I thought 35 years later, Voyager 1 is heading for the stars was very cool. It brought back many memories of starting my career at Jet Propulsion Laboratories. Voyager had been in space for a decade when I started there, but these satellites were just starting to send the stunning images back from Saturn and Jupiter. Every morning people got into work early just to see what data was sent back from the night before. Friends were processing the images, doing error and color corrections, and we were seeing other planets up close and personal for the first time. We used to get copies provided to us as employees, many with color enhancement to highlight certain features of the planets and moons. It added an element of excitement to my early career that almost made us forget we were at work.
And it was fun working there. JPL teemed with really smart Caltech grads with math skills beyond most mortals. I got to see Carl Sagan speak – twice. I got to see artifacts from the rocket projects that nearly burned down the Caltech campus, and prompted JPL’s creation in the back canyons of La Canada – where they were unlikely to set anyone else on fire. I went on tours of many of the projects, control centers, and laboratories where components of space vehicles were tested. And there were many other satellite projects going on at the time, like the Galileo Spacecraft, which was in many ways more impressive that Voyager. Sure, doing mainframe and dBaseIII+ database programming seemed mundane in comparison, but what I was actually being paid for was just a small part of working there.
Stuff like Voyager got me interested in science and technology, and at the time I thought I was working in one of the coolest places on the planet. It helped pushed me through college because I knew there was way more interesting stuff going on outside – in the real world. Where else could you go see wind tunnels and rocket engines and hand-held nuclear reactors and giant gold-plated radio antennae during your lunch break? The back lot was quite literally a bunch of “space junk”, with things like a platform that held the lunar rover on the Apollo spacecraft during its trip to the moon just lying in the weeds. How freakin’ cool is that?
And I marvel at a simple, fragile appliance that was catapulted into space at catastrophic speeds, through planetary rings and heated fields of plasma. Something designed and built before the Apple II was even available for sale. But it continues to function and send back radio data to this day. Amazing.
On to the Summary:
Webcasts, Podcasts, Outside Writing, and Conferences
- Mike quoted in a Silicon Angle series on CyberWars. Probably too much hype and overuse of buzzwords, but decent perspectives on the attackers. Part 1, Part 2, Part 3
- Mike’s Dark Reading column on tough choices.
- Rich will participate on Protecting Your Digital Life August 22..
- Adrian joined Rich and Martin on The Network Security Podcast, episode 285.
- Adrian won the Nimby Award for Best Identity Forecast Blog.
Favorite Securosis Posts
- Mike Rothman: Gaming the Tetragon. Since we haven’t written much new stuff of late, I figured I’d go back and mine some of the classics of yore. My recent rant on Earning Quadrant Leadership wasn’t the first time I made similar points about the MQ. The first was a couple of months after I joined Securosis, in this post complete with a fancy picture. Users should pay attention to this stuff because if your preferred solution isn’t in the ‘right’ quadrant you might not get to buy it. So you need to game the system from both sides.
- Adrian Lane: Database Connections and Trust. This week I pulled out an old post to show the app developer mindset – when it comes to data storage and non-relational environments these issues are even more important.
Other Securosis Posts
Favorite Outside Posts
- Adrian Lane: Advanced Exploitation of Xen Hypervisor Memory Corruption Bug. On the more technical side, but this is interesting.
- Mike Rothman: Mobile Attack Surface. GP does it again. Great post here expanding on some of Jim Manico and Jim Bird’s work on defining mobile attack surface. This quote is right on the money: “I use the Attack Surface Model in combination with a Threat Model to identify and locate countermeasures.” Mobile devices are necessarily different and we need to start thinking about how our security is gong to necessarily change. Necessarily.
Project Quant Posts
- Malware Analysis Quant: Index of Posts.
- Malware Analysis Quant: Metrics – Monitor for Reinfection.
- Malware Analysis Quant: Metrics – Remediate.
- Malware Analysis Quant: Metrics – Find Infected Devices.
- Malware Analysis Quant: Metrics – Define Rules and Search Queries.
- Malware Analysis Quant: Metrics – The Malware Profile.
- Malware Analysis Quant: Metrics – Dynamic Analysis.
Research Reports and Presentations
- Understanding and Selecting Data Masking Solutions.
- Evolving Endpoint Malware Detection: Dealing with Advanced and Targeted Attacks.
- Implementing and Managing a Data Loss Prevention Solution.
- Defending Data on iOS.
- Malware Analysis Quant Report.
- Report: Understanding and Selecting a Database Security Platform.
- Vulnerability Management Evolution: From Tactical Scanner to Strategic Platform.
Top News and Posts
- Hacker ‘steals’ Hertfordshire Police Database.
- Anonymous Leaks Apple UDIDs Following Alleged Hack of FBI.
- How the FBI might’ve been owned (12M Apple records).
- FBI Says Laptop Wasn’t Hacked; Never Possessed File of Apple Device IDs. Confirm nothing. Deny everything. Make counter-accusations. That’s the playbook.
- Apple Releases Fix for Critical Java Flaw.
- Hacker steals $250k in Bitcoins from online exchange Bitfloor.
- FBI Arrests Suspected LulzSec Hacker For Sony Pictures Attack. Right here in the greater Phoenix area. Huh.
- Adobe fixes Photoshop heap overflow.
- McAfree has detected 1.5 million new malware samples in the last three months.
- A Handy Way to Foil ATM Skimmer Scams.
- TSA Denies Stonewalling Nude Body-Scanner Court Order.
Blog Comment of the Week
I find that the deployment architecture is the single most important factor in determining the effectiveness of and value customers receive from a WAF. If someone is looking for another IDS and wants to check the compliance checkbox, they will deploy off a span port. Simple yes, but is it secure; not really. How much value does it deliver; limited.
If a customer is looking for a high level of security and wants to maximize value of the WAF, then they deploy in-line, specifically in reverse proxy (in HA mode of course).
Most WAFs today contain functionality beyond just a basic app layer firewall. Customer who deploy in line can utilize the other features,the sum of which provide significant value and maximum security.
Proxying the connections is a long time best practice for application deployment. Preventing direction connections to the back end is a good thing and many enterprises have this as a standard deployment architecture. Now add the ability to inspect application content, rewrite URLs if necessary, and the solution is more secure with more value delivered to customers.
Some advanced WAFs also contain built in integration with identity and access management systems. This can significantly simplify the deployment of these types of systems (and associated costs). Additionally, some advanced WAFs have the capability to throttle and control connections base on a number of factors, like destination IP, frequency, etc.These can be effective tools in coping with Ddos type attacks. Finally, some advanced WAFs also have built in load balancing capability, caching, compression, etc to improve app performance. All these capabilities and associated benefits require an in-line proxy deployment architecture.
So taking a more holistic approach and looking at WAFs as “Integrated Security Gateways” can yield significant security and ROI benefits to enterprises.