 Marcus Carey of SunTzu security firm & founder of DoJoSec | The March 5th DoJoSec was the second one of their monthly briefings I have attended. Although it is almost a three-hour drive from New Jersey, these evening sessions have been worth attending. I had to miss April's session because of schedule conflicts, but plan to attend the upcoming sessions of what has been called "dinner theatre for security geeks." Since the videos of the presentations are available (embedded & linked on this page), I won't bother summarising them in detail. Just watch the videos. Rather, I'll highlight some of the things I found especially interesting in the presentations. iPhone Forensics - Walter Barr and Sean Morrissey I had heard much about iPhone forensics from Jonathan Zdziarski, so I was interested in hearing what these fellows had to say on the subject. One of the interesting aspects of the presentation was the influence of the speakers' different professional background when it came to the issue of "jailbreaking" iPhones in the course of forensic examination. Morrissey came out of law enforcement background while Bar did not. This difference was the most evident when they covered "jailbreaking" iPhones to extract evidence data. Bar saw jailbreaking as an option. Morrissey strongly insistented that jailbreaking should not be used. Besides Apple's claim that jailbreaking iPhones is illegal, the use of "hacker tools" might open up challenges in court where opposing attorneys imply one is using "criminal" or somehow suspect tools. He exhorted the audience to do forensics right so we don't have bad cases and alluded to the forensic problems in the OJ murder case. The "hacker tool" & potential for court challenges stirred up quite a lively discussion during the Q&A. Some people pointed out that valuable security/forensics tools such as Wireshark could be maligned as "[criminal] hacker tools" and yet we use them, so why avoid jailbreaking tools. The problem appears to be that jailbreaking tools don't have as strongly established reputation for constructive uses as do Wireshark, nmap, nessus, and many other dual-/multi-purpose tools. Snort - The Forensics Tool? - David Warren Because I have been dealing with malware and network analyses recently, I was particuarly interested in seeing what Warren had to say. The main thing I got was that Snort's rules features and its support for extensive text and hex pattern searches make it handy for going through packet capture data. Cyberwar is BS - Marcus J. Ranum I looked forward to hearing Marcus Ranum's take on popular cyberwar concepts. I had read his thought-provoking "Six Dumbest Ideas in Computer Security" and saw that even if I didn't agree with everything he said, his ability to make us think more deeply about security was a valuable talent. Ranum's presentation was even better than I had expected. I am not even going to bother summarising anything else from it. Just view the video. enjoy, and think! Cheers. P.S. Dustin L. Fritz has more photos from the March DoJoSec Monthly Briefing on his blog. | |
 Bar & Morrissey speaking on iPhone forensics | ||
DojoSec Monthly Briefings - March 2009 - Wally Barr & Sean Morrissey from Marcus Carey on Vimeo. | ||
 David Warren reminding us of computing in the early 1980s. Remember the TI-99/4A home computer? | ||
DojoSec Monthly Briefings - March 2009 - Dave Warren from Marcus Carey on Vimeo. | ||
 Marcus Ranum speaking on cyberwar | ||
DojoSec Monthly Briefings - March 2009 - Marcus J. Ranum from Marcus Carey on Vimeo. | ||
![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small}
Comments
Sean Lawson, Ph.D.
University of Utah
Yes, the Kylin "cyberwar" fuss really kicked up much confusion, blurring cybersecurity with purported "cyberwarfare". I have seen similar things happen with physical security matters over the years. E.g., civil defence being deemed "offensive warfare" on the claim that if a country believes its civilian populace would survive a war, it would be more likely to do a prememptive attack. Some of the Kylin is "cyberwarfare" echos similar notions, as though a country improving cybersecurity is warfare. Yes, in a very broad sense, but then all kinds of things become "warfare". Ad nuseaum. Und so weiter. Etc.