Friday Summary: September 30, 2010By Rich
So you might have heard there’s this thing called ‘Stuxnet’. I was thinking it’s like the new Facebook or something. Or maybe more like Twitter, since the politicians seem to like it, except Sarah Palin who is totally more into Facebook.
Anyway, that’s what I thought until I realized Stuxnet must be a person. Some really bad dude with some serious frequent flier miles – they seem to be all over Iran, China, and India. (Which isn’t easy – I had to get visas for the last two and even a rush job takes 2-3 days unless you live next to the embassy). I know this because earlier today I tweeted:
Crap. I just watched stuxnet drive off with my car flipping me the bird. Knew I should have gotten lojack.
Then a bunch of people responded:
@kdawson: @rmogull Funny, though I would have pictured Stuxnet as more the Studebaker type.
@akraut: @rmogull The downside is, Stuxnet can still get your car even after you disable the starter.
@st0rmz: @rmogull I heard Stuxnet was running for president with drop database as his running mate.
@geoffbelknap: @rmogull Haven’t you seen Fight Club? Turns out you and stuxnet are the same person…
That would explain a lot. Especially why my soap smells so bad. But I don’t know how I could pull it off… some random company that promises visas for China has my passport, so it isn’t like I’m able to leave the country. I’m pretty sure I can trust them – the site looked pretty professional, it only crashed once, and there’s a 1-800 number. Besides, it was one of the top 3 Bing results for “China visa” so it has to be safe.
And don’t forget to attend the SearchSecurity/Securosis Data Security Event in San Francisco on Oct 26th!
On to the Summary:
Webcasts, Podcasts, Outside Writing, and Conferences
- James Arlen spoke at the EnergySec conference last week.
- Rich was mentioned by Alex Williams on ReadWriteWeb about the chance the government will mandate CALEA-type backdoors in any communications or encryption software.
- Rich also quoted on the same thing at Federal Computer Week
Favorite Securosis Posts
- Adrian Lane: Application Monitoring, Part 1.
- David Mortman: A Wee Bit on DLP SaaS.
- Mike Rothman: DLP Light and DLP Features. DLP is evolving and Rich walks you through it.
- Rich: Proposed Internet Wiretapping Law Fundamentally Incompatible with Security. (Yep, I picked my own. Live with it.)
Other Securosis Posts
- Monitoring up the Stack: Application Monitoring, Part 1.
- Monitoring up the Stack: DAM, part 2.
- Incite 9/29/2010: Reading Is Fundamental.
- NSO Quant: The End is Near!
- Attend the Securosis/SearchSecurity Data Security Event on Oct 26.
- Monitoring up the Stack: DAM, Part 1.
Favorite Outside Posts
- Adrian Lane: I know what the law says. Or do I? Interested to see if this holds up to scrutiny. And using the same disclaimer Jack did, the AG’s interpretation does not make sense.
- David Mortman: Feel the dark side of Intellectual Property Rights. You know you want to…
- Mike Rothman: Things I hate about security reports, a rant. Most technical folks don’t write very well. It’s a problem and some of these tips are useful.
- Chris Pepper: CIA Drones May Have Used Illegal, Inaccurate Code. Crazy story & accusations!
- James Arlen: Good food for thought on the ‘whys’ of the battle: CIO/CSO disconnect.
- Rich: Why Russia and China think we are fighting cyberwar now.
Project Quant Posts
Research Reports and Presentations
- Understanding and Selecting a Tokenization Solution.
- Security + Agile = FAIL Presentation.
- Data Encryption 101: A Pragmatic Approach to PCI.
- White Paper: Understanding and Selecting SIEM/Log Management.
- White Paper: Endpoint Security Fundamentals.
- Understanding and Selecting a Database Encryption or Tokenization Solution.
- Low Hanging Fruit: Quick Wins with Data Loss Prevention.
Top News and Posts
- LinkedIn Drive-by Malware Attack.
- 19 Arrested in Zeus Malware Bank Heists.
- More Stuxnet Details.
- Tahoe Least Authority File System looks interesting.
- Microsoft pushes emergency patch for the padding oracle attack.
Blog Comment of the Week
Remember, for every comment selected, Securosis makes a $25 donation to Hackers for Charity. This week’s best comment goes to Paul, in response to Understanding DLP Solutions, “DLP Light”, and DLP Features.
Rich, nice update! It seems worth amplifying that DLP Light is going to give you multiple reporting points, requiring you to work with each product’s reporting output or console to see what’s going on. SIEM is a solution, but to provide the simplicity the typical DLP Light user might need, the SIEMs are going to need to provide pre-built correlation rules across the DLP Light components.