Jun 032010


So do we suck or what? Sorry that its taken so long for us to get another episode out… things have been crazy busy for all of us.

Anyway for this episode, Dan and Jim found themselves with 30 minutes or so of spare time, not much of a script, and working mics (Michael was working on a couple of proposals and an RFP that is due in two days); so they sat down and simply recorded an unscripted show of rambling about things that are going on for the moment.

Info Sec News Moments:

  • Kudos to MS’ IE 8 Add Campaign – Link Here
  • Jim’s 4.5 Seconds of fame – DenverGov website Hack – Link Here
  • Android and the SMS Rootkit Hack – Link Here
  • Google Ditching Windows due to Security Concerns – Link Here
  • Denver OWASP – SnowFroc Con – Link Here

Music Notes:

Link to MP3

Nov 122009


Link to MP3

OK, Episode 27 is FINALLY here.  Sincere apologies to all of our listeners.  We really could not avoid the long break.  Work and family and everything else seriously pounded us this time.  ENJOY!

Show Notes:

InfoSec News Update –

  • FTC Orders ChoicePoint To Pay $275,000 For 2008 Data Breach – Link Here
  • Senator says the cybersecurity chief should be in DHS, not the White house – Link Here
  • Major SSL Flaw Find Prompts Protocol Update – Link Here
  • Jailbroken iPhones more vulnerable to attack; ikee worm Rick Rolls iPhone users – Link Here
  • New FDIC Phishing Attack – Link Here
  • MSFT trying to walk the annoyance / security fine line with toned down User Access Control (UAC) in Windows 7 – Link Here
  • Awesomely funny story about an IT engineer in Iraq annoying the troops with some bogus war driving – Link Here

Discussion Topic – Highlights from Michael’s NAISG Chapter Meeting

Geek Toys – “Ideas to get your Geek for Christmas”

Music notes –

Oct 012009


Link to MP3

Episode 26 is here. It almost didn’t happen since Michael was playing remote helpdesk dude for a relative from his hotel room in Dallas right before the recording, but we got it worked out. Enjoy!

Show Notes:

InfoSec News Update –

  • Michael’s New NAISG Group are having their first meeting on Nov 2, 2009 in Houston, TX. – Houston Chapter Website / Email Link
  • Power Grid Takedown – a HowTO – Link Here
  • Court Ruling – Disloyal Computing is Not Illegal – Link Here
  • New OWASP Sponsored Web App Firewall – Link Here
  • MS Gets into the AV Game … Again…with latest release – Link 1 / Link 2
  • Trojans getting Smarter – Link Here
  • PCI DSS Update Could Include Virtualization Security – Link Here

Discussion Topic –

Encouraging Bad Behavior via marketing (Identity Guard Commercials)


Consultants Corner – Predicting what Security Consulting will be like in the future – Link Here

Music notes –


Mar 192009


Link to MP3

Here is Episode 17. Sorry for the delay in getting it out. Last week was extremely rough for Jim and I, but we are back at full strength now. Well, maybe 85% strength anyway 🙂

In this show Jim and I relate the latest news as always, then we have some discussion about layoffs and how that is causing a lot of orphaned hardware and software. Then we discuss some challenges for the consultant in walking the mind field of politics at client companies.

Also, we had some listener feedback from Geir. He was busting on us a bit about our saying you need to patch your stuff when we were talking about 0day. Thanks for keeping us straight Geir. If you want to send feedback, you can send it to podcast-at-infosecplace.com.

Here are the show notes:

InfoSec News Update:

  • Follow up – Another Payment Processor Has Been Hacked – Visa says JUST KIDDING! – Link Here – This Just In – A new timeline of the Unnamed Processor – Link Here
  • Gartner – Nearly 8 Percent of U.S. Adults Lost Money To Financial Fraud in ‘08 – Link Here
  • Federal cybersecurity director quits, complains of NSA role – Link Here
  • Health Records Show Up in Yard – Link Here
  • Study: Antivirus Software Catches About Half Of Malware – Link Here
  • MS Finally killing off AutoRun – Link Here
  • Marine One data leak – Link Here
  • The Return of L0phtCrack!! – Link Here
  • WarVox Released – Link Here
  • Theives Steal the Show at Cebit – Link Here
  • Checklist for complying with PCI security standard – Link Here / Link To Checklist

Discussion – Orphaned hardware and Software – Link Here

Consultant’s Corner – Dealing with political landscapes at your client’s company

Music Notes:

Jan 292009


Link to MP3

Episode 14 is here. First off, let me thank everyone that is listening to Jim and me spout off about everything. Fourteen shows does not seem like a big number, but it involves a lot of work getting this going (especially on Jim’s part – thanks Jim) and keeping it going, and Jim and I appreciate everyone sticking in there with us.

Second, we have made some changes with my setup, so there might be a sound difference and some issues with this episode. Forgive us as we get some new kinks worked out.

Third, this episode includes an interview with Mike Rothman from eIQnetworks. You might know him better as that guy from Security Incite that has a yankee accent and tells everyone what he is thinking. Either way, Mike is a great guy and a great friend, and I was honored to interview him. I think you will enjoy that portion of the show.

And lastly, there is a programming note. The geek toys segment that is brought to you by Jim every show is now going to be made more of a quarterly thing. The reason is because Jim has to find something to talk about every time, and it is getting a little more difficult to find something for every show.

Here’s the breakdown of the show.

Show Notes:

InfoSec News Update: there’s been a lot happening the last two weeks

DiscussionNew president declares his plan for US Cyber Security (more cynicism from Michael)

Vendor Interview – Michael interviews Mike Rothman from eIQnetworks

Consultants Corner –Combining compliance initiatives and what that means for security practices

Music Notes: