During a recent security assessment RedZone asked the customer a standard question about password management:
“Are your passwords being changed on this outsourced web server?”
With Heartbleed,WordPress, and SSL vulnerabilities, an assessor must ask this question. The customer was insistent that the passwords are being changed frequently. That same day the customer received notification from the FBI that their site was hacked, and was being used as spam relay. Vast quantities of data were being hoisted from their site. Why? Because they had not recently changed their passwords. They had made the process of guessing the password easy. The attacker literally had to do nothing except guess a password.
I have never had a guest like Frank Ahearn on the show. He has a very unique perspective on security having lived a set of life experiences we only read about.
Frank works with individuals who need to learn how to disappear, fall off the radar or have extreme privacy needs. He is an expert at vanishing people, creating high-net-worth-privacy, travel privacy and foreign state privacy. Law firms and private asset companies worldwide utilize his unique disinformation and stratagem services.
During my last interview I had a great talk with Daniel McDuff. Daniel’s research is at the intersection of psychology and computer science. He is interested in designing hardware and algorithms for sensing human behavior at scale, and in building technologies that make life better. Applications of behavior sensing that he is most excited about are in: understanding mental health, improving online learning and designing new connected devices (IoT).
Listen to more about why it is important to collect data from much larger scales and help computers read our emotional state.