Episode 0x31
Tinfoil Hats for EVERYONE
Short paragraph containing introductory material and a thanks to listeners (if reasonable)
Upcoming this week…
- Lots of News
- Paranoia / NSA
- SCADA / Cyber, cyber… etc.
- finishing it off with DERPs/Mailbag (or Deep Dive)
- And there are weekly Briefs – no arguing or discussion allowed
And if you’ve got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.
DISCLAIMER: It’s not that explicit, but you may want to use headphones if you’re at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don’t need to speak for anyone except themselves. Ok? Good.
In this episode:
- News and Commentary
- Fingerprints as passwords: New iPhone Touch ID
- Skipping Ben’s turn because he’s really impressed about upcoming stories.
- Certification WTF: Payment Card Industry Professional (PCIP)
- WordPress < 3.6.1 PHP Object Injection
- Paranoia / NSA — AKA “The BIG Breech of 2013”
- The NSA is a customer of VUPEN
- NIST says maybe don’t use the ECC random bit thingie
- Wireless firms agree to give Ottawa ability to monitor calls, phone data
- No telco ever challenged NSA data collection
- New NSA Leak Shows MITM Attacks Against Major Internet Services
- EZpass is tracking you
- NSA Hacks Belgium
- NSA slurped bank records and credit card data
- Canada handed over control of crypto standard setting to the NSA
- NSA phone program is all legit
- FISA courts joining the FOIA party late
- SCADA / Cyber, cyber… etc
- Today Cyber means War but back in the 1990s…
- Hacker Group in China linked to big cyber-attacks
- Brazil and Argentina make a cyber pinkie pact
- DERP
- Anonymous Cop Pens Bizarre Editorial Calling for ‘End of Anonymity on the Internet,’ Says All Internet Posters Should be Forced to Register with the Government for ‘Public Safety’
- Twitter does link scraping
- PERMANENT DERP AWARD: At this point, the award goes to all of us chumps who continue to let the people we elected stay elected. They have violated our trust.
- Mailbag and/or Deep Dive
-
Hey LSD-P
I hope that you remember to check your dead-drop and got this coded message. I need to know what I should do to ensure that the winners of popularity contests do not have too much insight into my private life. It’s not that I have anything to hide, just that they do not need any more access than a judge would permit them.
Nervously,
Your Friend - Briefly — NO ARGUING OR DISCUSSION ALLOWED
- Crypthook
- ShmooCon CFP – Pay attention to the Proceedings
- Binary Risk Assessment
- FreedomBox
- The First Few Months of Penetration Testing: What they don’t teach you in School – Alex Fernandez-Gatti
- MOV is turing complete
- Meredith Patterson at 28c3 – The language of insecurity
- SimpleRisk: Enterprise Risk Management Simplified
- Browser fuzzing: introducing bamboo.js
- Liquidmatrix Staff Projects — gratuitous self-promotion
- The Security Conference Library
- Contribute to the Strategic Defense Execution Standard (#SDES) and you’ll be Doing Infosec Right in no time.
- If you’re interested in helping out with openCERT.ca, drop a line to info@openCERT.ca
- Upcoming Appearances — more gratuitous self-promotion
- Dave: – Attending Security Congress in Chicago, Derbycon, HITB Malaysia, Deepsec in Austria, and bsidesTO. Panelist at SecTor. And finally speaking at Hackfest in Quebec City.
- James: – Speaking at Derbycon, bSidesTO, SecTor and Hackfest, Panelist at SecTor (twice)
- Ben: – Panelist (with Dave, James and Mike Rothman) for SecTor 2013’s return of the (canadian) fail panel
- Matt: – Still on his honeymoon… And will be speaking at SecTor
- Wil: – Getting playa out of his areas… But will be at SecTor
- Other LSD Writers: – Chris Sistrunk speaking at EnergySec right now.
- Advertising – pay the bills…
- Hackfest registration is open
- BSides Toronto!!!!
- SecTor 2013
- Use discount code liquidmatrix-2013 to receive 10% off the registration price. Can’t attend the full conference? Use code liquidmatrix-expo2013 to gain free access to the expo ($50 value).
- Signing up for a SANS course? Be sure to use the code “Liquidmatrix_150” and save $150 off the course fee! And Liquidmatrix_5 for 5% off a course
- Seacrest Says: oh jeremiah!!!
Download the MP3
Listen:
Subscribe to us using plain old
Also, we’re now available through
Creative Commons license: BY-NC-SA