Wednesday, December 26, 2007

Court TV - Tiger Team Premiere

Well, I am in the process of watching the second episode of Tiger Team on Court TV. The Tiger Team broke into Symbolic Motors during the first episode and Jason of Beverly Hills in the second.

So far, the show is pretty good. The show format is basically the same as Discovery channel's "It Takes a Thief".

I have already seen the Tiger Team perform the following: Lock picking, safe cracking, RFID cloning, social engineering, video recon, dumpster driving, USB trojans, and GSM jamming (of a triggered alarm system).

The show appears to be tilted toward the physical aspects of security, or at least it was for these two episodes....physical security makes for good TV, I guess.

During the show, I did notice the following t-shirts: "303", "I am InfoSec Sellout" and "Defcon 13".

If you know those first two shirts...then you read too much FD and know what a hangover it all about.

I have also heard several names dropped that would be very meaning to those in the infosec world.

I am quite surprised that these clients would allow their vulnerabilities to be broadcast on national TV. But looking back, these clients are very high-end dealers and will most likely use this as evidence to impress possible clients.

Hopefully, it doesn't breed security complacency with these clients.

However, it is clear to me that the Tiger Team is comprised of several well-connected security professionals that are seriously fighting the good fight against criminals.

Most of those bad mouthing kids on /. would do well to watch and learn.

5 comments:

  1. Thanks for the kind words. Yeah, they did focus alot on the physical side of things. Most of the computer stuff was left on the cutting room floor. As far as the surprise that the clients let us do it and put it on the air, you also have to keep in mind that the jobs we show on the air were filmed months before the airing, and since they know it will be on the air, they tend to fix the issues pretty quickly. Also, not all of our recommendations made it into the episode either (only 22 minutes worth of a multi-day job).

    Glad you liked it. Hopefully, it'll get picked up.

    ReplyDelete
  2. Hey Ryan,

    Very valid points. I assume that most of the engagement was cut because it didn't make for good TV. In addition, I assumed that most of the computer network related vulnerabilities were discussed off camera for good reason.

    You and I might believe that making the information public is best, not all companies see it that way. That is why I was suprised to see such high-end places disclosing (at least a part of) their pen-test results.

    Regardless of all the disclosure questions, which is sure to start a fresh debate on the subject, the show was well done and at the very least might bring light to issues that the public might not have come to terms with yet.

    ReplyDelete
  3. See ya at the 303 party next year? lol

    ReplyDelete
  4. Awesome, I think I missed it this year. After a week in vegas, I start to get lazy..lol

    ReplyDelete