I’m pathetic. I’m so consumed with computer security that when I can’t sleep in the early morning hours, I head to my computer to do research. Often, my wife will awaken to the sound of me banging away on my keyboard, and she slowly creeps downstairs to check on me. Although she won’t admit it, I think she keeps expecting to catch me viewing illicit content. Instead, I’m reading a security whitepaper, compiling exploit code, or testing new malware. And this is why I’m pathetic: Instead of being a voyeur, I’m researching computer security.
If you’re like me, though, so much is changing in the field of computer security that there are never enough free hours in the day to keep up. That’s why I’m thankful for computer security podcasts. Apple’s near-ubiquitous control of the portable music market with the iPod has led to a lot of excellent free content. Here are my picks for must-hear computer security podcasts:
One of my favorite weekly podcasts is by Steve Gibson and Leo Laporte. Each episode is 20 to 30 minutes long, ranging from current topics to deep technology to long opinions. Steve has been an acquaintance and friend of mine for over a decade, since his days writing technology columns for InfoWorld (small world). Steve is often controversial and many people seem to love to hate him. Although I don’t agree with everything he says, I guarantee that listening to him and Leo will drastically expand your technical security knowledge. Eat the watermelon and spit out the seeds: Security Now! is for people who like discussions with a deeper understanding. Leo also produces the This Week in Tech podcasts.
This is my second-favorite computer security podcast. Recorded by two McAfee employees (I must disclose that I work for Foundstone, a division of McAfee), Brett and Jim, who’ve released 31 episodes so far. As expected, they keep up on the latest malware and exploits, plus cover issues from an industry perspective. They lightly plug McAfee from time to time, but you’ll be hard pressed to find two more even-handed reviewers. Plus as a bonus, the SABAG podcast gets you CISSP credits. I hope more podcasts follow suit.
Paul Asadoorian and Larry Pesce have produced 14 weekly podcasts. They tend to hate Microsoft a bit too much for my taste, but they bring up nix and router exploits just as much, if not more.
The next big worm may also take down our IP-telephone networks instead of just our computers. If VoIP security is your interest, Dan York and Jonathan Zar’s podcast has you covered. With just four episodes available, this podcast is just starting to gain a following. When I listen, I learn just how much I don’t know about the subject.
If you like your computer security news at a higher level than the bits and bytes, this podcast is for you. CSO Magazine provides a weekly security roundup, with a focus on industry events, products, and news useful to any computer security professional. My description may sound boring to some, but this podcast is not. Its security coverage ranges outside the field of pure computer security and has enough interesting interviews to keep anyone listening. If you like this type of content, you should also check out the security podcasts of CIO Magazine, CSO's sister publication.
There have been fourteen episodes so far, with a nice mix of topics.
I subscribe to all six of these podcasts. Use Apple’s iTunes software to subscribe and tell it to check once a day for new episodes. I also tell iTunes to keep a few episodes, so I don’t miss something if I don’t get my ear buds in frequently enough. Three episodes of each of these podcasts takes up less room on my iPod than one of my CDs.
When I see the young and the beautiful wearing their iPods in the gym or the subway, I used to imagine they were all listening to some hip band I've never heard of. But, hey, maybe they're listening to security podcasts, just like me!
Did I mention I was pathetic?