The Security Kitchen

Any self-respecting security geek has crossed paths with the Backtrack live CD.  Backtrack 2 was good, Backtrack 3 still blows my mind away sometimes and Backtrack 4 won’t be anything else than a pentesters dream.  A full-fledged Linux distro that allows you to update the (Debian based) system AND the security tools on it.  Add to that support for RFID (all your tags are belong to us) and CUDA (unleash the power of your GPU) and you know you were waiting for this.

One remark I have to make is that I start to hear voices saying “w00tw00t, now I will run Backtrack as my main system”, “let’s migrate”, etc. etc. I’m thinking “stop right there”.  What is the chance that your CISO (or the one working at your customer) will allow you on the network with a ‘secured laptop’ that is basically a high-end vacuum cleaner to suck up all of the confidential data on there ?

Backtrack 4 is fantastic news. Because now we can keep our gear up to date without all the hassle involved earlier. It will bring the cost of pentesting activities down (and I suspect that that is exactly why they moved to the full distro model).  I’m looking forward, but I will not consider it as my primary environment.