1 / 20

Good Advice or Candy from Strangers? A Field Guide to the Security Internet

Good Advice or Candy from Strangers? A Field Guide to the Security Internet. Hart Rossman, SAIC Bob Mahoney, Zanshin Security 2/6/07 - CONS-108. Intro. Who we are: Hart Rossman, Chief Security Technologist, SAIC, Enterprise Security Solutions Bob Mahoney, President, Zanshin Security.

keena
Download Presentation

Good Advice or Candy from Strangers? A Field Guide to the Security Internet

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Good Advice or Candy from Strangers? A Field Guide to the Security Internet Hart Rossman, SAICBob Mahoney, Zanshin Security2/6/07 - CONS-108

  2. Intro Who we are: • Hart Rossman, Chief Security Technologist, SAIC, Enterprise Security Solutions • Bob Mahoney, President, Zanshin Security

  3. The Problem Statement Security blogs, podcasts, vlogs, and wiki have become significant channels for industry news, analysis, and advice. As they continue to multiply, their accuracy, technical depth, and bias all become issues. We will consider author expertise and the impact of corporate bias to draw conclusions about these channels & offer insights to consumers and providers on how to best utilize these new media.

  4. Disclaimer! • We'll mention some sites or specific resources, but unless we explicitly say otherwise: • We do not have an opinion on their trustworthiness, utility, or performance. • We don’t know anyone personally, but we feel sure their mothers love them. • Every cloud has a silver lining.

  5. Some Terms Blogs, vlogs, podcasts, linklogs… RSS Feeds and Aggregators Tags and Metadata Blogrolls, Permalinks, & Trackbacks Marketing: SEM/SEO, Astroturf Authority Wikis Social Networking Invisible Web/Deep Web Anonymous and Pseudonymous channels Open Source Intelligence Stability

  6. Points of View • Public Interest [Internet and Online Privacy] • Vendors [Defense-in-Depth Guide] • Consumers [Identity Theft Resources] • Info outlets [Industry Media- Magazines and Blogs] • Security Community [Groups like FIRST] • Niche community sources [Private Mailing Lists, etc] • The Individual [You!]

  7. Sources Google Technorati Del.icio.us iTunes Podcast Directory Feedburner Podcast.net Podcastalley.com Yahoo Podcasts Podcastdirectory.com Wikipedia.com

  8. Sources • Google • Del.icio.us • Technorati • Feedburner • iTunes Podcast Directory • Many others… Where do people go to look for information?

  9. Methodology: What We Did • Attempt to discover relevant blogs, wiki, and podcasts • Review academic research • Identify non-obvious bias or influencing factors • Compare treatments of similar issues or events across resources • Compare accuracy or discernible foresight across resources & time • Draw anecdotal conclusions

  10. Raw Data • Google Searches • 251,000,000 results returned for Security Blog. #1 is Schneier on Security blog • 48,000,000 results returned for Security Podcast. #1 is Network Security Podcast (mckeay.net) • 365,000 results returned for Security Vidcast. #1 is del.icio.us/cdorian/vidcast • 1,140,000 results returned for Security Videocast. #1 is thenewsshow.tv • 45,000,000 results returned for Security Wiki. #1 is en.wikipedia.org/wiki/Security • iTunes • Podcast hits for "security": 138 • Actually related to security as we think of it: About 100 Hard to classify the "DJs and Bands from the Black & White Ball" from DEFCON… • Podfeed.net: 20 items tagged "security”. • Del.icio.us: • 1115 hits for "security podcast" (But many dupes) • "security blog" gave up over 10,000 (but again, many duplicates)

  11. Technorati: Blog Directory • 64 results for Information Security. Most “authoritative”: “7.62mm Justice” followed by “Digital Common Sense”. • 48 results for Computer Security. Most authoritative”: “7.62mm Justice” followed by “El Blog de Loretahur”. • #10 is http://go-symantec.blogspot.com/, run by VirtualGrafitti.com which also runs: MXMailWorks.com - MX Logic, CPGuard.com - CP Secure, IronPort - IronProtector.com, NetworkScreen.co... - Juniper Networks, SCDefense.com - Secure Computing, EiconWorks.com - Eicon, WideEyeSecurity - eEye Digital Security, CloudGuard.com - Cloudmark, APCGuard - APC, ThreatDefender.c... - St. Bernard, AstaroGuard.com - Astaro, PortProtector.com - Safend, OptimizedWan.com - Exinda, CymphonixWorks.com- Cymphonix, GuardBotz.com - NetBotz, ShaperWorks.com - Packeteer, EdgeDefender.com - Metavize, SSLGuard.com - AEP Networks • 1 result for CERT: SchultzNY.net • 105 results for Hacker. #3 is StillSecure’s blog • 6 results for RSA. #2 is RSA’s blog *Authority= Unique inbound links

  12. Technorati: Blogosphere • 38,689 results for Information Security with “ A LOT” of authority • #6 is Instapundit (??) • 12,845 results for Computer Security with “A LOT” of authority • If you dig deep, you’ll find articles from well known sources & “hackers” • 1,254 results for CERT with “A LOT” of authority • #4 CERIAS (cerias.purdue.edu) • 6,051 results for Hacker with “A LOT” of authority • 1,054 results for RSA with “A LOT” of authority • Schneier is #44

  13. Logic & Rhetoric • “Being Logical: A Guide To Good Thinking”by D. Q. McInerny discusses 28 forms of illogical thinking or fallacies • We’d like to highlight a few dangerous ones in the security blogosphere: • Denying the Antecedent/Affirming the Consequent • False Assumptions/Straw-man Fallacy • The Democratic Fallacy • The Uses and Abuses of Expertise

  14. Ethics • “FTC Moves to Unmask Word-of-Mouth Marketing” • Word of Mouth Marketing Association: • Ethics Code • Ethics Assessment Tool • Ethical Blogger Contact Guide • Disclosure & Transparency • Journalistically • Semantically

  15. Roll-your-own Open Source Intelligence • You KNOW there will be an MS08-001 vulnerability, so: • Set a google news alert for that string. • Track likely tags ("ms08") at places like del.icio.us • Do the same for any specific software you might have in your critical operation • Feed Aggregators • News & Meme trackers • HUMINT- Let your online social network know what you’re interested in

  16. Ethics: Some Examples • Disclosure & Transparency • /Message (http://www.stoweboyd.com/disclosure/) • Edelman PR, “Working Families For Wal-mart” campaign (http://www.edelman.com/speak_up/blog/archives/2006/10/a_commitment.html) • Mini-Microsoft (http://minimsft.blogspot.com/) • Lonelygirl15 (http://www.youtube.com/profile?user=lonelygirl15) • Mac wireless controversy (http://daringfireball.net/2006/08/curious_case) • Digg/Netscape Controversy

  17. User Considerations • Detecting Conflict of Interest is hard • http://www2006.org/programme/files/xhtml/4068/p4068-aleman-meza.html • Support your investments; frequent “official” news sources • Encourage transparency, timeliness, and accuracy • Cultivate a repertoire of 3rd party sources and share them • Peer review • OPML exchange • Participate in the “conversation”! • Learn to speed read.

  18. Metrics • Stability vs last edit for wiki entries • Inbound links (permalinks) • Ranking in public directories • RSS & mailing list subscriptions • “Accuracy” • Frequency of new content • Degree of insularity in the social network • OPML popularity & Meme tracking

  19. Creating Effective Communities • Produce logical arguments and quality content • Exchange Links • Utilize Trackback links • Peer Review • Publish directories • Form associations • Promote accurate and positive memes

  20. Additional Resources • Tag: CFS07 • http://del.icio.us/tag/cfs07

More Related