Interview with Brian Krebs

[Haggis Veteran]

Hey Guys

I will hopefully be doing an interview with Brian Krebs sometime in the near future

He owns and runs http://krebsonsecurity.com/

I thought it would be nice to put it to the community to see if you had questions that i should be asking Brian or anything you wanted to know so that i can draft together a nice range of questions for him

Thanks

[Haggis Veteran]

I have a few so far

How did you gain interest in computer security?

What are your favourite security tools and why?

Where do you do your work?

Have hackers ever targeted you?

Does it worry you that when you out a Exploit the people that created the tool know who you are? (as in you dont use an online Moniker)

[Riggers]

Nice one Haggis, hope it all goes well.

I`d like you to ask Brian where he sees the future in digital signing (for websites and code), blacklists v`s whitelists or a mixture of both.

What direction (apart from the cloud) does he see the AV industry taking in the next 5 to 10 years, especially with the rise in the closed app store model.

Has the fact Microsoft brought out/integrated in 8 their own free AV meant the other players have had to adapt there methods? Has this acted as a wake up call?

Nowadays Microsoft take security much more seriously, do you think Google and Apple do enough?

[Haggis Veteran]

Cool thanks :)

[goretsky Supervisor]

Hello,

A few questions to consider:

1. How did you get started with reporting? Did you originally intend to become a technology reporter, or did you start out somewhere else?
   
2. Why did you leave the Washington Post?
   
3. You frequently have to report on a material which is highly technical and often esoteric, even in the IT field. What process do you go through to explain something which is inherently complicated so that the layperson can understand it?
   
4. Since you started blogging full-time at KrebsOnSecurity.com, what has been the biggest surprise to you?
   
5. What sort of technology do you equip yourself with to report on computer security?
   
6. What do you think of the current state of investigative journalism in the mainstream media? What about in the computer trade press?
   
7. Have there been any stories which you decided not to report on? If so, why?
   
8. What do you think is the biggest problem in the security landscape today?
   
9. Do you think national governments are doing enough to combat computer crime? Who's best and who's worst at it?
   
10. If you could change one thing in {consumer|corporate security|government} behavior, what would that be?
    
11. Any thoughts on John McAfee?
    

That's all I can think of for now.

Regards,

Aryeh Goretsky

[Haggis Veteran]

Thank you :)

[Kami-]

I think +goretsky covered pretty much all my thoughts too :)

(Side note: don't call him BK he doesn't like that)

[Haggis Veteran]

he signs his emails Bk lol

[Haggis Veteran]

anyone else?

[goretsky Supervisor]

Hello,

I thought of another one:

12. You sometimes give explanations of how you identified the owner of a domain by naming the specific tools used to collect the information, including providing readily-identifiable screenshots. Do you think that doing so educates criminals to better avoid discovery, and thus may impair future investigations?

Regards,

Aryeh Goretsky