SSCC 85 – FAA, Carberp arrests, RDP vulnerability and first HITECH fine

Sophos Security Chet Chat logoThis week’s guest on the Chet Chat is John Shier from our Toronto Canada office. John and I often work together on delivering our seminar Anatomy of an Attack and I invited John on the podcast to share his thoughts on this week’s news.

John and I both travel quite a lot and the news last week that the Federal Aviation Administration in the United States was considering reviewing the current policy regarding use of electronic devices under 10,000 feet caught both of our attention.

We discussed the ins and outs of a policy change and how nice it would be to read a Kindle or an iPad during takeoff and landing.

After the arrest of the Carberp gang in Moscow I was curious if John shared my thoughts about how the Russians only seem interested in cybercrime if their own citizens are the victims.

John likened it to much of the pandering that goes on elsewhere when elections are underway and wondered if this was much different.

I talked briefly about MS12-020, also known as the RDP vulnerability in Microsoft Windows. Administrators need to apply the fix quickly and we chatted about possible mitigations for those who are unable to roll it out immediately.

Lastly the topic of encrypting desktop hard drives surfaced as we discussed the enormous costs Blue Cross Blue Shield of Tennessee suffered after decommissioned hard drives were stolen that contained personally identifiable information on a large number of customers.

(22 March 2012, duration 14:40 minutes, size 10.1 MBytes)

You can also download this podcast directly in MP3 format: Sophos Security Chet Chat 85, subscribe on iTunes or our RSS feed. You can see all of the Sophos Podcasts by visiting our archive.