Every now and again I can’t decide what to discuss on the Friday summary, so this week I will mention all items on my mind.
First, I live near a lot of small airports. There are helicopters training in my area every day, and hardly a week goes by when a collection of WWII planes doesn’t rumble by – very cool! And 20 or so hot-air balloons launch down the street from me every day. So I am always looking up to see what’s flying overhead. This week it was a military drone. I have never given much thought to drones. We obviously have been hearing about them in Afghanistan for years, but it certainly jerks you awake to see one for the first time – overhead in your own backyard. Not sure what I think about this yet, but seeing one in person does have me thinking!
…
I watched the Super Bowl on my Apple TV this year. I streamed the game from the CBS Sports site to the iMac, and used AirPlay to stream to the Apple TV. That means I got to watch on the big plasma, and the picture quality was nearly as good as DirecTV. Not to give a back-handed compliment, but CBS Sports got a clue that people are actually using this thing they call “The Internet” for content delivery. The only downside was that I had to watch the same three bad commercials every 2 minutes for the entire freakin’ game. But hey, it was free and it was decent quality. Too bad the game sucked. Ahem. Anyway, happy the big networks are less afraid of the Internet and realize they can reach a wider audience by allowing access to content instead of hoarding it. All I need now is an NFL package on the Apple TV and I am set!
…
If I was going to write code to exfiltrate data from a machine, I think I’d try to leverage Skype. Have you ever watched the outbound traffic it generates? A single IM generated 119 UDP packets to 119 different IP addresses over some 40 ports. It’s using UDP and TCP, has access to multiple items in the keychain, maintains inbound and outbound connections to thousands of IPs outside the Skype domains, occasionally leverages encrypted channels, and dynamically alters where data is sent. I used a network monitor and can’t make heads or tails of the traffic or why it needs to spray data everywhere. That degree of complexity makes hiding outbound content easy, it has a straightforward API, and its capabilities allow very interesting possibilities. Call me paranoid, but I’m thinking of removing Skype because I don’t feel I can adequately monitor it or sufficiently control its behavior.
…
I’m really starting to look forward to the RSA Conference – despite being over-booked! Remember to RSVP for the Disaster Recovery Breakfast!
On to the Summary:
Adrian’s DR Post: Restarting Database Security.
Rich quoted in Twitter, Washington Post targeted by hackers.
Dave Mortman quoted in Enhancing Principles for your I.T. Recruiting Practice.
Mike Rothman: RSA Conference Guide 2013: Key Themes. Yup, it’s that time again. We’re posting our RSA Conference Guide incrementally over the next two weeks. The first post is Key Themes. Let us know if you agree/disagree, love/hate, etc.
Adrian Lane & David Mortman: The Increasing Irrelevance of Vulnerability Disclosure.
Network-based Threat Intelligence: Following the Trail of Bits.
Network-based Threat Intelligence: Understanding the Kill Chain.
New Paper: Understanding and Selecting a Key Management Solution.
Understanding IAM for Cloud Services: Architecture and Design.
Mike Rothman: The “I-just-got-bought-by-a-big-company” survival guide. As some of you work for vendors, may you have such problems that Scott Weiss’ great advice comes into play. I’ll get out my little violin for you…
Adrian Lane: Mobile app security: Always keep the back door locked.
James Arlen: Here’s How Hackers Could Have Blacked Out the Superdome Last Night.
David Mortman: Infosec Incidents: Technical or judgement mistakes?
Implementing and Managing Patch and Configuration Management.
Securing Big Data: Security Recommendations for Hadoop and NoSQL Environments.
The evolution of code. Or defining an evolvable code concept. Esoteric, but interesting.
PayPal fixes a SQL injection vulnerability, pays researcher $3,000 reward for discovery
Amazon.com Goes Down, Takes Short Break From Retail Biz. A bit of a surprise to get the “HTTP/1.1 Service Unavailable” page.
Hajomail – Mail for hackers. Brought to you by the NSA. Eh, just kidding.
Show off Your Security Skills: Pwn2Own and Pwnium 3 3 meeleeon in prizes me laughs evil laugh
Microsoft, Symantec Hijack ‘Bamital’ Botnet via Krebs.
Mobile-Phone Towers Survive Latest iOS Jailbreak Frenzy via Wired
Twitter flaw allowed third party apps to access direct messages
This week’s best comment goes to Ajit , in response to Getting Lost in the Urgent and Forgetting the Important.
“These are things you cannot do in 140 characters, and we need something between a Tweet and a Whitepaper to have an industry conversation”
I am really hoping that we will see a stable platform similar to Google wave that can bridge the gap between a blog comment and a tweet to engage in that 1:1 conversation and still have a conversation flow.
