UMD Data Breach, Securing PII Data, Two Factor Authentication, Tinder GPS Flaw, Intro to Honeypots – CF002

Christian Johnson joins Jim (@jcollison) for show #2 of Cyber Frontiers brought to you by the Average Guy Network.

Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future Through an Academic Perspective!   Christian Johnson, a student at the University of Maryland will bring fresh and relevant topics to the show based on the current work he does.  Never on a schedule, but always up to date!

You can contact us via email at jim@theaverageguy.tv or call in your questions or comments to be played on the show at (402) 478-8450

Listen Mobile:


Security News for the Day:

UMD Data Breach: What You’ve All Been Asking about:

Official statements from UMD:

<My Disclaimer> – Any opinions regarding this matter are that of my own and not the university’s. All media inquiries related to this incident should be directed to the University’s Chief Communications Officer at: crystalb@umd.edu

“A specific database of records maintained by our IT Division was breached yesterday.  That database contained 309,079 records of faculty, staff, students and affiliated personnel from the College Park and Shady Grove campuses who have been issued a University ID since 1998. The records included name, Social Security number, date of birth, and University identification number.  No other information was compromised — no financial, academic, health, or contact (phone, address) information.”

“University of Maryland Police Department is working with the U.S. Secret Service on this matter.  Additionally, we have partnered with MITRE, a leading systems engineering company specializing in cybersecurity, to provide additional forensic analysis on how this attack happened, and how to prevent such attacks in the future.”

“The breached records included name, Social Security number, date of birth, and University identification number.  No financial, academic, health or contact information was accessed.”

Google “umd magnetic card reader” for further examples on how breaches can occur

Other universities have had this problem too:

https://uncnews.unc.edu/2013/12/10/university-investigates-data-breach-notifies-affected-people/

Tinder Dating App:

http://www.darkreading.com/privacy/vulnerability-in-tinder-dating-app-expos/240166241

All things in current news related to privacy, security, the government, and us.

http://hyperbolic.cs.umd.edu/

Examples of where the government has been implementing two form authentication for the common citizen:

http://www.ifap.ed.gov/presentations/attachments/NASFAA2012TwoFactorAuthenticationProtocolandtheProtectionofPII.ppt

Cyber Special: Introduction to honeypots:

http://www.infoworld.com/d/security/no-honeypot-dont-bother-calling-yourself-security-pro-216038

Doing a home listener honeypot? – Is it practical?

For those of us running websites, this might be a cool way to try some hands on experience in protecting your web stack:

http://glastopf.org/

Project Honeypot: Good resource for using data generated through this honeynet service:

https://www.projecthoneypot.org


Support the Average Guy Tech Scholarship Fund: https://www.patreon.com/theaverageguy

Facebook Page:  https://www.facebook.com/theAverageGuyTV

Facebook Group: https://www.facebook.com/groups/theaverageguy/

Jim’s Twitter: http://twitter.com/#!/jcollison

Contact Christian: christian@theaverageguy.tv

Contact the show at podcast@theaverageguy.tv

Find this and other great Podcasts from the Average Guy Network at http://theaverageguy.tv

Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at:
http://diehardcafe.bandcamp.com/http://cokehabitgo.tumblr.com/tagged/my-music