Security Squawk Box Podcast Episode 2
This Weeks Topics
Social Engineering iCloud, The Curious Case of Mat Honan.
Gatekeeper Code Signing.
Summary
This week I give my take on the Apple ID account compromise of Former Journalist for Gizmodo, Mat Honan. I address some of the issues companies have to consider when working with Free-lancers who bring their own devices or their own eco-systems into your security umbrella. There are various Risk that need to be considered from a host of perspectives. I explain why it is important to have control over your backups.
Next I touch on the issue of code signing in Mountain Lion. User can override and set exceptions but the only way to manage these exceptions from the administrator perspective is via a command line tool called spctl. I argue that for most users and organizations, code signing make security sense and eliminates RISK, especially if code review is outside the scope of your business.
Finally, my commentary on why now is the day to turn off Java on your Mac, eliminate the RISK of crime ware using Java.