This Week in Enterprise Tech 70
|Hosts: Fr. Robert Ballecer, Brian Chee and Curtis Franklin|
Guests: Louis Maresca, John
Recorded: December 9, 2013
Published: December 9, 2013
This Week in Enterprise Tech 70:
- Rerouting BGP traffic to own route to sniff the traffic ont he way by.
- BGP does not require much authentication.
- BGP advertises routes local to the router, and other routers trust this information.
- BGP traffic was routed through ice land for months.
- The routers in the BGP community are no long few and trustworthy.
- BGP is easy to deploy, but does not have security itself. ACL and other filters prevent self-advertising as an authority.
- Education on safe deployment of BGP is not well known or taught.
End Government Snooping
- Global Government Surveillance Reform
- Government snoops everywhere, including World of Warcraft.
- Large tech companies have called for no snooping to ensure a stable global economy.
- We want to keep the bag guys out, but a system where it is okay for the government to view everything.
- Privacy is beneficial even if you're doing nothing wrong.
- Encrypting everything makes not on piece of information interesting to decrypt.
- The more companies on board, the better.
- If the sources for information stop the flow of information to the government, the issue of reform will be forced.
Click Fraud Botnet
- Malware would do a hijack commanded from irc.
- Redirecting or taking over the irc server is often done to stop botnets.
- Malware on computers is getting harder to detect.
- Finding particular attacks is hard due tot he amount of noise as UTM logs fill with attack attempts.
- SAP has been selling retail analytics for a while.
- Retail Analytics is used to track customer trends.
- Where is the traffic of patrons physically.
- Big Brother factor requires tracking to be aggregate.
- Retailers want to reach consumers long before they enter their establishment.
USB Flassh Drives
- Many thumb drives have built in encryption at the hardware level.
- Built in drive encryption prevents employees from disabling the encryption.
- If encryption is easy (no extra steps), than selling encryption to management grows easier.
- Windows has Bitlocker turned on by default on Windows 8 and 8 RT.
- Microsoft requires all mobile devices and drives to be encrypted.
- People are lazy, encryption is slow, takes another step, etc.
- Prudent enterprises should look into mobile device encryption and remote wipe for the road warrior.
- Most silicon is made overseas, how can security be ensured when the chips are made remotely?
- The software and firmware itself for Kingston is loaded in the US in their own facility.
- All computers in the process are secured to prevent malware changing the software on the usb drives.
- The USB drive comes with additional virus protection with preloaded virus software.
- Third party security experts are given the drives to vet.
- Always verify any security system you get yourself.
- Publishing source code can expose vulnerabilities quicker, from both white hat and black hat hackers.
- Enterprises can disable USB storage devices, but not restrict to only encrypted drives at this time.
- The Kingston drives use the open and proven AES encryption standard.
- ESet can limit the USB drives types.
Hardware & Software Mentions
- Ring Central Promo Code: TWIT
- Call: (800) 543-9980
- Ad time:
- Tekserve Tekserve
- Ad time:
- Recorded Date: December 9, 2013
- Release Date: December 9, 2013
- Log line:
- Edited by:
|This area is for use by TWiT staff only. Please do not add or edit any content within this section.|