SecuraBit before it Bytes

This week Anthony Gartner & Rob Fuller discuss the latest computer security news.  Special guests are Vyrus and CP from the dc949.org group.

Episode 11

Discussions covered the following topics:

Skynet, Advanced Dork, Google Site Indexer, These tools work worked on by CP and Vyrus and the dc949 group and are written as open source.

Rob brought up a Firefox add on called Barrier

Spoke of how we can use google alerts to help us in our daily tasks to track where our information is being sent out to.

Discussion ensued about Scroogle.org not to be confused with scoogle.com and how you can do secure searching though the site and that the site purges logs with in 48 hours.

A mention of Cisco was brought up and we also spoke of a visualized version for the Cisco Mips processors and the specific virtualized version of the Cisco 7200 Routers.

BlackBerry Encryption keys may be in the hands of the Indian Government as part of the deal with Rim.

 

 Securabit Episode 11 [64:08m]: Play Now | Play in Popup | Download

(Apologies in advance for the short term ‘wiki’ look of these show notes, the public wiki will be up soon!)

This week Anthony Gartner, Chris Gerling, Chris Mills, Jason Mueller discuss the latest computer security news.  Special guest, Chris Wilson, talks about the increase of traffic on port 808.

Episode 10 - A milestone!

We are all still alive even though the CERN Particle Collider has been started up.

OpenSource Projects, Software, Patches

Obama Sex Video Spam

New SecuraBit VPS! (We have since cancelled and will be moving to something else soon)  

     Linode with CentOS. However, no SELinux available

     For CentOS help go to: #CentOS on irc.freenode.net

Tips for configuring the new server:

     -Disable root login on ssh

     -Good passwords

     -Lock down all unnecessary ports

The Securabit guys started using the CentOS distribution because of its interconnections with Snort

     See InternetSecurityGuru.com for details on how to configure Snort on CentOS

In non-security related news:

     Steve Jobs Apple Special Event “Let’s Rock”

     Apple did update QuicktTime and Bonjour

     Netbooks are everywhere: Even Commodore joins Netbook Crowd

Google Chrome:

     Milworm Chrome Exploit/Vulnerabilities: Six different Exploits/Vulnerabilities to date

     Germany says do not use Google Chrome

Other news:

New Microsoft/Jerry Seinfeld commercial analysis

New Microsoft Mouse

BREAK

Anthony recently had a laptop theft and recommends the following sites to learn how to secure your computer:

     Schneier and portable device security

     Risk of losing portable devices

Latest happenings with Securabit Looking for a Team and mentoring atmosphere Coming soon: New Site/wiki/forums on a VPS

Chris Mills talks about his employer Security Expo where they showed off Rainbow Tables/Ophcrack and Driftnet

BREAK

Special Guest: Chris Wilson

 

 Standard Podcast [49:46m]: Play Now | Play in Popup | Download

Google Chrome has generated a lot of press in the day since it was released on Tuesday.  It gained over a 1% market share in under 24 hours.  Some of the interesting tidbits from a risk/security standpoint:

Controversial EULA:

Google Chrome debuted with an extremely controversial EULA that basically says everything you do with the Chrome browser belongs to Google.  They have since adjusted the EULA to remove some of the strongly worded sentences, but this might just have given us a peak into Google’s world domination plot?

Vulnerabilities:

It seems that only mere hours after the Chrome browser was available for download, vulnerabilities started showing up.  Some of them as simple as a browser crash, others as serious as carpet-bombing.  This is actually not too surprising since Chrome is based off the same version of WebKit, 525.13, that the vulnerable Safari 3.1 emanates from.

Incognito Mode:

The Chrome browser has a stealth browsing mode called Incognito which will not leave any tracks of where you browse in your history or store any cookies.  This appears to be very similar to the IE8’s InPrivate browsing mode.

Independent Tabs:

Every tab opened in Chrome runs as an independent instance of the browser.  Apparently, if you experience trouble in one tab, the rest of your Chrome environment is safe from the misbehaving tab.  I guess this only works if you don’t browse to the vulnerability mentioned above that crashes your whole browser.

So what is your take on the new Chrome browser?  Mubix suggests power users should stick with Firefox or will Chrome make the internet less frustrating” as Walt Mossberg declares?