The Sensuous Sounds Of INFOSEC

We review the film, "We Steal Secrets," and also discuss Wikileaks, Julian Assange, Adrian Lamo, and Specialist Manning.

We review the film "Richard Jewell," from an information and security perspective.

The text of the proposed bill: https://www.judiciary.senate.gov/imo/media/doc/S.4051%20Lawful%20Access%20to%20Encrypted%20Data%20Act.pdfThe Russians give up blocking Telegram: https://www.reuters.com/article/us-russia-telegram-ban-idUSKBN23P2FTSkynet is racist: https://reason.com/2020/06/25/wrongful-arrest-in-detroit-demonstrates-why-police-use-of-facial-surveillance-technology-must-be-banned/

https://www.californiacoastline.org/streisand/lawsuit.html

We discuss patents and trade secrets, and why you shouldn't steal the recipe for Coke. But you should drink it.

We talk some more about the nuances of intellectual property, and some famous cases related to the topic.

This week, we discuss...intellectual property! But please remember-- we ain't lawyers.

The tool mentioned by Ryan during the episode: https://www.knowbe4.com/The Saturday Night Live sketch Ryan references (and yes, Robin does sound like that!): https://www.youtube.com/watch?v=RoysmfRxPLc

We review the Julia Roberts/Clive Owen film "Duplicity," from an INFOSEC perspective.

We discuss the formation and composition of the Internet and World Wide Web.

We review the 2007 film, "Breach," from an INFOSEC perspective.

We discuss Reddit, from its origins to current use.

We interview Mike Allen about home office/network defense.

In our first in a series of media review shows, we take a look at the movie "Zero Days."

This week, we were extremely excited to have our very first guest on the show: Tachic Hickman-Piazza of Allured By Design. We had talked about Tachic’s experience briefly in Episode 2; her Instagram account had been hacked, and she lost three years of work overnight. In this episode, we got to talk to Tachic, hear about what she went through from her experience, and hear her advice and opinions about security of online platforms in the wake of the attack. It’s a much longer episode than normal, simply because the conversation got so fascinating. We think you’ll really enjoy it— please feel free to leave comments/questions/responses!

Show Notes:- When a US federal law enforcement agency ran an online kiddie-porn site: https://en.wikipedia.org/wiki/Playpen_(website)

Before the episode, Robin mentioned that she found a great certification for n00bs and career-switchers, IT Fundamentals+ (ITF+):--CompTIA website: https://www.comptia.org/certifications/it-fundamentals--Free full ITF+ course with ITProTV: https://www.youtube.com/playlist?list=PLc6zqGSJMvCSQ3djLlfS_2LnliS-Q-FKVTerms used:DDOS Attack: a malicious attempt to reduce the target system's availability; often involves the use of botnets (see below)DNS: Domain Name Service; aids Internet users by resolving plain-language URLs (such as www.securityzed.com) into the IP address of the machine hosting the intended content (the securityzed blog and podcast)Botnet: a group of machines, often quite large (sometimes, thousands of devices), used to perform some less-than-legitimate activity (DDOS attacks, reporting inflated ad clicks/link calls to generate ad revenue, performing mathematical work to try to crack password/credentials/content that has been encrypted, etc.); typically, the owner of each device in the botnet is not even aware that their device is participating.Internet of Things: Current trade name for consumer products that have an IP address but main purpose is to function in the physical world, not as compute/storage devices.If you are a nerd and like physics, cats, and weaponized vacuums, check out William Osman on YouTube: https://youtu.be/7haDZWR3MYUBrian Krebs, INFOSEC rockstar and the target of the giant Mirai attacks (as well as his hosting service, DYN), discussing all the topics associated with Mirai: https://krebsonsecurity.com/tag/mirai-botnet/SecurityWeek article about the Mirai attacks, which includes PornHub's DNS redundancies/mapping: https://www.securityweek.com/whats-fix-iot-ddos-attacksA good background on what DNS is and how it works: https://en.wikipedia.org/wiki/DNS_hosting_service

Show notes:Text of the proposed bill: https://www.congress.gov/bill/116th-congress/senate-bill/3398/textA great article explaining stuff better than we can: https://reason.com/2020/03/09/senators-push-sneaky-anti-privacy-bill/

Terms:Security architect: A person with a broad view of the security and technology in an organization’s environment, usually combining all possible aspects of the organization, including physical/system/network/software/personnel security, lines of business/operations, risk management, and governance, in a holistic way.Online resources/groups to look at if you're interested in the field:https://www.facebook.com/groups/InfoSec101/https://www.reddit.com/r/cybersecurity/https://www.reddit.com/r/security/https://www.reddit.com/r/netsec/https://www.reddit.com/r/privacy/https://www.reddit.com/r/sysadmin/https://www.reddit.com/r/CompTIA/https://discord.gg/HyzFj94Please feel free to ask questions/add feedback in the Comments section, and to offer suggestions of topics you’d like us to discuss in future episodes.

Show NotesThe Facebook law enforcement portal: https://www.facebook.com/records/login/Facebook’s guide for law enforcers using the portal: https://www.facebook.com/safety/groups/law/guidelinesA guide written by and for law enforcers using the Facebook portal: https://netzpolitik.org/wp-upload/2016/08/facebook-law-enforcement-portal-inofficial-manual.pdfThe Total Information Awareness program: https://en.wikipedia.org/wiki/Total_Information_Awareness