Treat Data Security Like FirefightingWhite Ops' Dan Kaminsky on Security, Glibc and Apple vs. FBI
Warning to enterprises: Patch all Linux systems immediately against the flaw in the GNU C Library - "glibc" - which affects millions of devices, and which could allow hackers to remotely exploit code on all vulnerable systems. That's the advice from Dan Kaminsky, chief scientist at anti-malware firm White Ops (see Alert: Patch Critical 'Skeleton Key' Flaw in Linux).
Kaminsky should know: He discovered and helped patch a massive vulnerability in DNS in 2008, which came to be known as the Kaminsky flaw. In this video interview at RSA Conference 2016, he also discusses:
- How the glibc flaw compares with the bug in DNS that he discovered;
- His thoughts on the Apple/FBI case;
- The need for a radical rethink of how society views security;
- Why protecting data today is just as important - and deserves to be treated just as seriously - as fighting fires.
Before White Ops, Kaminsky served as the director of penetration testing for security consultancy IOActive and as a senior security consultant for communications firm Avaya.