Risky Business 2

You're about to hear a recording of Peter Gutmann's speech here which is all about crypto. Well, it's sort of about crypto. With newspapers filled with stories about the NSA subverting crypto standards, Peter asks us whether that really matters. Why would an attacker bother breaking crypto when they can just bypass it?

Peter is well positioned to do this talk. He's a researcher in the Department of Computer Science at the University of Auckland and works on the design and analysis of cryptographic security architectures and security usability.

He helped write PGP, has authored a number of papers and RFC's on security and encryption, and is the author of the open source cryptlib security toolkit. And luckily for us, he's a fairly regular guest on Risky Business.

In this interview we're chatting with Neal Wise of Assurance.com.au. Don't let the accent fool you, Neal is based in Melbourne and has been for as long as I can remember, and he did a great talk here at the AusCERT conference called Hacking the Gibson, which was all about pwning supercomputers.

I warn you in advance that there are a few references from the movie Hackers in this interview... sorry about that... HACK THE PLANET!! .... but yeah, Neal has been doing some work involving supercomputers and I decided to interview him about them. They make excellent bitcoin mining boxes!

You're about to hear an interview I recorded with Bob Clark. He currently teaches law at the US Naval Academy, but he's been doing military law for a long time, even serving as the operational attorney for the US Army Cyber Command at one point.

I posted his talk yesterday... he touched on the Weev vs AT&T trial in that and I thought it would be interesting to get his perspective on the CFAA, precisely because it's not the sort of thing he normally concerns himself with. He has less of an agenda than a defence attorney or a prosecutor.

(If you haven't heard the episode of the regular Risky Business podcast where I had a chat with Weev and recapped that whole thing you might want to check it out because we reference it in this interview. It's here.)

You're about to hear Parmy Olson's presentation from AusCERT's 2013 conference. Parmy is a journalist for Forbes, but she's also an author -- she wrote We Are Anonymous, Inside the Hacker world of LulzSec, Anonymous and the Global Cyber Insurgency. She got amazing access to the LulzSec crew and the book is well worth reading.

In this presentation she looks at why these young men got involved in such risky activity. What drove them, and what does the future of Anonymous look like?

Active defence is the new black. It's the issue of 2013. One of the organisations that helped put the issue on to the agenda is CrowdStrike, a business founded by some senior ex technologists from McAfee. CrowdStrike was founded on the premise that simply relying on defensive measures in information security isn't enough -- you need to be able to mess with your adversaries.

One of CrowdStrike's founders was Dmitri Alperovitch. He was at AusCERT and used his speaking slot to basically deliver the thinking behind CrowdStrike's pitch. It's nothing earth shattering, but it's a really well packaged speech that presents a cogent argument for the concept of active defence. So here it is, Dmitri Alperovitch's AusCERT talk titled Offence as the Best Defence.