Yep, Angry Birds are the new drones for the NSA.
Earlier this week, OWASP released a statement after an internal debate regarding recent allegations that RSA had weakened its encryption while receiving $10 million dollars from the NSA. There was heated discussion about whether or not to publish a statement. Would it be perceived as political? What is OWASP’s responsibility when it comes to defending the trustworthiness of software?
It’s January 30, 2014 and this is the TSWA News Network with Mark Miller and James Wickett. This segment of the Lone Star State DevOps includes discussions on the loss of a $50,000 twitter name, Target still making a mess of it and this week’s announcement by OWASP.
In this segment, Damon Edwards confirms, “Technology can be hardened, but to err is human because human beings are your weakness.” as we discuss three headline news stories from today’s security news:
Akamai has SSL cert problems
A Phishing attack on CNN
Angry Birds gets angry
Michael Coates takes a quick look at two application security start ups and the latest announcement by OWASP.
Update: The free training in San Francisco provided by OWASP that Michael mentions is on Monday, February 24, 2014. Plan accordingly and register in advance for the training.
Resources in this broadcast
“Increasingly, we’re putting our lives on the line in software driven devices.From an industry perspective, we’ve got to start thinking about how we update these devices over time.” — Wayne Jackson
I have been working with Sonatype as a community advocate for a while, but never had a chance to catch up with Wayne Jackson until now. My main objective was to ask him the things I want to know about the company, what the security market looks like to him as the CEO and how he intends to guide the company in the future. We start the conversation with defining what, exactly, does the CEO of a software security company do.
“Ultimately the only way we are going to solve security issues in the cyber realm is to make better software.” — Wayne Jackson
It’s January 23, 2014 and this is the TSWA News Network with Mark Miller and James Wickett. Today’s top security news with James Wickett covers Docker being funded for $15 million, Cisco routers being patched and the bad news continuing to come out about the Target breach.
Resources in this segment
What does Wyoming and China have in common? Is your refrigerator providing the opening salvo of the next cyber war? What’s going on with Bitcoin? Damon Edwards brings us up to speed in today’s segment of TSWA Network News.
Resources mentioned in this segment
- New York Times: Chinese Route Traffic to a House in Wyoming
- Why Bitcoin Does (or Does Not) Matter
- Refrigerators: The Next Step in Cyber Warfare
Today is an inaugural event in two ways. First, co-host Michael Coates launched a start up this morning, Shape Security. Second, this is the first installment of Michael’s continuing series, Security Start Ups, discussing security start ups, who’s doing what, for how much.
Resources Mentioned in this Segment
SlideShare.net has a ton of great presentations in their original form. Gareth Rushgrove from DevOps Weekly pointed me to this one, and it’s a gem. I had seen this earlier in the week, but Gareth’s newsletter was a reminder that this is an important message.
Recruiters understanding roles and responsibilities is not just a problem in the DevOps Community, but one that is problematic in all industries where there are complex jobs descriptions. Recruiters are notorious for asking for things without understanding what they are asking for. I’ve seen requests for 10 years of expertise in an industry that is only 5 years old… that kind of stuff.
This slidedeck is a nice framework so that recruiters can have some idea of what DevOps do and what a reasonable request might be.