations are on my high-volume Twitter stream, and random photos and other observations turn up on my Posterous stream (or they used to before my phone camera got a bit too scratched up) and via Instagram. The photos also appear on Flickr, where I eventually add geolocation data and tags. Yes, I should probably update this stock paragraph to match the current reality.

[Photo: Airbus A320-232 VH-VGY at Gold Coast airport, the aircraft I traveled in on Saturday. Check out the complete history of VH-VGY at FlightAware.]

[Update 26 May 2012: Links added to last weekend’s audio recordings, added earlier today as separate blog posts. Update 3 June 2012: Link added to Tom Davey’s radio report.]

Talking AusCERT 2012 and cyberwar on ABC Local Radio

My full output from the AusCERT 2012 information security conference has yet to appear. Stand by. But last night I did a half-hour conference wrap with Dom Knight on ABC Local Radio.

We spoke about the conference atmosphere itself, cybercrime, cyberwar, the risk of Cybergeddon (yes, I know), and the claim by Eugene Kaspersky that Apple is ten years behind Microsoft when it comes to security.

Not that Mr Kaspersky would ever, like, troll the entire planet.

What we didn’t talk about, really, was the two stories that have been published so far:

The audio is of course ©2012 Australian Broadcasting Corporation, but as usual I’m posting it here as an archive.