Recent
BSidesLondon HNN Videos
20th of April 2011 was the first BSides held in London, BSidesLondon.
Before the event I had been speaking to Space Rouge of HNN about getting HNN content on Boxee. I said I would be attending BSidesLondon and volunteered my time to do some recording for them. This would involve some ‘promos’, interviews and general conference footage.
I was working at InfoSecurity Europe 2011 on the same day. My boss had kindly allowed me to attend the first half of BSidesLondon as long as I worked the second half of the day at InfoSecurity Europe.
After BSidesLondon I sent my footage to HNN for them to edit into an episode of ‘Behind the Firewall’. I asked on a couple of occasions if they had chance to put an episode together out of my footage. The last time I asked, last week, I was told that HNN would be shutting down and that my footage would not be used.
Instead of letting the footage go to waste I thought I would stick the unedited interviews on YouTube and share them with you all.
[Interview] The Jester
It’s not often I interview people for the blog however when some one catches my eye and raises my interest I like to find out more about them and share it with my readers. This time I interviewed ‘The Jester’. The Jester has been in the media spotlight recently for taking down Jihadist terrorist web sites via use of a targeted DoS attacks.
* Can you tell us a little bit about yourself and what you do?
Ryan, I would like to give you and your readers a little more about me but it’s kind of difficult to do that, given the nature of my targets, all I can give you sir is what’s already ‘out there’ – I am ex-mil – and slightly pissed at the surge in Jihadist online activities.
Now with regard to what I do: I aim to cause disruption to the online efforts of Jihadists on the internet. They have realized that they can recruit, train and coordinate home-grown terrorists completely via the internet, without ever having to meet. This cuts out much of the risk associated with any face-to-face contact for the recruiters. Web recruitment targets young, tech-savvy, vulnerable Muslims, the iPod generation if you like. By making these sites unreliable, the potential recruit numbers start to dwindle. I limit my hits to defined time-slots (rather than killing them completely) because I am well aware that official Counter Terrorist Agencies use some of these sites for intelligence gathering. I have been asked why I DON’T hit certain sites, well it’s simple. By NOT hitting certain sites (and hitting others hard) I am ‘herding’, people give up easily when a site is constantly up and down, and move on to a more reliable one. So it creates a funnel-effect, funneling terrorists and potential terrorists away from peripheral sites and into a smaller space that is easier to monitor.
[Interview] Chris John Riley – ‘The Änal Security Guy’
For our second ever interviewee we have Chris John Riley the ‘Änal Security Guy’. Chris was born in the UK and is now living in Austria. He has been in the IT industry for over 13 years, he now works as a IT Security Analyst doing penetration testing internally and for external clients.
Questions:
How did you get started in information security?
Well I’ve always been interested in security I guess. Although I always used to think of it as an unhealthy interest in how things really worked under the hood. I’ve broken my fair share of systems be being too curious what would happen if I just changed or deleted this or that file. Then again, who hasn’t done that once in a while.
I guess the real turning point was while I was working in Munich, Germany. An interesting project came across my desk that really seemed interesting to me. The project was a simple one, install and configure an Intrusion Detection System to protect an external server farm, and schedule regular vulnerability scans. But to tell you the truth, the project wasn’t really what made me want to do security, it was the response from the management after the project was finished. I sat down with one of the bosses and started to go through one of the vulnerability reports I’d run. Lots of red and yellow alerts, and things to change. His response, was that the IDS and scans where simply a contract requirement to win a customer bid, and nobody had the time or interest in changing things. We’d ticked the box that said we have IDS and run regular scans, project done, please move on.
As you can imagine this didn’t sit too well, but there wasn’t much I could do at the time. I was still learning German and could rock the boat. So, moving on I tried to work security into the next couple of projects and found it increasingly hard to get the point across that security should be built in at the ground level and not just ignored. Well to cut a long story short, I asked for 4 weeks leave to attend some training (self funded naturally) and it was turned down. At that point I decided I’d be better off moving on and finding a position that supported security and didn’t punish it. So I handed in my notice, did my training and made the move to Austria to be with my girlfriend.
[Interview] Rob Loos – ‘Students in Security’
We have decided to start interviewing people in infosec to talk about various security topics. Our first ever interviewee is Rob Loos!
Rob Loos is a Belgium Applied Computer Science student at KHK Geel Belgium University who has a massive interest in the security world and loves to get other students involved too.
Questions:
What started you out in information security?
I’ve always had an interest in computers, playing games, writing a few small programs and helping other people out. As many security people I enjoyed the forums a lot and got in contact with people who’s hat were pretty far from white. I got a lot of blackhat knowledge that way, even tough most was pretty scriptkiddy. I got experienced with malware, remote administration and some webapp exploiting. Its a lot of fun but not something that can get you a good future.
