Hear the epic true tales of how developers, programmers, hackers, geeks, and open source rebels are revolutionizing the technology landscape. Command Line Heroes is an award-winning podcast hosted by Saron Yitbarek and produced by Red Hat. Get root access to show notes, transcripts, and other associated content at https://redhat.com/commandlineheroes
All Together Now
Our show is all about heroes making great strides in technology. But in InfoSec, not every hero expects to ride off into the sunset. In our series finale, we tackle vulnerability scans, how sharing information can be a powerful tool against cyber crime, and why it’s more important than ever for cybersecurity to have more people, more eyes, and more voices, in the fight.Wietse Venema gives us the story of SATAN, and how it didn’t destroy the world as expected. Maitreyi Sistla tells us how representation helps coders build things that work for everyone. And Mary Chaney shines a light on how hiring for a new generation can prepare us for a bold and brighter future.If you want to read up on some of our research on the InfoSec community, you can check out all our bonus material over at redhat.com/commandlineheroes. Follow along with the episode transcript.
31/05/2022 • 23 minutes, 18 secondes
Invisible Intruders
What began as a supposed accounting error landed Cliff Stoll in the midst of database intrusions, government organizations, and the beginnings of a newer threat—cyber-espionage. This led the eclectic astronomer-cum-systems administrator to create what we know today as intrusion detection. And it all began at a time when people didn’t understand the importance of cybersecurity. This is a story that many in the infosec community have already heard, but the lessons from Stoll’s journey are still relevant. Katie Hafner gives us the background on this unbelievable story. Richard Bejtlich outlines the “honey pot” that finally cracked open the international case. And Don Cavender discusses the impact of Stoll’s work, and how it has inspired generations of security professionals.If you want to read up on some of our research on ransomware, you can check out all our bonus material over at redhat.com/commandlineheroes. Follow along with the episode transcript.
17/05/2022 • 22 minutes, 18 secondes
Ruthless Ransomers
It’s a strange situation when someone can hold something hostage from halfway around the world. It’s tragic when your own pictures and files are remotely encrypted. But when it’s a hospital’s system? Ransomware becomes a problem about life or death. Eddy Willems recounts his involvement in defeating an early ransomware attack that targeted AIDS researchers. At the time, there was a way to discover the encryption key. But as Moti Yung warned, asymmetric encryption would change everything. In the years since, ransomware attacks have become much more popular—thanks in part to the rise of cryptocurrencies. While criminals think it’s an anonymous way to collect payment, Sheila Warren tells us that the opposite is actually true.If you want to read up on some of our research on ransomware, you can check out all our bonus material over at redhat.com/commandlineheroes. Follow along with the episode transcript.
03/05/2022 • 22 minutes, 8 secondes
Menace in the Middle
All communication leaves the possibility for crossed wires. And as we become more connected, there’s a chance for those with ill intentions to steal our information and meddle in our daily lives—with devastating results. Smriti Bhatt breaks down the complexity behind machine-in-the-middle attacks. Johannes Ullrich tells us why we shouldn’t always trust that free WiFi. And the “father of SSL” Taher Elgamal notes that while cryptography can address the increasingly sophisticated nature of malware, there are no safe bets in security.If you want to read up on some of our research on machine in the middle attacks, you can check out all our bonus material over at redhat.com/commandlineheroes.Follow along with the episode transcript.
19/04/2022 • 22 minutes, 56 secondes
Dawn of the Botnets
Overwhelming numbers are scary—even in the best of circumstances. You can plan for them, build up your defenses, and do everything imaginable to prepare. But when that horde of zombies hits, their sheer numbers can still cause devastation. Botnets are digital zombie hordes. Jamie Tomasello recounts the scale of the Bredolab botnet—and the many malicious kinds of missions it carried out. Martijn Grooten explains how botnets work, and why they can be so difficult to permanently dismantle. And Darren Mott shares some of the successes the FBI had in rounding up some of the world’s most prolific bot herders.If you want to read up on some of our research on botnets, you can check out all our bonus material over at redhat.com/commandlineheroes. Follow along with the episode transcript.
05/04/2022 • 23 minutes, 44 secondes
Lurking Logic Bombs
Logic bombs rarely have warning sounds. The victims mostly don’t know to expect one. And even when a logic bomb is discovered before it’s triggered, there isn’t always enough time to defuse it. But there are ways to stop them in time. Paul Ducklin recounts the race to defuse the CIH logic bomb—and the horrible realization of how widespread it was. Costin Raiu explains how logic bombs get planted, and all the different kinds of damage they can do. And Manuel Egele shares some strategies for detecting logic bombs before their conditions are met.If you want to read up on some of our research on logic bombs, you can check out all our bonus material over at redhat.com/commandlineheroes. Follow along with the episode transcript.
22/03/2022 • 21 minutes, 44 secondes
Terrifying Trojans
Sometimes a fun game, a friendly email, or an innocuous link can be the most convenient place for an enemy to hide. And its prey is none the wiser—until it strikes. The trojan horse uses many layers of deception to do damage. The ingenuity of these attacks keeps an alarming pace with the technology we use every day. But as long as we stick to trusted sites and sources, we can better the odds against those who use our trusting nature against us. Steve Weisman tells us about how trojans still keep security professionals on the defensive. Josephine Wolff details how these attacks have evolved, and keep evolving, to catch victims off guard. And Yanick Franantonio takes on the new frontier for trojan attacks. If you want to read up on some of our research on trojans, you can check out all our bonus material over at redhat.com/commandlineheroes.Follow along with the episode transcript.
08/03/2022 • 22 minutes, 52 secondes
Relentless Replicants
Computer viruses and worms haunt the internet. They worm their way into a system, replicate, and spread again. It’s a simple process—with devastating consequences. But there’s a whole industry of people that rose up to fight back. Craig Schmugar recalls how he and his team responded to MyDoom, one of the fastest-spreading worms ever. Dr. Nur Zincir-Heywood reveals the inner workings of viruses and worms, and how they draw their names from the world of biology. And security expert Mikko Hypponen shares advice on avoiding malware. But he also warns that we’re in an arms race against malware developers.If you want to read up on some of our research on viruses and worms, you can check out all our bonus material over at redhat.com/commandlineheroes. Follow along with the episode transcript.
22/02/2022 • 24 minutes, 30 secondes
Command Line Heroes Season 9: The Horrors of Malware
Malware haunts us all. Viruses, worms, trojan horses, and the harm they do often corrupts the promise of the internet. But the world of computing continues to grow. Though it’s changed us forever, malware hasn’t stopped us from connecting. Season 9 of Command Line Heroes is the culmination of the show. We focus on security and the people who, every day, face the monsters of the digital world. They disinfect computers from viruses, defuse logic bombs, and dismantle botnets. But they can’t do it alone. It’ll take all of us working together to make the world a safer place.The first episode drops February 22, 2022. Subscribe today and sign up for the newsletter to get the latest updates.