The Host Unknown Podcast - HostUnknown Podcast Official Pilot
Episode Date: May 13, 2015In this, our first iAudioBlog, we talk to the young and up and coming, the old and grey, review the news, tweets, as well as realize we needed just one more jingle recorded. There is some other stuff ...there as well. Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
You're listening to the Host Unknown Podcast.
Hello and welcome to the first in an irregular series of podcasts by us, Host Unknown.
Next to me I have Javad Malik and Andrew Agnes.
Why are we podcasting, Tom?
Because we have the perfect faces for radio
speak for yourself moving on we now have a segment that we like to call the little people
It's in this segment that we try and highlight the younger generation of people up and coming in our industry.
Today we speak to Jill Chalmers.
I'm here with Jill Chalmers of Abertay University,
who's the outgoing president of the Ethical Hacking Society there
and has just finished the finals of working on the dissertation.
So, Jill, can you tell me about some of the work that you've been doing recently?
My dissertation topic is Honey Words and Honey Encryption,
which is a new concept for login systems,
which takes normal passwords, adds on random passwords to the database,
and then random encryption on top of that.
So if someone steals your database,
they've not only got to crack all the passwords that are in it,
they've also got to figure out which encryption is being used,
they've got to figure out which part of the encryption is being used,
and every single password that the user creates has a unique salt attached to it as well.
So they need to get past multiple layers of encryption to get to the actual password in the first place.
And if they use any of the honey words that have been placed in there
it triggers an ids which alerts them to the database theft which has also got something
written into it so that you can alert your users they change their passwords and all their honey
words get updated as well so the entire system and database that the person's nicked is now useless. Marvellous. Thank you very much.
So we will be adding subtitles for those of you who, like us,
did not understand a word she was saying.
Too technical for me and Scottish.
Wasn't it about iron brew? Something like that.
Girders and stuff.
The Little People.
Rant of the week.
So, Andy, do you want to rant about
the latest ruling
from RSA at their conference
I do
in a way that's not going to get me fired
with complaints
ok so this is going to be a short segment then
Andy don't worry no one's going to listen to our podcast
we're just doing this for sponsor money rant of the week
so i have concerns in the direction uh that conferences appear to be going introducing
dress codes uh for example rsa has explicitly stated attire of an overly revealing
or suggestive nature is not permitted we're not just talking about promotional girls we're
actually talking about members of staff on the stands as well um you know tank tops camisole
tops or mini dresses have been explicitly named
as well as the catch or objectionable or offensive costumes.
Who's to say what's offensive?
You do realise that InfoSec Europe started the trend out last year.
But they didn't explicitly state a dress code.
But his umbrage
has been boiling over
ever since
InfoSec I think
he's always talking
about this
I think it's a good move
I think that
people
who are professionals
going to a professional
conference
should be
interacting with
professional people.
And having jugglers and people in skimpy outfits and fire-breathing dragons is just not professional.
If I want to see that stuff, I'll go to the zoo or I'll go to Stringfellows.
I don't need to go to a conference to see that shit.
We're not talking about jugglers here.
We're actually talking about people on the stands.
that shit we're not talking about jugglers here we're actually talking about people on the stands i'm telling you that some people do like to dress in mini dresses or some people have
cleavage on display in the office environment as well as at events
you're listening to the host unknown podcast more fun than a security vendor's briefing
Host Unknown Podcast.
More fun than a security vendor's briefing.
You know I enjoy wearing Lycra when I go to conferences.
Under the new ruling by RSA, I would not be allowed to stand on a stand.
As it were.
So what should we all, should you all wear just a onesie?
Just a beige onesie or? Well, we're going there with burkas and boiler suits.
That's not at all concerning to hear you say that, Andy.
OK, folks, that was Rant of the Week.
Rant of the Week.
Next up, we're going to be looking on Twitter for a Tweet of the Week.
Jav, you've got Twitter open now. What have you found?
I have to say the Tweet of the Week has to go to Troy Hunt,
who tweeted out, hashtag, still unemployed.
And there's a picture with it.
Oh, good. Oh, we can all see the picture now. Excellent.
It's amazing.
Slightly underexposed.
Hey, he takes his whiskey like I take my women.
How's that, Andy?
16 years old and mixed up with coke.
Tweet of the Week.
Right, moving on.
Segment we call...
Billy Big Balls of the Week I'm here talking with Christian Toon, Head of Information Risk at Iron Mountain.
Hello Christian.
Hi Tom.
What are you working on at the moment?
Tom, what am I not working on at the moment?
Jeez, it's not security assessments in the far reaching corners of the world.
It's third party assurance back at home because people want to know about Infosec. They want to know what you're doing, what you're doing with their data. But I'll tell you what,
these assessments through the side of the water, it's scary. You go into some really scary, nasty
places and between you and me, they're doing a lot of stuff we should be doing.
Yeah, that's what I was saying.
It's weird that he's in Manchester.
That was recorded last year.
Now Christian Toon works for someone else.
Who's that, Tom?
I believe it's PwC,
or PricewaterhouseCoopers, as they like to be known.
What's he gone there for?
I think he had an excellent opportunity that he couldn't turn down.
Ah, makes sense, makes sense.
It's good for him, good for him.
Hey, none of us would ever sell ourselves out for money, would we?
No.
Never, never.
Post Unknown, sponsored by...
Insert name here.
He's gone down in my estimation.
Okay, so...
How do you spell shambles?
It's not shambles, it's omni-shambles.
And so, on to...
Conference of the Week.
This week's conference is...
RSA.
Tune in next week to find out
when.
That's good.
Where's RSA this year?
It's in San Francisco, I believe.
It's always in San Francisco.
It's not in London anymore.
Or Europe. Not doing Europe
at all. No, they've got this RSA
unplugged now, which is on at the same
time as InfoSec.
And they said no sponsors. They said they're not no they've got this RSA unplugged now which is on at the same time as InfoSec yeah so
and they said no
no sponsors
they said they're not
going to have any sponsors
oh really
yeah
it's a one day thing
it's unplugged
I'm speaking there by the way
oh are you
RSA unplugged
yeah
yeah
I might give a ticket
back
the
I thought they said
no vendors
no vendors sponsoring it
it's just all vendors talking
I knew I was moving but I couldn't tell anyone I was moving
so when I was approached about talking I said yeah of course I can
and so they put me down they got me on the website and said
oh by the way I've just moved to Alienfall I hope that's not a problem
I said no no that's not a problem. I said, no, no, it's not a problem.
Industry News.
Now we're on to the news,
which is powered by itsecurityguru.org.
They look so we don't have to.
And top 10 stories are powered by IT Security Guru.
We haven't actually read any of these.
We're just going on the titles.
So I'll read them out and you two can add in your commentary.
29 million health records breached in the USA in three years.
Board of health records stories being breached.
Okay.
Firemon appoints new CTO and marketing vp that's interesting now
apt on apt attacks reveal new actors
china on china action that's all i see it managers still relying on the perimeter despite
improving defenses in response to threats that That's not a headline, that's an essay.
Akamai launches cloud security
intelligence data processing engine.
Go Akamai! Alien Vault
releases closed beta of second version
of Open Threat Exchange. You two shut up.
This is by far the most important story here.
It should be number one. All others
are number two or lower.
Why do you need volts to
store aliens i know bizarre bg launches event and telemetry data analytics tool to detect and
identify threats i don't actually understand what that means
websense announces partnership with bolden james to boostLP solutions. Sounds like they've teamed up with a law firm.
Microsoft disables SSL
3.0 in patch for
Internet Explorer 11.
There are people that still use
Internet Explorer.
Sony level attacks
are possible on 90% of companies.
Sony has attacked
90% of the time.
Sony has breached 90% of the time. Sony has breached 90%
of the time. 90% of the time
you hear of Sony, they are in
the status of being breached.
Exactly. In fact, 90%
of the time they're being breached all the time.
And that
wraps up the news.
So, thank you for listening.
We hope you enjoyed it.
We will get the next episode out as soon as we can get the three of us together in the same room again.
There are eight minutes you will never get back.
Well, thank you very much for listening.
We hope you enjoyed it.
I'm afraid those are eight to ten minutes you will never be getting back.
See you next time.
Love you. or something like that. Insert legal agreements here as applicable and binding in your country of residence.
We thank you.
Stay secure, my friends.
I don't have a tagline.
You don't have any lines.
Andy, you are just a disappointment.
I am disappointed, son.
I'm not angry.
I'm just really, really disappointed.
Would anybody be upset if I said that didn't record?
No.