It's Episode 70 of the Stogie Geeks Podcast!

Episode 350 is dedicated to Veterans, so we found it only fitting to have a panel with InfoSec individuals who are also Veterans. We want to discuss how serving in the military has helped these people in their careers.

Kevin Finisterre is a Senior Research Consultant with Accuvant, has hacked everything from utilities providers to police cars and is keen on disseminating information relating to the identification and exploitation of software vulnerabilities on many platforms.

Jayson E. Street is an author of “Dissecting the hack: The F0rb1dd3n Network” from Syngress. Also creator of dissectingthehack.com He has also spoken at DEFCON, DerbyCon, UCON and at several other ‘CONs and colleges on a variety of Information Security subjects. His life story can be found on Google under “Jayson E. Street” *He is a highly carbonated speaker who has partaken of Pizza from Beijing to Brazil. He does not expect anybody to still be reading this far but if they are please note he was chosen as one of Time’s persons of the year for 2006. ;)

Contacts: lvdeijk@gmail.com angelo.dellaera@gmail.com They can also be reached on twitter: @ProjectHoneynet @angelodellaera @lvdeijk

Discussion of expectations of privacy today and what does privacy mean.

Greg Hetrick shows us how to better lock down our Java apps since we can't "just uninstall Java!"

Description: Extracts and outputs HTML/JS comments from HTTP responses. Why would someone use the tool or technique ? : "The attached script makes use of patterns to extract HTML comments from HTTP responses. There are times sensitive information may be present within HTML comments. While this does not necessarily represent a breach in security, it can give an attacker leverage useful for exploitation."

Jack's rantapocalypse, popping penguins, the Yahoo bounty, Paul wants a new phone and the Blackhole kit guy goes down. We think.

Heather Mahalik is a senior digital forensics analyst at Basis Technology. As the on-site project manager, she uses her experience to manage the cell phone exploitation team and supports media and cell phone forensics efforts in the U.S. government. Heather is a certified SANS instructor and teaching the upcoming course Advanced Smartphone and Mobile Device Forensics.

Thierry has 14 years experience in information security, designing resistant architectures and systems, managing development and information security teams, ISM policies and high profile penetration tests. Thierry has a security blog over at blog.zoller.lu . Thierry is currently now working as a Practice Lead for Threat and Vulnerability Management at Verizon Business.

The team goes off on some pretty big tangents this week and does a lot more rambling than actual discussion of stories. However, they did get in talk about DerbyCon, the Yahoo bug bounty and a couple of hacks this week. If you're not hardcore about having the whole segment about published security articles, you might enjoy this on as well.

Jared DeMott has spoken at security conferences such as Black Hat, Defcon, ToorCon, Shakacon, DakotaCon, GRRCon, and DerbyCon. He is active in the security community by teaching his Application Security course, and has co-authored a book on Fuzzing.

Jaime enjoys long walks on the beach while his computer equipment is busy fuzzing software, cracking passwords, or spidering the internet. He's also the creator of the gitDigger project as well as staff of DEFCON's wireless village.

Vivek Ramachandran is a world renowned security researcher and evangelist. His expertise includes computer and network security, exploit research, wireless security, computer forensics, embedded systems security, compliance and e-Governance. He is the founder of Security Tube and Pentester Academy .

Before the gang heads off for Derby Con, we still have the stories of the week. Paul, Greg and Patrick are here to talk about Shodan searches, Dropbox opening your docs, 10 things to never say during a presentation and a whole lot more!

Monica Jain is the product manager for HP's Arcsight product.

The last segment from episode 345 features Dave, Martin, Adrian and Nick, the DerbyCon organizers to talk about the upcoming third edition of their conference in Louisville. Find out how they planned it to be bigger and better this year! Plus, a couple stories of the week!

Pete Finnigan works as an independent Oracle security consultant for his own company PeteFinnigan.com Limited . Pete specializes in performing detailed Oracle security IT Health checks against Oracle databases using a detailed methodology developed by Pete from many years of experience in securing databases.

Rich has twenty years experience in information security, physical security, and risk management. He is the founder of Securosis and specializes in data security, application security, emerging security technologies, and security management.

Want to try to scam John Strand? That might not be the best of ideas. Burp got updated, Rsnake's "joke", opting out to watch porn, 5 Guys Burgers on security and maybe a new way to prevent CSRF.

Richard Stiennon, security expert and industry analyst, is known for shaking up the industry and providing actionable guidance to vendors and end users. He relaunched the security blog ThreatChaos.com and is the founder of IT-Harvest.

You got Paul and Larry this week as they take you through all the fun that is hacking geolocators, Java 6, getting sudo on an OSX machine, and a great story from the pentesting field by Larry. Plus a whole lot more!

Carlos Perez is also known as @DarkOperator, He spends his time reverse engineering, and practicing PowerShell Kung-Fu. Known by his motto "Shell is only the Beginning".

Ira Winkler, CISSP is President of Secure Mentem. Ira is one of the foremost experts in the human elements of cyber security and is known for the extensive espionage and social engineering simulations that he has conducted for Fortune 500 companies globally, and has been named a “Modern Day James Bond” by the media.