Stories, Stories, Stories – Episode 346

Paul and the gang will be taking next week off to attend and present at DerbyCon in Louisville, KY. So if you're at Derby, make sure you say hello. In spite of what you might think, we're actually pretty friendly people! This week, Paul had his self-proclaimed "JV team" in to talk about the stories of the week. Patrick and Greg joined the show. Paul led off with his story about protecting your network against Shodan searches. Well, let's say like many other tips in security, there wasn't anything earth shattering in there but still good reminders. Things like "change default passwords" and "limit public-facing servers". All good advice and usually those things that we think about and know we should do but still sometimes forget or figure we'll fix it later.
Paul and Greg each had separate stories on Dropbox. Greg's was about a new tool from Marcus Carey, HoneyDocs. It's a sort of watcher script that notifies when your Dropbox files are opened. Sure enough on the first day of Marcus running the script, he got a hit that one was being opened. Yet when he checked on the source of who opened it, it was Dropbox themselves! Why in the world is Dropbox opening your files that they've vowed to keep secure? Is Dropbox indexing them for search? Questions we'd love to have answered. After a very brief discussion of the Rolling Stone hackers article, or more specifically about the annoying implementation of HTML5 and its scrolling and the choice by the magazine to Photoshop together a Hack Naked shirt (hey guys, just ask, we'd have given you one for free to use!), Paul told us about some homemade infrared remotes. Imagining the possibilities of what someone could create there. Is it possible to have the stories of the week without any discussion of porn? Nope, didn't think so either. Over the last few weeks, we've discussed the upcoming porn filters in Australia where you need to "opt in" to connect to porn web sites. This week, a new study that indicates 75% of the women surveyed are in support of the porn filters and 43% of men were in favor. Hey, I've got an idea for a porn filter, don't type in the URL of a porn site! Wow, that was easy! Just stick with your sesamestreet.com and ilovebarney.com and leave the rest of your fellow Aussies alone to enjoy their porn in the confines of their home. How's this for a pretty smart idea. Reportedly, Netflix uses the popularity scores on pirated video web sites to determine what to carry on their service. The article talks about widely popular shows like Breaking Bad and Game of Thrones and how they were slow to build an audience. Both shows can credit the pirate video web sites for getting more people to catch on and grow the fan base. Even the Game of Thrones producer admits this underground has been a good thing for his show. I'm not so sure that HBO executives agree with him on that, but nonetheless, it seems like a fairly shrewd move by Netflix. Lastly was an article about ten things to never say during a presentation. While it may not be directly related to security, many of us enjoy sharing and presenting to others at various conferences. At Security BSides Rhode Island, Jack Daniel gave a great talk on how to give a great presentation, but getting more tips is always helpful too. First on the list, never make a pre-excuse for giving a bad presentation. Don't tell people you're hung over, tired, stressed, whatever. They really don't care, people want to see your presentation. Just give it to them. Of course there's also the usual tip on not reading from your slides. Other than things like code examples, slides are really there as cues and main talking points for the presenter. Nothing will bore an audience to tears or Shmooballs is reading a talk off the screen. One pet peeve of mine is #10 on the list, "I'll keep it short." Just by saying that, you've already made this longer than it needed to. If your intent is to be quick and keep it short, then just say what you're going to say. Don't tell me it's going to be short. Just talk. With confidence. Enjoy the spotlight and be honest with what you know. That's it for this week. There's still more stories that we covered, so watch the video, download the audio and check it out. We'll be back in October with the next Security Weekly, on Thursday nights, 6 pm Eastern Time!
prestitial ad