October 21, 2008
Australia’s best IT Security conference, Ruxcon is fast approaching: 29-30 November, 2008.
Patrick Gray in his weekly IT Security podcast, Risky Business talks to Ruxcon organisor Chris Spencer who previews the program. Our own Fionnbharr Davies from Securus Global also talks about his presentation on Enterprise Security and some vuln releases attendees can expect to hear about.
Register online at the Ruxcon website at:
http://www.ruxcon.org.au/
Very dissapointed in Adam and Patrick knocking zigbee-like/3g/4g/+ botnets on the horizon. We’ve seen some interesting stuff in DNS/IDS/abuse on mobile connected devices in AU already.. people testing/developing etc.
Symbian virii knocking hell outta’ SMSCs/MMSCs.. cmon’ dudes get your act together… utility = value!!!! How many mobile devices in the future?
F-secure, symbian, (OSX/windows mobile) *any* tcp-stack with connected CPU/MEM/disk 3g/4g/+.. it’s about utility boys, got IP, can packet….
http://www.f-secure.com/v-descs/mobile-description-index.shtml
Have a read.. http://www.google.com.au/url?sa=t&source=web&ct=res&cd=2&url=http%3A%2F%2Fwww.usenix.org%2Fevents%2Fsec07%2Ftech%2Fhypponen.pdf&ei=uYT-SPClHomasQOm1ME7&usg=AFQjCNGQKAF9GpiGNhJLt4yQ7H5M9arTfg&sig2=P3CC7nS7qItbs4CtoL2c2A“>
Malware_Goes_Mobile.pdf is nobody looking forward to the internet of things? Have resource.. can control.. maybe I’ll explain nanobotnet to you guys once you accept the above!!!
Last comment, what is the use of a conference if it is not filmed and kept for posterity/education… slides are slides.. good presenters present between the lines…
http://video.google.com/videoplay?docid=-6417790917373171701
What a shame. Why the f- do they hold Ruxcon over a weekend ?
For starters, try convincing your boss to give you 2 days off in lieu for spending your weekend at Ruxcon. If successful, then try convincing the home-based CEO (your missus) that you’re spending the weekend at a gala nerdfest. Good luck.
All of which tends to narrow the potential audience to;
1. Hard core hackers (aka uni students)
2. Unattached security professionals (with a good boss)
3. Married security professionals (with a good boss & a death wish/divorce).
On second thoughts, the ‘target’ demographic is probably spot on & filters out the security software marketing bs tossers !
Rock on, Ruxcon !
SOBG.
@SOBG
>For starters, try convincing your boss to give you 2 days off in lieu for spending your weekend at Ruxcon.
Dear Boss,
I spent the weekend Drinking, goofing off and learning how to hack into things. Highlights included the chilli eating competition and the bar. Attached are my expenses and request for 2 days in lieu.
Best Regards,
Dedicated Employee.
Now really, how could that not work ?
@Drazen Drazic re: Fionnbharr Davies’ talk on this security podcast. Patrick is our friend! Re: his presentation at this Ruxcon conference; we note in reference to your comment on the podcast about topics that would not be covered at Auscert conference. That is incorrect! We cover all security topics and latest research at our conference and to ensure that we do, we run it by our experts / sponsors (like Symantec, IBM etc) to confirm that what delegates hear is the cutting edge. Nothing you will present, as much as you play it up will be new to us so continue to play with your script kiddie crowd. Anything presented at this low level conference is well understood and “enterprises” already know that they have nothing to be concerned about if they work with Auscert.
@D2 Sorry to disappoint, but I just haven’t seen any action in the mobile space. All the guys who are making money out of selling CC numbers and bank accounts are hardly finding it difficult to extract that sort of information out of Windows users — what motivation do they have to go mobile?
Yes, I’m sure it will happen, but what I was knocking wasn’t the concept of mobile botnets themselves, but the prediction by Georgia Tech that we’ll see the rise of such botnets in 2009. I think that prediction is off, that’s all… and I’ve seen similar predictions for many, many years. In fact, every single major vendor tipped it would happen this year.. oh, and they have a nice bit of software to sell you to keep you safe!
@Auscert pretender — geez, can we all stop bashing AusCERT. Half the people who post comments on this blog bagging AusCERT still go every year. It’s not a question of Ruxcon or AusCERT being better, they’re just different… You can get a management type to AusCERT, but try getting them to come to Rux.
I often wonder why everyone seems to care so much about AusCERT. If you don’t like it… umm… don’t go.
@Patrick Gray, if it’s only a time argument and not a conceptual argument I apologise. I do agree that until there is a critical mass of more functional ‘mobile devices’ the utility/value will not be fully exploited/tapped.
There are architectural differences on ‘mobile telco’ networks, however did you listen to Mikko’s video I posted previsouly.. we in Oz *have* had basic attacks already siphoning money from phone accounts via malware and Premium rate SMS/MMS, think about old school dialers etc.
If you have time I cannot recommend enough the Mikko Hypponen F-Secure google video I posted above.
@Auscert ahahahahahahhahahah! IT is a self serving pile of poo at the moment, certify the engineers, rectify the language, ban the snake oil! Anyone got a free ticket
@D2 Yeah, well, if you listen to the podcast again, you’ll hear that it was the timing that I was saying set the bullshitometer pinging at 11.
As to your second point, Mac users have function, utility and value, but you don’t see anyone targeting them yet. Is it because OS X is secure? No, it’s because the whole criminal side of our business has become very good at writing malware for PCs and cbf’d extending its skillset. It’ll happen one day, but it’ll take a while.
I consulted (mostly on creating documents to be used as instructions for developers, but a bit of product design as well) to a small Melbourne company that was writing mobile security software for Symbian back in 2004. I have seen some nasty-ass software designed to hit premium rate numbers… but nothing like conventional PC malware.
As for AusCERT, they’ve been pretty useful for a bunch of people I know. They seem to be good at tracking down botnet data and notifying Australian companies of compromised accounts… I don’t understand why you guys loathe AusCERT.
Why do you care?
@sobg, as DES says, it’s not hard. Your situation sounds like you don’t want a solution. But being the nice guys we are, If you want, we can write a note to both your CEOs and go from there. Not sure how much worth it may be though.
@AusCert, funny bugger aren’t you?!
Hey Pat, good to have you posting. Not sure if you’re talking about me. I don’t “loathe” AusCert. I just question what they do sometimes and wait for a response to those questions. (Though I would need to go back over old posts to check my last statement is correct – sometimes the outsourced writing team can get a bit over-excited). As I said, you can’t knock a conference on the Gold Coast. Care factor is just industry passion from my end.
@D2, thanks for the links and things to think about also. As we’ve said before, anything seems possible and it doesn’t take much for something to go “mainstream” bigtime.
The “2009 year of the mobile botnet” is an easy prediction, mostly brought about by Apple iPhone and how badly designed it is. Right now I could make a botnet out of a fair few iPhones and I wouldn’t even be using a vulnerability
@effy-d, heard your RB interview dude. Keen to see the preso.
Would be keen to know more about SG’s work with the iPhone as you mentioned.
@Pat, Here are my opinions. If the whole conference was full of good talks, that would mean I would feel guilty not attending them. As most are shithouse, I can without any guilt, take some time out and enjoy the Gold Coast. I go back to work and tell the boss how good it was and relay the same shit I told him the year before. I reiterate how this is the most important conference of the year to our business from a security view and that ensures I get to go back next year!
With you now doing podcasts, that makes it even better. I no longer even have to attend 1 session. I listen to Risky Business where you do the best of, and my time on the Gold Coast is even better spent! We all win dude!
We know what you think but we love you anyway….AusCert Rocks!
@Patrick Gray Ohhhhhhhh, OSX and security… MACH exploits are alive, but please don’t try and get me embroiled in why we MAC fanboys aren’t actually better off in our architecture than @least Windows… critical mass is one thing, system architecture is another… as unless I go back to OBSD, I’m happier for more reasons than you could shake a stick at… arbitrary remote code execution? And not on my local segment via MDNS thanks either… let’s talk about apples and apples… not pineapples!
AusCert used to supply me with info and pride back in 2003 but that was the last time I even looked at their webpage, cmon’ now, let’s get real?
AHTCC and other CIRT/First teams rather than Auscert… then again one has to start somewhere
I jokingly referred to ‘define mobile’ however there is no motivation to ‘go mobile’.. it’s punctuated equilibrium my friend
damn…D2 and Pat on OSX…probably same wavelength but coming from different angles. With OSX (what I use), you never know what may be happening until the next update.
Machine goes slow…nuts….load update….back to normal! What happened in the meantime? Scary….no one much talks about that!
@works for me, I don’t think it can be better put than that! (Though save some time for a couple). David Rice’s presentation and Rob Redenback’s were awesome. Some best to be there. Yep, PG’s RB does also cover the “best of” very well! Works for me!
Patrick, I’m an associate of Omars, I was with him at Ruxcon.. maybe we can have a chat one time.. I’m a regular listener of your show.
Contact me AXXDUMP GMAIL COM