One of his favorite OSS stories involved a colleague sent to occupied France to destroy a seemingly impenetrable German tank at a key crossroads. The French resistance found that grenades were no use.

The OSS man, fluent in German and dressed like a French peasant, walked up to the tank and yelled, "Mail!"

The lid opened, and in went two grenades.

Hall's book about his OSS days, You're Stepping on My Cloak and Dagger, is a must read.

Not sure if it is because of the slumping market and economy or in spite of it, but there pace of merger activity has been picking up lately and the security industry has not been immune to it.  Today saw two meaningful deals announced that could have an impact on the security landscape:

1. Sophos buys Utimaco - Saw this one when I woke up today, as it is a European deal.  UK based Sophos is buying German based Utimaco, makers of the SafeGuard line of data encryption/protection/DLP product line.  Sophos is paying cash $340 million US for in this deal.  This means they are substantially dipping into the credit market, as this is far more than they reported cash on hand. So like the Brocade/Foundry deal, the acquiring company feels strong enough about the acquisition to mortgage the house to get it.  In this case, I think Sophos is making a smart deal. They clearly say that to compete with Symantec, McAfee and Microsoft they are going to need a full endpoint security suite. AV alone is not just going to cut it. This gives Sophos a real play in DLP and data storage space. 

Yes they could have just done a partner deal for this type of technology, but I applaud them for going out and buying the technology.  I wondered if they would use this as a reverse merger entry to the public markets but it doesn't look like that.  In any event it looks like Sophos is making the play and spending the bucks to be a player in the endpoint security suite game.

2. Motorola buys AirDefense - Well one of the air brothers finally found a taker. I always thought that for all of the press AirDefense, AirTight and AirMagnet receive, the revenue just didn't match the hype. Stand alone wireless security was a tweener.  Would traditional security cover wireless or would traditional wireless cover wireless security.  In any event a stand along wireless security play is a tough road.  So with this answer Motorola says wireless handles wireless security. 

My question is what does the future hold for Motorola.  They are reportedly getting out of the cell phone business.  Is their wireless business, even a secure one enough to support this giant?  I don't know but there is a bit of "dead man walking" over there if you ask me. 

I think the play is clear though that wireless providers are going to snap up wireless security companies. The real issue is at what prices.  If anyone hears a price on this one, let me know.

Not sure if it is because of the slumping market and economy or in spite of it, but there pace of merger activity has been picking up lately and the security industry has not been immune to it.  Today saw two meaningful deals announced that could have an impact on the security landscape:

1. Sophos buys Utimaco - Saw this one when I woke up today, as it is a European deal.  UK based Sophos is buying German based Utimaco, makers of the SafeGuard line of data encryption/protection/DLP product line.  Sophos is paying cash $340 million US for in this deal.  This means they are substantially dipping into the credit market, as this is far more than they reported cash on hand. So like the Brocade/Foundry deal, the acquiring company feels strong enough about the acquisition to mortgage the house to get it.  In this case, I think Sophos is making a smart deal. They clearly say that to compete with Symantec, McAfee and Microsoft they are going to need a full endpoint security suite. AV alone is not just going to cut it. This gives Sophos a real play in DLP and data storage space. 

Yes they could have just done a partner deal for this type of technology, but I applaud them for going out and buying the technology.  I wondered if they would use this as a reverse merger entry to the public markets but it doesn't look like that.  In any event it looks like Sophos is making the play and spending the bucks to be a player in the endpoint security suite game.

2. Motorola buys AirDefense - Well one of the air brothers finally found a taker. I always thought that for all of the press AirDefense, AirTight and AirMagnet receive, the revenue just didn't match the hype. Stand alone wireless security was a tweener.  Would traditional security cover wireless or would traditional wireless cover wireless security.  In any event a stand along wireless security play is a tough road.  So with this answer Motorola says wireless handles wireless security. 

My question is what does the future hold for Motorola.  They are reportedly getting out of the cell phone business.  Is their wireless business, even a secure one enough to support this giant?  I don't know but there is a bit of "dead man walking" over there if you ask me. 

I think the play is clear though that wireless providers are going to snap up wireless security companies. The real issue is at what prices.  If anyone hears a price on this one, let me know.

Belkin gives us plenty of time to get ready for streaming high def: FlyWire uses an adapted form of Wi-Fi in the 5 GHz band to stream HD without having the HD set in close proximity. They're not shipping until October, which could give you some time to get used to the price tag. A $1,000 model is designed to cover a home, and has various infrared and wireless options to control current A/V gear, some of which might be hidden in cabinets away from view. A cheaper $700 option covers just one room, Belkin says, and excludes the IR help. The transmitter has 3 HDMI jacks, including DVI support with audio inputs, along with two component and one composite video and audio input panels. The receiver has a single HDMI output. All HD resolutions are supported. These devices are aimed at people who buy large HDTVs and want to wall mount them.

• presse@ccc.de (preferred)
• 0700-CHAOSFON (0700 - 24267366)
  

Also, DecaffeinatID Intrusion Detection System ver. 0.07 is out.

The event was held at Die Insel, on a tiny island a few kilometers outside of Berlin’s city center, near Treptower Park. The venue is mostly used for live music so basically it feels like a dark, somewhat dingy club (certainly the bathrooms are reminiscent of a club). The presentations were on the 3rd floor in a room that probably held about 60 people in close quarters; to handle overflow, a closed-circuit feed was being simulcast on the 4th floor, which was a bit less crowded and, more importantly, opened out onto a rooftop deck which meant better ventilation. The bottom floor led out to a Biergarten with tables, beach chairs, and a stage which was used for DJing. The layout was actually pretty efficient for allowing around 200 people to mill about and socialize/network while not having to stray too far from where the talks were presented.

As far as the event itself, when I said “laid back” earlier, don’t interpret that to mean disorganized or watered down in any way. It was run with stereotypical German efficiency, from badging to presentations to the after-hours parties. The presentations were just as technical and relevant as any of the more “corporate” conferences. Unfortunately for me, I don’t know that many people in European security circles, and most of the ones I do know weren’t in attendance. Those I did meet, however, were impressively smart and well-versed. Nobody was trying to conduct business transactions or slip away for meetings, which is inevitably what happens when only technical folks are present!

For me, a few talks stood out. Fukami and BeF’s talk on SWF and the Malware Tragedy discussed methods for automated static detection of malware in Flash movies. Much of it centered on heuristics related to inconsistencies in the file format or tag structure, abnormal concentrations of strings in the constant pool, or the existence of various obfuscation techniques. Ultimately, there are false positive issues to be addressed but that is just a fact of life with static analysis, and it will be an iterative process to refine those heuristics as the attack vectors evolve. I thought this talk was particularly timely given the increasing prevalence of Flash as a conduit for exploits/malware, such as the most recent Flash 0day that made the news (granted, this was an exploit against Flash itself, not just using Flash as a delivery mechanism, but close enough).

I also enjoyed pierre’s talk on counterintelligence, basically a mélange of wiretapping and other bugging devices discovered in the wild. War stories are always interesting, particularly when it comes to the realm of physical security. One of the x-ray images he showed of a bugged pen was identical to a pen that I own (minus the bugging device of course… I hope). The feel of the talk reminded me a bit of James Atkinson’s talk at SOURCE, “Telephone Defenses Against the Dark Arts” (video: Part 1 and Part 2), which also got rave reviews.

Mike Eddington’s presentation on the Peach 2 fuzzing framework was also quite interesting. Peach 2 was released several months back but I haven’t really been paying much attention to it or any other fuzzing tool for some time. In fact the last time I really had to implement a protocol fuzzer, I was using SPIKE 2.9, so that gives you some indication of how long it’s been. Peach 2 includes some powerful built-in capabilities such as node relationships (e.g. field 1 represents the length of field 2; field 10 is a CRC-32 of fields 1 through 9), data transforms (those with battle scars from ASN.1 will be happy), state machines (packets 1 and 2 have to be normal in order to fuzz packet 3), monitoring agents (detecting when a crash happens and under what conditions), and much more. I am itching to go fuzz something now just so I can tinker with Peach.

All in all, it was a good trip and I enjoyed the opportunity to see how things are done across the pond, and to do a little sightseeing in a historic and beautiful city.