DEF CON 2015: Studying the Economics of Privacy

Posted in DefCon with tags , on August 9, 2015 by datasecurityblog

Dutch economist Rene Mahieu spoke with us in the DEF CON Crypto & Privacy Village about upcoming research on the business of privacy. Mahieu and research partners at Princeton are hoping to discover the reasons the market for privacy enhancement products is sluggish. They’d like to hear from privacy entrepreneurs who are willing to share their experiences and insights. Contact if you have stories to share.  — posted by Sam Stone

Look for our interview with Rene Mahieu in a future epsisode of The Cyberjungle.

Romanian VPN firm helping oppressed people use the internet

Posted in DefCon with tags , , , on August 9, 2015 by datasecurityblog

The Cyberjungle met Silvana Demeter at DEF CON 23. She works for CyberGhost, a VPN provider in Romania, where they reach out with free service to bloggers in nations with internet censorship. This is a preview of the full interview, which will be heard in a future episode of The Cyberjungle.  — posted by Sam Stone

Listen via a flash player:

Or, you may download the preview file directly – great for listening on many smartphones.

DEF CON 2015: Blackphone CTO John Callas On Gen2 Blackphone

Posted in DefCon with tags , on August 9, 2015 by datasecurityblog

Recorded live from the floor of DEF CON 2015, John Callas, CTO with higher security smartphone maker Blackphone. The Blackphone 2 was announced at DEF CON 2015. In this excerpt, John tells Ira the specs of the new Blackphone 2.  The complete interview, including details on Blackphone’s unique approach to smartphone patches, will be aired on The CyberJungle.

Here is a preview of that interview via a flash player:

You may download the preview file directly – great for listening on many smartphones.


Winn Schwartau at BsidesLV 2015: Analogue Network Security

Posted in Bsides with tags , on August 5, 2015 by datasecurityblog

Respected information security expert Winn Schwartau gave a far reaching double-header session at Bsides Las Vegas on Tuesday afternoon. The interactive, graduate-level session pushed the highly educated audience to re-think the conventional approaches to information security. The topics from this talk were from Winn’s forthcoming new book Analogue Network Security.

A good summary of the talk Winn gave yesterday is encapsulated in his much shorter RSA 2015  talk: “Analogue network security is a novel approach that offers new tools and insights into data and systems protection. Examples will include eliminating “root” control and solving DDoS and spam. By merging concepts such as the Two Man Rule, Industrial Control Feedback, Out of Band Communications and the OODA loop, new approaches to network security will be evident.”

Following Winn’s lecture at Bsides Las Vegas, he sat down for a one-on-one interview that will be aired in an upcoming episode of The CyberJungle.

Here is a preview of that interview via a flash player:

You may download the preview file directly – great for listening on many smartphones.

CEIC2015 Las Vegas: Going Deep From Hour One

Posted in CEIC with tags , , on May 20, 2015 by datasecurityblog

CEIC2015, the Digital Forensics and Data Security Conference started off HOT in Las Vegas. It was a cold rainy day in Las Vegas on Monday..well, 75F. It’s not unusual to see temperatures in the 90s in the third week of May in Las Vegas.

Well-sheltered in Caesar’s Palace Las Vegas, CEIC sessions started Monday afternoon with deeply technical sessions on network forensics, mobile forensics, and a summit for Chief Information Security Officers. As with previous CEIC confabs, this conference has many members of law enforcement mixed with corporate digital forensicators.

On Tuesday, the first full day of the conference, there was unusual scheduling by the organizers. Typically, the Keynote address would kick off the day. But Tuesday started with more intensely technical and legal lectures bright and early 8am. The Keynote address started at 9.30. It was content focused, rather than using the glitz and show biz nonsense that drove RSA’s kick off Keynotes.

The vendor area is moderately sized, actually rather cozy. And, as a nice bonus, The CyberJungle notices that many CEOs and forensic researcher staffers were in their own booths. Again, a nice contrast with some recent conferences that staffed the booths with only marketing people.

Wednesday is thankfully Keynote-free. The focus is on learning the nuts and bolts of digital forensics. Those that are here to really learn won’t be disappointed.

RSA Conference 2015: Opening Keynotes, Tuesday April 21st 2015

Posted in RSA Conference on April 22, 2015 by datasecurityblog

The Opening Keynotes for RSA Conference 2015 seemed like a safe bet, if judged by the lines to get into the Keynote auditorium at Moscone Center in San Francisco. The CyberJungle showed up early, and encountered a massive line, of people, grabbing a “brown bag” breakfast of a ham and egg sandwich. So, we skipped that line, grabbed a bite nearby and came back to just see the keynotes.

Just at the moment it was our turn in line to enter, the security people said the room just hit capacity, and The CyberJungle had to view the keynotes in an overflow room filled with a massive video display.

While the technology in that room was great, the keynotes were a snore. Jane Lynch from Glee was doing a sing and dance number that was more appropriate for a G-rated MTV Music award performance, backup singers included.  Snore.

The opening Keynote by RSA Head Honcho Amit Yoran had some good nuggets about the transformation of security into everything around us (think Internet of Things, Smart Cars, etc), there was still a lot of marketing fluff over computer science substance.

‘Whit’ Diffie, one of the Godfather’s of crypto was in a panel, and didn’t dissapoint with his insights into the future of crypto.

Overall, The CyberJungle wishes for more substance and less sizzle in next year’s opening keynotes.

RSA Conference: Innvoation Sandbox

Posted in Uncategorized on April 21, 2015 by datasecurityblog

Day one of RSA Conference 2015 kicked off again this year with the Innovation Sandbox. Ten of the most interesting infosec startups are selected by a panel of infosec investors and experts. In a small gallery, ten firms get to present, show their wares, and network with researchers, investors, and customers.  The CyberJungle was at the very first Sandbox in 2008, and it was the highlight of that conference.

2015’s edition of the Sandbox didn’t disappoint.  Three of the standouts (in alphabetical order):

1. Bugcrowd‘s approach to crowdsourcing bug detection is worth looking out. Think Uber for infosec testing. We interviewed them on the show last year, and now they have grown to over 16,000 infosec pros providing services.

2. Cybereason has an interesting approach to anomaly detection

3. SentinalOne says their new approach to malware will replace anti-virus


Get every new post delivered to your Inbox.

Join 1,279 other followers