Listen to the podcast live on Hak5radio.com (note the new link) and chat with us on IRC at irc.freenode.net #securityjustice or follow us on Twitter during the podcast.  IRC n00b? Follow this guide to get started.  We should be live around 9PM EST.

Join us for security talk, food, beer and audience participation! Thanks for listening and supporting the Cleveland security community!

ShmooCon is February 6th - 8th 2009 at the Wardman Park Marriott in Washington DC.  Registration begins November 1st at noon eastern standard time!  Check out the ShmooCon website for more details.  Bruce talks about some of the background of ShmooCon, the Shmoo Group and of course Shmoo Ball’s and associated launching devices (aka: cannons)!  Bruce also talks about some of the new things at this years ShmooCon and the need for new speakers.

Thanks again to Bruce for being our guest on the show!

Chris is currently the owner of Lares Consulting which is a vendor-independent security consulting firm that helps companies secure electronic, physical, intellectual and financial assets through a unique blend of assessment, testing, and coaching.  He is also a frequent speaker at various security conferences, most recently at OWASP NY.

Chris describes what it was like filming the TV show, how the show got started and also talks about interesting things when working with a reality TV show crew!  He also talks about how he got into the security industry and some of the interesting things Lares Consulting is doing.

Thanks again to Chris for being our guest on the show!

• Ohio Linux Fest Recap. Pictures posted here.
• Greg Feezel from the Ohio Information Security Summit
• Malware Challenge update
• Speaker Recap – NEO InfoSec Forum
• Information Gathering with Maltego - Tom Eston
• Protecting website users from each other - Brian Shura
• Facebook dataset released.  How anonymous is it?
• Elcomsoft Claims WPA/WPA2 Cracking “Breakthrough”…not really
• What’s on your Simcard? Check out Larry Pesce’s Simcard Forensics Presentation
• Scammers introduce ATM skimmers with built-in SMS notification
• OWASP NY update.  Videos now online!
• Chris Nickerson special edition recorded…ready to launch.  Check out Chris in the latest issue of Information Security Magazine (page 56).
• Oops, teacher mistakenly messages cop for pot buy
• Conspiracy Goes Mainstream: CNBC’s Big Brother, Big Business
• RoboDump 1.0
• Encrypt your Ubuntu 8.04 installation…It’s easy when creating a fresh install and with a separate “snapshot” volume
• McCain burps like Quagmire? hmmm….
• Yes, Matt is getting married! Congrats to Matt!

Please send show feedback to feedback [aT] securityjustice.com or comment below.  Thanks for listening!

Listen to the podcast live on Hak5radio.com and chat with us on IRC at irc.freenode.net #securityjustice or follow us on Twitter during the podcast.  IRC n00b? Follow this guide to get started.  We should be live around 9PM EST.

Join us for security talk, food, beer and audience participation! Thanks for listening and supporting the Cleveland security community!

You will be able to listen to the stream on Hak5radio.com and chat in our IRC channel (freenode.net #securityjustice) during the stream.

If for some reason we can’t stream live it should make for a cool special edition either way.  We plan on interviewing folks from the Linux community as well as hanging out with the Notacon folks.

Stop by the Notacon table and say hi if you are at the conference!

“In all, their music is more than a collection inside jokes for nerds. It is the culmination of their passion for hip-hop and hacking. We need more music like this.”

“Dual Core … so good you don’t have to be nerdcore to like it.”

“Honestly, there’s nothing that mainstream music has that can top this in music, lyrics, production or overall quality.”

Check out the latest happenings with DualCORE and if you are going to the following con’s…they will be playing live!

October, 11 2008 09:00 PM - Ohio Linux Fest
Columbus Convention Center, Columbus, Ohio 43215 - Free
Playing the OLF after-party again. Woo woo!

October, 11 2008 11:00 PM - Day-Con
33 East Fifth Street, Dayton, Ohio 45402 - TBD

October, 24 2008 08:00 PM - Phreaknic 12
211 N First St, Nashville, Tennessee 37213

You can buy DualCORE’s albums online: Zero-One, Lost Reality, and Super Powers.

Additional links mentioned in the show…Penny Arcade and Lactose Intolerance.  Link to DualCORE videos!

Thanks again to DualCORE for being our guest and for providing the great tunes for our podcast!

Please send feedback to feedback [aT] securityjustice.com or comment below.  Thanks for listening!

• We have stickers! W00t!  They will be distributed at OWASP NY and Ohio LinuxFest.
• Tom and Dave will be podcasting live at the Ohio LinuxFest on October 11th.
• NEO InfoSec Forum Speaker Recap…
• Showing Up Uninvited: 4 years of being the bearer of bad news by Ryan Macfarlane
• SANS Virtualization Summit Briefing by Tom Evans
• What’s Tom up to?
• Dan Kaminsky chimes in…you can now get all the Dan you want, anytime!
• Sarah Palin’s Yahoo Email Account Hacked.  Full details here.
• Google enters the Browser Wars with Chrome.  Vulnerabilities already found.
• United Airlines Stock Crash (Sherri Davidoff/philosecurity)
• Malware Challenge officially released!  The contest begins October 1st!  Winners announced at the Ohio Information Security Summit.
• Tyler talks about stupid botmasters
• Dumb but funny picture - Opens you up for an attack
• Big Brother wants every single e-mail, text
• Real punishment: Russian Viagra spammer murdered
• Killer app: Game consoles contain hazardous chemicals
• Tom’s Tech Segment- Dradis: Information sharing for security testers
• Dradis installation notes on Ubuntu.

Please send show feedback to feedback [aT] securityjustice.com or comment below.  The next live podcast will hopefully be broadcast over Hak5 radio!  We will post/tweet about the next live audio stream.  We can also sometimes be found in our IRC chatroom at irc.freenode.net #securityjustice.  Thanks for listening!

We will also be streaming the podcast live on Hak5radio.com starting at 9PM EST!  Listen to the podcast on Hak5radio.com and join us for live chat on irc.freenode.net #securityjustice during the podcast.

Join us for security talk, food, beer and audience participation! Thanks for listening and supporting the Cleveland security community!

Via Room362.com:

“A packer, also known as a run time packer, is a program which compresses another executable to a smaller size on disk.  When executed, the packed executable is uncompressed in memory and executes.  The time to uncompress the executable in memory is usually not noticeable, making it very advantageous to use one.”

Check out Tyler’s article over at Room362.com.

• NEO InfoSec Forum Speaker recap…
• Mitigating Phishing through Email Authentication: SPF, SIDF, DK, DKIM, SSP and ADSP
• Matt solidifies our “explicit” rating and Tom talks about his childhood fantasies of Carrie Fisher in her Slave Leia outfit.
• Hacking Without Tools Part 1: Linux/UNIX
• Tom’s Black Hat/Defcon recap (talk recap, sexyhacking.com girls exposed, Hofbrahaus beat down, Gringo Warrior, parties with Chris and Jay from Securabit and others, our one fan becomes Tom’s bodyguard and more…)
• Defcon storytime with dotzero: Swag whores, Bunnies for priest and priests’ balls…it’s not explicit…honest!
• High level security pro’s being targeted
• Lock vulnerabilities released at Defcon, Hope and Blackhat
• Matt talks about creating a medecoder
• New information gathering attack against Axis cameras
• Tyler talks about recent CNN/MSNBC malspam
• Dave talks about “diversion safes” and the TSA searching through your dirty clothes (yuck)
• You want to see the lettuce safe! (scroll down to the middle of the page)

Stay tuned after the podcast for some classic SJ bloopers.  Please send show feedback to feedback [aT] securityjustice.com or comment below.  The next live podcast will be broadcast over Hak5 radio!  Stay tuned for an announcement of our IRC channel as well.  Thanks for listening!

Participants included Sploitcast, Securabit, PaulDotCom, Network Security Podcast and of course…Security Justice.  Thanks to Rob Fuller (Mubix) for organizing the event.

You can view the video stream here.

Also, check out the Security Justice Flickr Photostream for pictures of the event.

In this podcast Jay talks about the DNS vulnerability and (in Jay’s opinion) why Dan Kaminsky went about releasing the vulnerability the way he did.  Jay also talks about his two upcoming talks at Defcon 16:

Owning the Users with The Middler - Saturday, August 9th @ Noon
They’re Hacking Our Clients! Introducing Free Client-side Intrusion Prevention - Sunday, August 10th @ Noon

If you are going to Defcon this year be sure to check out Jay’s talks!  Our sponsor DualCore will also be playing live at theSummit EFF/THF Fund Raiser on Thursday, August 7th @ 9pm at the top of the Riviera!

Thanks again to Jay for being a guest on our podcast!

Please send feedback to feedback [aT] securityjustice.com or comment below.  Thanks for listening!

• PaulDotCom
• CyberSpeak
• Network Security Podcast
• Security Justice
• Securabit
• SploitCast
• Security Catalyst (possible)

Looks to be like a great time and good opportunity to hang out with your favorite podcast hosts!  Thanks to Rob Fuller (mubix) for organizing this event.  Hope to see some of you there!

The Fast-Track tool combines multiple attacks and gives menu driven automation to pentesting.  Fast-Track automates several different types of attacks including Metasploit’s “AutoPwn” and MSSQL brute forcing as well as updates for BackTrack 3.

Dave Kennedy will also be speaking on a panel at Defcon 16 titled Black vs. White: The complete life cycle of a real world breach.

Please send feedback to feedback [aT] securityjustice.com or comment below.  Thanks for listening!

• Speaker Recap – NEO InfoSec Forum
• NEO InfoSec Myth Busters: Is Personal Data Stored on Hotel Keys? Using Magstripe Analysis Tools to Discover the Answer by Matt Neely, SecureState
• Unetbootin, FreeSBIE, miniBSD
• CF cards and photo booth hacking
• Massive DNS vulnerability
• eWaste and China
• New low budget independent hacker film: Insecurity
• “Hackers are people too” premier at DefCon 16!
• WarGames 25th Anniversary
• “Sexy Hacking” (Thanks to PaulDotCom for finding this site! WARNING: NSFW!)
• Sexyhacking.com censorship FAIL! (Blog post by McGrew Security)
• Moan My IP…also NSFW!
• Bill Gate’s enjoys the same issues as the rest of us
• Audience magstripe results
• WSUS issue mentioned by Dave

Please send show feedback to feedback [aT] securityjustice.com or comment below.  Stay tuned for announcements on special edition podcasts that will be recorded before our next monthly podcast.  Thanks for listening!

More information below:
http://ascii.textfiles.com/archives/000278.html
http://ascii.textfiles.com/archives/000645.html

This commentary was made the same night as Episode #2 of the Security Justice podcast.

• Welcome and what is Security Justice drinking?
• Web site launch
• Mavis Winkle’s Network Night
  
• Dual Core latest album (correction from the podcast…album is called “Super Powers“)
• Speaker recap from the Northeast Ohio Information Security Forum meeting
• Announcement about special edition podcast with Dave Kennedy of SecureState (Fast-Track developer for Backtrack 3) coming soon!
• Online Social Networks: 5 threats and 5 ways to use them safely
• Evolved Badware, Joe Kovacic from ITSoftware
• Security Hot Topics
• Verizon Data-Breach Study
• Updated ransomware (correction…that’s a 1,024-bit key!), malware that takes control of your router via default passwords
• Beer break!
• Stumbling upon security issues and vulnerability disclosure
• Dave comments on the 2003 blackout
• Stupid human tricks seen by Dave and Tom
• Audience participation!

Please send show feeback to feedback@securityjustice.com (might not work yet) or comment below.  Stay tuned for announcements on special edition podcasts that will be recorded before our next monthly podcast.  Thanks for listening!

• Introducing the Security Justice team
• Dave talks about social engineering
• Tom talks about recent website hijacks (Comcast, Metasploit.com)
• Phone Losers of America - Voice Authentication
• Matt talks about his voice authentication research
• Interesting local ATM theft and other ATM goodies
• What’s up with these Chinese hackers? Hackers on an island?!?
• Chinese hackers pwn Dave’s watch…
• Picture frames used for hacking
• Projects and research Security Justice is working on
• Shout outs to PaulDotCom, Hak5, Securabit, and thanks!

Music for Security Justice is provided by Dual Core! Check out Dual Core for some of the coolest nerdcore music around!

You can listen to the podcast right from this web site by clicking the “play” button below…or download our podcast into any podcatcher (iTunes, Podnova, Odeo, etc…) via our FeedBurner feed.

Next podcast will be recorded live at Mavis Winkle’s Irish Pub in Independence, Ohio right after the Northeast Ohio Information Security Forum on June 18th. Come on out for some great brew and join our live audience!