I’m pathetic. I’m so consumed with computer security that when I can’t sleep in the early morning hours, I head to my computer to do research. Often, my wife will awaken to the sound of me banging away on my keyboard, and she slowly creeps downstairs to check on me. Although she won’t admit it, I think she keeps expecting to catch me viewing illicit content. Instead, I’m reading a security whitepaper, compiling exploit code, or testing new malware. And this is why I’m pathetic: Instead of being a voyeur, I’m researching computer security.
If you’re like me, though, so much is changing in the field of computer security that there are never enough free hours in the day to keep up. That’s why I’m thankful for computer security podcasts. Apple’s near-ubiquitous control of the portable music market with the iPod has led to a lot of excellent free content. Here are my picks for must-hear computer security podcasts:
One of my favorite weekly podcasts is by Steve Gibson and Leo Laporte. Each episode is 20 to 30 minutes long, ranging from current topics to deep technology to long opinions. Steve has been an acquaintance and friend of mine for over a decade, since his days writing technology columns for InfoWorld (small world). Steve is often controversial and many people seem to love to hate him. Although I don’t agree with everything he says, I guarantee that listening to him and Leo will drastically expand your technical security knowledge. Eat the watermelon and spit out the seeds: Security Now! is for people who like discussions with a deeper understanding. Leo also produces the This Week in Tech podcasts.
This is my second-favorite computer security podcast. Recorded by two McAfee employees (I must disclose that I work for Foundstone, a division of McAfee), Brett and Jim, who’ve released 31 episodes so far. As expected, they keep up on the latest malware and exploits, plus cover issues from an industry perspective. They lightly plug McAfee from time to time, but you’ll be hard pressed to find two more even-handed reviewers. Plus as a bonus, the SABAG podcast gets you CISSP credits. I hope more podcasts follow suit.
Paul Asadoorian and Larry Pesce have produced 14 weekly podcasts. They tend to hate Microsoft a bit too much for my taste, but they bring up nix and router exploits just as much, if not more.
The next big worm may also take down our IP-telephone networks instead of just our computers. If VoIP security is your interest, Dan York and Jonathan Zar’s podcast has you covered. With just four episodes available, this podcast is just starting to gain a following. When I listen, I learn just how much I don’t know about the subject.