SECTHIS.COM Security Podcast

MI6 Camera -- Including Secrets -- Sold on eBay(IN)SECURE Magazine Issue 18FISMA 2008: A Better Solution (September 29, 2008)Cyber Security Awareness Month - Daily Topics, (Tue, Sep 30th)Just what color is a security hole?Sophos concludes $314 million Utimaco buyCookie HijackingWPA no longer secureHostsGene Naftulyev, CISSPDoug Landoll, CISSPErik Moon, CISSPMusicJonathan Coulton

Disgruntled admin gets 63 months for massive data deletionIntellipedia?AT&T manager on laptop loss: 'It is pathetic'FTC wants to hit the spyware guys where it hurtsSoftware security hole shows utilities and other infrastructure vulnerableVerizon Business 2008 Data Breach Investigations ReportBank of America check card data compromisedRansomwareWe lost both Ben and Doug 30 min into the podcast - excuse the slight dead air.Intro music by Walt Ribeiro - RushHostsGene Naftulyev, CISSPAnatoly Elberg, CISSPDoug Landoll, CISSPBen Spader, CISSP

Richard Clarke: 'Government Failed You' on SecurityLargest Public Power Grid at Cyber Risk, Feds SayMinnesota Town Tells Google Maps: Keep out - We Mean It!Apple Patches 40 Security HolesInside the Attack that Crippled Revision3Intro music by Jessy MossHostsGene Naftulyev, CISSPAnatoly Elberg, CISSP

FBI Worried as DoD Sold Counterfeit Networking GearUK to monitor and record every phone call, web page & emailBiometric Authentication System - An OverviewBlackBerry Giving Encryption Keys to Indian GovernmentLAST HOPEProtecting Users Against ThemselvesGoogle Health ServiceReflections on Trusting TrustHostsGene Naftulyev, CISSPDoug Drew, CISSP

Military Computer Contractor Convicted on ID Theft ChargesBackground Checks: How Not to Hire an Information Security Officer Who's on ParoleThe 'Hard Disk Crusher' Doesn't Mess AroundProtecting Yourself From Suspicionless SearchesFlorida Judge Smacks Down RIAAGoogle is spearheading a volunteer workforceUnsafe at any speed the 7 dirty secrets of the security industrySteal the data of Facebook usersA new SQL Injection attack is making the roundsHostsGene Naftulyev, CISSPDoug Drew, CISSPDave Meier, CISSP

Microsoft Opens the Gates to Hack Their Web ServicesPC World: Sites’ Personal Questions May Pose Security RiskFBI Looks at Chinese Role in Darfur Site Hack(IN)SECURE Magazine Issue 16WifiZoo v1.3 Released - Passive Info Gathering for WifiKaspersky Security Bulletin 2007: Malware evolution in 2007Windows XP SP3 Will Be Available for Download on April 29 (April 21, 2008) Schneier: Lots of security software is 'snake oil'Microsoft figures show some users may like adwareEnterprises Slow to Fight MalwareHostsGene Naftulyev, CISSPDoug Drew, CISSP

Techworld: BlackBerry Servers Ripe for the Hacking Creating bootable USB drives for capturing the contents of memorySoftware Radio Attacks and Zero-Power DefensesPIN Entry Device (PED) vulnerabilitieswww.notacon.orgTrend Micro Hit by Massive Web HackJudge Rules Against Accused Spyware DistributorMichigan says MediaSentry (RIAA) lacks necessary PI licenseHow To Think Like An Online Con Artist NATO Equates Cyber Attacks to Missile Attacks (March 7, 2008)Brief: Phone "swatter" gets 30 monthsRussian serfs paid $3 a day to break CAPTCHAsHostsGene Naftulyev, CISSPAnatoly Elberg, CISSPDoug Landoll, CISSP

Retrieving crypto data from DRAMPIN Entry Device (PED) vulnerabilitiesPCI And The Circle Of BlameTechworld: Criminals Automate Security TestingFTC Data: Telcos, Banks are Top Targets for ID TheftComputer Sweden: Swedish Officials’ Passwords Revealed by Hacker17-year-old Social Engineer (IN)SECURE Magazine Issue 15You got Owned!www.trisc.org DHS Getting Flak for IDS upgradeHostsGene Naftulyev, CISSPAnatoly Elberg, CISSPDoug Landoll, CISSPBen Spader, CISSP

Forensics requires a PI licenseWelcome to Cyberwar Country, USAShmoocon Speakers Thanks to surbo from i-hacked.comThanks to Hak5 Computerworld: Mozilla Raises Firefox Security BarUse of Rogue DNS Servers on RiseHostsGene Naftulyev, CISSPAnatoly Elberg, CISSPDoug Landoll, CISSPChris Gerling, CISSP

EU Official: IP Is PersonalBush Order Expands Network MonitoringSwitzerland Tells Antipiracy Group Tactics Violate LawMaritime Security & Domain Awareness ConferenceMilitary Open Source Software Conference - Initiatives, Risks, Opportunities & ChallengesLargest Can-Spam Penalty Levied By FedsPrivacy Laws Make ProgressComputerworld: US Gov’t Seek 10 Percent Hike in IT Security SpendingIBM, Google, Microsoft, Others Join OpenID BoardTrueCrypt 5.0 Released!!!Ex-Boeing engineer charged with theft of Space Shuttle secrets for China - DOJ Small Romanian Town Gets Rich Through eBay Scams HostsGene Naftulyev, CISSPAnatoly Elberg, CISSP

Shmoocon - if you go, say hi to Anatoly and DougYes this is Episode #40 - #39 will be part of the 'lost episodes' special sometime in the future!TJX data breach doubles from 45.6MM to 94MM accountsPandemic wargame exposes gaps in financial service firms' disasterPhishing scheme cons grocery chain out of $10MM, lawsuit revealsEuropean banks remain complacent about compliance and security, surveySwitzerland Tells Antipiracy Group Tactics Violate LawAnalysis: Rogue Trader at Societe Generale Leads to $7 Billion Fraud-Related LossMan Files Patent For Taser-Proof Clothing ISSA JournalHostsGene Naftulyev, CISSPDoug Landoll, CISSP

Shmoocon Ticket GiveawaySANS certificationsNumbers: ITIL, COBIT and More; Who Uses What?Sears: Come see the softer side of spywareCA’s Web Site Hacked by Malware AuthorsWiFi piggybackingPacking.org gone but check out handgunlaw.usState Hacking/Computer Security LawsHostsGene Naftulyev, CISSPAnatoly Elberg, CISSPBen Spader, CISSPJeff Pettorino, CISSPDoug Landoll, CISSP

Shmoocon Tickets going fast! IT Departments Biggest Source of Data Leaks, Says ResearchUK Government Accuses Chinese of IT EspionageMI5 Warns UK Businesses of China-Sponsored Cyber Attacks (December 2 & 3, 2007)Government-sponsored Cyberattacks on the Rise, McAfee Says10 Extremely Useful Websites to Stop Big Brother From Snooping on You(IN)SECURE Magazine Issue 14 Technitium FREE MAC Address Changer v4.7 - Released for DownloadResearchers reverse Netflix anonymizationQuickTime exploited by media-handling flawData Breaches Cost More Than EverTJX offers a $40.9 millionCard issuers do not get to form a class in a suitTJX's Settlement with Visa Casts Light on Murky World of PCI PenaltiesHostsGene Naftulyev, CISSPAnatoly Elberg, CISSP

Microsoft switching SharePoint to claims-based authenticationPGP Whole Disk Encryption - Barely Acknowledged Intentional BypassHard Drive Imports to be Banned?The Russian Mafia Doesn't Like Spam EitherFirewall Secures Battlefield CommunicationsDetails of Hijacked 24/7 Ad Server EmergeStorm Botnet Divides, Preps for Sale to SpammersCafe Latte Attack Steals Data from Wi-Fi PCsDefault Manufacturer Passwords for a Ton of DevicesComcast Admits Delaying, Not Blocking, P2P TrafficJim Tiller for (ISC)2 board of Directors - if you are a CISSP please "Vote for Jim"HostsGene Naftulyev, CISSPAnatoly Elberg, CISSPBen Spader, CISSP

Financial Institutions Spending on Security, GovernanceUK Authorities Can Demand Decryption Keys (October 1 & 3, 2007)Hackers at Microsoft?! Now Wait a Minute ...FCC declines to investigate NSA-telco linkEFF sues the DOJ for withholding records of telecom surveillance immunityShould Schools Fingerprint Your Kids?Analyst Warns That Web 2.0 Threatens Corporate SecurityFor My Next Trick... Hacking WEB2.0Jim Tiller for (ISC)2 board of Directors - if you are a CISSP please "Vote for Jim"Doug's Book - Performing an Information Security Risk Assessment (Hardcover)Intro Six Mile Bridge 2001HostsGene Naftulyev, CISSPErik Moon, CISSPDoug Landoll, CISSP

iPhone Turned into Pocket-Sized Hacking PlatformRuling Eases Government’s Efforts for Cell Phone TrackingHackers Post Techniques for Reversing iPhone UpgradeGun Safe Zone on you tube Whistleblower lawsSuit: Employee Fired for Reporting BreachOpt-out from pre-approved credit applicationsOctober is the fourth annual National Cyber Security Awareness MonthYour Digg username is probably "too secure" for American ExpressBluetooth HeadsetGo Ahead (Bomb New York)Jim Tiller for (ISC)2 board of Directors - if you are a CISSP please "Vote for Jim"HostsGene Naftulyev, CISSPAnatoly Elberg, CISSPBen Spader, CISSP

Jim Tiller for (ISC)2 board of Directors - if you are a CISSP please "Vote for Jim"Pentagon Hacked by Chinese MilitaryChina accused of cyberattacks on New ZealandFrance Complaining of China Hacks TooBrief: China claims hackers stole its secrets tooGroup releases free iPhone unlock hackNames, Contact Info on TD Ameritrade Customers CompromisedTJX Data Criminal Gets Five Years in PrisonJack Thompson Decides He's In GTA IVWindows worm targets Skype usersAnd why I don't drink French Vodka! French Diplomat Softens Tone on Iran Nuke ProgramNote: Episode 31 had sound issues but I will try to salvage as much as I can and post it.HostsGene Naftulyev, CISSPAnatoly Elberg, CISSPErik Moon, CISSPJim Tiller, CISSP

NOTE: All future secthis gear reviews will be located at gear.secthis.com - this is a sample. As hosts of secthis.com podcast we are always buying new gear - be it tech or firearms - and often we talk about it on the podcast. Well now we are going to add a new section to the website where we post short reviews of this gear - in secthis.com style of first having a drink, then writing a review!If you think this is a good idea, let us know by emailing Gene. If this is a bad idea then email Mooner! No seriously send any of us mail and let us know what you think.We have a number of items that we are ready to review for you, so let me start with the first utterly useful item!Citizen Skyhawk Atomic Eco-DriveI have been looking at getting a rugged, automatic, more full featured watch for a while. The main objectives that this watch had to fulfill were:It needed to be an Automatic - either a self winder of solarIt needed to show at least 2 time zonesIt needed to have night viewing - whether tritium or back lightingWatches with dual time zones are generally referred to as GMT models. So while I really like the look of the Rolex GMT Master II, it would not have passed the 'wife' test, nor does it have tritium or back lighting. I did find a KHS Operator Timer, great looking Tritium watch, but it was neither an Automatic nor a GMT.After doing more research I did find an automatic Tritium watch, but again it was not a GMT. This was the Tracer Classic Auto Pro. If I did not need the GMT capability I would certainly have purchased this watch. It really looks nice and uses the same Swiss Auto mechanism as the Omega watches.So was there a watch that was Automatic, GMT, and Tritium? Well as it turns out there is one - the Ball Engineer Hydrocrbon GMT - and my finger was on the purchase button when my wife stopped by and convinced me not to buy it. She made me a deal that if I she'd buy it for me as soon as she passed her CISSP.So I was back to looking for an Automatic, GMT, with Tritium. I expanded my search to include solar watches not just mechanical automatics. I still wanted dual time zones, and either tritium, or some other backlight. I found a few models that seemed to fit the bill until I stumbled on the Citizen Nighthawk. This was a nice solar watch that combined solar power, second time zone and a decent backlight.Again I was ready to buy, but while doing a price search, I found the Citizen Skyhawk Atomic Eco-Drive - another model that had the same features, but also had a 3 timezone display, and received the radio signal broadcast from the atomic cesium clock in CO. On top of that it had a very nice rotating slide rule. This seemed like it would fit the bill!So now I have a watch which keeps time as precisely as a GPS, is self-powered even if I am not wearing it, and has amber LED back lighting which won't kill my night vision. If you look at the closeup video you can see that it has a constant UTC (GMT) face, a 24 hour local time zone face, a main 12 hour local time face, and another time zone display is possible in the digital display.It may not win any style awards at the office, but in the field this is a ruged, completely automatic (it will even switch to daylight savings automatically), and functional watch for anyone who needs more than a basic dress watch. Retail under $600 is well under many of the Swiss watches I looked at. And here is the short closeup video.Gene Naftulyev, CISSP