TSSOI - Episode 18 - Skynet is Racist
The text of the proposed bill: https://www.judiciary.senate.gov/imo/media/doc/S.4051%20Lawful%20Access%20to%20Encrypted%20Data%20Act.pdf
The Russians give up blocking Telegram: https://www.reuters.com/article/us-russia-telegram-ban-idUSKBN23P2FT
Skynet is racist: https://reason.com/2020/06/25/wrongful-arrest-in-detroit-demonstrates-why-police-use-of-facial-surveillance-technology-must-be-banned/
TSSOI - Episode 17 - The Streisand Effect
This week, we revisit a piece of Internet history, and discuss a famous case as a way of finishing up our discussion of intellectual property.
For more information about the case, straight from the victim’s mouth, check out: https://www.californiacoastline.org/streisand/lawsuit.html.
Recent CISSP Feedback
Pearson VUE test centers have reopened, and candidates for ISC2 certs have now been able to schedule their exams. I’ve been getting sporadic feedback from test-takers; here’s one recent message:
“I took and passed the exam on Saturday. 118 questions in 1:15.
I actually thought it was a little annoying. A lot of awkwardly worded questions.
It was very little direct technical questions (no TCP ports). Focused on policy and judgement. Think before you act. You have to have a core of IT knowledge, but the bulk was thinking strategically and not tactically. I think your course focused on that way more than the other materials. The cccure tests are pretty good. The McGraw-Hill material was outdated and a big distractor. And just knowing that 25 questions don't count, and you have a 25% chance of guessing let me just keep going forward after picking an answer on the weirder questions.”
Good to hear, and great words of caution for those gearing up for the exam. Good luck, everyone!
The Sensuous Sounds Of INFOSEC - Episode 13 - Ryan Skelton
This week we talk with INFOSEC professional Ryan Skelton about information security training and awareness programs, tools used in live environments, and how Robin sounds like an NPR interviewer.
The tool mentioned by Ryan during the episode: https://www.knowbe4.com/
The Saturday Night Live sketch Ryan references (and yes, Robin does sound like that!): https://www.youtube.com/watch?v=RoysmfRxPLc
A Random Thought When Dealing With Aritificial Intelligence...
[spoilers for a movie older than most of the users on Internet— “2001: A Space Odyssey”]
.
.
.
.
.
.
.
.
What if HAL thinks he’s still “dreaming,” and kills the astronauts because he thinks he’s dealing in dream logic, and never would have made those same choices while “awake”?
Podcast Episode 8: Magic Mike
This week, we have our second guest— Mike Allen, INFOSEC guru of outstanding nature! We talk about securing the home office/network, and how tricky that is.
Podcast Episode 7: Zero Days
In the first installment of what we hope is a recurring feature, we review popular media (in this case, a movie, called “Zero Days”) from the perspective of: how accurately do they portray the INFOSEC industry and practices?
Podcast Episode 6: A Real Attack
This week, we were extremely excited to have our very first guest on the show: Tachic Hickman-Piazza of Allured By Design. We had talked about Tachic’s experience briefly in Episode 2; her Instagram account had been hacked, and she lost three years of work overnight. In this episode, we got to talk to Tachic, hear about what she went through from her experience, and hear her advice and opinions about security of online platforms in the wake of the attack. It’s a much longer episode than normal, simply because the conversation got so fascinating. We think you’ll really enjoy it— please feel free to leave comments/questions/responses!
Tachic’s website: alluredbydesign.com
Tachic’s Instagram: https://www.instagram.com/alluredbydesign/
Tachic’s Facebook: https://www.facebook.com/alluredbydesign/
The link to Farah Merhi, the other designer Tachic mentions in the show: https://inspiremehomedecor.com
Tachic’s original message about the attack, which led us to finding her: https://www.alluredbydesign.com/post/introducing-allured-by-design-home-lifestyle?fbclid=IwAR2OAmT-SDOXD3N063vZH8aJgz9qqlZ6YUM6q3ZwzkfTkLK6lN3eSlN6xY0
We’re also posting images of the messages from the hacker to Tachic, and finally a photo of Tachic representing her brand! Thanks again to our guest— it was truly a pleasure having her on the show!
Podcast Episode 5: The Darkest of Webs
We’ve got a new installment of The Sensuous Sounds Of INFOSEC! In this one, we discuss the Dark Web; what it is, and why you probably shouldn’t be all that terrified of it…and how you might have already used it.
Feel free to leave us comments and suggestions!
Show Notes:
- When a US federal law enforcement agency ran an online kiddie-porn site: https://en.wikipedia.org/wiki/Playpen_(website)
Podcast Episode 4: Roombas, Guns, and Money - Pornhub, in Splendid Isolation
Podcast Episode 4 show notes:
This week we learn about the website that will keep humanity sane and safe during this worldwide quarantine, and beyond.
Absolutely not sponsored by PornHub.
Before the episode, Robin mentioned that she found a great certification for n00bs and career-switchers, IT Fundamentals+ (ITF+):
--CompTIA website: https://www.comptia.org/certifications/it-fundamentals
--Free full ITF+ course with ITProTV: https://www.youtube.com/playlist?list=PLc6zqGSJMvCSQ3djLlfS_2LnliS-Q-FKV
Terms used:
DDOS Attack: a malicious attempt to reduce the target system's availability; often involves the use of botnets (see below)
DNS: Domain Name Service; aids Internet users by resolving plain-language URLs (such as www.securityzed.com) into the IP address of the machine hosting the intended content (the securityzed blog and podcast)
Botnet: a group of machines, often quite large (sometimes, thousands of devices), used to perform some less-than-legitimate activity (DDOS attacks, reporting inflated ad clicks/link calls to generate ad revenue, performing mathematical work to try to crack password/credentials/content that has been encrypted, etc.); typically, the owner of each device in the botnet is not even aware that their device is participating.
Internet of Things: Current trade name for consumer products that have an IP address but main purpose is to function in the physical world, not as compute/storage devices.
If you are a nerd and like physics, cats, and weaponized vacuums, check out William Osman on YouTube: https://youtu.be/7haDZWR3MYU
Brian Krebs, INFOSEC rockstar and the target of the giant Mirai attacks (as well as his hosting service, DYN), discussing all the topics associated with Mirai: https://krebsonsecurity.com/tag/mirai-botnet/
SecurityWeek article about the Mirai attacks, which includes PornHub's DNS redundancies/mapping: https://www.securityweek.com/whats-fix-iot-ddos-attacks
A good background on what DNS is and how it works: https://en.wikipedia.org/wiki/DNS_hosting_service
Podcast Episode 3: Earn It!
This week’s episode is about some proposed US legislation that may significantly affect encryption options. We hope you like it! As always, please feel free to suggest any topics you’d like to hear us dicuss on future episodes. Thanks again!
Show notes:
Text of the proposed bill: https://www.congress.gov/bill/116th-congress/senate-bill/3398/text
A great article explaining stuff better than we can: https://reason.com/2020/03/09/senators-push-sneaky-anti-privacy-bill/