Paul Henry, Security Forensics Specialist

thanks

Thanks everyone.  Great session and I hope you all got something out of it.

Many thanks Paul Henry!

Anyone else thinks whitelisting is sort of like a social media connection?  Unless both parties agree, there's no contact made?

@smk - One could spend all day coming up with answers.

High School you graduated from - cheeseburger :)

Thanks Phenry!

Thank you phenry. Great interview.

@Phenrycissp -- exactly.  Question:  "When were you married?" Answer:  (I don't actually use this but it's for an example) "A sandbox full of waffles".

Thanks for attending ...

Well - I need to get back to work, great chatting with everyone today !

smkinoshita - I use uniques answers for each account and not biographical data

@Phenrycissp -- I don't actually use logical answers for my secret questions.

smkinoshita - many security pro's I know get the passwords right but still share the information on the secret questions across multiple accounts. If I can get your answers from your facebook page I will just change your password...

Passwords.  Whole other topic.  They are almost as done as AV, aren't they?

Yes AV vendors are diversifying... they all have a whitelisting product on the shelf but don't want to lose the traditional AV update revenue so seem to be dragging their feet on its use

Not only is a single signon kinda scary but it messes up a lot of personal security in my opinion.  I have several kinds of passwords -- some for low-importance items that won't hurt me, to mid-level stuff that won't hurt me but is important, to high-stuff that I want to make sure is secure.

smkinoshita - agreed

personally single signon spooks me.... we can't get it right with passwords ... and we are going to put everything under a single password - scary

I keep hoping that at some point basic Internet security and safety will be a mandatory class in public school -- from dealing with trolls and cyberbulling to the understanding of long-term consequences of social media and sharing as well as the techniques used by cyber-scum.

@Paul H: What about password reform and the issue of single sign on? Any ideas of how the future may look?

Notable that major AV vendors seem to be diversifying.

Mary - yes whitelisting vendors in my view are ready for prime-time

interesting info thank you

I think there's a psychological barrier.  People are so emotionally and physically close to their smartphones, they can't believe they're "owned" by someone else.  One reason they take so little care with pins.

@Paul H: So if whitelisting is the way to go, do you foresee any technology like that on a kind of grand scale?

Mary - yes I would say mobile app situation is critical and needs to be addressed sooner then later

SecTech - yes a dashboard has become a necessity today

@Paul H: Would you say the mobile app situation is critical?

@smkinoshita: I was surprised too. Sometimes exceptions are allowed.

Mary - tons of stats out their just google around a bit and you will find them

@smk: Came as kind of a surprise.

@Paul Henry: Do you have any statistics to share on the overall vulnerability of mobile software?

Paul - I don't know that I would go as far as to say Social Media can take out our infrastructure ... we have other issues that have a higher capability in that regard ;-)

@Kim Davis -- Chrome's not on the list?

We use white list here, as I discovered when I tried to download Chrome!

@phenrycissp:  Is it better to attempt to be proactive or just stick to being reactive?  You mention looking at logs, but log mining is a very tedious process especially if you don't know exactly what you're looking for.  How do you feel about dashboards for monitoring network activity?

Victor - yes the malware comes from a "driveby malware website" but it still has to execute on your PC and that is whre white listing comes in to play - I don't care haow it is delivered if I am using whitelisting...

@Paul: do you think social media secuiryt threats have the potential to become the gateway to jeopardize the security of the entire web infrastructure?

On white listing in the simplest of terms... only allows validated code that is explicetly permitted to run to ever execute on a given machine... it goes a long way at mitigating malware... a new day zero exploit hits your machine and your running traditional AV and your toast..... if your running a whitelisting solution it is stopped in its tracks..

The problem is way to many reactive products call them selves pro active...

Paul, thanks so much.  We could easily have spoken for an hour on those topics.

Great interview Kim!

Whatever happened to being proactive with security rather than reactive?

How does white listing solve the problem of malware?
I thought most malware came in through exploitable code in the web sites?

I've never even been tempted to scan a QR Code even though I have the scanner

I've seen a QR Rick-Roll, too.  Not to a video, but the QR scan did the lyrics.

Sheesh, that should pretty obvious with QR codes.  Well, one would THINK at least. 

@Mary: they will just add those extra costs to d fees

Ten years too late!

Wow. Antivirus isn't working.

Same here.

But you'd think that all service providers would see an opportunity to make $ from security add-on.

carriers are like ISPs, they don't really seem to have a vested interest in keeping the tubes clean

My ISPs offers antivirus and firewall as a separately priced service.

Oh that's scary.  Carriers should really know better.

Well, carriers often sell security as a separate service.

@paul: how do you assess the security readiness of the various social media outlets like facebook, twitter and others? Are they making the investment that is needed in this area?

I recall that SSL certificates were noted as vulnerable in a couple of events last year.

Interesting that vendors aren't responsible for updates, but carriers are.

hello

Ping!  Totally agree regarding education.

@Paul: can social media security threats posed a significant threat to the security of the enitre web?

I find whitelisting a bit annoying, but reassuring.

Also hello to Awilliams!

Hey SecTech!

@Paul Henry:  Why is it that entrprise never tells employees the hazzards of using their personal devices for business use?

I've seen some interesting discussion of virtualizing a seperate work OS on a smartphone. 2 devices in 1

@Paul Henry: Are companies not wiping the phones of ex-employee?

I don't think using personal devices for business is will EVER be a good idea.

@Paul Henry: How would you characterize the state of mobile security? Is it an emergency?

RFID chip in your farhead.... NOT

For instance, the person who proclaims that they will be on vacation and therefore not home--a tip for robbers.

What would we use instead of the social security number?

@Mary: what is a total date of birth? Are u siggesting people should put in fake numbers?

@Paul Whyte: Not sure that social sites are as save for all kinds of interactions with friends/family.

@WilNix, I am too. I share very sparingly.

I always tell folk not to use their total date of birth on their social profiles.

@Mary: Trust in what sense? We trust them to provide a platform to interract with friends and families

@Mary I'm quite skeptical of social media.

@Paul Henry: How prevalent are security breaches from social media? Any statistics?

Does everyone here trust social media?

And welcome to Paul Henry as well! Thank you for joining us.

Welcome, Paul!

Hello Mary and Kim

@Awilliam: Ya and I hope yours too

Hello everyone!

2012 is shaping up to be a great year

Okay, we're all set.

Hi Paul, I hope your new year is starting off well!

Hello Awilliams and Phenrycissp

Afternoon everyone.....

Raaadiioooooo

Time for another security talk

Hello everyone

hope to learn something new :)